Georgia Tech Procurement Assistance Center

Effective Oct. 26, you must be registered in SAM before you submit a federal bid, proposal or quote

By

It’s official: If you intend to pursue a federal contract, your business must be registered in the System for Award Management (SAM) before you submit a bid, proposal, or quotation.  The new rule that makes this clear goes into effect on October 26, 2018.

Any wiggle room that may have existed in the past has been eliminated.  SAM registration is now imperative if you are interested in federal contracting.

It used to be that SAM registration was required before a contract could be awarded. The Federal Acquisition Regulation (FAR) at Subpart 4.1102(a) made that clear.  But that requirement was always a bit ambiguous since another provision of the FAR (Subpart 52.204-8(d)) said that bidders and proponents had to complete the representations and certifications in SAM as a condition of making their offer.  As a matter of practical interpretation, most federal contracting officers simply made sure that an offeror’s SAM registration was complete before awarding the offeror a contract.

That latitude goes away on October 26, 2018.  On that date, FAR Subpart 4.1102 is officially amended to require all entities (i.e., vendors, including joint ventures) to be registered in SAM at the time they submit an offer (a bid or proposal) or submit a quotation to a federal agency.  In essence, vendors who are not registered in SAM are ineligible to submit offers or quotes – effective October 26, 2018.

Keep in mind that the SAM registration process can take time to complete.  If you’re planning to compete for a federal contract in the future, you should complete your SAM registration as far in advance as possible.  And, if you are already registered in SAM, remember that your SAM registration must be renewed at least annually – and renewed whenever any part of your registration needs to be updated.

If you need help with your company’s SAM registration, feel free to contact a Procurement Counselor with the Georgia Tech Procurement Assistance Center (GTPAC).  All of our contact information is listed by location at: https://gtpac.org/team-directory.

If you are located outside of the state of Georgia, you can find the procurement technical assistance center (PTAC) nearest you at: http://www.aptac-us.org/contracting-assistance.

Remember: There is never a fee to register in SAM as a government contractor. PTACs are available with no-cost help to get you through the process.

SAM is located at: https://sam.gov.  But before beginning the SAM registration process, you must first take care of the following:

  1. Obtain a DUNS Number by registering your Legal Business Name and Physical Address with Dun & Bradstreet (D&B).  If you don’t already have a DUNS Number, you can request a DUNS Number for FREE from D&B at: http://fedgov.dnb.com/webform
  2. Make sure you have a Taxpayer Identification Number (TIN) associated with the Legal Business Name registered with D&B.  To obtain information from the IRS on how to obtain a TIN, visit: https://www.irs.gov/individuals/international-taxpayers/taxpayer-identification-numbers-tin
  3. Have your bank’s routing number handy, including your bank account number and your bank account type (i.e., checking or savings).  You’ll need this information to set up Electronic Funds Transfer (EFT) in SAM.  The federal government makes virtually all contract payments via EFT.
  4. The first time you log in to SAM.gov, you’ll be asked to create a login.gov user account (if you don’t already have one). Going forward, you will use your login.gov username and password every time you log in to SAM.gov. Existing SAM.gov usernames and passwords no longer work.

Suspicious contract activity proliferates — watch out!

By

The Georgia Tech Procurement Assistance Center (GTPAC) continues to become aware of apparent contracting scams designed to trick unsuspecting vendors to deliver products for which they will receive no payment.

(You can view a compendium of articles about previously-identified scams at: https://gtpac.org/?s=scam.)

The latest example that’s come to our attention involves an email sent to vendors asking for a quote on some computer equipment.  The email is supposedly from a contracting representative with the Securities and Exchange Commission.

Vendors are asked to quote on name-brand portable hard drives and two brands of laptop computers.  The solicitation document appears to be a version of the federal Standard Form 1449.  But there are several suspicious elements associated with the solicitation:

  • While the email purportedly is from the SEC’s headquarters, the document indicates that the SEC office is in Germany.
  • Place of delivery is not listed.
  • The solicitation is pre-signed by the contracting officer.
  • The solicitation number is not consistent with standard numbering.
  • The phone number provided could be a cell phone number.

