Identifying Organizational Conflict of Interest: The Information Gap

To print a PDF copy of this article, click here.

Author: M. A. Thomas

As the volume of government contracting increases, so does the importance of monitoring government contractors to guard against Organizational Conflict of Interest (OCI). For contracting officers to identify OCIs, they must be able to identify the relevant business interests of a contractor’s affiliates. This information may be private or not easily obtained. Using newly released data to develop preliminary visualizations of contractor organizational structures shows the organizational structure of many contractors to be complex and multinational. The complexity and the lack of easily available public information make it very unlikely that contracting officers could identify OCIs without substantial improvements in government data collection.

As government has come to rely more heavily on contractors for goods, services, and advice, it needs to ensure that procurement remains competitive and that contractor performance is not compromised by outside interests. Organizational Conflict of Interest (OCI) refers to conflicts that arise because of conflicting incentives of contractors due to their own activities or the activities of related entities. Government contracting officers are required to identify and respond to possible OCIs during the contracting process. The current policy debate focuses on issues such as the definition of an OCI, the objectives of government in avoiding or mitigating OCIs, the relevant contractor relationships and activities that should be considered when identifying an OCI, and the appropriate responses of contracting officers to OCIs once identified (Guttman, 1977; Taylor, 1983; Taylor & Dickson, 1984; Gordon, 2005; Szeliga, 2005; Yukins, 2011).

Little attention has been paid to the question of how contracting officers are to obtain the information necessary to identify an OCI in the first place. Identification of an OCI would require identification of those entities considered to be sufficiently closely related to the contractor to be important as well as knowledge of the relevant activities of these related entities.

An important current debate involves the extent to which the business interests of a contractor’s affiliates should be imputed to the contractor so as to give rise to a conflict. The Federal Acquisition Regulation (FAR) Section 2.101 (General Services Administration, 2005) defines “affiliates” as “associated business concerns or individuals if, directly or indirectly—(1) Either one controls or can control the other; or (2) A third party controls or can control both.” While control could be contractual, the discussion has centered primarily on ownership relationships that link companies in a single organizational structure.

In practice, however, contracting officers have few means of learning the organizational structure of contractors.1 Even the problem of providing a definitive identification of contractors is one that the government has not yet solved. It has even less information about the contractual relationships of the contractor and its affiliates, such as teaming arrangements or subcontracting relationships, which can have multiple tiers. Even if the relevant business entities were identified, the government has no way of identifying their relevant activities or financial interests.

This article explains the information gap that prevents effective implementation of OCI policy and focuses in particular on the opacity of contractor organizational structures. An analysis of newly available data from Usaspending.gov suggests the complexity of the organizational structure of contractors and the failure of government policymaking to adapt.

Organizational Conflict of Interest

The government is continuing to develop and articulate its policy on OCIs, including the definition of an OCI, the government’s objectives in identifying and responding to OCIs, the ways in which contracting officers should identify OCIs, and the appropriate response for contracting officers after having identified an OCI. In 2010, the Defense Council advanced a proposed rule to update the Defense Federal Acquisition Regulation Supplement (proposed DFARS rule) that would have effectively codified existing U.S. Government Accountability Office (GAO) case law on OCIs (Papson, Doyle, & Ginsberg, 2011; Defense Federal Acquisition Regulation Supplement [DFARS], 2010, April). Under criticism, it retreated from certain key provisions of the proposed rule in its final rulemaking, awaiting a broader revision of the rules on OCI by the Federal Acquisition Regulation Council (DFARS, 2010, December). In 2011, the FAR Council published a proposed rule (“proposed FAR rule”) that offered an alternative model (FAR, 2011).

A key policy question is the extent to which the business interests of other related entities, and in particular affiliates related by ownership interests, should be imputed to the contractor. A series of prior decisions by the GAO had affirmed that “all business interests within the larger corporate enterprise are imputed to every entity and person within the enterprise” (Papson et al., 2011, p. 2; Comptroller General, 1995). Accordingly, in 2010 the Defense Acquisition Regulations Council issued a proposed rule that defined a contractor as “a party to a government contract other than the government and includes the total contractor organization, including not only the business unit or segment that signs the contract. It also includes all subsidiaries and affiliates” (DFARS, 2010, April, p. 20958). The proposed FAR rule does not have this definition of a contractor, but defines an OCI with respect to the relationship between contractors and their affiliates (FAR, 2011, p. 23242).

