Advertisement

GSA IG investigating SAM.gov site fraud

Someone allegedly redirected federal payments to bank accounts not tied to the appropriate contractors.
General Services Administration GSA building 18F
The GSA building in Washington, D.C. (Tajha Chappellet-Lanier / FedScoop)

The General Services Administration’s inspector general is investigating fraudulent activity on its contractor and grantee registration website after someone allegedly redirected federal payments to bank accounts not tied to the appropriate contractors.

GSA officials acknowledged the activity on its System for Award Management website, or SAM.gov, in a March 22 update on its site, saying that “only a limited number of entities” have been impacted by the activity.

“GSA’s SAM team is supporting GSA’s OIG in an active investigation into alleged third-party fraudulent activity related to SAM,” the notice said. “GSA has taken a number of proactive steps to address this issue and is in the process of making system modifications to prevent improper activity going forward.”

Government contractors, grant seekers and grantees have been required to register on the site since 2012, providing information like the data universal numbering system — or DUNS — number, Taxpayer Identification Number, bank account numbers and bank routing numbers for electronic payments.

Advertisement

Agency officials advised SAM entities to log into the site and check their financial information, including whether anticipated payments from federal agencies had been paid to bank accounts they didn’t register.

A GSA spokesperson told FedScoop that no technical or data breach of the SAM.gov site had occurred, but said the fraud was still under investigation.

“These contractors receive hundreds of billions of dollars of taxpayer money each year,” Christoph Mlinarchik, a government contracts expert and owner of consulting firm ChristophLLC.com, said in an email. “If somebody can get into this database, which includes the largest defense contractors, what other sensitive information is vulnerable?”

In the meantime, GSA has deactivated the entity registrations that appear to be affected and is requiring a notarized letter identifying the authorized entity administrators associated with the contractor’s DUNS number for any new SAM.gov registrations.

“GSA continues to support the Office of Inspector General’s ongoing investigation into third-party fraudulent activity in the System for Award Management,” a GSA spokesperson said in an email to FedScoop.

Advertisement

“GSA has already taken proactive steps to address this issue and has notified affected entities. We have published additional information regarding the ongoing investigation on GSA.gov and SAM.gov and will continue to work with the Office of Inspector General and law enforcement agencies to take additional appropriate action.”

But without knowing how the fraud was introduced, Mlinarchik said those steps offer contractors little comfort.

“It’s a band-aid on a gunshot wound. GSA can say they’re doing something while they figure out how to actually prevent this in the future,” he said.

GSA IG officials were not immediately available for comment.

Carten Cordell

Written by Carten Cordell

Carten Cordell is a Senior Technology Reporter for FedScoop. He is a former workforce and acquisition reporter at Federal Times, having previously served as online editor for Northern Virginia Magazine and Investigative Reporter for Watchdog.org, Virginia Bureau. Carten was a 2014 National Press Foundation Paul Miller Fellow and has a Master’s degree from the Medill School of Journalism at Northwestern University. He is also a graduate of Auburn University and promises to temper his passions for college football while in the office.

Latest Podcasts