We have seen suspicious documents like this before.  What can result is that a vendor will respond with pricing.  Then, the scam artist will respond by saying that the quote has been accepted and directing that the products be shipped to a particular address.  After that, all communication ceases.  The vendor is cheated out of products (plus the cost of shipping), and receives no payment.

Be alert to scams like this.  If you receive something that looks suspicious, call it to our attention.  We’ll help you figure out what to do.

Warning: Don’t be duped into paying for GTPAC’s services — Our services are free of charge!

By

It’s come to our attention that there are businesses receiving phony invoices presumably for services received from a Procurement Technical Assistance Center (PTAC).  There is a national network of PTACs, and the Georgia Tech Procurement Assistance Center (GTPAC) is one of them.

GTPAC never charges for our counseling, training or bid match services.

The vast majority of PTACs don’t charge for their services, either.  When nominal fees are charged by a particular PTAC, those fees are clearly described in writing and in advance.

We want you to be aware of an active scam that is taking place right now.  Someone is sending out invoices in the name of the “American Procurement Technical Assistance Center.”   We know of no such organization.  However, all PTACs are members of a professional association known as APTAC — the Association of Procurement Technical Assistance Centers.  Our association never sends invoices or charges fees to PTAC clients.

The phony invoices are in the amount of $249 for “procurement technical assistance.”

If you receive such an invoice, do not pay it.

Also, if you receive such an invoice, do everyone a favor and forward it via email to GTPAC at gtpacatl@innovate.gatech.edu

 

This is a copy of the phony invoice. If you receive it, don’t pay it!   Instead, forward it to GTPAC so that we can continue to warn others about this scam.

In doubt? Check with GTPAC!

By

Your team at the Georgia Tech Procurement Assistance Center (GTPAC) stands ready to offer you advice about any aspect of government contracting — especially when you have any doubt about the legitimacy of a contract-related service or solicitation.

We’ve published many articles before about government contracting scams (click here to see previous articles), and once again we want to bring another one to your attention.

Just a few days ago, a GTPAC client contacted one of our Counselors and asked about the legitimacy of a request for a quotation he received, supposedly from the Dept. of Defense (DoD).  Once we examined the email and the attachment that our client sent us, we told him to run — not walk — away from it!

Here Are the Details

The email was purportedly from a DoD official soliciting a quote for some laptops and computer drives.

We examined the email and its attachment, including the following:

  • We called the phone number in the email which was answered by a person who didn’t identify himself.  When we asked questions, he said that he’d have the person identified in the email call us back with details.  No one called back.
  • We checked the identity of the person who supposedly sent the email.  The email’s Quote form identified him as Deputy Director for Procurement at AT&L.   We determined that, in reality, he is DoD’s Deputy Director for Earned Value Management.  AT&L (Acquisition, Technology and Logistics) is a unit within DoD that no longer exists; it’s been reorganized into two groups: research and engineering (R&E) and acquisition and sustainment (A&S).  (See details of that reorganization by clicking here.)
  • We also identified the DoD official’s real email address and his actual phone number; they were not the email address or phone number shown in the email and on the Quote form that was sent to our client.
  • We noted that the federal solicitation number shown on the Quote form was not in the correct format, and the Quote form itself was not a form we have ever seen before.
  • The wording of the email was sloppy and unprofessionally prepared.

Based on the above, we advised our client to not respond because we believe this is a probable scam which will lead to an order to ship the products to a bogus shipping address, for which payment will never be received.  We also alerted the appropriate DoD officials of this probable scam.

What You Should Do

It’s as simple as 1-2-3.

  1. Stay alert to possible scams involving government contracting.  There are many scams in circulation literally every day.
  2. Don’t let the temptation of landing a sale overtake your common sense.  If it looks like easy money, it’s probably bogus.
  3. Whenever you are in doubt, contact GTPAC for advice.  We’ll be happy to check things out for you and provide you with our opinion.  It’s as simple as forwarding anything suspicious to us at: gtpacatl@innovate.gatech.edu.

Remember, the GTPAC team is here to help you succeed in the government marketplace!

P.S.:  If your business is located outside the state of Georgia, you can find a procurement technical assistance center (PTAC) by clicking here.

 

New login required for SAM

By

To do business with the federal government, you need an account in the System for Award Management (SAM).

Whether you already have a SAM account or need to set one up, you need to know there is a new login procedure.

