1.What does the government buy?

2.Does the government always award the contract to the low bidder?

3.Does the government pay on time?

4.Do I need to be on a GSA schedule in order to do business with the government?

5.Do I need to be certified in order to bid on government contracts?

6.What are the federal government's small business certifications?

7.What is SAM?

8.How do I register for SAM?

9.Does registering in SAM market my company to the government?

10.Are there web sites where I can see what the government is buying?

What does the government buy?

Federal, state and local government agencies buy everything from toothpicks and cleaning services to spaceships and cancer research. The key is to determine which government agencies buy the products and/or services you sell and to develop a focused marketing strategy targeting those agencies. Procurement Technical Assistance Center (PTAC) can help you identify potential government customers and learn how to approach them. PTAC is a specialty center of the SBDC Network and provides free consulting and low cost technical assistance to help businesses in 45 counties between and around the major Southeast Texas cities of Houston and Austin sell to the government.

Does the government always award the contract to the low bidder?

No. In many instances the government awards the contract to the company that provides the best value, and this does not necessarily mean the company offering the lowest price. Other factors such as technical capability, past performance and quality may also be considered. PTAC can help you interpret a request for bid or proposal so that you understand which evaluation factors will be used in determining who gets the contract.

Does the government pay on time?

Provided your shipping and invoicing documentation is correct and complete, you can expect a timely payment. In fact, federal agencies offer a prompt payment in return for a discounted price, and prefer to pay by Electronic Funds Transfer (EFT) to speed up the payment process. Federal agencies also pay interest on the amount they owe you if they delay payment past the stated terms of the contract. PTAC can help you with your paperwork and also help you register to be paid electronically.

Do I need to be on a GSA schedule in order to do business with the government?

No, although it may be beneficial to you in the long run. Think of the General Services Administration (GSA) as a buying activity for other federal government agencies. GSA awards “schedules” or long-term contracts to vendors who provide certain goods and services required by those agencies. Then, when the agencies have a need for a particular product or service, they can buy it from one of the vendors on the schedule for the pre-determined price. A vendor might get lots of business by being on a GSA schedule, but there are no guarantees. PTAC can help you determine if your company is a good candidate to apply for a GSA schedule as well as help you through the application process.

Do I need to be certified in order to bid on government contracts?

No. Except for certain “set aside” contracts, the government does not require any type of certification for a company to be eligible to bid on contracts. However, being certified as a woman-owned, minority or otherwise disadvantaged business can level the playing field and provide more opportunities for you to bid. Since federal, state and local government agencies have different certification programs with different eligibility factors and application processes, you should first determine which agencies you want to do business with, and then look into the applicable certification programs. PTAC can help you determine if you are eligible for certification and help you apply.

What are the federal government's small business certifications?

8(a) – The SBA's Section 8(a) Business Development Program - named for a section of the Small Business Act, is a business development program created to help small disadvantaged businesses compete in the American economy and access the federal procurement market.

To be eligible, the applicant firm:

  • must be a small business
  • must be unconditionally owned and controlled by one or more socially and economically disadvantaged individuals who are of good character and citizens of the United States, and
  • must demonstrate potential for success.
  • personal net worth cannot exceed $250,000
  • must have been in business for 2 years (evidence by tax returns.)
  • Visit SBA’s 8(a) Business Development Program website.

SDB – Small Disadvantaged Business status is now a self-certifying process. In order to claim the SDB status, a small business must be at least 51% owned and controlled by a socially and economically disadvantaged individual or individuals. African Americans, Hispanic Americans, Asian Pacific Americans, Subcontinent Asian Americans, and Native Americans are presumed to quality. Other individuals can qualify if they show by a "preponderance of the evidence" that they are disadvantaged. All individuals must have a net worth of less than $750,000, excluding the equity of the business and primary residence. Successful applicants must also meet applicable size standards for small businesses in their industry.

HUBZone - The HUBZone Empowerment Contracting Program was adopted to stimulate economic development and create jobs in urban and rural communities by providing federal contracting preferences to small businesses. These preferences go to small businesses that obtain HUBZone (Historically Underutilized Business Zone) certification in part by employing staff that live in a HUBZone and maintain a "principal office" in one of these specially designated areas. [A principal office can be different from a company headquarters]. The program resulted from provisions contained in the Small Business Reauthorization Act of 1997. Visit the HUBZone website.

WOSB - The Small Business Act authorizes contracting officers to specifically limit, or set aside, certain requirements for competition solely among women-owned small businesses (WOSBs) or economically disadvantaged women owned small businesses (EDWOSBs). This is referred to as the WOSB Program. Visit the WOSB website.

* The 8(a), HUBZone, and WOSB programs requires companies to be certified by the U.S. Small Business Administration (SBA).

What is SAM?

