OMB Prioritizes Cyber, COVID Tech For New TMF Payback Model


Officials urged agencies to pitch projects that focus on hack cleanup, COVID-19 response or economic recovery by June 2 for maximum repayment flexibility from the Technology Modernization Fund.

The federal agencies managing a central fund for loaning money to other agencies to upgrade aging IT—a fund that just received $1 billion from Congress as part of the second COVID-19 stimulus package—released an outline Tuesday updating priorities and making fundamental changes to how the fund works.

The Technology Modernization Fund was created as part of the 2017 Modernizing Government Technology Act, or MGT Act, envisioned as a self-sustaining fund that would loan money for projects with wide potential impact and a solid return on investment that would replenish the fund on a three- to five-year cycle.

Prior to the recent cash infusion, Congress was reticent to put more than a few hundred million in the fund. But the COVID-19 pandemic and multiple high-level, potentially high-impact cybersecurity breaches in recent months highlighted many gaps in federal technology and moved a newly Democratic Congress to invest big in the TMF.

“We plan to use these resources to enable the federal government to better respond to SolarWinds and the COVID-19 crisis, and to support the economic recovery,” Federal Chief Information Officer Clare Martorana said Tuesday in a statement.

The $1 billion came with a mandate to focus on pandemic and cybersecurity remediation needs, and suggestions that the agencies that manage the fund—the Office of Management and Budget and General Services Administration—should waive the repayment structure for those projects.

On Tuesday, OMB and GSA released new details on the fund’s structure going forward and the kinds of projects that will be prioritized.

The most significant change will be to the repayment model, which will go from a 100% requirement for all projects to a three-tier approach. From the TMF website:

  • Full repayment: The TMF has historically operated under a full repayment model, and will continue to do so for projects that yield financial savings realized by the proposing agency. The board expects this to apply to single-agency investments with direct cost savings, such as replacing a legacy system with one that can be operated and maintained more efficiently.
  • Partial repayment: The board anticipates a range of proposals meriting partial repayment, depending on the positive impact to the public and agency operations, alignment with overall TMF priorities, and the likelihood that the proposing agency can realize financial savings. When requesting partial repayment, agencies should indicate whether the proposal can be made financially recoverable at a 25%, 50%, or 75% repayment level.
  • Minimal repayment: GSA and OMB will consider approving the most flexible payment arrangements for proposals that tackle the most urgent IT cybersecurity and modernization problems facing our government, and where cost savings are not easily realized by the proposing agency. This includes those proposals that help agencies respond to gaps exposed by the SolarWinds incident and meet the demands of the COVID-19 pandemic, and can include projects not included in the proposed Cyber Reserve funding in the FY2022 budget.

The highest priority projects that will be considered for the relaxed repayment models will cover all of the above by meeting critical needs across multiple agencies.

“Shared services that promise to address high-urgency areas across multiple agencies will receive high priority, and may receive TMF funds that allow the deployment and growth of these services over multiple years,” the plan states. “However, agencies are expected to use this runway to budget for the sustained reimbursement of these shared services once these TMF funds are fully used.”

Agencies will have the opportunity to suggest a repayment model during the first phase of the proposal process and be required to provide hard financial details on the project for the second phase, at which time the TMF Board will make the final decision.

In the past, TMF managers prioritized awarding funding to projects that could be repeated or scaled across government. With the new influx of funding and repayment models, the TMF Board that picks awardees will now prioritize proposals that fit into at least one of four categories: modernizing high-priority systems, cybersecurity, public-facing digital services and cross-government services and infrastructure.

“The updated TMF model provides the clarity and flexibility necessary to encourage federal agencies to prioritize technology modernization while transforming the relationship between the federal government and the public we serve,” acting GSA Administrator Katy Kale said in the release. “It is more aggressive—to meet the urgent technology needs of the federal government today, as well as more ambitious—to anticipate the demands of tomorrow.”

The plan also states that GSA will “establish a TMF project fee schedule sufficient to meet administrative requirements to manage the fund,” suggesting changes coming to the administrative fees, as well.

Currently, the GSA program management office that administers the program—including paperwork, disbursement of funds and helping agencies manage the process—assesses a 2.5% fee on payments for the three-year repayment schedule and 3% for five-year loans to cover the costs of running the office.

A 2019 report from the Government Accountability Office noted PMO expenses were higher than the maximum in fees that could be collected if all of the funds were awarded. The additional $1 billion added to the fund means more loans and, in turn, more administrative fees, though the plan suggests that fee structure will be changing.

Congressional overseers, including a cosponsor of the bill that created the TMF, were initially wary of moves to eliminate the reimbursement requirement, especially without a hard plan in place, and sent letters to OMB and GSA saying such.

The details released Tuesday assuaged those issues for some.

House Committee on Oversight and Reform Chair Carolyn Maloney, D-N.Y., a signatory on the letters, told Nextgov she approved of the administration’s plan for relaxing repayment requirements and the specific priorities outlined.

“The American Rescue Plan provided $1 billion in critical emergency relief to the Technology Modernization Fund to address these challenges, and I’m pleased to see the Biden administration moving forward swiftly to put that funding to use for the American people,” she said in a statement. “Our response to these challenges calls for flexibility to ensure high-value projects can move forward now, balanced with reimbursement requirements to ensure the long-term sustainability of the TMF.”

Maloney also said her committee and others would “conduct rigorous oversight” of the program as the funds are disbursed and used.

“Smart IT investments are integral to the federal government’s mission and were the driving reason behind our effort to secure $1 billion for the TMF in the American Rescue Plan,” MGT Act cosponsor and chair of the House Oversight Subcommittee on Government Operations Rep. Gerry Connolly, D-Va., told Nextgov in a statement Tuesday. “The administration was quick to take the opportunity to brief and engage my subcommittee on their plans, and I look forward to continuing my work with them to ensure the TMF is adequately reimbursed and agile IT modernization becomes the norm across government.”

Rep. Jody Hice, R-Ga., subcommittee ranking member, also liked the new approach.

“This change management is critical for successful IT modernization,” Hice told Nextgov in a statement. “Retiring legacy systems, improving cyber readiness, and public-facing digital systems are the right focus for these funds. I am eager to see which specific projects are funded and the results that hopefully follow.”

Agencies interested in applying for funds can submit a proposal at any time. However, OMB and GSA urged programs to submit by June 2 to be considered for the priority round of awards.

“As a general rule: if your agency has a project that would produce significant positive impact or would address critical security or capability gaps, we strongly encourage you to submit an initial proposal to the board for consideration,” the plan states.

Editor's note: This article was updated with comments from Rep. Carolyn Maloney.