All users attempting to login to SAM are now automatically re-directed to first create a Login.gov user account.  If you already have a SAM username and password they no longer work, and you will be unable to access your SAM account until you have created a Login.gov account.

Creating a Login.gov Account
In order to create a Login.gov account, you will need each of the following:
  1. The email address and password associated with your SAM account.
  2. Access to the same email account to receive all confirmation emails.
  3. A working telephone number through which you can receive the security code that will be sent to you from Login.gov.
Need help with any step of the SAM registration process?

Never fear!  The Georgia Tech Procurement Assistance Center (GTPAC) will provide you with help at no charge.  Simply contact the GTPAC counselor located nearest you; our staff directory is at: http://gtpac.org/team-directory.  (Businesses located outside the state of Georgia can obtain free help from their nearest procurement technical assistance center.  Consult the national contact list at: http://www.aptac-us.org/find-a-ptac.)

Other recent changes to SAM

Each business must mail an original, signed notarized letter to GSA’s Federal Service Desk within thirty (30) days of their SAM activation or risk having their SAM registration deactivated.

Because of recent fraudulent activity associated with the SAM database, the General Services Administration (GSA) issued a rule in late March 2018 that requires all SAM registrants (“entities”) to provide an original, signed notarized letter identifying your company’s “authorized Entity Administrator.”   The notarized letter must follow a strict format.  GSA’s notarized letter template is available here: SAM_Notary_Letter_Template_4.12.18_GSA_version

In instances where businesses have federal contract awards or contract payments pending, GTPAC — and the other PTACs across the country — can offer special assistance to expedite the processing of their notarized letters.  When contacting your PTAC counselor, be sure to let us know if you are facing either of those two circumstances.

Don’t get stuck with an expired SAM registration — be alert to changes in the renewal process

By

If your business is registered in the federal government’s System for Award Management (SAM), you must renew your registration annually.

Be alert: Change is coming!

Whether you are familiar with the SAM renewal process or a newcomer to the process, things are about to change on June 29th.

Beginning June 29, 2018, two changes take place:

  • A new login process for SAM takes effect.  As a result of the new process, all users attempting to log in to SAM will be automatically be re-directed to create a Login.gov user account.  Your current SAM username and password will no longer work beginning on June 29th, and you will be unable to access your SAM account until you have created a Login.gov account.  (See “Creating a Login.gov Account” below.)
  • You’ll have more time to submit a notarized letter.  Businesses who create or update their registration in SAM also will no longer need to have an approved Entity Administrator notarized letter on file before their registration is activated or renewed.  Once your SAM account is activated, you’ll have 30 days to submit the notarized letter.  (See “Creating a Notarized Letter” below.)
Creating a Login.gov Account
In order to create a Login.gov account, you will need each of the following:
  1. The email address and password associated with your SAM account.
  2. Access to the same email account to receive all confirmation emails.
  3. A working telephone number through which you can receive the security code that will be sent to you from Login.gov.

Remember, once June 29, 2018 arrives, your SAM username and password will be deactivated, and you will no longer be able to access your SAM account with those credentials.

Creating a Notarized Letter

Each business must mail an original, signed notarized letter to GSA’s Federal Service Desk within thirty (30) days of their SAM activation or risk having their SAM registration deactivated.

Because of recent fraudulent activity associated with the SAM database, the General Services Administration (GSA) issued a rule in late March 2018 that requires all SAM registrants (“entities”) to provide an original, signed notarized letter identifying your company’s “authorized Entity Administrator.”   The notarized letter must follow a strict format.  GSA’s notarized letter template is available here: SAM_Notary_Letter_Template_4.12.18_GSA_version

Need help with any step of the SAM registration or renewal process?

Never fear!  The Georgia Tech Procurement Assistance Center (GTPAC) will provide you with help at no charge.  Simply contact the GTPAC counselor located nearest you; our staff directory is at: http://gtpac.org/team-directory.  (Businesses located outside the state of Georgia can obtain free help from their nearest procurement technical assistance center.  Consult the national contact list at: http://www.aptac-us.org/find-a-ptac.)

In instances where businesses have federal contract awards or contract payments pending, GTPAC — and the other PTACs across the country — can offer special assistance to expedite the processing of their notarized letters.  When contacting your PTAC counselor, be sure to let us know if you are facing either of those two circumstances.