The Role of Information

To identify an OCI, contracting officers would have to identify the affiliates of a contractor and their relevant financial and business interests. At present, the FAR Section 9.506 enjoins contracting officers to do the following:

… seek the information from within the Government or from other readily available sources. Government sources include the files and the knowledge of personnel within the contracting office, other contracting offices, the cognizant contract administration and audit activities and offices concerned with contract financing. Non-Government sources include publications and commercial services, such as credit rating services, trade and financial journals, and business directories and registers. (FAR, 2005, p. 9.5-3)

The provision in the proposed FAR rule is similar, providing that the “contracting officer should seek readily available information about the financial interests of the offerors, affiliates of the offerors, and prospective subcontractors from within the government or from other sources and compare this information against information provided by the offeror” (FAR, 2011, p. 23247). The proposed FAR rule also provides explicit language for the contracting officer to include in the solicitation to require contractors to disclose information regarding potential OCIs if the contracting officer has determined that the nature of the contract is such that an OCI might arise from contract performance (FAR, 2011, p. 23239).

Contracting officers are not likely to be able to assess the financial interests and activities of affiliates or prospective subcontractors using readily available sources, and while competitors may have an incentive to bring information about a contractor’s OCI to the attention of a contracting officer, it remains questionable whether competitors are in fact much better positioned to do so. The offerors themselves may lack this information. The DFARS proposed rule had provided that, where the contracting officer has determined that the nature of the contract is such that an OCI might arise from contract performance, the contractor must describe any other work performed by itself or its affiliates within the past 5 years that is associated with the offer it plans to submit (DFARS, 2010, April, p. 20957). The Coalition for Government Procurement, an association of 300 contractors, argued that this requirement would “have the unintended consequence of driving contractors that lack sophisticated tracking systems [to track sales of commercial items and services] out of the marketplace” (M. Vakerics, personal communication, July 21, 2010).2

Indeed, contracting officers may be hard pressed to identify affiliates in the first place. Information on the organizational structure of contractors is not always in the public domain.

The Available Information on Contractors’ Identities and Complexities of Contractor Organizational Structures

Contractors’ Identities

To identify OCIs, contracting officers must first know who the companies are that contract with the government. Because company names may not be unique, because a single business can operate under a variety of names, and because locations can change, this requires that contractors be given unique identifiers. Since 1998, the government has used a number issued by the private firm Dun & Bradstreet (“D&B”) to identify government contractors.3 A business that wishes to contract with the government gives D&B its legal business name and physical address, and receives a nine-digit Data Universal Numbering System number (“D-U-N-S” or “DUNS” number). The DUNS number is “a unique global identifier attached to operating entities; the D-U-N-S Number is never reassigned to another company, in any place, at any time” (Dun and Bradstreet, n.d.a). A different DUNS number is required for every business location or co-located subdivision. Under FAR section 4.11, the contractor then uses its DUNS number to register in the Central Contractor Registration (CCR) database maintained by the Department of Defense. The CCR relies upon D&B to notify the CCR of any changes to the contractor’s business name or address.

Millions of business locations have DUNS numbers because the D&B identification system is widely used. Dun & Bradstreet has assigned DUNS numbers to more than 100 million companies (Dun and Bradstreet, n.d.b). However, not every business has a DUNS number. The Excluded Parties List System, the government’s tool for identifying debarred companies, warns that not all debarred firms have DUNS identifiers.

