[Federal Register Volume 77, Number 190 (Monday, October 1, 2012)]
[Rules and Regulations]
[Pages 59790-59793]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-24028]


=======================================================================
-----------------------------------------------------------------------

GENERAL SERVICES ADMINISTRATION

48 CFR Parts 504 and 552

[GSAR Change 55; GSAR Case 2006-G510; Docket 2008-0007; Sequence 13]
RIN 3090-AI72


General Services Administration Acquisition Regulation (GSAR); 
Rewrite of Part 504; Administrative Matters

AGENCY: Office of Acquisition Policy, General Services Administration 
(GSA).

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The General Services Administration (GSA) is amending the 
General Services Administration Acquisition Regulation (GSAR) to revise 
sections of Administrative Matters and Forms. This final rule is part 
of the General Services Administration Acquisition Manual (GSAM) 
rewrite Project, in which all parts of the regulation are being 
reviewed and updated to include new statutes, legislation, policies, 
and to delete outdated information and obsolete forms.

DATES: Effective: October 1, 2012.

FOR FURTHER INFORMATION CONTACT: Ms. Dana Munson, Procurement Analyst, 
at 202-357-9652, for clarification of content. For information 
pertaining to status or publication schedules, contact the Regulatory 
Secretariat Division (MVCB), 1275 First Street, 7th Floor, Washington, 
DC 20417, 202-501-4755. Please cite GSAR Case 2006-G510.

SUPPLEMENTARY INFORMATION: 

I. Background

    This rule is a result of the GSAM Rewrite initiative undertaken by 
GSA to revise the GSAM to maintain consistency with the Federal 
Acquisition Regulation (FAR), and to implement streamlined and 
innovative acquisition procedures that contractors, offerors, and GSA 
contracting personnel can utilize when entering into and administering 
contractual relationships. The GSAM incorporates the GSAR as well as 
internal agency acquisition policy. GSA will rewrite each part of the 
GSAR and GSAM, and as each GSAR part is rewritten, will publish it in 
the Federal Register. This rule covers the rewrite of GSAR Part 504, 
Administrative Matters.
    On October 9, 2008, GSA published in the Federal Register at 73 FR 
59589 a proposed rule with a request for comments.
    Two comments were received and are addressed below. In addition, 
internal

[[Page 59791]]

review comments were received and have been incorporated, as 
appropriate.