Free help available to aid businesses with new SAM registration and renewal requirements

By

If your business needs assistance in either establishing or renewing your registration in the federal government’s vendor database known as the System for Award Management (SAM), you can get free help.

Whether you are seeking SAM registration for the first time or you need to accomplish your annual renewal in SAM, the Georgia Tech Procurement Assistance Center (GTPAC) will provide you with help at no charge.  (Businesses located outside the state of Georgia can obtain free help from their nearest procurement technical assistance center.  Consult the contact list at: http://www.aptac-us.org/find-a-ptac.)

New SAM Registration Requirements

There are new registration and renewal procedures that are now in place.  Because of recent fraudulent activity associated with the SAM database, the General Services Administration (GSA) issued a rule in late March 2018 that requires all registrants (“entities”) to provide an original, signed notarized letter identifying your company’s “authorized Entity Administrator.”   The notarized letter must be submitted and approved before your registration will be activated.

The notarized letter template is available here: SAM_Notary_Letter_Template_4.12.18_GSA_version

An update to the notarized letter rule was issued by GSA on June 11, 2018.  The update is in two parts:

  1. Effective June 11, 2018, entities who create or update their registration in SAM to apply only for federal assistance opportunities such as grants, loans, and other financial assistance programs  no longer need to have an approved Entity Administrator notarized letter on file before their registration is activated.  (Note that this does not include entities competing for federal contracts.)
  2. Effective June 29, 2018, all non-Federal entities who create or update their registration in SAM also will no longer need to have an approved Entity Administrator notarized letter on file before their registration is activated.  This rule includes businesses that are competing for, or that currently have, federal contracts.

It is important to note that all entities must mail the original, signed notarized letter to GSA’s Federal Service Desk within thirty (30) days of activation or risk having their SAM registration deactivated. 

New SAM Log-In Requirements Take Effect June 29, 2018
GSA is also implementing a new login process for SAM which takes effect on June 29, 2018.  As a result of the new process, all users attempting to log in to SAM on or after June 29, 2018 will be automatically directed to create a Login.gov user account.  Your current SAM username and password will no longer work beginning on June 29th, and you will be unable to access your SAM account until you have created a Login.gov account.
In order to create a Login.gov account, you will need each of the following:
  1. The email address and password associated with your SAM account.
  2. Access to the same email account to receive all confirmation emails.
  3. A working telephone number through which you can receive the security code that will be sent to you from Login.gov.

Remember, once June 29, 2018 arrives, your SAM username and password will be deactivated, and you will no longer be able to access your SAM account with those credentials.

Free Help Is Available!

As mentioned in the second paragraph of this article, GTPAC (or, if you’re located outside Georgia, your local PTAC) will help you with all aspects of the SAM registration and renewal processes.  Simply contact the GTPAC counselor located nearest you; our staff directory is at: http://gtpac.org/team-directory.

In instances where businesses have federal contract awards or contract payments pending, GTPAC and the other PTACs across the country can offer special assistance to expedite the processing of their notarized letters.  When contacting your PTAC counselor, be sure to let us know if you are facing either of those two circumstances.

Further Details

For more help with the SAM registration process, including how to protect your company’s interests, please read:

 

 

Scam Alert: Malicious e-mail spoofs being sent to vendors

By

The Defense Logistics Agency (DLA) is reporting that a fake solicitation is being sent to vendors in the form of a Request for Quotation (RFQ).

The fake email solicitation, purporting to be from DLA, has been targeting GSA STARS II vendors.

The emails are not from DLA.mil.  Instead, they are coming from a “Reply-To” address ending in @dla-mil.us, which is not a government address.

In some cases, “stars2@american consultants.com” has been identified to supposedly send messages on behalf of a DLA Contract Specialist — these are also fake.

Some of the bogus emails suggest that vendors use the “stars2” Google Group at https//groups.google.com/a/americanconsultants.com to obtain more information or to unsubscribe from the email communication.  Be advised that “stars2” is not a DLA affiliated group.

Always remain cautious of emails that arrive in your inbox that are not explicitly addressed to you.  Sometimes scammers attempt to hide their actions by addressing their targets in the “bcc” line.

