Contracting agency for bailout watchdog botched IT forensics acquisition

The headline and deck of this story were changed to more accurately reflect the issue.

Federal officials working for the white-collar criminal investigators who police the $700 billion bank bailout fund prematurely awarded a government contract and now are redoing the acquisition, officials said.

Under the 2008 Troubled Asset Relief Program, or TARP -- better known as the $700 billion bank bailout -- a special inspector general investigates and audits financial transactions to ensure organizations do not defraud the taxpayer-funded reserve. This week, the Bureau of Public Debt, which was administering a purchase for the special inspector general, or SIGTARP, inadvertently awarded a $59,356 deal for computer forensics machinery to one firm before the bidding process had closed, officials announced Wednesday.

As a result, the bureau is taking “corrective action,” according to Public Debt officials, who attributed the mistake to a clerical error but could not elaborate.

SIGTARP was seeking a special machine, called a forensic tower, that can recover potential evidence from a suspect’s computer -- deleted files, past Wi-Fi hot-spot connections and other user commands -- without altering the data.

The agency specifically wanted a dozen Forensic Tower II Special Edition II computer stations or equivalent models, according to an April 26 solicitation. On May 2, the bureau selected Glen Lyn, Va.-.based Forensic Computers Inc., the maker of the preferred brand, for the job. The deadline for product proposals was May 3.

On that day, realizing the gaffe, officials announced they would fix the situation by recompeting the contract, reviewing all resubmissions and new submissions, and then providing every firm with the price of the lowest cost, technically sufficient bid. Finally, all companies will be allowed to revise their offers with that price information in mind.

“We want to make sure that the solicitation process is fair to everyone,” Public Debt spokeswoman Joyce Harris said in response to the human clerical error. “We are reopening the solicitation and are allowing all the interested vendors to submit their proposals.”

Forensic Computers officials were not immediately able to comment.

According to the company’s website, the base price of one workstation retails for about $6,245. The government possibly would have saved more than $15,000 by buying the 12 systems, considering the retail price.

Some computer forensic experts who have used the towers say they are expedient, powerful machines, but the tools are available a la carte at a lower price point.

The device “allows you to download data from a suspect’s machine without your computer writing on the suspect’s machine,” said Darren R. Hayes, computer information systems program chairman at Pace University. He began his computer forensics career at the financial services firm Cantor Fitzgerald.

“You want to be sure you’re acquiring the evidence in a scientific manner so that it can be admissible in court if necessary,” Hayes added. Two of the workstations that SIGTARP would have bought sit in his lab, he said.

Acknowledging he does not know much about SIGTARP’s investigations, Hayes said there are cheaper alternatives to a tower. Having the system is akin to owning an espresso machine that can froth milk, instead of buying a coffee pot and whipping milk with a whisk over a stovetop.

Piecemeal devices called “write-blockers” that cost about $2,000 also would allow analysts to probe a suspect’s computer without tampering with possible evidence, he said. “It’s more convenient to have one of those tower systems,” Hayes said.

Information technology forensics can involve drawing up passwords, retrieving temporary files, determining the locations of networks that a computer accessed and collecting other digital fingerprints. The goal of documenting these electronic trails is to prove only one person could have committed the fraud in question on a certain computer, Hayes explained.

“There are configuration files that enable you to see what USB drives were connected to the computer, what Wi-Fi hot spots were connected to the computer,” he said. “In the world of computer forensics you have to link the machine to a particular individual.”

Federal officials said the kinds of investigations under SIGTARP’s purview, such as wire fraud, often involve substantiating complex connections among global financial institutions and webs of external relationships, not one-to-one linkages.

Congress established TARP and its watchdog agency in 2008 following the collapse of Wall Street. As of April 25, the agency reported that it had obtained 50 criminal convictions, 23 of which sent defendants to prison. Taxpayers are still owed $118.5 billion from their investment, with some experts predicting an ultimate $60 billion loss.

SIGTARP officials said in a statement that the agency “is a sophisticated, white-collar criminal law enforcement agency that investigates fraud, waste and abuse related to the federal Troubled Asset Relief Program. As a part of its operations, the agency, through its contracting agent, the Bureau of the Public Debt, regularly solicits bids for materials and services central to the conduct of ongoing criminal investigations.”

They added SIGTARP is not in a position to comment on the scope of its computer investigative work, due to ongoing cases.

(Image via improvize /Shutterstock.com)