Counterfeit Parts: DOD Needs to Improve Reporting and Oversight to Reduce Supply Chain Risk

Highlights

What GAO Found

Department of Defense (DOD) agencies and contractors submitted 526 suspect counterfeit parts reports in the Government-Industry Data Exchange Program (GIDEP) from fiscal years 2011 through 2015. These were submitted primarily by contractors. Defense agencies and contractor officials explained that congressional attention to counterfeit parts in 2011 and 2012 led to increased reporting, and that the lower number of reports in more recent years is partly the result of better practices to prevent the purchase of counterfeit parts.

Number of Suspect Counterfeit Reports for Fiscal Years 2011–2015

HL1_5_v1-100052

Several aspects of DOD's implementation of its mandatory GIDEP reporting for suspect counterfeit parts have limited GIDEP's effectiveness as an early warning system.

First, DOD is not conducting oversight to ensure that defense agencies are reporting as required. As a result, the Defense Logistics Agency (DLA), for example, may be underreporting suspect counterfeit parts in GIDEP.

Second, there is no standardized process for establishing how much evidence is needed before reporting suspect counterfeit parts in GIDEP and DLA applies a significantly more stringent standard than, for example, the Navy. Consequently, reports may not be submitted in a timely manner.

Third, defense agencies typically limit access of suspect counterfeit GIDEP reports to government agencies, so industry is not aware of the potential counterfeiting issues identified. DOD policy does not include guidance about when access to these reports should be limited.

All seven contractors GAO spoke with have established systems to detect and avoid counterfeit electronic parts; however, DOD has not finalized how these systems will be assessed. Contractors are seeking additional clarification on how to meet some of DOD's requirements. Until DOD clarifies criteria for contractors on how their systems will be evaluated, it cannot fully ensure these systems detect and avoid electronic counterfeit parts, as required.

Why GAO Did This Study

The DOD supply chain is vulnerable to the risk of counterfeit parts, which have the potential to delay missions and ultimately endanger service members. To effectively identify and mitigate this risk, DOD began requiring its agencies in 2013 and its contractors in 2014, to report data on suspect counterfeit parts. A Senate report included a provision for GAO to review DOD's efforts to secure its supply chain from counterfeit parts. This report examines, among other things, (1) the use of GIDEP to report counterfeits, (2) GIDEP's effectiveness as an early warning system, and (3) DOD's assessment of defense contractors' systems for detecting and avoiding counterfeits.

GAO analyzed data from GIDEP for fiscal years 2011 through 2015; reviewed DOD policies, procedures, and documents; and met with agency officials and seven selected contractors based on dollar value from contracts that included a new counterfeit clause.

Recommendations

GAO recommends that DOD oversee its defense agencies' reporting efforts, develop standard processes for when to report a part as suspect counterfeit, establish guidance for when to limit access tor GIDEP reports, and clarify criteria to contractors for their detection systems. DOD agreed with the 3 recommendations on GIDEP reporting, but partially agreed with the recommendation to clarify criteria, stating it did not agree with providing specific implementation details. GAO continues to believe clarifying criteria is important, which is different than specific implementation details.

Recommendations for Executive Action

Agency Affected Sort descending	Recommendation	Status
Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics	To provide greater compliance with the GIDEP reporting requirement among the DOD components and their defense supplier-base, the Undersecretary of Defense for Acquisition, Technology and Logistics should develop guidance for when access to GIDEP reports should be limited to only government users or made available to industry.	Closed – Implemented In August 2022, DOD issued Instruction 5200.49: Oversight of the Collection and Exchange of Information Using the Government-Industry Data Exchange Program. The Instruction includes guidance for creating reports that are limited to government users as well as guidance with considerations regarding when issuing reports with limited distribution is appropriate.
Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics	To help DOD and contractors to have a greater degree of certainty and consistency to adhere to the requirements for contractor counterfeit detection and avoidance systems, the Undersecretary of Defense for Acquisition, Technology and Logistics should clarify for industry the criteria by which DOD will assess contractor counterfeit detection and avoidance systems.	Closed – Implemented DOD noted in its comments that it concurs with informing contractors on how their counterfeit systems will be assessed. DCMA updated its guidance for contractors in December 2016 to provide more clarity, with additional detail in the narrative for DCMA's checklist it uses and provides to defense contractors in assessing contractor counterfeit detection and avoidance systems.
Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics	To provide greater compliance with the GIDEP reporting requirement among the DOD components and their defense supplier-base, the Undersecretary of Defense for Acquisition, Technology and Logistics should establish mechanisms for department-wide oversight of defense agencies' compliance with the GIDEP reporting requirement.	Closed – Implemented In August 2022, DOD issued Instruction 5200.49: Oversight of the Collection and Exchange of Information Using the Government-Industry Data Exchange Program. The Instruction describes and delineates responsibilities for oversight of GIDEP reporting.
Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics	To provide greater compliance with the GIDEP reporting requirement among the DOD components and their defense supplier-base, the Undersecretary of Defense for Acquisition, Technology and Logistics should develop a standardized process for determining the level of evidence needed to report a part as suspect counterfeit in GIDEP, such as a tiered reporting structure in GIDEP that provides an indication of where the suspect part is in the process of being assessed.	Closed – Implemented In August 2022, DOD issued Instruction 5200.49: Oversight of the Collection and Exchange of Information Using the Government-Industry Data Exchange Program. The Instruction includes general guidance for GIDEP reporting, including directions to DOD guidance with specifications and standards to determine when an item is considered non-conforming or suspect counterfeit.

Full Report

Highlights Page (1 page)

Full Report (49 pages)

Accessible PDF (53 pages)

GAO Contacts

Marie A. Mak

Director

makm@gao.gov

(202) 512-4841

Office of Public Affairs

Chuck Young

Managing Director

youngc1@gao.gov

(202) 512-4800

Topics

National Defense

Aerospace industryCost accountingDefense capabilitiesDefense industryDefense procurementDepartment of Defense contractorsFederal procurementForgeryInternal controlsPrime contractorsMilitary forcesProduct evaluationReporting requirementsRisk assessmentSupply chain management