14 FAM 240
CONTINGENCY OPERATIONS AND CRITICAL ENVIRONMENT CONTRACTING
(CT:LOG-342; 02-02-2022)
(Office of Origin: A/OPE)
14 FAM 241 POLICY AND OBJECTIVES
(CT:LOG-288; 09-11-2020)
a. This subchapter sets forth Department of State requirements for planning and executing contracting in support of contingency operations and mission activities in critical environments overseas.
b. Except for whereas stated, the policies set forth in this subchapter apply to areas that the Department of Defense (DoD) has designated as overseas contingency operations, as defined in 10 U.S.C. 101(a)(13).
c. At the discretion of the Under Secretary for Management (M), this policy may be applied to other overseas locations that are not DoD-designated contingency operations. For the purpose of this policy, these other overseas locations are referred to as "critical environments." See 14 FAM 244.4-2, paragraph a, for guidance on how the Under Secretary for Management may determine what constitutes a critical environment.
d. Summary of general policies:
(1) DoD is authorized by Congress to declare contingency operations. Once an overseas contingency operation is designated, certain planning and reporting activities are required by Sections 846(b) and 847 of the National Defense Authorization Act for Fiscal Year 2013, Public Law 112-239;
(2) Public Law 112-239 also requires coordination among DoD, the U.S. Agency for International Development, and the Department of State. This coordination is accomplished through the Critical Environment Contracting Analytics Staff, in the Bureau of Administration (A/OPE/AQM/CECAS);
(3) No later than 6 months after DoD commences or designates a contingency operation outside the United States that includes or is expected to include combat operations, the Department must perform a comprehensive risk assessment and develop a risk-mitigation plan addressing operational risks associated with contractor performance of critical functions when:
(a) The military operation is expected to continue for more than 1 year;
(b) The total amount of obligations for Department contracts in support of the operation is expected to exceed $250 million; and
(c) If a risk assessment and risk mitigation plan have not been previously performed, the Department has 60 days after the date the operation has actually continued for more than 1 year, or after the Department's total amount of obligations for contracts for support of the operation actually exceeds $250 million;
(4) Resource requirements for Office of Acquisitions Management (A/OPE/AQM) contracting officers to support contingency contracting are estimated by the head of contracting activity (HCA). Financial estimates for contract award support are included in and managed under the A/OPE/AQM Working Capital Fund (WCF);
(5) Resource requirements for contingency operation program managers, contracting officer's representatives (CORs), including property administrators and plant clearance officers, are estimated by the responsible funding bureaus or program offices. These resource requirements are included in financial estimates provided to the Bureau of Budget and Planning (BP) and the Office of U.S. Foreign Assistance Resources (F), as applicable;
(6) The Department's 5-year Acquisition Workforce Human Capital Plan is coordinated by the Office of the Procurement Executive (A/OPE) in conjunction with the Bureau of Global Talent Management (GTM). A/OPE/AQM estimates requirements for contracting officers and contract specialists. Bureaus estimate requirements for program managers and CORs. GTM uses the input from the Acquisition Workforce Human Capital Plan and funding bureaus or program offices to support the development of the Department's 5-year Workforce and Leadership Succession Plan; and
(7) Detailed assessments of the necessity and sustainability of capital foreign assistance projects, above designated thresholds, in support of contingency operations, and which are for the benefit of the host government, must be documented. Section 1273(c) of Public Law 112-239 provides waiver authority by the Secretary of State. Contact A/OPE/AQM/CECAS for coordination of any waiver request.
14 FAM 241.1 Authorities
(CT:LOG-212; 05-11-2016)
Authorities include the National Defense Authorization Act for Fiscal Year 2013, Public Law 112-239, which requires the Department to issue guidance regarding data collection (Section 844); perform comprehensive risk assessment; develop risk mitigation plan (Section 846); submit reports to Congress on overseas contingency contract support (Section 847); and conduct sustainability assessments on capital projects (Section 1273).
14 FAM 241.2 Responsibilities
(CT:LOG-288; 09-11-2020)
a. The Secretary of State vests contingency operation contract management responsibility in the Under Secretary for Management (M). The Under Secretary is responsible for major contingency contracting policy decisions.
b. 41 U.S.C. 1702(b)(3)(F) requires that the Chief Acquisition Officer (CAO) be responsible for advising the Department on the applicability of relevant policy on the contracts of the Department for overseas contingency operations and ensuring compliance of the contracts and contracting activities of the Department with such policies.
c. Acquisition policy is promulgated by A/OPE.
d. A/OPE/AQM/CECAS is responsible for Department-wide coordination to develop risk assessments and risk-mitigation plans for contractor support in designated contingency operation areas, as well as critical environments as determined by the Under Secretary for Management (per 14 FAM 244.3 and 14 FAM 244.4). A/OPE/AQM/CECAS is also responsible for developing on an annual basis the recommended critical environment list for approval by the Under Secretary for Management, per 14 FAM 244.4-2, paragraph a.
14 FAM 241.3 Definitions
(CT:LOG-212; 05-11-2016)
a. Contingency operation: See 10 U.S.C. 101(a)(13) for the exact definition. This generally refers to a military operation that:
(1) Is designated by the Secretary of Defense as an operation in which members of the armed forces are or may become involved in military actions and operations; or
(2) Results in the call or order to, or retention on, active duty of members of the uniformed services under any provision of law during a war or during a national emergency declared by the President or Congress.
b. Private security functions: See the exact definition in Section 864 of Public Law 110-181 and associated regulation FAR Part 25.302-2. This generally means activities engaged in by a contractor under a covered contract including guarding personnel, facilities, or property of a Federal agency, the contractor, or subcontractor, or a third party. It includes any other activity for which personnel are required to carry weapons in the performance of their duties in accordance with the terms of the contract.
