The Office of Federal Contract Compliance Programs (OFCCP) recently proposed that federal contractors annually certify to the agency their obligation to update affirmative action programs (AAPs) each year. Comments on the proposal are due Nov. 13.
The agency also published its corporate scheduling announcement list (CSAL) on its website in September. The list is a 45-day courtesy notification to inform companies that the OFCCP will send them an official scheduling letter, which begins the audit of federal contractors' compliance with their affirmative action and nondiscrimination duties, noted Holly Lake, an attorney with DLA Piper in Los Angeles.
"In some instances, the OFCCP will take several months before sending out scheduling letters for certain OFCCP regions or certain types of audits," said Andrew Turnbull, an attorney with Morrison & Foerster in McLean, Va. "So, contractors on the CSAL should not consider themselves out of the woods if they do not receive a scheduling letter in late October 2020."
This year's CSAL includes two new types of audits: accommodation and promotion reviews.
'AAP Verification Interface'
The OFCCP's proposal, called the "AAP Verification Interface," would not inflict an additional burden on federal contractors, according to David Cohen, president of DCI Consulting in Washington, D.C.
Instead of verifying that they comply with their nondiscrimination and affirmative action obligations in the System for Award Management (SAM) database, which is run by the General Services Administration, federal contractors would verify compliance with the OFCCP.
Currently, the OFCCP doesn't have an extensive database of covered contractors, so it keeps auditing the same companies repeatedly, Cohen said. SAM doesn't share its database with the OFCCP, he said, so the OFCCP wants to handle that question on its own and have the inquiry removed from the SAM portal to avoid duplication, he added. The OFCCP would share the AAP verification data file with the General Services Administration.
In addition to verifying compliance, the OFCCP would deploy a secure website where contractors could upload their information, including AAPs, once they've been selected for audits. Such information is often now e-mailed, which increases the chances of data breaches and, should an OFCCP officer depart, lost data, Cohen said.
Under this new proposal, when an establishment is audited, it would submit its AAP electronically on a secure portal and have the ability to see what's been submitted.
Although the OFCCP favored the proposal as outlined above, the agency sought comment on the following alternate options. Contractors might instead be required to certify:
- Annually. Contractors who are scheduled for a compliance evaluation would submit their AAPs as they currently do, via e-mail or a delivery service.
- Annually, plus upload their AAPs on an annual basis.
- Every two years. Contractors who are scheduled for a compliance evaluation would submit their AAPs as they currently do, via e-mail or a delivery service.
Preparing for Audits
HR professionals should check the OFCCP's CSAL if they haven't already done so, Cohen said. "It used to be OFCCP would send a letter. Now it just publishes a list" on its website, he said.
While the OFCCP still sends scheduling letters, the sooner contractors are aware that they are on the CSAL, the more time they will have to prepare for the audits that will likely follow.
Once a contractor receives a scheduling letter, it has 30 days to respond.
Seventy-five days—45 days from the CSAL plus 30 days to respond to the scheduling letter—may "sound like a long time, but it can take a lot of time to properly prepare for an OFCCP audit," Turnbull said.
[Need help with legal questions? Check out the new SHRM LegalNetwork.]
Different Types of Audits
Companies should prepare for the audit by first determining which type of compliance review the OFCCP will conduct.
This year's CSAL identified four different types of evaluations, said Connie Bertram, an attorney with Bertram LLP in Washington, D.C. These include:
- A standard compliance review.
- A corporate management compliance evaluation.
- A compliance check.
- A focused review.
The new types of audits, accommodation and promotion reviews, are focused reviews.
"An accommodation focused review will focus almost exclusively on how contractors are handling requests for religious and disability accommodations," she said. "Promotion-focused reviews will look at how contractors promote individuals within their organizations and whether such methods perpetuate systemic discrimination."
There are also focused reviews under Section 503 of the Rehabilitation Act, which audit compliance with nondiscrimination and affirmative action mandates for those with disabilities.
A focused review under the Vietnam Era Veterans' Readjustment Assistance Act audits nondiscrimination and affirmative action compliance for protected veterans.
Establishment and functional compliance reviews begin with a scheduling letter and typically proceed to an information request phase, said Alissa Horvitz, an attorney with Roffman Horvitz in McLean, Va. An establishment audit is an audit of an employer's campus or physical building and—along with the functional AAP audits—is the most comprehensive of all reviews, she said.
A functional AAP audit is like an establishment audit except that the employer does not prepare its affirmative action plans on a building-by-building or physical basis. Instead, the employer has obtained permission from the OFCCP to organize its affirmative action plans on a functional basis.
Many compliant employers can end their audit at the information request phase if there is no adverse impact in their employment-activity data, there is pay equity and the employer can answer any OFCCP information requests fully and satisfactorily, Horvitz said. Adverse impact refers to employment practices that appear neutral but have a discriminatory effect on a protected group.
A corporate management compliance evaluation is an audit of the employer's headquarters location. These evaluations resemble compliance reviews but focus on glass-ceiling issues to see if there are any barriers to women or minorities from advancing into senior management positions, Turnbull said.
"A compliance check is the shortest form of audit and requires the employer only to produce three items to demonstrate compliance with record-keeping obligations," Horvitz stated.
Mock Audits
One compliance option for HR to consider is a mock audit—conducted under the attorney-client privilege—of the contractor's OFCCP compliance, Turnbull noted.
"These mock audits can be done quickly and efficiently to identify red-flag and high-risk areas," he said.