I’ve spent more than 20 years working with government contractors, helping them implement systems, fix problems, and figure out why things don’t add up the way they should.
And if there’s one thing I’ve learned, it’s this: Most compliance issues don’t start with bad intent.
They start with systems that don’t enforce the rules. At first, it’s subtle. A manual adjustment here. A spreadsheet workaround there. Something gets fixed quickly so the business can keep moving.
Then it happens again. And again.
Before long, those small corrections turn into something much harder to explain. By the time an audit comes around, you’re not looking at a small issue anymore—you’re trying to unwind a pattern that’s been building for months, sometimes years.
That’s why I’ve stopped thinking about compliance as something you prove at the end.
I think about it as something your system either enforces—or quietly ignores—every single day.
When the system wouldn’t compromise
Early in my career at Deltek, I was working with a customer who was implementing Deltek Costpoint. They were migrating off a legacy system and running into a serious issue: their billing numbers didn’t match what they had been submitting all year.
We sat in a room with their leadership team trying to reconcile it. From their perspective, the requirement was simple—get the new system to calculate billing the same way their old system had. That’s what they had been reporting, and they needed continuity.
But no matter what we did, Costpoint wouldn’t produce the same results. At the time, it felt like the system was THE problem. The pressure in that room was intense, especially from the founder, who was frustrated and looking for answers fast. We assumed we were missing something.
What took longer to fully register was that Costpoint wasn’t malfunctioning. It was recalculating billing across the entire contract—not just the latest invoice, but everything that led up to it. And in doing so, it was surfacing inconsistencies that the legacy system had allowed for months. A few days later, everything came into focus.
The company was indicted for defrauding the government. Their offices were shut down. The audit they were under wasn’t routine—it was part of a much larger investigation. And suddenly, the issue we couldn’t “fix” made perfect sense.
Looking back, that moment made something clear that I’ve seen many times since. Costpoint wasn’t just processing transactions. It was enforcing contract requirements and validating that what was billed aligned with what was allowed. And in that moment, it did exactly what it was designed to do.
“Costpoint wasn’t wrong—it just wouldn’t let us force the wrong answer.”
Why compliance and security are built into the system
In government contracting, you’re not just tracking numbers; you’re operating against strict contract rules, funding limits, and regulatory requirements. That’s where system design matters.
Deltek is built to enforce those constraints from the start, so that transactions aren’t just recorded, they’re validated against what’s actually allowed.
That means when something doesn’t line up, the system won’t quietly accommodate it, even if there’s pressure to make the numbers work. It forces a reconciliation back to the contract, back to the underlying data, and ultimately, back to reality.
That’s what control really looks like in practice—not something layered on after the fact, but something built directly into how the system operates. That’s the difference between a system that documents activity and one that defends it.
Not every failure looks like fraud
Now, not every situation looks like that. In fact, most don’t. But over the years, I’ve seen variations of the same pattern play out in much quieter and more common ways.
I’ve worked with organizations that found themselves facing serious consequences, not because they set out to do anything wrong, but because their systems didn’t have the controls to catch problems early.
In one well-known case, a large government contractor faced a significant financial settlement tied to billing issues. The individuals managing the system weren’t intentionally violating rules. The system simply allowed inconsistencies to go undetected for too long—that’s the part that often gets overlooked.
Compliance failures don’t require bad actors. They require gaps—gaps in how transactions are validated, how adjustments are tracked, and how closely the system enforces the actual terms of a contract. Once those gaps exist, they don’t stay contained. They quietly compound until they show up somewhere that can’t be ignored.
And systems that don’t enforce rules consistently aren’t neutral. They’re allowing risk to build, whether you see it yet or not.
“You don’t need bad actors for things to go wrong. You just need gaps.”
When system design becomes a competitive advantage
This is where Deltek stands apart. It’s not just about features or functionality. It’s about how the system behaves when things get complicated. When there’s pressure, when timelines are tight, and when it would be easier to make an exception and move on.
In many systems, validation happens after the fact—through reconciliation, reporting, or audit. Deltek is different. If something doesn’t align, the system doesn’t quietly accept it. It forces you to address it.
That’s not just about having more controls; it’s about when and how those controls are applied. In many systems, validation happens later, through reporting or reconciliation. In Costpoint, it happens as the transaction is created. That difference changes everything.
Instead of relying on teams to catch issues after the fact, the system is designed to prevent them from taking hold in the first place. That same philosophy carries across the Deltek platform — one governed system, consistent rules, no workarounds required.
“The moment you step outside the system to fix something, you’re also stepping outside of control.”
The hidden risk of “flexibility”
I understand why flexibility is appealing. In many legacy or on-prem environments, it’s possible to make changes behind the scenes—whether that’s a quick database update, a script, or a workaround that keeps things moving without disrupting operations.
In the moment, it can feel efficient. It solves the immediate problem. But those kinds of changes introduce something much harder to manage over time: uncertainty. They bypass the safeguards built into the application. They weaken the audit trail, and they make it increasingly difficult to trace how the numbers actually evolved.
Over time, that flexibility creates distance between what the system shows and what actually happened. Deltek solutions are deliberately designed to close that gap. Changes happen inside the application, tied to contract requirements, with a complete and defensible audit trail.
“Control isn’t about making changes easier. It’s about making them defensible.”
When control actually makes things easier
There’s a common belief that stronger controls slow the business down. In practice, I’ve seen the opposite. When your system enforces correctness from the start, everything downstream becomes simpler. Billing moves faster because there’s less rework. Reporting becomes more reliable because the data is already aligned. Audits become far less disruptive because the history is clear and complete.
Instead of constantly reconciling and explaining inconsistencies, teams can focus on running the business. That’s where Deltek’s approach delivers the most value—not just by helping organizations meet compliance requirements, but by reducing the ongoing burden of maintaining them.
A different way to think about trust
After two decades in this space, this is what I tell customers: If your system is easy to work around, it’s probably allowing you to carry risk you can’t yet see. If it forces you to get things right up front, it’s doing exactly what it’s supposed to do—even if it feels harder in the moment.
Because over time, that discipline creates something far more valuable than flexibility: Confidence.
Confidence in your numbers. Confidence in your processes. Confidence in how your business will hold up under scrutiny. And in government contracting, the goal isn’t just to pass an audit. It's to operate every day in a way that makes the audit a formality. That’s what intelligent platforms like Deltek are built to deliver.