14 FAM 242 DECLARATION OF A CONTINGENCY AND ESTABLISHMENT OF COORDINATION
(CT:LOG-212; 05-11-2016)
The Department will be notified via Department of Defense (DoD) Executive Secretary Memorandum of the formal declaration by the Secretary of Defense of a contingency operation as defined in 10 U.S.C. 101(a)(13). The Under Secretary for Management may also issue a determination that the policies of this subchapter apply to a specific situation that is not a DoD-designated contingency, as specified in 14 FAM 241, paragraph c.
14 FAM 243 CONTINGENCY CONTRACT TRACKING AND OVERSIGHT
14 FAM 243.1 Collection of Data
(CT:LOG-262; 04-18-2019)
a. Section 844 of Public Law 112-239 requires the Department of State to issue guidance regarding data collection on contract support for contingency operations outside the United States that involve combat operations, not later than a year after the January 2, 2013 enactment of Public Law 112- 239. The required guidance is contained in this section. The Deputy Assistant Secretary, Office of Logistics Management (A/LM), is responsible for contracting data collection and report creation.
b. The law requires the Department to have the capability to collect and report, at a minimum, the following data regarding such contract support:
(1) The total number of contracts entered into as of the date of any report. The information is collected by the Office of Acquisition Management (A/OPE/AQM) from the Federal Procurement Data System (FPDS) based on sorting by place of performance and date of award. The data from FPDS is compared to data from the Synchronized Pre-Deployment Operational Tracker (SPOT) to ensure accuracy;
(2) The total number of such contracts that are active as of such date. The information is collected by A/OPE/AQM from the FPDS based on sorting by place of performance and period of performance;
(3) The total value of contracts entered into as of such date. The information is collected by A/OPE/AQM from the FPDS based on sorting by place of performance, date of award, and descending value;
(4) The total value of such contracts that are active as of such date. The information is collected by A/OPE/AQM from the FPDS based on sorting by place of performance, period of performance, and descending dollar value;
(5) An identification of the extent to which the contracts entered into as of such date were entered into using competitive procedures. The information is collected by A/OPE/AQM from the FPDS based on sorting by place of performance, date of award, and competition status;
(6) The total number of contractor personnel working under contracts entered into as of the end of each calendar quarter during the 1-year period ending on such date. The information is collected by A/OPE/AQM based on the number of contractor personnel registered in the SPOT system used to record contractor personnel deploying to a contingency area;
(7) The total number of contractor personnel performing security functions under contracts entered into as of the end of each calendar quarter during the 1-year period ending on such date. The information is collected by A/OPE/AQM from the SPOT database. Job titles within SPOT categorize an individual as a security contractor; and
(8) The total number of contractor personnel killed or wounded under any contracts entered into. The information is entered into the SPOT database by the contractor. Serious incident reports involving contractors are monitored by posts' regional security officers and may be used to assist in verification of data. Company administrators and assigned CORs are responsible for ensuring data is entered into the SPOT database.
14 FAM 243.2 Requirements Development and Management
(CT:LOG-212; 05-11-2016)
a. Requirements are defined by the funding bureau. For example, Overseas Buildings Operations defines construction requirements and Diplomatic Security defines security requirements.
b. Requirements must be evaluated for sustainability and ability to achieve results. In contingency operation posts and designated critical environments, programs must be assessed to determine if sufficient infrastructure and expertise will be available to maintain the contracted effort. Performance metrics must be developed to ensure achievement of results.
c. Foreign assistance requirements over $10 million will be coordinated with other agencies operating in the contingency post or critical environment to ensure no duplication or overlap of requirements. A coordinating working group will be established by the Office of U.S. Foreign Assistance Resources (F) within 120 days of the declaration of a contingency operation.
d. A determination must be made as to whether requirements must be met through performance by government personnel or through contractor support. The requirements package must contain an assessment pursuant to Procurement Information Bulletin (PIB) 2012-11, Preventing Contractor Performance of Inherently Governmental Functions, indicating whether the task is inherently governmental and must be performed by government personnel, or if it can be achieved through contractor support. The requirements package must consider any risks to the U.S. Government from the use of contractors, as indicated by the risk assessment and any risk mitigation plan, thus requiring the use of government personnel instead of contractor support.
14 FAM 243.3 Sustainability Assessments for Certain Foreign Assistance Capital Projects
(CT:LOG-212; 05-11-2016)
a. Section 1273 of Public Law 112-239 requires initial sustainability assessments of certain foreign assistance projects, along with semi-annual reporting of these assessments to Congress.
b. Please review Public Law 112-239, Section 1273, for specific details on what the assessments must evaluate to document the necessity and sustainability of the project.
c. The Office of U.S. Foreign Assistance Resources (F) manages the semiannual Congressional reporting process, while individual project offices and posts are responsible for preparing the sustainability assessments, per 14 FAM 243.3-1.
14 FAM 243.3-1 Requirement for Sustainability Assessments
(CT:LOG-212; 05-11-2016)
a. Section 1273 of Public Law 112-239 requires initial sustainability assessments of certain capital projects that exceed $5 million and are funded by the Department of State for an overseas contingency operation for the benefit of a host country. The section also requires semi-annual reporting of these assessments to Congress.
b. In addition to the requirements of Section 1273, the Presidential Policy Directive on Global Development (#6, issued in FY 2011) and Security Sector Assistance (#23, issued in FY 2013), and the Quadrennial Diplomacy and Development Review, all stress the critical importance of emphasizing sustainability of foreign-assistance investments to the greatest extent possible and practicable. Sustainability is achieved when host-country partners and beneficiaries are empowered, and have the capacity, to take ownership of development processes, including financing and maintaining project results and impacts once the U.S. Government ceases financial contributions towards a project. The Department of State is committed to working with host-country partners when designing projects to:
(1) Define the degree of sustainability that is considered essential for the success of a project;
(2) Reference specifically the sustainability objectives of the project or project components (with the understanding that not all projects aim to be fully sustainable at their conclusion) in bilateral agreement documents; and
(3) Indicate, prior to project approval and implementation, how the project intends to meet these sustainability objectives.
