Incorporated

Policy changes from this SAMM E-Change memo have been incorporated into the SAMM.

DoD Shield

DEFENSE SECURITY COOPERATION AGENCY
2800 DEFENSE PENTAGON
WASHINGTON, D.C. 20301-2800

 

3/18/2022

 

MEMORANDUM FOR :

DEPUTY UNDER SECRETARY OF THE AIR FORCE FOR INTERNATIONAL AFFAIRS
DEPUTY ASSISTANT SECRETARY OF THE ARMY FOR DEFENSE EXPORTS AND COOPERATION
DEPUTY ASSISTANT SECRETARY OF THE NAVY FOR INTERNATIONAL PROGRAMS
DIRECTOR, DEFENSE CONTRACT MANAGEMENT AGENCY
DIRECTOR, DEFENSE INFORMATION SYSTEMS AGENCY
DIRECTOR, DEFENSE LOGISTICS AGENCY
DIRECTOR, DEFENSE THREAT REDUCTION AGENCY
DIRECTOR, MISSILE DEFENSE AGENCY
DIRECTOR, NATIONAL GEOSPATIAL-INTELLIGENCE AGENCY
DIRECTOR FOR SECURITY ASSISTANCE, DEFENSE FINANCE AND ACCOUNTING SERVICE - INDIANAPOLIS OPERATIONS
DIRECTOR OF CYBERSECURITY DIRECTORATE AND DEPUTY NATIONAL MANAGER FOR NATIONAL SECURITY SYSTEMS, NATIONAL SECURITY AGENCY

SUBJECT :

Security Assistance Management Manual Policy Memorandum 22-29, Business Process Review Procedures Update [SAMM E-Change 577]

REFERENCE :

  1. United States Government Accountability Office (GAO) Report to Congressional Committees, GAO 18-553, "Foreign Military Sales: Financial Oversight of the Use of Overhead Funds Needs Strengthening," July 30, 2018

This memorandum updates policy on Business Process Reviews to ensure the Security Cooperation community is appropriately spending Foreign Military Sales (FMS) administrative funds. This policy is in direct response to recommendation six of the referenced United States GAO report, which requires DSCA to conduct periodic reviews of other Department of Defense Components' business processes for administrative funds based on a risk-based approach. This memorandum is effective immediately.

Based on the findings of an initial FY2021 feasibility study on risk-based criteria, the Defense Security Cooperation Agency (DSCA) Office of Business Operations (OBO), with concurrence from GAO, identified random selection as an acceptable risk-based approach.

DSCA OBO will work with the Security Cooperation community to further refine and strengthen the random selection methodology by identifying additional risk-based criteria to incorporate into the methodology. DSCA OBO will coordinate and communicate any changes or updates to the random selection methodology

The policy in the attachment is incorporated into the DSCA Security Assistance Management Manual (SAMM) at https://samm.dsca.mil. Cleared for public release.

If you have questions on this memorandum, please contact Ms. Wendy Pouliot, DSCA OBO/FPRE/FP, 703-692-1316 or wendy.pouliot.civ@mail.mil.

J. Aaron Harding
Chief Operating Officer and Chief Financial Officer
Defense Security Cooperation Agency

ATTACHMENT :
As stated

Security Assistance Management Manual E-Change 577
Business Process Review Procedures Update

  1. Update SAMM Section C9.14.2.3. to:

    C9.14.2.3. Procedures. DSCA will lead, at a minimum, a total of two reviews on an annual basis; however, the goal is to conduct one review with each Military Department Implementing Agency (IA) annually. DSCA leadership can at any time direct reviews, to include reviews of other IAs. The lead for these reviews is DSCA (Office of Business Operations, Financial Policy and Regional Execution Directorate, Financial Reporting and Compliance Division (OBO/FPRE/FRC)). Other DSCA participating offices may include DSCA (Office of Business Operations, Financial Policy and Regional Execution Directorate, Financial Policy (OBO/FPRE/FP)), DSCA Strategy, Plans, and Policy (SPP)), and DSCA (Office of the General Counsel (OGC)) depending on the location and focus of the review. Participation will also include representatives from the IA, and other technical experts, as required. In the first quarter of each fiscal year, DSCA (OBO) will send a memorandum notifying the IAs selected for the Business Process Review (BPR) (based on a risk-based approach or by DSCA leadership request), including the questions to be addressed and a suggested timeframe for the reviews.

  2. Delete SAMM Section C9.14.2.3.1.

  3. Delete SAMM Section C9.14.2.3.2.

  4. Delete SAMM Section C9.14.2.3.3.

  5. Update SAMM Section C9.14.2.4. to:

    C9.14.2.4. Deliverables. DSCA (OBO/FPRE/FRC) will prepare minutes from the BPRs, to include any action items, and provide to the IA participants no later than 20 business days after completion of the BPR. Further, DSCA (OBO) will track the status of action items and follow-up quarterly until all open action items are completed.

  6. Add to SAMM Glossary:

    Risk-based approach: Identify the highest compliance risks to your organization and make them a priority for compliance controls, policies, and procedures.