Also, please be aware that the phone number in these recent bogus emails is not a DLA phone number.  In addition, the RFQ form in the email is not an official government form, nor is the signature block legitimate.

DLA’s notice about this matter can be seen here: Vendor Phishing Notice -DLA – 8 June 2018.  The notice shows copies of the bogus emails.

Bottom line: Vendors should always remain vigilant about suspicious emails, and be cautious about opening email attachments.  Questions or comments can be directed to DLA at CERTFusionCell@dla.mil.

In addition, if you ever have a question about the legitimacy of any emails having to do government contracting opportunities, especially those which solicit a fee, please feel free to contact the Georgia Tech Procurement Assistance Center (GTPAC) for advice.  GTPAC can be emailed at gtpacatl@innovate.gatech.edu.

To read previous articles about scams involving government contracting, visit http://gtpac.org/?s=scam

SAM.gov hackers used spearphishing, spoofing, credential theft

By

Cybercrooks who stole federal payments by hacking contractor accounts on a General Services Administration (GSA) website used sophisticated spearphishing techniques to steal login credentials and then diverted payments to bank accounts they controlled, an executive of a contractor targeted in the scam told FedScoop.

It’s unclear how much the scammers have netted through their scheme, which is being investigated by the GSA inspector general and federal law enforcement.

The inspector general’s office declined to comment, but sources familiar with the investigation told FedScoop that the cyberattacks that facilitated the fraud had been identified last year and were ongoing as
recently as last week.

Keep reading this article at: https://www.fedscoop.com/sam-gov-hackers-used-spearphishing-spoofing-credential-theft/

Also see Tips for Surviving Compromise of Government’s Vendor Database: http://gtpac.org/2018/03/26/tips-for-surviving-compromise-of-governments-vendor-database/

Tips for surviving compromise of government’s vendor database

By

If your business is registered in the System for Award Management (SAM) – or you plan to register – there are some things you need to do NOW to protect your data security.

On March 22, 2018, the General Services Administration (GSA), the federal agency that oversees SAM’s operation, reported an “active investigation” is being conducted into alleged, third party fraudulent activity involving SAM.  GSA says it is in the process of notifying those that may have been impacted and has indicated that it will deactivate “any entity registrations that appeared to have been affected.”  GSA further stated that the deactivated “entities are being advised to validate their registration information in SAM, particularly their financial information and points of contact.”

GSA’s recent statements may have implications for all businesses, institutions, and individuals registered in SAM.  The Georgia Tech Procurement Assistance Center (GTPAC) is providing the following advice to all clients.

What To Do If You Are Already Registered in SAM

The Georgia Tech Procurement Assistance Center recommends that if your business is registered in SAM, you take the following actions:

  1. With your User Name and Password, log into your SAM account at https://www.sam.gov and navigate to the Financial Information page. There, you will find your Electronic Funds Transfer (EFT) information.  This is where you inserted your bank Routing Number and your bank Account Number as a part of the SAM registration process.  Check these numbers to make sure they are correct and have not been changed.  If you discover banking information other than your own, it is possible that federal contract payments have been or will be made to a bank other than yours.  If these numbers have been changed, this is evidence that your account has been compromised, and you should report this immediately to the Federal Service Desk at www.fsd.gov, or by telephone at 866-606-8220 (toll free) or 334-206-7828 (internationally).

    Screenshot of Financial Information page in SAM database.
  2. While you are logged-in to SAM, you also should check your Taxpayer Identification Number (TIN). Your TIN is a 9-digit Employer Identification Number (EIN) that SAM uses to uniquely identify your business, and it is validated by the Internal Revenue Service (IRS) as a part of your initial registration in SAM.  If you discover that your TIN/EIN has been changed, you should report this immediately to the Federal Service Desk at www.fsd.gov, or by telephone at 866-606-8220 (toll free) or 334-206-7828 (internationally).