c. In order to ensure that our resource allocations are strategic, efficient, and effective for both the Department of State and the host country, a review of project sustainability should be part of every project designed that will use foreign-assistance funding. This is particularly true of infrastructure projects which can include large-scale, up-front investments that have ongoing operations and maintenance expenses that must be continued if the project is going to provide sustained value. Therefore, prior to the approval and subsequent start of any infrastructure project with U.S. foreign-assistance funds where the total life-of-project cost will exceed $5 million, a sustainability assessment must be undertaken. This requirement applies regardless of whether the infrastructure project is for an overseas contingency operation.
14 FAM 243.3-2 Elements of Sustainability Assessments
(CT:LOG-212; 05-11-2016)
The elements of the assessment required by 14 FAM 243.3-1 will include:
(1) An estimate of the total cost of the completed project to the United States;
(2) An estimate of the financial and other requirements necessary for the host government to sustain the project on an annual basis after completion of the project;
(3) An assessment whether the host government has the capacity (in both financial and human resources) to maintain and use the project after completion;
(4) A description of any arrangements for the sustainment of the project following its completion if the host government lacks the capacity (in financial or human resources) to maintain the project; and
(5) An assessment of whether the host government has requested or expressed its need for the project, and an explanation of the decision to proceed with the project absent such request or need.
14 FAM 243.3-3 Approval, Waiver, and Reporting of Sustainability Assessments
(CT:LOG-212; 05-11-2016)
a. Sustainability assessments required under 14 FAM 243.3-1 must be conducted, and approved, prior to obligation of funds (subobligation if initial obligation is through an over-arching instrument, such as a letter of agreement). Assessments must be approved by the chief of mission (COM) or his or her delegate responsible for coordinating foreign assistance programs, as well as the Assistant Secretary of the funding bureau or his or her designee. In addition to these approvals, assessments of capital projects for contingency operations required under Section 1273 of Public Law 112-239 must be approved by F.
b. The COM may waive the requirement to conduct this assessment prior to the initiation of the project if the COM determines that immediate initiation of the project is in the national security, diplomatic, or humanitarian interests of the United States and delaying the start of the project to conduct the assessment would jeopardize these interests. Assessments of capital projects for contingency operations, required under Section 1273 of Public Law 112-239, must also be approved by F. Not later than 90 days after the issuance of the waiver, the mission must submit the approved sustainability assessment as described herein.
c. Copies of all final assessments, along with any waivers, must be submitted to F within 10 business days of completion of the final assessment or approval of the waiver. F will retain the assessments/waivers. Assessments of capital projects for contingency operations required under Section 1273 of Public Law 112-239, or waivers of such assessments, will be provided to Congress by the implementing bureau in a semi-annual report required by Section 1273(d) and to the appropriate committees as outlined in Section 1273(e)(1).
14 FAM 243.4 Acquisition Planning
(CT:LOG-288; 09-11-2020)
a. Written acquisition planning is required pursuant to Federal Acquisition Regulation (FAR) 7.105 for all acquisitions over $5 million. The required contents of acquisition plans are specified in the FAR at 7.105.
b. Acquisition plans for contingency operations require special attention in several areas:
(1) Interagency acquisition support;
(2) Avoiding conflicts of interest;
(3) Determining the appropriateness of performance by contractor personnel;
(4) Risks of contractor support;
(5) Life support to be provided by post; and
(6) Contract administration.
c. Acquisition plans for critical environments designated by the Under Secretary for Management require the same special attention stated in 14 FAM 243.4, paragraph b.
d. When a contract is being considered for performance in a DoD-designated contingency operation area, A/OPE/AQM and the funding bureau or program office shall notify A/OPE/AQM/CECAS, which will provide support regarding the evaluation of risk to contractors and the development of risk mitigation strategies. The same shall apply for contracts in critical environments that M designates as requiring risk mitigations.
14 FAM 243.5 Solicitation and Award of Contracts
(CT:LOG-288; 09-11-2020)
a. The Department of State's acquisition strategy for supporting contracting operations relies on "reach-back" centralized contracting support established within the Washington, DC acquisition management office A/OPE/AQM, in coordination with bureaus and posts. A/OPE/AQM also utilizes the regional procurement support offices in Fort Lauderdale, Florida, and Frankfurt, Germany, as needed. This same strategy is used to support contingency or critical environment contracting operations.
b. The need for other forward-deployed acquisition support offices in the country of conflict or in neighboring countries will be determined by the CAO in consultation with the A/LM Deputy Assistant Secretary and the Procurement Executive. A written determination will be made by the CAO on the establishment of any forward deployed support offices.
c. A/OPE/AQM will assess periodically the staffing required to support operations. The Working Capital Fund provides a method of increasing staffing in response to increased acquisition workload. Acquisition staffing will be estimated as part of the annual Acquisition Workforce Human Capital Plan. Tools to support increases in acquisition support include an on-going acquisition intern program, pre-approved acquisition position descriptions, identification of retired acquisition professionals available for assignment (both Foreign Service and Civil Service) and open staffing announcements.
d. The efficiency and effectiveness of interagency support options such as acquisition support under the Economy Act (31 U.S.C. 1535) or other authorities should be part of planning.
e. A/OPE/AQM/CECAS will act as the interagency acquisition agreement advisor/coordinator for the Department during contingency operations. A/OPE/AQM/CECAS will follow appropriate FAR requirements, as applicable, including: FAR 2.101, Definitions; FAR 17.5, Interagency Acquisitions; PIB 2013-03, Acquisition Agreements; and PIB 2014-05, Non-Acquisition Interagency Agreements.
