Advisory Bulletin: General Services Administration’s EPLS/SAM System Failure
Sanction & Exclusion Screening
Written by: Richard Kusserow on April 30, 2013
As you may be aware, the General Services Administration’s (GSA) debarment list, previously known as the Excluded Parties List System (EPLS) and more recently as the System for Award Management (SAM) continues to be plagued with problems. The GSA data has never been user-friendly and can create many false hits, resulting in considerable work to resolve. For most health care organizations, the number of vendors and contractors they must screen runs into many thousands. To compound matters, GSA recently identified a security breach that resulted in the exposure of GSA registered users’ information. In addition, the Compliance Resource Center, made GSA aware of a discrepancy between the searchable exclusion data in SAM and, what should be the same, exclusion data available in a downloadable file. It is important to note that all CRC clients were insulated from these security breaches.
The emergence of the aforementioned problems resulted from GSA’s efforts to consolidate the federal procurement process from a federal government perspective. Their new system incorporates several databases, including the Central Contractor Registration/Federal Agency Registration (CCR/FedReg), Online Representations and Certifications Application (ORCA), and the EPLS into one online system. GSA has indicated that future development phases of SAM will include additional data sources screened during the federal procurement process. This may result in additional technical issues emerging. In short, EPLS is now included within a larger system that incorporates multiple data sources, which, thus far, has resulted in numerous technical problems.
Sanction Screening Made SimpleGet Free Quote & Demo
On January 31, 2013 CRC’s Database Administrator detected data integrity problems and promptly contacted the GSA Federal Service Desk (FSD). Specifically, the Database Administrator identified inconsistencies in the exclusion data between what was available online in SAM and what was contained in the data extract available for download from the GSA SAM website. The original issue identified was that second and subsequent sanctions imposed on an individual did not contain identifying information in the record. Additionally, difficulties were identified that caused certain sanctions to be associated with the wrong party in cases where two individuals have the same first and last names, but different middle names, and at least one of the individuals had more than one sanction imposed. Because of the glitch in the data, it was impossible to correctly assign the second and subsequent sanctions to the correct individual and, therefore, CRC could not ensure that the data loaded correctly into our Sanction Screening Services (S3) sanction and exclusion screening tool.
Examples of the problem encountered when searching the SAM data online included difficulties when searching for an individual’s name. The results contained multiple records that were inconsistent and / or redundant. In addition, examples of problems encountered with the data extract included missing data elements such as records containing null rows of information either above or below a previously populated record. This prevented the Database Administrator from identifying which individual is associated with the additional record details. In response to CRC’s queries about the discrepancies, the FSD responded by email stating they escalated CRC’s request to the tier two queue for the associated service because the tier one agent is not able to address the problem. CRC continued daily requests for further information and explanation about the failures. Phone calls to FSD resulted only in the call being logged and that an agent would be assigned to address the problems as quickly as possible. After more than two weeks of CRC’s original request, the FSD reported that they had researched the issues reported and were in the process of working on a resolution. It took another week before they reported that the discrepancies in the exclusions extract were corrected. The corrected file is now available. However, GSA and FSD never provided an explanation of what caused the problem or how long the glitch was in its system.
Based upon GSA’s notification of problem resolution, we have to assume that they tested the information in order to advise that the data extract was corrected. However, CRC’s Database Administrator conducted its own evaluation of the data in order to determine that it is indeed accurate and, therefore, cleared to be used to conduct the screenings. Each data load is evaluated to identify any discrepancies and will continue to be evaluated going forward. We determined that the data is complete and are confident that:
- The data is being provided such that it is now logically possible to load it correctly.
- Because every row in the data now contains full identity information, we do not have to make assumptions about the rows that contain no identity information.
- The Database Administrator has verified the data load and the data contained in the downloadable data extract matches the data contained in SAM online.
- We have tested our S3 sanction and exclusion screening tool with the example provided to the FSD and other examples we found in the exclusion data.
During this whole period, CRC found the GSA process challenging and created confusion for our clients to accurately verify debarred individuals and/or entities in SAM. As a result, many of our clients have requested that CRC provide suggestions on how to meet …