II. Discussion and Analysis of the Public Comments

    The General Services Administration reviewed the public comments in 
the development of the final rule. Two public comments were received 
from one respondent in response to the proposed rule. The comments and 
responses are as follows:
    Comment: One respondent expressed concern that GSAR 504.1303 
duplicates information found in FAR 4.1303 and does not add any 
additional or clarifying language. Thus, the respondent recommended 
deletion of GSAR 504.1303.
    Response: Nonconcur. GSAR 504.1303 provides the prescription for 
inclusion of the clause at 552.204-9, Personal Identity Verification 
Requirements, in solicitations and contracts when it is determined that 
contractor employees will require routine physical access to GSA 
controlled facilities or information systems to perform contract 
requirements.
    Comment: One respondent recommended deleting the clause at GSAR 
552.204-9, in favor of the FAR clause 52.204-9, because the clause does 
not provide any additional information to the FAR other than vague 
references to GSA requirements.
    Response: Nonconcur. The GSAR clause replaces the FAR clause when 
the contractor is required to adhere to GSA verification requirements.
    Revisions to GSAR Part 504, Administrative Matters, include 
updating statutory and regulatory references, updating titles, deleting 
outdated office symbols, eliminating confusing or redundant 
supplementary material, maintaining consistency with the FAR while 
eliminating duplication, and editing text for clarity. This final rule 
amends:
     GSAR Subpart 504.4, Safeguarding Classified Information 
Within Industry, to delete subtitles, renumber the section, delete 
former GSAM 504.402(a)(2) and GSAM 504.402(b)(2)in its entirety, and 
includes some minor revisions for clarity.
     GSAR 504.475, Return of classified information, to delete 
outdated references, and add a reference to the ``National Industrial 
Security Program Operating Manual (NISPOM)'', and link to the web 
address for NISPOM. GSAM 504.475 additionally contains some minor 
revisions for clarity and to add a new paragraph (c) to address the 
contractor's responsibility for the return of the classified 
information.
     GSAR Subpart 504.5, Electronic Commerce in Contracting, to 
delete GSAR 504.500, Scope of Part, in its entirety. GSAR 504.502, 
Policy, was revised to add language addressing the methods of 
authentication used for electronic signatures. Additionally, paragraphs 
(a), (b), and (c) are deleted in its entirety. GSAR 504.570, Procedures 
for using EPS, are deleted in its entirety.
     GSAR Subpart 504.6, Contract Reporting, to add GSAR 
504.604, Responsibilities, to address FPDS data verification and 
validation requirements and to include applicable text to address 
timely and accurate input of data into the Federal Procurement Data 
System (FPDS).
     GSAR 504.602-71, Federal Procurement Data System--Public 
Access to Data, is redesignated as GSAR 504.605-70 and paragraph (a) is 
revised to delete the words ``Federal Acquisition Regulation.''
     GSAR Subpart 504.11, Central Contractor Registration (CCR) 
and GSAR 504.1103, Procedures, to add the requirement that prior to 
awarding a contractual instrument, the contracting officer verifies the 
prospective contractor's legal business name, Doing-Business-As (DBA) 
name (if any), physical street address, and Data Universal Number 
System (DUNS) number or DUNS+4 number. Further, the contracting officer 
is required to verify that the contractor's address code exists in 
GSA's financial accounting application (Pegasys) and that it is CCR 
enabled with the contractor's DUNS or DUNS+4 number.
     GSAR Subpart 504.13, Personal Identity Verification of 
Contractor Personnel, and GSAR 504.1301, Policy, to establish the 
requirement for ensuring compliance with Homeland Security Presidential 
Directive-12 (HSPD-12), Policy for a Common Identification Standard for 
Federal Employees and Contractors; Office of Management and Budget 
Memorandum M-05-24, Implementation of Homeland Security Presidential 
Directive (HSPD)12--Policy for a Common Identification Standard for 
Federal Employees and Contractors; Department of Commerce Federal 
Information Processing Standards (FIPS) Publication (PUB) 201; and GSA 
HSPD-12 Personal Identify Verification and Credentialing Standard 
Operating Procedures.
     GSAR 504.1303, Contract Clause, to add the prescription 
for GSAR clause 552.204-9, Personal Identity Verification Requirements, 
which is to be included in solicitations and contracts when it is 
determined that contractor employees will require routine physical 
access to federally controlled facilities or information systems to 
perform contract requirements.
     GSAR 552.204-9, Personal Identity Verification 
Requirements, to add a clause in contracts when it is determined that 
contractor employees will require routine physical access to federally 
controlled facilities or information systems to perform contract 
requirements.
     GSAM 553.370-1720, GSA Form 1720, Request for Release of 
Classified Information to U.S. Industry, to delete the form in its 
entirety. This form was removed from the GSA Forms library due to lack 
of demand for printed copies.

III. Executive Orders 12866 and 13563

    Executive Orders (E.O.s) 12866 and 13563 direct agencies to assess 
all costs and benefits of available regulatory alternatives and, if 
regulation is necessary, to select regulatory approaches that maximize 
net benefits (including potential economic, environmental, public 
health and safety effects, distributive impacts, and equity). E.O. 
13563 emphasizes the importance of quantifying both costs and benefits, 
of reducing costs, of harmonizing rules, and of promoting flexibility. 
This is not a significant regulatory action and, therefore, was not 
subject to review under Section 6(b) of E.O. 12866, Regulatory Planning 
and Review, dated September 30, 1993. This rule is not a major rule 
under 5 U.S.C. 804.

IV. Regulatory Flexibility Act

    The General Services Administration certify that this final rule 
will not have a significant economic impact on a substantial number of 
small entities within the meaning of the Regulatory Flexibility Act, 5 
U.S.C. 601, et seq., because the changes are editorial in nature, 
primarily consisting of updating statutory and regulatory references, 
updating titles, deleting outdated office symbols, and eliminating 
confusing or redundant supplementary material.

V. Paperwork Reduction Act

    The final rule does not contain any information collection 
requirements that require the approval of the Office of Management and 
Budget under the Paperwork Reduction Act (44 U.S.C. chapter 35).

List of Subjects in 48 CFR Parts 504 and 552

    Government procurement.


[[Page 59792]]


    Dated: September 11, 2012.
Joseph A. Neurauter,
Senior Procurement Executive/Deputy Chief Acquisition Officer, Office 
of Acquisition Policy, General Services Administration.

    Therefore, GSA amends 48 CFR parts 504 and 552 as set forth below:

0
1. The authority citation for 48 CFR parts 504 and 552 continues to 
read as follows:

    Authority:  40 U.S.C. 121(c).