14 FAM 244 CONTINGENCY OPERATIONS AND CRITICAL ENVIRONMENT CONTRACT MANAGEMENT
14 FAM 244.1 Contingency Operation and Critical Environment Contract Administration
14 FAM 244.1-1 Planning
(CT:LOG-288; 09-11-2020)
a. Bureaus with contracting requirements in any contingency operations country or in a critical environment where the Under Secretary for Management has determined risk mitigation plans are required must plan for contract administration from the start of requirements determination and shall coordinate closely with A/OPE/AQM/CECAS. Resources and funding available for contract administration must be an element of the acquisition plan and address requirements in the risk mitigation plan for the contract. Assistant Secretaries of bureaus with service-contract requirements that will exceed $25 million per year must certify that adequate financial and other resources have been identified to support the contract and must continue to validate that sufficient resources exist on their bureau's annual Statement of Assurance to the Secretary.
b. The strategy to administer contracts in contingency operation areas and critical environments will be a joint assessment by the regional bureau, bureaus with operational responsibility, acquisitions (A/OPE/AQM), and A/OPE. The regional bureau has coordinating leadership.
14 FAM 244.1-2 Training
(CT:LOG-212; 05-11-2016)
a. A/OPE defines training and experience requirements for CORs. Bureaus with operational responsibility must define any specialized training or experience requirements to ensure effective contract administration oversight, such as requirements for subject-matter expertise. For example, a bureau managing a food and fuel supply contract may decide to require fuel testing plus food safety experience and training for CORs monitoring the contract. This training would supplement training in COR duties and knowledge of FAR required by A/OPE.
b. Bureaus should consider acquiring oversight training and/or oversight support from other agencies with specialized experience such as DoD's Defense Contract Management Agency, Defense Logistics Agency, or other agencies via interagency acquisition agreements in accordance with Department procedures.
c. Previous contingency operations were supported by contractors using imported third-country nationals. Contingency conditions may increase the risk of Trafficking in Persons (TIP) violations. Contracting officers and CORs should review TIP monitoring guidance and create appropriate mitigation and oversight strategies.
d. Existing COR training covers normal invoice processing. Complex programs in contingency environments may need to develop program specific invoice review and processing guidance due to the creation of financial offices or processes to support the contingency or the need to coordinate payments with other agencies.
14 FAM 244.1-3 Deployment and Operations
(CT:LOG-288; 09-11-2020)
a. Contractors are required to provide their own life support unless otherwise authorized in their contracts. Contracting officers will not provide life-support authorization without express, written approval of the management counselor at the host post.
b. If authorized by the host post, contractor life support authorization must be specified in the contract and implemented through letters of authorization (LOAs) issued through SPOT for the individual contractor employees.
c. SPOT is the official record for tracking contractor deployment in contingency operations as well as the means for documenting prior authorization of life support.
d. Outgoing CORs shall provide either a written or oral debriefing of contractor performance and outstanding issues prior to departure to their successors.
e. Contractors are responsible for ensuring their employees complete all required training before deployment to the contingency area. A/OPE/AQM/CECAS is responsible for identifying any required standard training for a specific contingency or critical environment that all contractors must acquire.
14 FAM 244.2 Contractor Performance Evaluation
(CT:LOG-244; 03-27-2018)
a. Program evaluation is performed in accordance with guidance contained in 18 FAM 300, Department of State Evaluation Policy. Contracts must be written with performance metric monitoring as a goal to assist in determining whether contingency contracts should be continued, revised, or terminated.
b. Funding bureaus or program offices managing contracts in support of a contingency or critical environment that exceed $25 million or have been identified as high impact such as contracts for security, must conduct regular and comprehensive program reviews at least quarterly. Program reviews are chaired by the government program manager and should include the contracting officer and COR, if different than the program manager. Agendas, minutes, and tracking of action items must be performed.
c. Contracts must be promptly evaluated in the government-wide Contractor Performance Assessment Reporting System (CPARS) in accordance with standard Department procedures.
14 FAM 244.3 Risk Assessments and Risk-Mitigation Plans for Use of Contractors in Support of Contingency Operations
14 FAM 244.3-1 Planning
(CT:LOG-288; 09-11-2020)
a. As required by Section 846 (b) of Public Law 112-239, and subject to paragraphs g and h of this section, not later than 6 months after the commencement or designation of a contingency operation outside the United States that includes or is expected to include combat operations, the Department, through A/OPE/AQM/CECAS, must perform a comprehensive risk assessment and, as required, develop risk-mitigation plans for operational risks associated with contractor performance of critical functions (defined at 14 FAM 244.5) in support of Department of State operations.
b. A/OPE/AQM/CECAS is responsible for leading the Department-wide coordination to develop these risk assessments and resulting risk-mitigation plans.
c. The relevant regional bureau and Diplomatic Security (DS) are responsible for working with A/OPE/AQM/CECAS to develop risk assessments and for clearing the risk assessments.
d. The funding bureau or program office and DS are responsible for working with A/OPE/AQM/CECAS to develop contractor risk mitigation plans and for clearing the risk mitigation plans.
e. The relevant regional bureaus may elect to participate in developing risk mitigation plans for contracts operating in their region. Regional bureaus are also responsible for clearing risk mitigation plans if they participate in developing them.
f. The Under Secretary for Management approves risk assessments and contractor risk mitigation plans.
g. Exceptions: Except as provided in paragraph e of this section, a risk assessment and risk mitigation plans are not required under paragraph a for an overseas contingency operation, if:
(1) The operation is not expected to continue for more than 1 year; and
(2) The total amount of Department obligations for contracts in support of the operation is not expected to exceed $250 million. Once obligation thresholds are met, A/OPE/AQM/CECAS will initiate the Department-wide process for the comprehensive risk assessment and risk-mitigation plan.
h. Termination of exceptions: Notwithstanding paragraph d of this section, the Department must perform a risk assessment and develop a risk mitigation plan for an overseas contingency operation for which a risk assessment and risk mitigation plan has not been performed previously, not later than 60 days after the date on which:
(1) The operation has continued for more than 1 year; or
(2) The total amount of obligations for contracts in support of the operation for the covered agency exceeds $250 million.