In addition to identifying the company, contracting officers must identify the affiliates of the contractor. Company organizational structures can be opaque even for companies incorporated in the United States. While the Securities and Exchange Commission requires publicly traded companies to disclose some types of information, such as ownership and purchase and sale of stocks (Securities and Exchange Commission, 2009), there is little legal requirement for disclosure for businesses that are not publicly traded. In 2006, the GAO testified before the Senate that in the process of incorporation, minimal ownership information is collected (GAO, 2006). The GAO reported that “[m]ost states do not require ownership information at the time a company is formed or on the annual and biennial reports most corporations and limited liability companies (LLC) must file” (GAO, 2006). Even when states do collect such information, they do not verify it. As a consequence, there may be no publicly available information on the organizational structure of a private business. The difficulty of identifying organizational structures is such that when a company is debarred from federal contracting because of misbehavior, the debarment does not extend to wholly owned subsidiaries, in large part because the government has no way to identify them (Governmentwide Debarment and Suspension, 2003, p. 66538).

Nor is this data routinely collected when a contractor registers prior to bidding on a government contract. When contractors enter the D&B website to register for a DUNS number as required under the FAR, they may optionally enter information about their parent company. No DUNS number is assigned to the parent company in this process, and so the parent company may not have a unique identifier. Further, there is no provision for entering multiple parents, where a contractor is a joint venture. When the contractor logs into the CCR with its DUNS number, the CCR collects substantial information that includes the number of its employees and annual receipts, including affiliates, to determine if the contractor is a small business. It does not, however, collect any information about the contractor’s organizational structure (Central Contractor Registration, 2011).

Both the data identifying the contractor—the DUNS number—and whatever data links the contractor to its parent company are claimed by D&B as private property even though, in the case of government contractors, D&B acquired the data as a consequence of a monopoly established by federal regulation. D&B bundles and sells corporate information and analysis through a la carte reports or through institutional subscriptions—including to the U.S. government. Among Dun & Bradstreet’s analytic products is the Corporate Family Tree Plus, which allows the user to get information about the affiliates of a company (D&B Marketing Solutions, n.d.). Some contracting officers may have access to the Corporate Family Tree product to investigate the organizational structure of contractors, but it is not universally available and subscriptions are costly.

Recently, some data linking contractors to parents have become publicly available through a government transparency initiative. The government has been engaged in a decades-long process to collect, centralize, standardize, improve the quality of, and make available procurement data (Acquisition Advisory Panel, 2007). The Federal Funding Accountability and Transparency Act of 2006 (Transparency Act) mandated that by 2008 the Office of Management and Budget (OMB) would establish a single searchable and freely available website that included basic information on awards of federal contracts. This information includes the name and location of the entity receiving the award and “a unique identifier of the entity receiving the award and of the parent entity of the recipient, should the entity be owned by another entity” (Federal Funding Accountability and Transparency Act of 2006, p. 120). Shortly thereafter, the government established the website

Usaspending.gov, offering a user-friendly interface that allows the public to search a database of government contracts, to view summary statistics, or to download raw data directly.
The data quality problems that have plagued earlier incarnations of this database have not been resolved. Both the comprehensiveness and the quality of the data it offers have been criticized (see, e.g., Lee, 2011). Moreover, the OMB has not yet complied with the legislative requirement that the parents of contractors be listed and identified by unique identifiers. It cannot, given that the government neither collects information on parents nor assigns them identifiers.

In 2009, Dun & Bradstreet decided to allow Usaspending.gov to release data linking contractors to their parent companies, which it had “protected in [the Dun & Bradstreet] licensing relationship since its inception” (B. William, personal communication, October 20, 2009).4 However, there are still consequences for the government’s reliance on third party data. The government has no control over the data quality. D&B does not have the data that the government must supply by law because it does not require contractors to supply information on their parents or assign parents a DUNS number. The property rights asserted by D&B also limit the use of the data that it does have. The Usaspending.gov website contains a disclaimer titled “Limited Liability,” which states that some of the data provided “is the intellectual property of the third party information suppliers,” is supplied without any kind of warranty, is for internal use only, cannot be used for commercial or marketing purposes, and prohibits “systematic access” or extraction of content from the website.