PART 504--ADMINISTRATIVE MATTERS

0
2. Revise section 504.402 to read as follows:


504.402  General.

    (a) This subpart prescribes procedures for safeguarding classified 
information required to be disclosed to contractors in connection with 
the solicitation of offers, and the award, performance, and termination 
of contracts.
    (b) As used in this subpart, the term ``Contractor(s)'' means 
prospective contractors, subcontractors, vendors, and suppliers.
0
3. Revise section 504.475 to read as follows:


504.475  Return of classified information.

    (a) Contracting officers must recover classified information, 
unless it has been destroyed as provided in Section 7 of Chapter 5 of 
the National Industrial Security Program Operating Manual (NISPOM). 
Information on NISPOM can be found at http://www.fas.org/sgp/library/nispom.htm.
    (b) Contracting officers must ensure that classified information 
provided by the government is returned immediately after any of the 
following events:
    (1) Bid opening or closing date for receipt of proposals by non-
responding offerors.
    (2) Contract award by unsuccessful offerors.
    (3) Termination or completion of the contract.
    (4) Notification that authorization to release classified 
information has been withdrawn.
    (5) Notification that a facility:
    (i) Does not have adequate means to safeguard classified 
information; or
    (ii) Has had its security clearance revoked or inactivated.
    (6) Whenever otherwise instructed by the authority responsible for 
the security classification.
    (c) The Government agency that provided classified information to a 
GSA contractor is responsible for the return of the information.


504.500  [Removed and Reserved]

0
4. Remove and reserve section 504.500.

0
5. Revise section 504.502 to read as follows:


504.502  Policy.

    Use of electronic signatures is encouraged and can be used to sign 
and route documents in GSA's IT systems to contractually obligate 
funds. The method of authentication used for electronic signatures 
shall be consistent with the level (1-4) determined from the e-
authentication risk assessment in accordance with OMB M-04-04, E-
authentication Guidance for Federal Agencies, and the respective 
technology safeguards applicable to that level or risk from National 
Institute of Standards and Technology 800-63, Electronic Authentication 
Guideline.


504.570  [Removed and Reserved]

0
6. Remove and reserve section 504.570.


504.602-71  [Redesignated as 504.605-70]

0
7. Redesignate section 504.602-71 as section 504.605-70.

0
8. Add section 504.604 to read as follows:


504.604  Responsibilities.

    (a) The Senior Procurement Executive (SPE), in coordination with 
the HCA, shall establish necessary policies to ensure the accurate and 
timely input of data into FPDS. At a minimum, the SPE and the HCA shall 
ensure that the following procedures are implemented.
    (1) Contract writing systems capable of reporting directly into 
FPDS shall be configured to do so as a condition of making an award.
    (2) To ensure the accuracy of data entered, reports of actions 
awarded shall be routinely generated from the contract writing system, 
examined and compared to data contained in FPDS to assure that those 
actions have been reported accurately to FPDS.
    (3) Organizations without a contract writing system shall report 
the data using the FPDS web portal interface not later than 14 days 
after an award is made. To ensure data entry and accuracy, logs of 
contract actions shall must be regularly reviewed and compared to data 
entries in FPDS.
    (4) HCAs shall also verify and validate accuracy of the data and 
ensure contract awards have been entered into FPDS within the 
appropriate time frames.
    (b) Contracting officers are the individuals primarily responsible 
for the accuracy of data submitted to FPDS as well as the submission 
and accuracy of the individual contract action report (CAR).
    (c) The contracting officer shall, at a minimum, take the following 
steps necessary to verify the accuracy of the CAR:
    (1) In the case of a contract writing system, review the CAR 
information for accuracy and completeness prior to submission to FPDS 
and prior to the release of the contract award.
    (2) In the absence of a Contract Writing System, ensure that the 
CAR information is submitted to FPDS within 14 days after contract 
award.
    (3) To further assure accurate contract data, consider including a 
copy of the CAR with award documents sent to the contractor for the 
contractor's knowledge review and information.
    (d) The Chief Acquisition Officer (CAO) shall periodically 
statistically sample the GSA FPDS file and provide a list of 
transactions to the contracting activities for certification.
    (1) The review process should include procedures, comparisons of 
contract file data to FPDS data entries, and comparisons of printouts 
of FPDS data to their contract writing system data for accuracy.
    (2) The verification and validation shall be conducted by an 
organization or person that did not award the contracts being reviewed. 
HCAs may institute any appropriate process that complies with this 
requirement.
    (3) HCAs shall provide certifications of the accuracy, timeliness 
and validity of their FPDS data on a quarterly basis to the CAO based 
on the list of transactions provided to HCAs under paragraph (d) of 
this section. Certifications to the CAO shall include a description of 
the means used to verify the accuracy and completeness of the data and 
a statement that all discrepancies found have been corrected.
    (e) The CAO will provide the annual certification of GSA's FPDS 
data to OMB required by FAR 4.604(c). This certification will be based 
on the Regional and Heads of Services and Staff Offices' reviews and 
certifications and the CAO's review. Certifications are due not later 
than 15 working days after the end of the quarter.