14 FAM 244.3-2 Risk Assessments
(CT:LOG-288; 09-11-2020)
a. Section 846 (c) of Public Law 112-239, requires the comprehensive risk assessment must consider, at a minimum, risks relating to the following:
(1) The goals and objectives of the operation (such as risks from contractor behavior or performance that may injure innocent members of the local population or offend their sensibilities);
(2) The continuity of the operation (such as risks from contractors refusing to perform or being unable to perform when there may be no timely replacements available);
(3) The safety of military and civilian personnel of the United States if the presence or performance of contractor personnel creates unsafe conditions or invites attack;
(4) The safety of contractor personnel employed by the Department of State;
(5) The managerial control of the Department over the operation (such as risks from over-reliance on contractors to monitor other contractors or inadequate means for U.S. Government personnel to monitor contractor performance);
(6) The critical organic or core capabilities of the Department, including critical knowledge or institutional memory of key operations areas and subject-matter expertise; and
(7) The ability of the U.S. Government to control costs, avoid organizational or personal conflicts of interest, and minimize waste, fraud, and abuse.
b. To meet this requirement, A/OPE/AQM/CECAS will perform an annual risk assessment for each country where DoD is involved in a contingency operation. The risk assessment will be performed in coordination with DS and the appropriate regional bureau.
c. Diplomatic Security and the regional bureau clear the risk assessment.
d. The Under Secretary for Management approves the risk assessment.
14 FAM 244.3-3 Risk Mitigation Plans
(CT:LOG-288; 09-11-2020)
a. Section 846 (d) of Public Law 112-239, requires a risk-mitigation plan for each high-risk area identified in the comprehensive risk assessment (see 14 FAM 244.3-2). The risk-mitigation plan must include, at a minimum, the following:
(1) Specific actions to mitigate or reduce such risk, including the development of alternative capabilities to reduce reliance on contractor performance of critical functions (defined at 14 FAM 244.5);
(2) Measurable milestones for the implementation of planned risk mitigation or risk-reduction measures;
(3) A process for monitoring, measuring, and documenting progress in mitigating or reducing risk; and
(4) A continuing process for identifying and addressing new and changed risks arising in the course of the operation, including the periodic reassessment of risks and the development of appropriate risk mitigation or reduction plans for any new or changed high-risk area identified.
b. Risk mitigations apply to contractors who are nonlocal resident, whether U.S. citizens or third-country nationals, except personal services contractors.
c. The prime contractor is responsible for ensuring that its sub-contractors comply with the mitigations.
d. Risk mitigation plans will address the areas of high risk identified in the risk assessment but will not necessarily mirror the approaches used for U.S. Government direct hires.
e. FAR 52.225-19 is required in all contracts operating within a DoD-designated contingency operation area, and risk mitigation plans to not obviate the requirement for this clause's inclusion in the contract.
f. A/OPE/AQM/CECAS will lead the Department-wide coordination to develop such risk mitigation plans with DS, AQM, the funding bureau or program office (see 14 FAM 244.3-3, subparagraph a(1)). The development of alternative capabilities, as applicable, to reduce reliance on contractor performance of critical functions is the responsibility of the funding bureaus or program offices (see 14 FAM 244.3-3, subparagraph a(1)). The funding bureaus or program offices are responsible for establishing measurable milestones to ensure the implementation of the risk mitigation plan, and to establish a process for monitoring, measuring, and documenting the progress in mitigating or reducing risk (see 14 FAM 244.3-3, subparagraphs a(2) and a(3)). A/OPE/AQM/CECAS will continually identify and address new and changed risks arising in the course of the operation, including the periodic reassessment of risks and the development of appropriate risk mitigation or reduction plans for any new or changed high-risk area identified (see 14 FAM 244.3-3, subparagraph a(4)).
g. Diplomatic Security and the funding bureaus or program offices clear risk-mitigation plans. Regional bureaus are also responsible for clearing risk-mitigation plans, if they participate in developing them. The Under Secretary for Management approves the final risk-mitigation plans, which are subject to the Under Secretary for Management's or chief of mission's decisions for enhanced or additional mitigation factors at any time.
14 FAM 244.4 Risk Assessments and Risk-Mitigation Plans for Use of Contractors in Support of Critical Environments
14 FAM 244.4-1 Planning
(CT:LOG-288; 09-11-2020)
Per 14 FAM 241.3, paragraph d, A/OPE/AQM/CECAS is responsible for leading Department-wide coordination to develop risk assessments and risk mitigation plans for contractor support in countries designated as critical environments.