The System for Award Management (SAM) is the official registration required prior to bidding on a contract with any federal government agency. It is the primary registrant database for the U.S. Federal Government. SAM collects, validates, stores and disseminates data in support of agency acquisition missions. SAM uses this information to perform Electronic Funds Transfer (EFT). This requirement covers all federal agencies.

How do I register for SAM?

Registering online can be accomplished at This method is quick and user friendly. Click on the “help” tab and download the registration screenshots for more information. Be sure to first obtain a free DUNS Number from Dun & Bradstreet by calling 1-866-705-5711.

Does registering in SAM market my company to the government?

No, registering in SAM does not market a company to government buyers. The SAM database collects information necessary for a government buying activity to contact or maintain contact with a company. This registration also provides the information necessary for the transfer of funds via electronic funds transfer (EFT).

Are there web sites where I can see what the government is buying?

Yes, the federal government posts many of its contracting opportunities online. The primary site is, where all federal agencies are required to post contracting opportunities that are estimated to be valued over $25,000. Most agencies also post acquisition forecasts, which are lists of the purchases the agencies expect to make in the coming months, on their home pages. The Federal Acquisition Jumpstation provides links to most federal agency home pages. State of Texas bid opportunities can be found through the Electronic State Business Daily program.

Blog using your mobile phone - One of the best blogging apps on the market - click here!



As India braces for digital payments future, how secure are banks from cyber attacks?

As the government presses ahead with a cash to less cash to cashless economy, the success of the transition will depend on how the battle between bankers and hackers plays out. Bankers must upgrade and fortify their cyber defences as hackers attempt to pinch funds from banks or steal credit/debit card details of retail customers daily. If suddenly the easiest way to buy anything from soft drinks to cars is to use the mobile wallet, a few clicks of the mouse are all that is required to rob a bank.

True, in a country with 98% cash in circulation, electronic payments replacing cash will not be easy and will take time. But since demonetisation kicked off on November 8, digital payments have got a fillip. That has opened up more opportunities for cyber pickpockets to try and steal card details, PINs, mobile wallets and siphon off money. “India has been at the lower end of frauds as volumes were low. Now, I suspect that will change as digital payments volumes surge,” says R Venkatachalam, managing director, India & South Asia, FIS Global.

Akhilesh Tuteja, partner and global head of cyber security , KPMG says if the benefits of digital payments are exponential, so are the risks. India’s central banker itself flagged off concerns in this regard. In an October note, RBI deputy governor SS Mundra said one of the key targets by the attackers is the credential of the customers, as it provides the key to the ‘khazana’ (treasure). “Recent experience shows involvement of organised gangs and nation-state actors having huge financial backing. On the other hand, the cost of orchestrating such attacks is coming down. There are several reports indicating availability of credentials of customers for sale in dark web, which is really scary.”

The security threat notwithstanding, bankers prefer the shift to a digital payments system. A physical bank branch transaction is 50 times costlier than a digital transaction. And as volumes increase scale will ensure even lower costs of digital transactions. The government’s push emanates from a desire to track the flow of money and check corruption and black money generation. The downside of a digital economy is that millions can lose money in seconds.

A single hack can ensure millions of accounts being compromised, as it happened in October when 3.2 million card details were stolen in a malware related security breach. These cards from customers of State Bank of India, HDFC Bank, ICICI Bank, Axis Bank and others, were used at ATMs. The stolen debit cards were used in China. The heist is still under investigation, but is almost forgotten in the scramble for a digital payments future.

Digital Carrots

Indeed, one of primary concerns over the rush to a digital economy, besides the challenge of drawing in swathes of people who do not even have a bank account, is the threat of cyber attacks. The government for now seems to be more focused on the second problem — goading people to embrace digital payments. On November 15, it announced a scheme to encourage digital payments between Rs 50 and Rs 3,000, offering around Rs 340 crore in cash awards for such transactions. The twin schemes, Lucky Grahak Yojana and Digi Dhan Vyaypari Yojana will be launched on December 25 and run by the National Payments Corporation of India (NPCI) for 100 days. NPCI is the nodal agency controlling e-transactions like Universal Payment Interface (UPI), USSD, NEFT and RTGS.

Mobile wallets are already experiencing a tremendous growth in transactions. The user base of the Chinese Alibaba-funded Paytm has climbed from 100 million to 170 million in a month. Likewise, sales of Point of Sales (PoS) machines have risen 200 times since November 8. “India is on the fastest track when it comes to growth of digital channels use in financial services. The troika of Jan-Dhan, Aadhaar and mobile is one of the catalysts in making it happen,” says Rajashekara V Maiya, head, Finacle product strategy, Infosys.

