Procurement contracts are increasingly used in both Canada and the United States (US), particularly with respect to technological services. Federal procurement expenditures
for Canada amount to an average of $22 billion CDN in goods and services annually. Further, the US typically awards $500 US billion in contracts
annually, with Canadian companies actively participating in that market.
Government contracting with respect to technological services, such as cloud computing, provide a unique situation with respect to how proposals are submitted and structured for cloud services. It is important to consider what additional risks may be present even at this early stage when it comes to cloud computing services.
Canadian cloud strategy
Canada has taken active steps as a digital services leader towards improving the procurement criteria for government use of cloud computing. The Government of Canada has adopted a cloud-first strategy in which the preferred option for delivering IT services is through cloud services and the preferred choice for cloud deployment is the public cloud.
Canadian government procurement, including technology procurement, is governed by the Standard Acquisition Clauses and Conditions (SACC) Manual which sets out the Government of Canada’s standard procurement clauses and contractual provisions. A federal government request for proposal (RFP) can further incorporate by reference specific provisions forming part of the SACC Manual. Similarly, in the US, the Federal Acquisition Regulation System, consisting of the Federal Acquisition Regulation (FAR) and agency regulations that supplement the FAR, are applicable to procurements by US government agencies. FAR clauses are similarly incorporated by reference into RFPs and related documents.
Technology vendors will want to be especially mindful about provisions related to intellectual property ownership which are oftentimes incorporated by reference into RFP documents. In addition, as cloud service security is a key concern, the RFP and related documents will often impose standards that vendors must abide by. The Canadian approach to security currently mirrors key standards set by the United States. For example, current information technology security risk management guidance has been taken through the Communication Security Establishment and the United States National Institute of Standards and Technology (NIST).
In addition, a number of government agencies both in Canada and the US are adopting agile procurement processes. Previously, pricing for the whole project was typically set at the outset, subject only to scope change. In contrast, agile procurements follow a less documented process whereby the government agency’s needs, rather than being known upfront (e.g., through a detailed specification), are generally explored and updated as the process progresses through iterative cycles.
While there is a clear desire for increased participation for cloud computing services, it is clear the technical requirements and complexity of the work can present challenges to ensuring a successful bid.
Competitive risks in the technology procurement process
The complexity of the work involved requires that vendors scrutinize both the procedural and technical aspects of the contracting relationship. An emerging risk, given the large dollar value of government technology contracts and the shift to agile (and faster) contracting processes, is that an unsuccessful bidder disputes the competitiveness of the successful bidder in the bid process.
- Fair and equal treatment. Vendors in the Canadian landscape can benefit from a history of jurisprudence governing procurement which promotes competition. Canada’s approach to procurement clarifies that Canadian suppliers have the right to demand equal and fair treatment through the procurement process. This does not mean operational requirements must be reduced or altered, but the law does ensure that if there is a competition for services, the requirements for the service must ensure competition can take place and the process is fair.
- Flexible terms. While this landscape can provide comfort amongst competitors, technology contracting does carry added burdens in terms of the flexibility of the bidding language and parameters. Both vendors and customers need to ensure a contract clearly stipulates the parameters around which the work is to be done, particularly when dealing with the feasibility of a cloud or other technology service in respect of a price scenario.
- Operational feasibility. As the security requirements for handling government data are significant, for vendors this means that a cloud processing service, whether through software, platforms or infrastructure, needs to meet and maintain security settings throughout at any given price which would affect the level of liability a vendor takes on. This may also present a risk of future claims or challenges in the event that operational feasibility is overstated.
From the government customer’s perspective, it needs to ensure a bid is compliant and thoroughly vetted. It also needs to ensure its own requirements for a service are clearly stated. If this is not ensured, Canada’s legal landscape for procurement may present risks of claims or challenges that competition was not properly established and non-compliant bids were overlooked.
In an arena of equal treatment for bidders and standardized requirements for cloud computing services, substantive detail in the early bidding stages does not only affect the competitiveness of a bid. Vendors need to ensure specificity and accuracy dominate their pricing and feasibility scenarios even at the early stage. Not doing so risks presenting a vendor’s bid as inferior (and therefore subject to an easier challenge) and a customer as offside the common law requirement of fair competition.