Without GRC, you are at Risk
All government suppliers must meet stringent compliance guidelines or risk enforcement penalties, fines, government oversight or loss of contract.
As you are aware, being a government contractor requires you to be compliant with one or all of the following areas:
- All government contractors handling Covered Defense Information are affected by DFARS 252.204.7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting).
- Suppliers, distributors, vendors, or firms that furnish supplies or services to or for a prime US Government contractor or another subcontractor are subject to FAR 52.203-13 Contractor Code of Ethics and Business Conduct and Subpart 3.10 Contractor Code of Ethics and Business Conduct.
- Government contractors must timely disclose violation of federal law involving fraud, conflict of interest, bribery, or gratuity violations found in Title 18 of the United States Code or a violation of the civil False Claims Act (31 U.S.C. 3729-3733). FAR 52.203-13(c)(2)(ii)(F). This is known as the FAR Mandatory Disclosure Rule.
More than ever before, prime contractors are under intense scrutiny for Governance, Risk and Compliance in their own organizations and within their supply chains. This means that your employees, your subcontractors and their employees must adhere to GRC, necessitating a comprehensive compliance program.
To help address the threat of employee misconduct you need to assess your exposure and determine the appropriate actions that will mitigate risk and fraud. A effective GRC program initiated by your company and your subcontractors is key to preventing, detecting and remediating misconduct in a scalable and affordable manner.