14 FAM 244.4-2 Critical Environment Risk Assessments
(CT:LOG-288; 09-11-2020)
a. Per 14 FAM 241.2, paragraph d, A/OPE/AQM/CECAS is responsible for developing, on an annual basis, the Critical Environments List:
(1) To develop the recommended Critical Environments List, A/OPE/AQM/CECAS and DS review the most current High-Threat, High-Risk (HTHR) list and the Security Environments Threat List (SETL). Countries are placed on the Critical Environments List based on the threat of terrorism and political violence being critical or high, with at least one critical rating in either of the two categories;
(2) The Critical Environment List is approved annually by the Under Secretary for Management; and
(3) Should security circumstances in a country decline, the Under Secretary for Management may direct that the country be added to the Critical Environments List at any time.
b. The criteria set forth in Section 846(c) of Public Law 112-239, will be considered in the formation of these risk assessments, such as the consideration of risks associated with the following:
(1) The goals and objectives of the operation, such as risks from contractor behavior or performance that may injure innocent members of the local population or offend their sensibilities;
(2) The continuity of the operation, such as risks from contractors refusing to perform or being unable to perform when there may be no timely replacements available;
(3) The safety of military and civilian personnel of the United States if the presence or performance of contractor personnel creates unsafe conditions or invites attack;
(4) The safety of contractor personnel employed by the Department of State;
(5) The managerial control of the Department over the operation, such as risks from over-reliance on contractors to monitor other contractors or inadequate means for U.S. Government personnel to monitor contractor performance;
(6) The critical organic or core capabilities of the Department, including critical knowledge or institutional memory of key operations areas and subject-matter expertise; and
(7) The ability of the U.S. Government to control costs, avoid organizational or personal conflicts of interest, and minimize waste, fraud, and abuse.
c. To meet this requirement, A/OPE/AQM/CECAS will perform an annual risk assessment for each country on the Critical Environments List. The risk assessment will be performed in coordination with DS and the appropriate regional bureau.
d. Diplomatic Security and the regional bureau clear the risk assessment.
14 FAM 244.4-3 Critical Environment Risk-Mitigation Plans
(CT:LOG-288; 09-11-2020)
a. At the time CECAS submits a risk assessment to the Under Secretary for Management for approval, the Under Secretary will determine whether the Department will:
(1) Coordinate and develop risk-mitigation plans for contracts with operations in the country, as outlined in 14 FAM 244.3-3; or
(2) Include the security awareness clause in subject contracts, requiring the contractor to both develop and implement a comprehensive security program which includes an assessment of risks, as outlined in 14 FAM 246.
b. If under 14 FAM 244.4-3, subparagraph a(1), the Under Secretary for Management determines that risk-mitigation plans are required for contractor support in a critical environment, the process will be the same as for DoD-designated contingency operations (see 14 FAM 244.3-3). The criteria set forth in Section 846(d) of Public Law 112-239, will be considered in the formation of these risk-mitigation plans, and will include such considerations as:
(1) For each high-risk area identified in the comprehensive risk assessment:
(a) Specific actions to mitigate or reduce such risk, including the development of alternative capabilities to reduce reliance on contractor performance of critical functions;
(b) Measurable milestones for the implementation of planned risk mitigation or risk-reduction measures; and
(c) A process for monitoring, measuring, and documenting progress in mitigating or reducing risk; and
(2) A continuing process for identifying and addressing new and changed risks arising in the course of the operation, including the periodic reassessment of risks and the development of appropriate risk-mitigation or reduction plans for any new or changed high-risk area identified.
c. Risk mitigations apply to contractors who are nonlocal resident, whether U.S. citizens or third-country nationals, except personal services contractors.
d. The prime contractor is responsible for ensuring that its subcontractors comply with the mitigations.
e. Risk mitigation plans will address the areas of high risk identified in the risk assessment but will not necessarily mirror the approaches used for U.S. Government direct-hires.
f. FAR 52.225-19 is required in all contracts operating within a critical environment, and risk-mitigation plans to not eliminate the requirement for this clause's inclusion in the contract.
g. A/OPE/AQM/CECAS will lead the Department-wide coordination to develop such risk-mitigation plans with DS, AQM, the funding bureau or program office (see 14 FAM 244.3-3, subparagraph a(1)). The development of alternative capabilities, as applicable, to reduce reliance on contractor performance of critical functions is the responsibility of the funding bureaus or program offices (see 14 FAM 244.3-3, subparagraph a(1)). The funding bureaus or program offices are responsible for establishing measurable milestones to ensure the implementation of the risk-mitigation plan, and to establish a process for monitoring, measuring, and documenting the progress in mitigating or reducing risk (see 14 FAM 244.3-3, subparagraphs a(2) and a(3)). A/OPE/AQM/CECAS will continually identify and address new and changed risks arising in the course of the operation, including the periodic reassessment of risks and the development of appropriate risk-mitigation or reduction plans for any new or changed high-risk area identified (see 14 FAM 244.3-3, subparagraph a(4)).
h. Diplomatic Security and the funding bureaus or program offices clear risk-mitigation plans. Regional bureaus are also responsible for clearing risk-mitigation plans if they participate in developing them. The Under Secretary for Management approves the final risk-mitigation plans, which are subject to the Under Secretary for Management's or chief of mission's decisions for enhanced or additional mitigation factors at any time.
14 FAM 244.5 Critical Functions
(CT:LOG-212; 05-11-2016)
Section 846 (e) of Public Law 112-239 requires critical functions to include, at a minimum, the following:
(1) Private security functions, as that term is defined in Section 864 (a)(6) of the National Defense Authorization Act for Fiscal Year 2008 (10 U.S.C. 2302 note);
(2) Training and advising U.S. Government personnel, including military and security personnel, of a host nation;
(3) Conducting intelligence or information operations;
(4) Any other functions that are closely associated with inherently governmental functions, including the functions set forth in the FAR 7.503(d); and
(5) Any other functions that are deemed critical to the success of the operation.
