On July 14, 2025, the U.S. Department of Justice (DoJ) and General Services Administration (GSA) announced a $14.75 million settlement of Civil False Claims Act allegations against IT company Hill ASC Inc. (Hill).  This settlement is consistent with the current Administration’s focus on “fraud, waste, and abuse” in government procurement and the recent DoJ FCA initiative focused on cybersecurity fraud.  This also follows the Department’s Criminal Division announcement of corporate procurement fraud as an enforcement priority.

The government alleged that between 2018 and 2023 Hill provided information technology services to federal agencies through the GSA’s Multiple Award Schedule (MAS) program.  The settlement resolved allegations that: (i) Hill billed federal agencies for information technology personnel who lacked the experience and/or education required under the contract; (ii) Hill had not passed GSA’s required technical evaluations for contractors who sought to offer highly adaptive cybersecurity services to government customers; (iii) Hill submitted claims for cybersecurity services and other services that were not within the scope of the contract; and (iv) Hill charged the government for unapproved fees, failed to provide government customers with required information about discounts for prompt payment, and included unallowable incentive compensation in a cost submission in connection with a new contract proposal (which the settlement agreement acknowledges that Hill withdrew before any contract based on the proposal was awarded.)

To settle these allegations, Hill agreed to pay $14.75 million “plus additional amounts if certain financial contingencies occur.”  The settlement imposes additional financial requirements including that Hill pay the United States 2.5% of its annual gross revenue that exceeds $18,800,000.00 from January 1, 2026 to December 31, 2029 (named the “Revenue Contingency Period”).  It appears that the amount of damages initially sought by the government was higher because DoJ noted that the settlement amount was based on “the company’s ability to pay.” 

Government contractors should remain aware of DoJ’s increased focus on procurement fraud and cybersecurity FCA enforcement.  Assistant Attorney General of the Justice Department’s Civil Division, Brett A. Shumate, said, “Information technology contractors are expected to charge the government appropriately for their services,” and noted DoJ would “continue to pursue cyber fraud and hold accountable those companies that knowingly fail to meet contractual obligations to the American taxpayers.”

The Hill FCA settlement resulted from coordination between DoJ’s Civil Division, Commercial Litigation Branch, Fraud Section, the GSA’s Office of the Inspector General, the Treasury Department’s Office of Inspector General, and the Treasury Department Inspector General for Tax Administration.

Although the Civil Cyber-Fraud Initiative was established during the Biden Administration, cyber-fraud remains a DoJ priority under the current Administration.  Last month, the White House issued an Executive Order, discussed here, that outlines cybersecurity changes that impact government contractors.  As the cybersecurity landscape continues to evolve, contractors should regularly assess their compliance with cybersecurity requirements and ensure that they understand their contractual obligations regarding cybersecurity.

Takeaways

  • Federal contractors should take steps to mitigate FCA risk by understanding their contractual obligations to meet cybersecurity requirements and working with their IT and InfoSec departments, as well as their delivery teams, to ensure that their organization understands the cybersecurity requirements that the company has committed to meet in performing contracts and subcontracts where the US government is the ultimate customer.
  • DoJ is focused on cyber fraud even where the fraud is tangential to performance of cybersecurity requirements, such as was alleged here. 
  • The current Administration’s focus on waste, fraud, and abuse is spurring interagency coordination on FCA enforcement.
Tags: Cybersecurity, False Claims Act
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Susan B. Cassidy Susan B. Cassidy

Susan Cassidy is co-chair of the firm’s Aerospace and Defense Industry Group and is a partner in the firm’s Government Contracts and Cybersecurity Practice Groups. She is Chambers rated in both Government Contracts and Government Contracts Cybersecurity. Susan previously served as in-house counsel…

Susan Cassidy is co-chair of the firm’s Aerospace and Defense Industry Group and is a partner in the firm’s Government Contracts and Cybersecurity Practice Groups. She is Chambers rated in both Government Contracts and Government Contracts Cybersecurity. Susan previously served as in-house counsel for two major defense contractors and advises a broad range of government contractors on compliance with FAR and DFARS requirements, with a special expertise in supply chain, cybersecurity and FedRAMP requirements. She has an active investigations practice and advises contractors when faced with cyber incidents involving government information, as well as representing contractors facing allegations of cyber fraud under the False Claims Act. Susan relies on her expertise and experience with the Defense Department and the Intelligence Community to help her clients navigate the complex regulatory intersection of cybersecurity, national security, and government contracts. Chambers USA has quoted sources stating that “Susan’s in-house experience coupled with her deep understanding of the regulatory requirements is the perfect balance to navigate legal and commercial matters.”

Her clients range from new entrants into the federal procurement market to well established defense contractors and she provides compliance advice across a broad spectrum of procurement issues. Susan consistently remains at the forefront of legislative and regulatory changes in the procurement area, and in 2018, the National Law Review selected her as a “Go-to Thought Leader” on the topic of Cybersecurity for Government Contractors.

In her work with global, national, and start-up contractors, Susan advises companies on all aspects of government supply chain issues including:

Government cybersecurity requirements, including the Cybersecurity Maturity Model Certification (CMMC), DFARS 7012, and NIST SP 800-171 requirements,
Evolving sourcing issues such as Section 889, counterfeit part requirements, Section 5949 and limitations on sourcing from China
Federal Acquisition Security Council (FASC) regulations and product exclusions,
Controlled unclassified information (CUI) obligations, and
M&A government cybersecurity due diligence.

