Threat Tec, LLC

Abstract - Sara Crabtree, Senior Director of Contracts and Pricing at Threat Tec, LLC, will be speaking at ACI’s DCAA Conference, offering expert insights into the evolving compliance landscape for defense contractors. With extensive industry experience, she will explore key challenges in cost and pricing, heightened audit scrutiny, and the growing need for proactive, data-driven strategies to ensure compliance and sustain long-term competitiveness.

1. With the latest updates under the National Defense Authorization Act (NDAA) and evolving executive directives, how would you describe the shifting compliance landscape for defense contractors today?

The compliance landscape for defense contractors is evolving at a pace and scale that demands constant vigilance. Today, more than ever, contractors must be diligent, not only in keeping up with changing statutory and regulatory requirements, but in maintaining a deep, working understanding of how their own organization operates day to day. What was once a flexible, relationship driven process is now increasingly automated, standardized, and system driven. Contractors are reporting more frequently into government systems rather than engaging with individual contracting officers or compliance personnel, which leaves less opportunity to explain context, intent or mitigating circumstances when issues arise. The margin for error in compliance is shrinking and the burden is shifting toward proactive, evidence-based compliance.

2. From your perspective, what are the most pressing cost and pricing challenges currently impacting the defense industrial base?

From my perspective, one of the most pressing cost and pricing challenges facing the defense industrial base today is the persistent expectation from customers to get more for less – greater capability, faster delivery, and higher compliance standards, all under tighter budgets. In response, many contractors are pricing aggressively to stay competitive, often to the point of undercutting their own long-term sustainability. There is a common belief that losses or razor-thin margins on one contract can be offset on future work; in reality, this strategy rarely works. Instead, it creates a cycle where companies are continually chasing volume over value, eroding their financial stability in the process and a weakening of the entire community as customers expect the next contractor to be just as low in price as the incumbent.

3. Audit scrutiny continues to intensify. How have you seen the approach of the Defense Contract Audit Agency evolve, particularly around incurred cost submissions and forward pricing rates?

Audit scrutiny has definitely become more analytical and comparative than it used to be. We’re seeing DCAA move beyond simply assessing whether a given cost is allowable or reasonable in isolation – they’re now consistently comparing data across time and assumptions. That includes year-over-year incurred cost submissions, provisional billing rates versus final settled rates and even how forward pricing proposals align with historical trends. In practice, it is no longer sufficient to justify what your costs are today. Contractors are increasingly expected to explain why costs have changed from prior periods, what’s driving the variance, whether those drivers are structural or one-time, and how those same factors might influence costs going forward. DCAA is connecting the dots across submissions, looking for consistency between historical actuals and forward-looking estimates.

4. As regulatory complexity grows, how should companies rethink their cost accounting structures to remain both compliant and competitive?

As regulatory complexity grows, companies need to move away from static, compliance-only cost accounting models and toward more dynamic, integrated structures that support both audit readiness and strategic decision-making. Disconnected processes or siloed data make it much harder to explain variances and defend positions under scrutiny. It is not enough to know what the costs are – companies need to understand the driver behind that cost at a deeper level so they can explain the why behind changing costs. A well-structured chart of accounts, consistent allocation methodologies, and clearly documented assumptions all become critical. Finally, companies need to think in terms of audit resilience, not just audit compliance. This means building processes that can withstand iterative questioning and comparative analysis, where every number has context, every variance has a rationale, and every projection has a defensible basis.

5. How can organizations strike the right balance between competitive pricing and strict compliance requirements, especially in high-value defense contracts?

Companies need to view competitive pricing and compliance as interdependent of each other, not opposing. Credible pricing is competitive pricing in today’s environment. With
DCAA and contracting officials doing more comparative analysis, aggressive pricing that isn’t supported will become a liability. Winning bids must be defensible where every element of the price estimate ties back to historical or projected data with clear explanations for deviations. Additionally, companies need to focus on understanding and managing their cost drivers, not just on reducing costs. The more insight you have into what’s driving your indirect rates, labor mix, and program execution costs, the more flexibility you have to price strategically without introducing compliance risk. Strong cost accounting structures and real-time visibility really do pay off here – you can make informed trade-offs instead of blunt cuts. Lastly, build pricing strategies that anticipate audit questions upfront – validate the assumptions, document your rationale and ensure consistency across the submission.

6. In your experience, what are the most common compliance gaps that still persist across organizations, despite increased awareness?

One of the most persistent compliance gaps I see isn’t a lack of awareness, it is a lack of alignment. Organizations often have very capable teams in finance, pricing, contracts and program management – but those groups don’t always operate with a shared understanding of how their decisions intersect. In practice, that shows up when one department makes a decision such as a change in labor mix or pricing assumptions, without fully understanding how it will impact another area, such as incurred cost submissions or forward pricing rates. By the time those impacts are noticed, they can create inconsistencies that are difficult to reconcile under audit. Companies that struggle tend to operate in silos, while those that perform well under audit have strong cross-functional coordination, shared data, and a clear understanding of how decisions in one area ripple across the entire compliance and pricing lifecycle.

