I have received a few calls and emails from a few clients about an email they received from the SAM Administrator at SAM.gov about potential fraud. Some were concerned about whether this was real or some registration scam.
Unfortunately, it is real. The email begins:
During a recent system audit, we identified a change to the bank account information associated with your entity registration in the System for Award Management (SAM) made within the past year. Please log into SAM and confirm this change. Incorrect bank information in SAM could result in misdirected payments for Federal awards.
As a precaution, you must review your entity registration thoroughly and update any information
It goes on to provide instruction on what to do to check to see if your account was breached.
The background is that the General Services Administration found a third-party changed the financial information of “a limited number” of contractors registered on the government-wide System for Award Management (SAM.gov) portal. GSA began notifying vendors on March 22.
This change means that payments intended for the registered vendor could have been re-routed to the criminal’s bank account. In fact, this type of event happened a few years ago. A person by the did this to a vendor and redirected more than $1.5 million to his account. Fortunately, the crime was detected before the defendant could transfer the money out of his account to some offshore account, and the transfer was reversed.
GSA’s Inspector General is investigating this latest fraud. It is likely that GSA will be changing security protocols once it fully understands how this occurred in the first place.
If you received this email from SAM.gov, be sure to follow their listed instructions.
A course for GSA Contract Administrators
Don't wander aimlessly. Learn how to take control of your new contract.