COVID-19 Federal Assistance e311


Due Diligence & Fraud Protection

Funding Source

American Rescue Plan Act, CARES Act, FEMA, HUD, Infrastructure Investments and Jobs Act

How can a municipality avoid fraud in the procurement process?

On January 6, 2022, the U.S. Department of the Treasury (“Treasury”) released the Final Rule implementing the Coronavirus State and Local Fiscal Recovery Funds (“CSLFRF”). The Final Rule explains that “recipients must comply with the applicable requirements of the Uniform Guidance regarding procurement, contracting, and conflicts of interest and must follow the applicable laws and regulations in their jurisdictions.”[1] This is also true of non-federal entities who may be subrecipients.[2]

Some steps that municipalities may consider taking to prevent fraud in the procurement process include, but are not limited to, the following:

  • Performing a check to help ensure contractors and suppliers are not prohibited from working on federally funded contracts. A contract should not be granted to parties that are suspended, debarred, or otherwise excluded from or ineligible for participation in federal programs or activities.[3] The federal government maintains the System for Award Management (“SAM”), a public database used to identify companies and individuals who are excluded from working on federal projects.[4] In addition, many states and municipalities maintain their own debarment lists, and these should be checked as well. If awarding a new contract or competing for a renewal, this check should be included in the proposal or bid evaluation process prior to notification of award. Municipalities should keep a record of the checks they performed.
  • Contracts should only be awarded to responsible contractors possessing the ability to perform successfully under the terms and conditions of a proposed procurement. Consideration will be given to such matters including but not limited to: (i) contractor integrity; (ii) compliance with public policy; (iii) record of past performance; (iv) financial and technical resources; and (v)  capacity to perform the proposed scope of services.[5] Even under federal emergency and exigency programs, basic due diligence steps can be taken, such as checking your state’s Secretary of State Business Registration Database to attempt to ensure the relevant company is duly registered to conduct business, performing an internet check to see if any red flags surface regarding the company and owner, and reviewing past performance evaluations if applicable.
  • Maintain oversight to ensure that contractors perform in accordance with terms, conditions, and specifications of their contracts or purchase orders.[6] Examples of some oversight tools include: (i) conducting regular audits; (ii) ensuring sufficient supervision  and/or regular project spending and work completion reports from vendors; and (iii), having written standards of conduct in place covering conflicts of interest and governing the performance of employees engaged in the selection, award, and administration of contracts. Municipalities should keep records of all actions taken for audit and other purposes.
  • Where time does not permit adequate acquisition planning and market research, a municipality can consider limiting the value and length of a contract to address only its immediate needs. This approach allows the municipality to plan strategically for ongoing requirements. Options may be included and exercised, if necessary, to allow continuous service.[7]
  • If using pre-existing, competitively-bid contracts for emergency services, municipalities must ensure that the scope of work provided is consistent with the scope of work in the original contract. Change orders, any modification or change to works agreed to in the contract, submitted by contract administrators to substantially add new scope, services, or time not covered by the original contract and solicitation may be considered a “cardinal change,” making the contract non-competitive and non-compliant with federal procurement requirements.[8] Non-competitive and non-compliant contract activities could be flagged as potential fraud. Changes to the contract should always follow the processes outlined in the contract itself.
  • If procuring new goods or services, municipalities should ensure that any solicitation is clear on the scope of services being sought, including any criteria used to evaluate a bidder’s responsiveness or responsibility. Awarded vendors will need to demonstrate: (i)  responsiveness; (ii) compliance with  the criteria outlined in the solicitation; and (iii) the reputational, technical, and financial capacity to perform the services proposed for the contract.[9] Awarding a contract to a vendor who did not comply with the terms of the solicitation, or where evaluation criteria for the award was not consistently or clearly applied or documented, will likely raise concern regarding the validity of the award.
  • If sufficiently robust, municipalities must follow already established procurement processes, whether they are for emergency contracts or otherwise. They must also maintain records sufficient to detail the history of the procurement. These records should include, but are not necessarily limited to, the following: (i) rationale for the method of procurement; (ii) selection of contract type; (iii) contractor selection or rejection, and (iv) the basis for the contract price.[10] Failure to adequately document the history of the procurement could also lead to questions about the validity of the contract award. Documentation is key to transparency and for preparing for future audits.
  • Immediately notify in writing the federal agency awarding the assistance of potential violations of federal law involving fraud, bribery, or gratuity violations potentially affecting the federal award.[11]
  • Require contractors/vendors to include a signed certification attesting to the accuracy of submitted invoices. Establish processes to review invoices against a vendor’s progress reports to ensure that the project is completing the scope as outlined by the contract, change order, or your direction, and that the timelines are consistent with the terms of the contract.
  • Establish and promote an anonymous COVID-19 Fraud whistleblower hotline for employees, the public, and contractors. Hotline posters should be posted at government facilities, distributed to contractors/vendors, and placed in public areas that are most likely to be observed by the members of the community. Creating posters in multiple languages can be helpful. Contractors and vendors must be reminded in their contracts of their absolute responsibility to report any suspicion of fraud to the hotline.
  • When audits or reviews have identified mistakes made during the procurement process, document the issue(s) and note the corrective action planned or taken. Failure to correct conditions identified by audits or reviews which could cause improper payments, fraud, waste, or abuse is viewed by the federal government as unacceptable and could result in sanctions.[12]

Last Revised: January 27, 2022

[1] Treas. Reg. 31 CFR 35 at 137, available at:

[2] Id., at 210.

[3] 2 CFR Section 200.206(d), Suspension and Debarment Compliance, available at:

[4] General Services Administration, “Exclusions,” available at:

[5] Id., at 2 CFR Section 200.318(h), General Procurement Standards.

[6] Id., at 2 CFR Section 200.318(b), General Procurement Standards.

[7] U.S. Office of Management and Budget Emergency Acquisition Guide, available at:

[8] 2 CFR Sections 200.319, Competition, and 200.320(c), Methods of Procurement to be Followed, Noncompetitive Procurement, available at:

[9] Id., at 2 CFR Sections 200.318(h) and 200.318(i), General Procurement Standards and 200.319(d), Competition.

[10] Id., at 2 CFR Section 200.318(i), General Procurement Standards. 

[11] Id., at 2 CFR Section 200.113, Mandatory Disclosures. 

[12] Id., at 2 CFR 200.25(e), Cooperative Audit Resolution.