Complexities of Contractor Organizational Structures

While the quality of data provided on Usaspending.gov linking contractors to parent companies is poor, analysis of that data suggests that a significant number of contractors may have complex organizational structures. Using the Contractor Network Extraction Software (CNES) written by the author to analyze the Usaspending.gov data, it was possible to reconstruct part of the organizational structures of contractors by matching parents and subsidiaries using either the DUNS number or, where this is lacking, the company name. This in turn allows analysis at the organizational level as well as visualization of these organizations using freely available social network analysis software.

CNES is a do file that runs under STATA, a data analysis and statistical software package. The program treats each Usaspending.gov record containing the contractor DUNS number (“dunsnumber”) and parent DUNS number (“parentdunsnumber”) as an edge in a directed graph whose nodes are DUNS entities (businesses or co-located subdivisions). The program then breaks the data into separate components by traversing each graph and assigning a common identifier (“componentnum”) to each edge in the same graph. The user can then use STATA or CNES utilities to select components of interest (for example, components containing a particular business name or components of a particular size), and export them to Netdraw or Pajek for visualization. Under optional name-based matching, the program will match edges based on the contractor name (“recipientorcontractorname”) and parent name (“parentrecipientorcontractorname”) if DUNS numbers are not available. Whether an edge has been matched based on DUNS number or name is preserved in the variable “pnamematch,” and exported as a tie strength variable for Netdraw, which allows the user to see the basis for the match in the visualization of the component. This is important because name-based matching is more error-prone than matching based on DUNS numbers. Readers who wish more information are invited to consult the program source code and the program documentation, which are freely available under a GNU General Public License at http://www.usgcontractors.info.

The Figure shows a Netdraw visualization of the organizational structure of three large government contractors based on 2010 Usaspending.gov data. Each node represents a DUNS entity (a location or co-located subdivision of a business) or is a placeholder for a parent that is named in the dataset, but whose DUNS number is not given.

Figure. Visualization of Three Large Government Contractors Using Contract Network Extraction Software (CNES)

The contractor networks produced by this method must be treated as hypotheses that remain to be confirmed by other means because the data quality is poor. The quality and timeliness of the parent linkage data are unknown—such relationships are very fluid, and it is not clear if there is any auditing to ensure the correctness of data entered in these fields. Joint ventures are reported inconsistently, and all parents may not be listed.Some entities may have multiple DUNS numbers and use them inconsistently. Name-based matching risks erroneous matches if companies have the same name, as well as the risk of mistakenly treating the same company as two different companies because of variations in the entry of the company name (although the program does control for the most common variations). Finally, because Usaspending.gov only contains data on contractors and their parents, the data do not include parts of the organizational structure that are neither contractors nor the parents of contractors. Accordingly, the networks produced are necessarily fragmented and partial.

Notwithstanding, the analysis suggests the complex organizational structure of an important percentage of government contractors. Analyzing the 2010 data from Usaspending.gov, roughly 10 percent of the 166,000 contractor organizational structures, or about 17,000 organizations, have seven or more related locations or subsidiaries, while about 6 percent have 20 or more. Locations and subsidiaries can be nested several levels deep, and some organizations are multinational. Because these structures are partial, more complete data would likely show a greater level of complexity.

Many individual companies contract across a range of government agencies, which suggests that any process for gathering information on contractor organizational structures must be located at a governmental, rather than an agency level. For example, in 2010 Oshkosh Corporation contracted with agencies including the Department of Defense, the Department of Interior, the Department of Justice, the Department of Homeland Security, the General Services Administration, and the National Aeronautics and Space Administration. But even companies that contract with only a single agency may belong to organizations that contract more widely. For example, as foreign aid has been militarized over the last decade, a number of aid contractors have been bought by defense contractors. The aid contractors continue to contract only or principally with the United States Agency for International Development, but their organizations contract with other government agencies.

Given this level of complexity, even if the OMB complied with the Transparency Act obligation to identify the parent of the contractor, the objective of allowing the public to understand who is ultimately benefiting from a government contract would not be met. Similarly, this complexity and the lack of easily available public information make it very unlikely that contracting officers, competitors, the public, or even contractors themselves could identify OCIs without substantial improvements in government data collection.