Susan has an active internal investigations practice that assists clients when allegations of non-compliance arise with procurement requirements, such as in the following areas:

Procurement fraud and FAR mandatory disclosure requirements,
Cyber incidents and data spills involving sensitive government information,
Allegations of violations of national security requirements, and
Compliance with MIL-SPEC requirements, the Qualified Products List, and other sourcing obligations.

In addition to her counseling and investigatory practice, Susan has considerable litigation experience and has represented clients in bid protests, prime-subcontractor disputes, Administrative Procedure Act cases, and product liability litigation before federal courts, state courts, and administrative agencies.

Susan is a former Public Contract Law Procurement Division Co-Chair, former Co-Chair and current Vice-Chair of the ABA PCL Cybersecurity, Privacy and Emerging Technology Committee.

Prior to joining Covington, Susan served as in-house senior counsel at Northrop Grumman Corporation and Motorola Incorporated.

Read more about Susan B. CassidyEmail
Show more Show less
Photo of Robert Huffman Robert Huffman

Bob Huffman counsels government contractors on emerging technology issues, including artificial intelligence (AI), cybersecurity, and software supply chain security, that are currently affecting federal and state procurement. His areas of expertise include the Department of Defense (DOD) and other agency acquisition regulations governing…

Bob Huffman counsels government contractors on emerging technology issues, including artificial intelligence (AI), cybersecurity, and software supply chain security, that are currently affecting federal and state procurement. His areas of expertise include the Department of Defense (DOD) and other agency acquisition regulations governing information security and the reporting of cyber incidents, the Cybersecurity Maturity Model Certification (CMMC) program, the requirements for secure software development self-attestations and bills of materials (SBOMs) emanating from the May 2021 Executive Order on Cybersecurity, and the various requirements for responsible AI procurement, safety, and testing currently being implemented under President Trump’s AI Executive Order. 

Bob also represents contractors in False Claims Act (FCA) litigation and investigations involving cybersecurity and other technology compliance issues, as well more traditional government contracting costs, quality, and regulatory compliance issues. These investigations include significant parallel civil/criminal proceedings growing out of the Department of Justice’s Cyber Fraud Initiative. They also include investigations resulting from False Claims Act qui tam lawsuits and other enforcement proceedings. Bob has represented clients in over a dozen FCA qui tam suits.

Bob also regularly counsels clients on government contracting supply chain compliance issues, including those arising under the Buy American Act/Trade Agreements Act and Section 889 of the FY2019 National Defense Authorization Act. In addition, Bob advises government contractors on rules relating to IP, including government patent rights, technical data rights, rights in computer software, and the rules applicable to IP in the acquisition of commercial products, services, and software. He focuses this aspect of his practice on the overlap of these traditional government contracts IP rules with the IP issues associated with the acquisition of AI services and the data needed to train the large learning models on which those services are based. 

Bob is ranked by Chambers USA for his work in government contracts and he writes extensively in the areas of procurement-related AI, cybersecurity, software security, and supply chain regulation. He also teaches a course at Georgetown Law School that focuses on the technology, supply chain, and national security issues associated with energy and climate change.

Read more about Robert HuffmanEmail
Show more Show less
Photo of Terra White Fulham Terra White Fulham

Terra Fulham represents corporate and individual clients in complex litigations and investigations, with particular expertise in defending government contractors against allegations of fraud and False Claims Act violations. She has experience representing clients at all stages of internal and government investigations, including conducting…

Terra Fulham represents corporate and individual clients in complex litigations and investigations, with particular expertise in defending government contractors against allegations of fraud and False Claims Act violations. She has experience representing clients at all stages of internal and government investigations, including conducting witness interviews, managing government subpoena and CID responses, defending witnesses in government interviews, and advocating before government enforcement officials. She has represented clients in investigations and litigation brought under the False Claims Act, including matters alleging noncompliance with U.S. government cybersecurity regulations, small business fraud, quality assurance deficiencies, conflicts of interest, and cost mischarging. Terra also has experience with suspension and debarment matters, representing entities in such proceedings to ensure their continued eligibility to participate in federal programs.

She has also represented clients in a variety of litigation matters during motions practice, discovery, and final hearings.

Terra also maintains an active pro bono practice, with an emphasis on immigration-related impact litigation.

Read more about Terra White FulhamEmail
Show more Show less
Photo of Jocelyn Walcott Jocelyn Walcott

Jocelyn A.K. Walcott is an associate in the firm’s Washington, DC office. She is a member of the Government Contracts and White Collar Defense and Investigations Practice Groups. She represents clients on a range of government contracts and enforcement matters. She has experience…

Jocelyn A.K. Walcott is an associate in the firm’s Washington, DC office. She is a member of the Government Contracts and White Collar Defense and Investigations Practice Groups. She represents clients on a range of government contracts and enforcement matters. She has experience advising clients facing government investigations, including actions brought under the False Claims Act and those concerning alleged cybersecurity violations.

Before joining the firm, Jocelyn clerked for the Honorable Loretta Copeland Biggs and the Honorable Joi Elizabeth Peake of the Middle District of North Carolina.

Read more about Jocelyn WalcottEmail
Show more Show less