Federal IT Contractor to Pay $14.75M for False Cybersecurity Services Claims

Hill ASC Inc., operating as Hill Associates and based in Rockville, Maryland, has agreed to a multimillion-dollar settlement with the U.S. Department of Justice to address allegations of violating the False Claims Act through improper billing practices under a General Services Administration (GSA) Multiple Award Schedule (MAS) contract.

The agreement mandates a payment of at least $14.75 million, with potential additional funds contingent on specified financial milestones, reflecting an assessment of the company’s ability to pay.

This resolution stems from Hill’s provision of information technology (IT) services to various federal agencies between 2018 and 2023 via the GSA MAS program, a streamlined procurement mechanism designed to facilitate government acquisition of commercial off-the-shelf goods and services.

Under the MAS framework, GSA establishes baseline contract terms, enabling other agencies to procure directly from approved vendors without redundant negotiations, thereby optimizing efficiency in federal supply chains.

Settlement Resolves Multiple Violations

The core allegations center on Hill’s purported submission of fraudulent claims for IT personnel whose qualifications fell short of contractual stipulations.

Specifically, the company is accused of invoicing federal clients for labor performed by individuals lacking the requisite educational credentials or professional experience outlined in the MAS contract’s labor categories, which are meticulously defined to ensure value-for-money in government procurements.

This practice not only inflated costs but also undermined the integrity of the GSA’s pricing schedules, which rely on accurate representations of workforce capabilities to maintain competitive fairness.

Furthermore, the settlement addresses Hill’s unauthorized billing for highly adaptive cybersecurity services, a specialized category requiring prior GSA technical evaluations to verify compliance with stringent security protocols and standards such as those aligned with NIST frameworks or FISMA requirements.

Despite failing to undergo and pass such an evaluation, Hill allegedly claimed reimbursements for these services, extending beyond the approved scope of their MAS contract and potentially exposing federal systems to unvetted risks in an era of escalating cyber threats.

Compounding these issues, the allegations include Hill’s imposition of unapproved fees on government invoices, non-disclosure of prompt payment discounts mandated by the Federal Acquisition Regulation (FAR), and the inclusion of unallowable incentive compensation in cost proposals for subsequent contracts.

These actions contravened FAR guidelines on allowable costs, which prohibit reimbursement for expenses not directly benefiting the government or violating anti-kickback provisions.

By embedding such elements into their submissions, Hill distorted the cost realism analysis process, a critical step in GSA’s evaluation of best-value determinations during contract awards.

The settlement underscores the Justice Department’s commitment to combating cyber fraud, as articulated by Assistant Attorney General Brett A.

Shumate, who emphasized the expectation for IT contractors to adhere strictly to contractual obligations, thereby safeguarding taxpayer funds from misuse in the procurement of essential digital infrastructure.

Collaborative Investigation

The investigation leading to this settlement exemplifies interagency collaboration, involving the Justice Department’s Civil Division Fraud Section, GSA’s Office of Inspector General (OIG), the Treasury Department’s OIG, and the Treasury Inspector General for Tax Administration (TIGTA).

Key figures, including GSA Deputy Inspector General Robert C. Erickson and Treasury OIG’s Loren Sciurba, highlighted the necessity for contractors to deliver precisely what is contracted, particularly in domains like cybersecurity where lapses can compromise national security.

According to the Report, TIGTA’s Acting Special Agent in Charge Jessica Cipolla reinforced the watchdog role in protecting IRS procurement processes from fraud, ensuring that entities engaging with Treasury maintain exemplary standards of integrity.

This case illustrates the broader ramifications of False Claims Act violations in the federal IT sector, where non-compliance with MAS program requirements can erode trust in government contracting ecosystems.

By resolving these claims without admitting liability, Hill avoids protracted litigation but must now navigate enhanced scrutiny in future dealings.

The outcome serves as a deterrent, signaling rigorous enforcement against deceptive practices that inflate costs or bypass technical validations, ultimately reinforcing the robustness of federal cybersecurity postures amid evolving digital vulnerabilities.

Stay Updated on Daily Cybersecurity News. Follow us on Google News, LinkedIn, and X.