Policy debates continue about how government contracting officers should best handle OCIs when they encounter them, but the government does not have and is not collecting the information necessary to detect OCIs in the first place. While the FAR lists a number of ways for contracting officers to detect OCIs, including asking other people in their offices, these methods are very unlikely to result in detection given the complexity, opacity, and international character of many organizational relationships.

Ownership relationships are not the only type of relationships that could generate an organizational conflict of interest, but detection of OCIs based on other types of relationships is even more difficult. Organizations may have contractual relationships that could give rise to conflicts, such as teaming and subcontracting relationships, and subcontracting relationships can be tiered several layers deep. Neither the government nor the public has good access to information about these relationships. Usaspending.gov has started making available information on first-tier subcontracts, but without the information needed to link them to their primes. Organizations can also be characterized by interlocking ownerships where, although companies are legally separate, they are owned or managed by the same individuals. The GAO has pointed to several cases in which owners of debarred firms continued to receive government awards by spinning off new companies or disguising the true owner of the company (GAO, 2009). Identifying interlocking ownership could not be accomplished without a unique identifier for people—and the United States has firmly rejected the idea of creating such an identifier out of privacy concerns and fear of giving too much power to the government (see Electronic Privacy Center, 2008). Finally, the question of how to identify the relevant activities of related entities remains unanswered. If the contractors themselves cannot do it, it seems very unlikely that anyone else can.

When it comes to OCI, policymaking is outstripping the realities of available information. In the absence of adequate information, the policy debates on OCI avoidance and mitigation risk being largely theoretical. The questions of what kind of information is needed to identify OCIs, who should collect this information, and who should have access to it must be addressed in the elaboration of OCI policy. At the same time, the need for information about the identity, relationship, and activities of government contractors is part of a much larger discussion regarding the balance between security, liberty, privacy, protection from misuse of government power, and the assurance of accountable and efficient government operation.


The author would like to thank Marine Corps Major General Arnold Fields, T. Christian Miller, and Steven Schooner for their helpful comments and suggestions, as well as research assistant Megan Vaughan-Albert.

 To print a PDF copy of this article, click here.

Author Biography

Dr M A ThomasDr. M. A. Thomas is associate professor of International Development at The Paul H. Nitze School of Advanced International Studies (SAIS) at The Johns Hopkins University. She holds a BA in Computer and Information Science from University of California, Santa Cruz; a JD from University of California, Berkeley; and a PhD in Political Economy and Government from Harvard University. Dr. Thomas has worked with the World Bank, the United States Agency for International Development, the Department for International Development, the U.S. Department of Defense, and counterpart governments providing policy and technical advice, conducting negotiations, monitoring the implementation of conditions, designing and managing technical assistance projects, and conducting qualitative and quantitative studies.

(E-mail: ma.thomas@jhu.edu)


Acquisition Advisory Panel. (2007). Report of the Acquisition Advisory Panel to the Office of Federal Procurement Policy and the United States Congress. Retrieved from

Borgatti, S.P. (2002). Netdraw network visualization. Harvard, MA: Analytic Technologies.

Central Contractor Registration. (2011). Registration user’s guide: Creating your user account and registering in CCR. Retrieved from https://www.bpn.gov/ccr/handbook.aspx

Comptroller General of the United States. (1995). Decision: Aetna Government Health Plans, Inc.; Foundation Health Federal Services, Inc. (File Nos. B-254397.15; B-254397.16; B-254397.17; B-254397.18; B-254397.19). Retrieved from

D&B Marketing Solutions. (n.d.). Corporate family tree plus. Retrieved from

Defense Federal Acquisition Regulation Supplement: Organizational Conflicts of Interest in Major Defense Acquisition Programs, 75 Fed. Reg. 20954, 20957, 20958 (proposed April 22, 2010).

Defense Federal Acquisition Regulation Supplement: Organizational Conflicts of Interest in Major Defense Acquisition Programs, 75 Fed. Reg. 81908, 81913 (final December 29, 2010).