7. What strategies would you recommend for strengthening internal controls and ensuring audit readiness across multiple business functions?

Strengthening internal controls and achieving true audit readiness across multiple business functions comes down to cross-functional alignment and continuous monitoring. Internal controls are only as strong as the connections between finance, pricing, contracts and program management. Establishing regular touchpoints, shared assumptions, and common data sources helps ensure that decisions made in one area don’t unintentionally create compliance issues in another. Audit readiness improves significantly when everyone is operating from the same playbook. In addition, waiting until year-end or an audit request to validate data is no longer sufficient. Companies need to regularly reconcile provisional to actual rates, track variances, and address discrepancies in real time so there are no surprises later. Adopt an audit ready mindset year-round so audit readiness does not become a scramble or something to be feared.

8. Cross-functional alignment is often easier said than done. How can finance, legal, and procurement teams better collaborate to create a unified compliance framework?

Cross-functional alignment across teams is easier said than done but with a shared compliance framework defined by common principles (allowability, allocability, reasonableness and documented standards), each department understands how their role supports those outcomes and the other departments. Companies need to implement structured communication methods, not ad hoc coordination. Regular cross-functional reviews, especially around rate development, major procurements and proposal assumptions, create a forum to discuss impacts early on. Lastly, a cultural shift might be needed to move from thinking in terms of their individual functional support to a greater enterprise impact. Organizations that train their teams to understand not just their own responsibilities, but how their decisions ripple across the full lifecycle – from procurement to pricing to incurred cost submissions to audit – will see alignment happening with the understanding that compliance is a team sport, not an individual responsibility.

9. Digital transformation is reshaping many industries. How are automation and data-driven tools influencing cost management and audit preparedness in defense organizations?

Digital transformation is definitely improving audit preparedness and cost management, but it’s also introducing a new kind of risk that organizations don’t always recognize.

Automation and data-driven tools are making it much easier to aggregate data, generate reports, and respond quickly to audit requests. Companies can produce numbers faster, reconcile large datasets more efficiently, and identify variances with less manual effort. However, the challenge is that preparedness is increasingly being driven by systems rather than understanding. In some cases, organizations rely so heavily on automated outputs that they’re not fully aware of how the data is being structured, transformed, or even whether it’s entirely accurate. The underlying logic, assumptions, and data mapping can become a black hole. When agencies such as DCAA are performing deeper comparative analysis, it’s not enough to provide the data; you must explain it. If a contractor can’t clearly articulate how a number was built, why it changed, or how it ties across systems and time periods, automation quickly loses its advantage.

10. Looking ahead, which regulatory or policy shifts do you believe will have the greatest impact on cost, pricing, and compliance strategies?

Looking ahead, one of the most significant shifts will likely come from the increased use of AI in cost estimating, proposal development, and pricing strategies, and the government’s response to it. As more contractors begin leveraging AI to generate proposals, analyze historical data, and build forward pricing models, it’s only natural that regulators will take a closer look at how those tools are being used. We can expect increased scrutiny around transparency, traceability, and accountability, particularly when it comes to how AI-generated outputs are developed and validated. From a compliance standpoint, this introduces a new layer of complexity. It won’t be enough to say that a pricing model or narrative was generated using advanced tools; contractors will need to demonstrate how the AI arrived at its conclusions, what data it relied on, and whether those outputs are consistent with regulatory requirements and historical experience. In many ways, this mirrors what we’re already seeing with broader audit trends - more emphasis on understanding not just the what, but the why behind the numbers. AI will accelerate that dynamic. As a result, organizations should anticipate future policies that require greater governance over AI usage, including documentation standards, validation processes, and possibly even restrictions on how AI can be applied in certain aspects of cost and pricing.

11. Finally, what key best practices would you share with organizations aiming to stay resilient, compliant, and audit-ready in this rapidly evolving landscape?

To stay resilient, compliant, and audit-ready in today’s environment, organizations need to move beyond reactive compliance and build systems and behaviors that hold up under continuous scrutiny. Companies need to prioritize cross-functional integration – break down the silos between finance, pricing, legal, procurement, contracts, and program operational teams. Decisions in one area will impact another, so regular coordination, shared assumptions, and common data sources are critical to avoiding inconsistencies that auditors will identify. Second, understand data transparency, not just automation. Automation can improve speed and efficiency, but it can’t replace understanding. Organizations need clear visibility into how data is generated, transformed, and reported. Teams should be able to trace any number back to its source and confidently explain it. Finally, continuously validate, don’t wait for an audit. Keep an audit-ready mindset and regularly reconcile rates, analyze variances, and pressure-test assumptions throughout the year so there are no surprises when it is time for that next audit.