14 FAM 244.6 Program Risk Management
(CT:LOG-212; 05-11-2016)
a. In addition to the requirement for a risk assessment on the use of contractor support required by 14 FAM 244.3-2 and 14 FAM 244.4-2, individual bureaus will manage individual program risk using their established procedures. All contracts exceeding $25 million in support of a contingency operation must have an individual program risk assessment and program risk planning.
b. Individual program risk assessment and planning should include a contractor self-assessment of program risks and a mitigation plan updated semi-annually.
c. Programs or contracts in support of contingency operations exceeding $25 million must schedule at least quarterly program reviews to determine that contractor performance is achieving objectives. Metrics, in accordance with FAM program evaluation guidelines, should be used to assess effectiveness. Program review frequency should be based on the nature and complexity of the program. Contractor performance must be documented in the government-wide contractor performance assessment system.
d. If a program or contract is determined to be at risk of failure to achieve delivery or meet cost or performance objectives, the finding must be presented to the bureau Assistant Secretary, A/LM Deputy Assistant Secretary, CAO, and the Under Secretary for Management.
14 FAM 245 INTERAGENCY COORDINATION AND TRANSITION PLANNING
(CT:LOG-288; 09-11-2020)
a. A/OPE/AQM/CECAS is responsible for, and has the lead on, interagency coordination pertaining to Section 846 of Public Law 112-239, particularly with regard to risk-assessment and risk-mitigation planning.
b. All interagency acquisition agreements are documented in accordance with Department procedures.
c. Copies of agreements and supporting documentation are maintained within an environment shared by the agencies supporting the contingency operation so that the history of transactions is maintained even though personnel may rapidly rotate through a contingency environment. A special Transition Coordinating Working Group manages transition planning activities. The Deputy Assistant Secretary for Logistics Management chairs the Working Group.
d. Transition planning for acquisition support must consider identifying the need for continuing life support such as housing, food, medical and transport, among other services.
14 FAM 246 CONTRACTOR SECURITY PLAN REQUIREMENT
(CT:LOG-212; 05-11-2016)
a. In the event the Under Secretary for Management determines a specific risk mitigation plan is not required per 14 FAM 244.4-3, subparagraph a(2), the contracting office is responsible for including this solicitation provision and resulting contract clause in all service contracts using nonlocal U.S. citizens or third-country nationals requiring performance of 45 continuous days or more within a 12-month period in a designated critical environment:
CONTRACTOR SECURITY PLAN REQUIREMENT, April 2016
Work under this contract will be performed in a country that may experience security contingencies due to civil unrest, terrorism, political violence, and crime. Prime contractors and other service providers must develop and implement a comprehensive security program to protect their employees, and the employees from each sub-contract, regardless of their country of origin from such contingencies; and must develop a means to monitor, assess, and communicate changes in the security environment to their employees throughout the region. Contractors should seek professional advice in developing a security program tailored to the region where the work will be performed, or where an activity is undertaken to facilitate that work, to ensure the security program adequately mitigates the risks specific to that locale.
The security program shall, at a minimum, address physical, personal, and procedural security for employee housing/residences, transportation from housing to and from work venues, an action plan for medical/security-related emergencies, and the contractor's security policy for employees for off-duty recreational activities and those areas of the host nation that are deemed off limits due to the security environment. The comprehensive security program shall be documented in writing and submitted to the contracting officer within 30 days after award. The contractor will provide plan updates as necessary.
Adherence to this clause is considered integral to the performance of this contract, and failure to submit a plan consistent with these requirements or implement the plan may provide adequate ground for termination of the contract for default.
This clause is to be read in agreement with FAR 52.225-19, which is incorporated into this contract, and nothing in this clause shall be read or construed as limiting the responsibilities of the contractor or its subcontractors as set out in to that clause.
b. The program management office will determine if the comprehensive security plan proposed by the contractor required by the security awareness clause is acceptable.
c. The inclusion of this clause in the contract does not eliminate the requirement to include the clause at FAR 52.225-19, if applicable.
14 FAM 247 Terrorist Financing Risk Mitigation Through Counterterrorism Namecheck Vetting
(CT:LOG-320; 05-25-2021)
14 FAM 247.1 Planning
(CT:LOG-320; 05-25-2021)
a. Consistent with Department guidance on State Funding and the Risks of Terrorist Financing, for all State Department funded programs and requirements, Department bureaus must assess the likelihood that the funds or Department funded activities, goods, services, training, expert advice or assistance, or other benefits to be provided, could inadvertently or incidentally benefit terrorist organizations or their members or supporters, and put in place appropriate risk mitigation measures to mitigate such risk. This requirement applies whether the programs are implemented directly by the Department, through contracts, grants, or cooperative agreements (collectively, “awards”), or through inter-agency transfers implemented by other U.S. Government departments and agencies. The relevant bureau's Assistant Secretary is ultimately responsible for ensuring the bureau assesses these risks, as well as for the final decision about what mitigation measures are appropriate for any particular program. The Bureau of Administration, Risk Analysis Management Office (A/OPE/AQM/CECAS/RAM), does not conduct or oversee such risk assessments.
b. If, following its evaluation of the risk, the bureau determines that there is a risk that Department funds or Department-funded activities may inadvertently or incidentally benefit terrorist organizations, their members, or their supporters, prior to the obligation of funds and engaging in or funding the underlying activities, the bureau should consider whether CT namecheck vetting is an appropriate risk mitigation measure. CT namecheck vetting entails ensuring certain individuals identified by the implementing office (e.g., key individuals employed by implementing organizations, individual beneficiaries, etc.) regardless of their country of incorporation, ownership, or citizenship, seeking U.S. Government funds or benefiting from U.S. Government funded programs have completed the Bureau of Administration’s CT namecheck vetting program.
c. CT namecheck vetting is conducted by the Bureau of Administration, Risk Analysis Management Office (A/OPE/AQM/CECAS/RAM).
d. A/OPE/AQM/CECAS/RAM does not conduct namecheck vetting of government-to-government assistance, contributions to Public International Organizations, nonproliferation programs, other U.S. Government agencies, or the National Endowment for Democracy. Note that RAM may conduct namecheck vetting of beneficiaries and sub-implementers of programs implemented by other U.S. Government agencies and the National Endowment for Democracy.