The problem is hackers won’t be far behind. According to the latest available data from RBI, 13,083 and 11,997 cases related to ATM, credit, debit card and net banking fraud were reported in 2014-15 and 2015-16 (up to December 2015). The October breach of 3.2 million cards was the single largest of its kind in India. Globally, Juniper Research says value of online fraud transactions is expected to reach $25.6 billion by 2020 up from $10.7 billion last year. “This means by end of the decade $4 in every $1,000 of online payments will be fraudulent,” says Maiya. The 0.4% fraud transactions does not include money that could be stolen from compromised accounts.

Another study by Assocham-PwC notes a surge of about 350% in cybercrime cases registered under the IT Act, 2000 between 2011 and 2014. Madhur Singhal, partner Bain & Company, says as it happens with other payments, there is a risk if user does not understand how e-payments work. “Just like losing a signed cheque leaf exposes a consumer to fraud, being negligent with passwords, card details could pose a risk in wallet or net banking transactions.”

Singhal says there are three kinds of risks unique to e-payments. One, devicerelated risk. If someone loses their mobile phone and there are no passwords protecting the phone or the app, money in an e-wallet could be compromised, or, leaving your accounts open when making payments from a public device. Two, risk from rights access. Connecting the e-wallets or other fintech apps with other apps like social networks could pose a risk of data leakage or a consumer unknowingly sharing information that should have been kept private. Three, negligence in sharing passwords or OTP (one time passwords) with others especially when using these modes publicly.

There are some other risks that are common to e-payments as well non-electronic payments — for example, giving away your account details to a third party. Provided the consumer takes basic precautions, the benefit of electronic payments far exceeds the inconvenience and transaction costs one would have incurred in other forms of payment, especially when the payment ticket sizes are small. Besides, downloading unverified apps and software can compromise security. Users should download apps with high ratings. Banking portals can get compromised as well. Altaf Halde, managing director, Kaspersky Lab says, “HTTPs (the small `s’ for secure) was always thought to be safe. But hackers can get here as well.” Venkatachalam says problems can arise at both the bank and user end.

“While banks have to regularly update software and fraud detection systems, users should be aware of basics like changing passwords frequently, using unique passwords for different accounts (instead of the same for net banking, Facebook, Twitter).” The problem could be the hardware as well. Mobile chip maker Qualcomm’s senior director for product management Sy Choudhury recently raised concerns over hardware level security. “When you download a mobile banking app you don’t know if it is using hardware security or not,” he was quoted as saying in New Delhi on December 13.

Credit cards, debit cards, mobile wallets, net banking fall in two distinct buckets. Credit, debit cards work under Payment Card Industry (PCI) standards, reviewed every year. PCI DSS (Data Security Standards) are a set of instructions to store, process and transmit plastic transactions with details about firewalls configuration, storing passwords, information of users and so on. “If PCI is not adhered to, the card can be compromised,” says Venkatachalam.

Card companies like Visa, Mastercard, Amex do this but banks want to control customer information and hence vulnerabilities can exist at their end. Net banking comes under electronic payment channels and the security protocols are released by Internet Engineers Task Force (IETF). When net banking started more than a decade back it worked with 40 kb encryption which went up to 64 kb and now 128 kb. “This is very good. But when you are dealing with variety of people with varying ability to transact digitally, the chance of a hacker getting the better of you increases,” says Tuteja. Even if the network is robust (in India it is maintained by RBI with NPCI as nodal agency), the leaks could be at the banks end (software not updated) or the user end.

Basudev Banerjee, banking expert at Microsoft, says systems managing the links from origin to settlement of a transaction are robust and secured, yet probability of fraud exists at every stage—for example, buying a water bottle at a road side vendor via card or m-wallet, transmission of details to authenticate user to ok buy, completing the purchase with user getting a SMS or confirmation slip and reconciliation at the backend.

A hacker could get at any of the five stages— origin, transmission, transaction, settlement and reconciliation. To keep fraudsters at bay, Vishak Raman, senior regional director, India & Saarc, FireEye (a security software maker) offers a laundry list of precautions like unique passwords, typing out links in address bars instead of clicking on links, avoid exchanging sensitive information (even your birthday) over e-mail, enable two factor authentication if available and so on. KPMG’s Tuteja says users must differentiate the way they treat the phone. “It’s your bank.”



Nominations are beingaccepted for the Prosecutorof the Year Award sponsored by the CoalitionAgainst Insurance Fraud.

The award honors prosecutors who go above andbeyond in convicting insurance scammers in the prior year.

Prosecutors can be recognized for a singleconviction or a body of work, primarily in the prior year. Leadership such asspeeches, training workshops and other work can count.

Nominations are due October 21. This is the onlynational award of its kind. Nominations are easy and convenient to make.

The award encourages and promotes best practicesin courtroom excellence against insurance criminals.

Assistant DA Linda Montag won last year’sProsecutor of the Year Award. The Philadelphia prosecutor took down a complexring that organized $400,000 of fake slip-and-fall injuries on sidewalks inresidential areas of the city. It was one of the largest insurance schemes inPhiladelphia history.