504.605-70  [Amended]

0
9. Amend the newly redesignated section 504.605-70 by removing from 
paragraph (a) ``Federal Acquisition Regulation (FAR) Subpart'' and 
adding ``FAR subpart'' in its place.

0
10. Add Subpart 504.11 to read as follows:

[[Page 59793]]

Subpart 504.11--Central Contractor Registration
Sec.
504.1103 Procedures.

Subpart 504.11--Central Contractor Registration


504.1103  Procedures.

    In addition to the requirements found in FAR 4.1103, prior to 
awarding a contractual instrument the contracting officer must--
    (1) Verify that the prospective contractor's legal business name, 
Doing-Business-As (DBA) name (if any), physical street address, and 
Data Universal Number System (DUNS) number or DUNS+4 number, as found 
in the CCR, match the information that will be included in the 
contract, order, or agreement resulting from the vendor's quote or 
proposal. Correct any mismatches by having the vendor amend the 
information in the CCR and/or the quote or proposal. The CCR 
information can be accessed through GSA's CCR repository (contact the 
GSA Systems Programming Branch for instructions, a user ID, and 
password).
    (2) Ensure that the contractor's address code exists in Pegasys and 
that it is CCR enabled with the contractor's DUNS or DUNS+4 number. 
This can be done by searching Pegasys records using the contractor's 
Taxpayer Identification Number (TIN). If no code exists, request that a 
new address code be established by the Finance Center for CCR 
compliance.
    (3) Ensure that the contractor's identifying information is 
correctly placed on the contractual instrument, using special care to 
ensure that the legal name and ``remit to'' name match exactly. (Note: 
Lockbox names or numbers should not be used to replace the contractor's 
name in the remittance block on the contractual instrument.)
    (4) Unless one of the exceptions to registration in CCR applies 
(see FAR 4.1102(a)), the contracting officer must not award a contract 
to a prospective contractor who is not registered in CCR. If no 
exceptions are applicable, and the needs of the requiring activity 
allows for a delay in award, see FAR 4.1103(b)(1).

0
11. Add Subpart 504.13 to read as follows:
Subpart 504.13--Personal Identity Verification of Contractor Personnel
Sec.
504.1301 Policy.
504.1303 Contract clause.

Subpart 504.13--Personal Identity Verification of Contractor 
Personnel


504.1301  Policy.

    Contracting officers must follow the procedures contained in CIO 
P2181.1--GSA HSPD-12 Personal Identity Verification and Credentialing 
Handbook, which may be obtained from the CIO Office of Enterprise 
Solutions, to ensure compliance with Homeland Security Presidential 
Directive-12 (HSPD-12) ``Policy for a Common Identification Standard 
for Federal Employees and Contractors,'' Office of Management and 
Budget Memorandum M-05-24, and Department of Commerce FIPS PUB 201.


504.1303  Contract clause.

    Insert the clause at 552.204-9, Personal Identity Verification 
Requirements, in solicitations and contracts when it is determined that 
contractor employees will require access to federally controlled 
facilities or information systems to perform contract requirements.

PART 552--SOLICITATION PROVISIONS AND CONTRACT CLAUSES

0
12. Add section 552.204-9 to read as follows:


552.204-9  Personal Identity Verification Requirements.

    As prescribed in 504.1303, insert the following clause:

Personal Identity Verification Requirements (Date)

    (a) The contractor shall comply with GSA personal identity 
verification requirements, identified at http://www.gsa.gov/hspd12, 
if contractor employees require access to GSA controlled facilities 
or information systems to perform contract requirements.
    (b) The Contractor shall insert this clause in all subcontracts 
when the subcontractor is required to have access to a GSA-
controlled facility or access to a GSA-controlled information 
system.

(End of clause)

[FR Doc. 2012-24028 Filed 9-28-12; 8:45 am]
BILLING CODE 6820-61-P