Dun & Bradstreet. (n.d.a). The cost of poor data quality [White paper]. Retrieved from

Dun & Bradstreet. (n.d.b). About the D-U-N-S number [Web page]. Retrieved from

Electronic Privacy Information Center. (2008). National ID and the REAL ID Act. Retrieved from http://epic.org/privacy/id_cards/

Federal Acquisition Regulation; Organizational Conflicts of Interest, 76 Fed. Reg. 23236, 23239, 23242, 23247 (proposed April 26, 2011).

Federal Funding Accountability and Transparency Act of 2006, Pub. L. 109–282, 120 Stat. 1187 (2006).

General Services Administration (GSA), Department of Defense (DoD), & National Aeronautics and Space Administration (NASA). (2005). Federal Acquisition Regulation. Retrieved from https://www.acquisition.gov/far/current/html/Subpart%202_1.html

Gordon, D. (2005). Organizational conflicts of interest: A growing integrity challenge. Public Contract Law Journal, 35(1), 25–42.

Governmentwide Debarment and Suspension (Nonprocurement) and Governmentwide Requirements for Drug-Free Workplace (Grants), 68 Fed. Reg. 66534 (proposed November 26, 2003).

Guttman, D. (1977). Organizational conflict of interest and the growth of big government. Harvard Journal on Legislation, 15(2), 297–364.

Lee, K. (2011). House Oversight Subcommittee discusses problems with Usaspending.gov data. Sunlight Foundation. Retrieved from http://sunlightfoundation.com/blog/2011/03/15/house-oversight-subcommittee-discusses-problems-with-Usaspending-gov-data/

Papson, T. C., Doyle, A. L., & Ginsberg, D. J. (2011). The proposed ‘organizational conflicts of interest’ rule: New opportunities to avoid or mitigate conflicts. Westlaw Journal, 25(5), 1–8.

Securities and Exchange Commission. (2009). EDGAR filer manual (Vol. II). Retrieved from http://www.sec.gov/info/edgar/forms/edgform.pdf

Szeliga, K. R. (2005). Conflict and intrigue in government contracts: A guide to identifying and mitigating organizational conflicts of interest. Public Contract Law Journal, 35(4), 639–674.

Taylor, J. W. (1983). Organizational conflicts of interest in Department of Defense contracting. Public Contract Law Journal, 14(1), 158–177.

Taylor, J. W., & Dickson, A. B. (1984). Organizational conflicts of interest under the Federal Acquisition Regulation. Public Contract Law Journal, 15(1), 107–121.

U.S. Government Accountability Office. (2006). Company formations: Minimal ownership is collected and available (Report No. GAO-06-376). Retrieved from

U.S. Government Accountability Office. (2009). Excluded parties list system: Suspended and debarred businesses and individuals improperly receive federal funds (Report No. GAO-09-174). Washington, DC: Author.

Yukins, C. (2011). The draft OCI rule—new directions and the history of fear. The Government Contractor, 53(18). Retrieved from http://ssrn.com/abstract=1832743


1. For purposes of this article, the term “organizational structure” refers to a contractor and its affiliates, including parents and subsidiaries.

2. This personal communication (letter dated July 21, 2010) from Mitchell Vakerics, policy manager for The Coalition for Government Procurement, replied to Amy Williams, Office of the Under Secretary of Defense (Acquisition, Technology and Logistics), Defense Procurement and Acquisition Policy and Pricing (Defense Acquisition Regulation Systems), issuing comments on the implementation of Section 207 of the Weapons Systems Acquisition Reform Act of 2009, 75 Federal Regulation 20954 (April 22, 2010) “Proposed Rule” on Organizational Conflicts of Interest. Retrieved from http://www.regulations.gov/#documentDetail;D=DARS=2010-0045-0016.

3. Because it is only five digits long, the Commercial and Government Entity (CAGE) Code assigned to each contractor on registration is insufficient given the number of contractors.

4. This personal communication (e-mail) is courtesy of T. Christian Williams, pursuant to his Freedom of Information Act (FOIA) Request No. 197667 submitted to the General Services Administration.



Leave a Reply

Your email address will not be published. Required fields are marked *