e. The bureau is responsible for determining award eligibility once CT namecheck vetting is complete.
f. If CT namecheck vetting is determined to be an appropriate risk mitigation measure, the bureau must use the Bureau of Administration, Risk Analysis Management Office’s (A/OPE/AQM/CECAS/RAM) established program and the appropriate provisions and clauses must be included in the solicitation or notice of funding opportunity and resulting award.
g. Bureaus are not authorized to develop their own CT vetting program or use another agency’s CT vetting program.
h. Under current law, Congressional consultations with the Committees on Appropriations are required prior to initiating a partner vetting program or making significant changes to the scope of an existing partner vetting program. See 14 FAM 247.3, paragraph b, for further information on this process.
i. The cost of CT namecheck vetting is paid for by the bureau, per namecheck vet, into a Working Capital Fund and should be factored into bureau program planning. The fee for vetting is reviewed and adjusted annually as required by 4 FAM 036.2.
14 FAM 247.2 Counterterrorism (CT) Namecheck Vetting Risk Mitigation
(CT:LOG-320; 05-25-2021)
14 FAM 247.2-1 Responsibilities
(CT:LOG-320; 05-25-2021)
a. The Bureau of Administration is the coordinator for the Department’s CT namecheck vetting program.
b. The Risk Analysis and Management Office (A/OPE/AQM/CECAS/RAM) is the sole entity within the Department authorized to conduct CT vetting of U.S. citizens, U.S. legal permanent residents, and foreign nationals; no other CT vetting program is authorized. For a current list of vetting program countries, process, forms, and secure portal see CT vetting policy.
c. Following vetting, RAM will inform the bureau and contracting or grants officers either that no derogatory information was discovered or that derogatory information was discovered. If derogatory information is discovered, RAM will provide the appropriate references/document numbers to the bureau to facilitate their review and final decision.
d. The Assistant Secretary for the bureau is responsible for establishing a process to decide whether derogatory information found during RAM vetting is sufficient to disqualify the offeror or applicant. The decision to issue an award despite derogatory information being found during CT vetting must be documented and approved by the relevant Assistant Secretary (or equivalent official responsible for the program) or designee. The bureau will advise the contracting officer or grants officer in writing of the decision.
e. The contracting or grants officer is responsible for ensuring the appropriate vetting provisions and clauses are included in the solicitation or notice of funding opportunity and award, and for coordinating the vetting process among the bureau, RAM, and the offeror(s) or applicant(s). The contracting or grants officer shall not make an award until CT vetting is complete.
14 FAM 247.2-2 CT Namecheck Vetting Process
(CT:LOG-320; 05-25-2021)
a. When the bureau has determined that RAM CT vetting is an appropriate risk mitigation strategy for a particular program, the bureau must complete and submit Form DS-4221, “Risk Analysis Finding,” to RAM.
b. RAM will contact those applicants listed in the competitive range on the Form DS-4221 directly via email and provide instructions on completing the Form DS-4184, “Risk Analysis Information,” and how to enter the data into the Secure RAM Portal.
c. The contracting, grants, and/or program officer is responsible for ensuring that organizations in the competitive range are timely in submitting completed Form DS-4184 information into the secure RAM portal.
d. Once the Form DS-4184 data is entered in the Secure RAM Portal, RAM vets the Personally Identifiable Information (PII) from the Form DS-4184 against relevant databases for ties to terrorist organizations, their members, or supporters. Vetting may also be conducted prior to award of subcontracts or subawards if the requirement is included in the statement of work or terms and conditions of the award.
e. When the CT namecheck vetting is complete, RAM advises the bureau whether vetting uncovered derogatory information on any of the organization’s key individuals or other individuals subject to vetting.
f. RAM does not determine whether a bureau can or should issue an award to an offeror or applicant; the bureau is responsible for determining whether to proceed with the award based on the results of the vetting, which may indicate derogatory information was found on one or more individuals. Therefore, prior to initiating CT namecheck vetting, the bureau should provide guidance regarding the process for reviewing derogatory results, determining whether to proceed with the award, and any additional steps that may be necessary.
g. The bureau may determine the derogatory information found during vetting does not preclude engaging in the proposed program. In such cases, a decision memorandum from the Assistant Secretary (or equivalent official responsible for the program) or designee should be submitted to the contracting or grants officer and RAM documenting the decision.
h. When vetting is the determining factor not to issue an award, the Department will provide appropriate notice to the applicant. Within seven calendar days after the Department’s notification, an applicant may request in writing that the Department reconsider the determination. This request may include a written explanation, legal documentation, or any other relevant written materials. Within seven calendar days after the Department receives the request for reconsideration, the Assistant Secretary for the bureau responsible for the program will determine whether the applicant’s additional information merits a revised decision. The determination of whether reconsideration is warranted is final.
i. Vetting is valid for one year unless individuals holding positions or roles that have been vetted change or there is a change to the PII of such individuals, in which case such individuals must be submitted again for vetting. Additionally, if the award period of performance extends beyond one-year, individuals in the positions or roles that the bureau has identified for vetting must be submitted again for vetting.
14 FAM 247.3 Process for New CT Namecheck Vetting Programs or Locations
(CT:LOG-320; 05-25-2021)
a. Should a bureau wish to consider CT namecheck vetting in an additional country based on a risk assessment and concerns with certain programming in a particular country, the proposal must be submitted to the relevant Assistant Secretary (or equivalent official responsible for the program) for approval, after consultation with senior Department leadership, relevant chiefs of mission, and other bureaus, as appropriate.
b. Upon approval, the bureau must inform RAM. The bureau may also be required to consult with the Committees on Appropriations, in coordination with H and L/LFA. The bureau should contact L/LFA and H for further information on this process.
14 FAM 248 THROUGH 249 UNASSIGNED