Skip to Main Content

Parker Poe

Keeping you informed

Treasury Department Audit Effort Signals Continued Interest by Administration on Use of Small Business Contracting Programs

    Client Alerts
  • December 15, 2025

Last month, the U.S. Department of the Treasury launched a broad audit program that will review all preference-based federal contracts and task orders within the department and its bureaus — totaling roughly $9 billion in contract value. The Treasury’s announcement is the most recent of its kind and it complements similar initiatives, such as the announcement by the U.S. Small Business Administration (SBA) of its "full-scale" audit of its 8(a) Business Development Program on June 27, 2025, which we detailed in a previous client alert; the SBA’s warning to federal contracting officers on July 29, 2025, strengthening oversight of the SBA’s 8(a) program; and the SBA’s December 5, 2025, announcement ordering 4,300 firms to produce financial records.

The Treasury’s audit program will begin with the SBA’s 8(a) program and other initiatives that provide federal contracting preferences, in order to identify and eliminate potential misuse of the program after a number of alleged fraudulent activities.

The Treasury’s Far Reaching and Ambitious Audit Plan

The SBA’s 8(a) program designates small businesses owned by socially and economically disadvantaged individuals in order to afford those businesses access to government contracting opportunities. Eligibility is based on strict requirements for ownership, control, size, and disadvantage criteria laid out in, among others, 13 C.F.R. Part 124 of the U.S. Federal Code. Participants are then subject to ongoing compliance reviews and annual certification updates. While the SBA’s full-scale audit of the 8(a) program is broader in government-wide impact, the Treasury’s announced audit remains the most far-reaching review announced by a single federal department of its own preference-based awards.

The audit program follows the termination of multiple government contractors for allegedly defrauding the government through the SBA 8(a) program. For example, the Treasury suspended one contractor and terminated its contracts totaling $253 million amid allegations that the business was improperly passing through work set-aside for small businesses to large businesses. In another case earlier this year, the Department of Justice (DOJ) uncovered a $550 million bribery scandal involving 8(a) contractors, leading to guilty pleas by the owners and presidents of companies that were awarded the SBA 8(a) contracts.

While the Treasury and SBA audit initiatives are focused on fraud related to the 8(a) program, there are other areas where compliance breakdowns may result in unwanted attention by the federal government. Among these are regulatory violations related to cybersecurity, healthcare programs like Medicare and Medicaid, the use of E-Verify, and improper use of diversity, equity, and inclusion (DEI) programs.

As seen in prior investigations and settlements, the federal government will continue to use the False Claims Act and other tools at its disposal to discourage government contractors from making false certifications. Accordingly, in addition to the SBA 8(a) program certification, government contractors must take great care when submitting certifications relating to these and other areas, including ensuring that they are properly monitoring their subcontractors.

Compliance Considerations for Government Contractors

As it relates to small business preference programs, the Treasury and SBA audit programs will address the SBA 8(a) program contract awards, and the Treasury will also address contracts awarded under other preference-based contracting programs. Contractors receiving such awards may be scrutinized to confirm that they meet applicable standards and maintain appropriate internal controls and procedures that ensure compliance with regulatory standards and mitigate or eliminate the possibility of circumventing those controls.

Any company that bids for or receives a government contract based on a preference-based program should begin a review of compliance procedures now in order to identify and remediate gaps before an audit by the Treasury or the SBA. Government contractors should also review other compliance areas that may be targets for government scrutiny. These compliance areas include:

  • Implementation, monitoring, and internal reporting of cybersecurity controls within the company, as well as self-reporting of incidents or breaches to regulators and law enforcement.
     
  • Data security compliance procedures that protect personal data or sensitive government information, and a periodic review and update of those procedures, especially after a cybersecurity incident or other theft or extraction of data.
     
  • Use of E-Verify by both the primary government contractor and their subcontractors, including the ability of the primary contractor to review and assess any subcontractor’s compliance and obtain the subcontractor’s certification that all E-Verify use requirements are met.
     
  • DEI policies adopted by the company, procedures to remain in compliance with the limited scope of permissible DEI efforts, and employee training on changes to the DEI program.
     
  • Internal audit procedures to test compliance with supervisory requirements, bid preparation, the corporate code of ethics, employee training, billing and finance, and corporate governance.
     
  • Preparation, negotiation, and execution of contractual agreements with business partners and subcontractors, including the right to information about their compliance with government contracting requirements.
     
  • Preparation of any compliance certification submitted to the government, including the processes used to test and confirm the information being verified.
     
  • Whistleblower reporting programs and protection from retaliation by the employer.

Internal controls and compliance policies are a means of proactively assessing business and litigation risk for any company. The potential for civil or criminal claims by the government, as well as qui tam actions by private individuals under the False Claims Act, suspension, debarment, financial penalties, and the like, should serve as a warning to review compliance policies and procedures to identify and remediate gaps in internal controls.

Having robust government contracting compliance programs can be invaluable should an audit or investigation arise. Demonstrating a commitment to eliminating fraud and abuse may result in a lower charge, lesser penalty, or deferred prosecution agreement. For those reasons, engaging experienced outside counsel that are experienced in government contract requirements and compliance audits can help keep an agency audit from becoming an enforcement action.

For more information, please contact us or your regular Parker Poe contact. Click here to subscribe to our latest alerts and insights.

×
By using this website, you agree to our use of cookies.