    Screenshot of Taxpayer Identification page in SAM database.
  3. Important note: If you used your Social Security Number (SSN) as your EIN when you set up your account, now is a good time to obtain an EIN and insert it into SAM instead of your SSN. You can apply for and obtain an EIN on-line at: https://www.irs.gov/businesses/small-businesses-self-employed/apply-for-an-employer-identification-number-ein-online.
  4. Remember, as a SAM registrant, you are required to change your password every 180 days. In addition, you must update and renew your SAM registration annually.  You are responsible for ensuring that your information is current and correct in SAM at all times.
What To Do If You Are Not Yet Registered in SAM
  1. Both current and potential government vendors are required to register in SAM — located at https://www.sam.gov — in order to be awarded contracts by the federal government and receive contract payments. Vendors are required to complete a registration to provide basic information relevant to procurement and financial transactions. Vendors must update or renew their registration annually to maintain an active status.
  2. SAM is a public database that allows federal agencies and other contractors to search for your company based on your ability, size, location, experience, ownership, and more. (Banking information is not available in public searches.)  In addition, SAM now incorporates the Online Representations and Certifications Application (ORCA) system where the vendor provides required information about the firm (e.g., accounting procedures, travel policies, etc.) and verifies that the firm meets certain federal requirements (e.g., complies with equal employment opportunity legislation).
  3. SAM validates the vendor’s information and electronically shares encrypted data with the federal agencies’ finance offices to facilitate contract payments.
  4. Because of suspected fraudulent activity, GSA has added a step to the registration process for new SAM enrollees. You must now mail an original, signed notarized letter identifying the authorized Entity Administrator for the entity associated with your company’s DUNS number before a new SAM entity registration will be activated.
  5. This notarized letter needs to:
  • Be on your company/organization letterhead
  • Be signed by your company President, CEO, or other authorized signature authority
  • Contain your company/organization DUNS Number
  • Contain your company/organization Legal Business Name (as associated with the DUNS Number)
  • Contain your company/organization physical address (as associated with the DUNS Number)
  • Contain the new Entity Administrator’s name, phone number, address, and email address
  • Contain the following statement above the signature block of your letter with the appropriate information inserted where noted:

“The purpose of this notarized letter is to designate [insert name of Entity Administrator] as Entity Administrator for [insert Legal Business Name]. I, [insert Name and Title of signatory], hereby confirm that [insert name of Entity Administrator] is an authorized officer, agent, or representative of [insert entity Legal Business Name, or, for individuals representing themselves, say him/herself]. This letter will authorize [insert name of Entity Administrator] to have access to the System for Award Management (SAM). SAM is a computer system managed by the U.S. Government, and it is only accessible by individuals who are either authorized to represent a particular entity, or by individuals representing themselves. Accessing or using SAM, or information contained therein, for any unauthorized or illegal purposes, may have civil and criminal penalties, and may negatively impact the status of the SAM registration maintained on this entity. I, the below-signed, attest to the accuracy of all information contained in this letter.”

  1. To help you comply with the notarized letter requirement, GTPAC has created a template for new SAM registrants to use. It is available at: http://gtpac.org/wp-content/uploads/2018/03/SAM_Notary_Letter_Template_v1_GTPAC_03.23.2018.docx.

Update: GSA has prepared a template for preparation of the notarized letter.  The template is available here: SAM_Notary_Letter_Template_4.12.18_GSA_version

7. You must mail the original letter signed by the Notary to:

FEDERAL SERVICE DESK

ATTN: SAM.GOV REGISTRATION PROCESSING

100 CAPITOL COMMERCE BLVD STE 309

MONTGOMERY, AL 36117-4260

Address Update:

FEDERAL SERVICE DESK

ATTN: ​SAM.GOV​ REGISTRATION PROCESSING

460 INDUSTRIAL BLVD

LONDON, KY 40741-7285

UNITED STATES OF AMERICA

Final Words of Advice

Remember, there is no cost to register in SAM — it is free.  If your business is located in Georgia, assistance with the SAM registration process is available at no cost.  To locate a GTPAC counselor, see our team’s directory at: http://gtpac.org/team-directory.

Businesses located outside the state of Georgia may contact the Procurement Technical Assistance Center (PTAC) in their state.  A directory is at: http://www.aptac-us.org/find-a-ptac.

For more tips about the SAM registration process, read: http://gtpac.org/sam-gov-registration-is-free-and-help-with-sam-is-free-too.

 

Contracting News

Read More

Contracting Tips

Read More

GTPAC News

Read More

Georgia Tech News

Read More