Skip to main content
FCA Qui Notes
January 29, 2024

A Penalty on Each of Thousands of Transactions: D.D.C. Drastically Increases FCA Damages and Penalties in GSA Schedule Case Despite Admitted Proof Problems

Qui Notes: Unlocking the False Claims Act

After previously holding that the government failed to prove damages or entitlement to penalties, a judge in the United States District Court for the District of Columbia (D.D.C.) radically changed positions and found a company liable for over US$16 million in damages and US$38 million in penalties for violations of the False Claims Act (FCA) in a case associated with a General Services Administration (GSA) schedule contract. United States ex rel. Morsell v. Gen Digital Inc., Civil Action No. 12-800, 2024 WL166015 (D.D.C. Jan. 16, 2024). The FCA violations were premised on the contractor’s failure to issue accurate commercial sales practice disclosures (CSPs) and comply with the GSA schedule contract’s price reduction clause (PRC). While nearly certain to be appealed, the decision’s application of damages despite no proof of government harm and statutory penalties on every transaction under a multi-year GSA schedule contract creates significant, unpredictable risk for contractors participating in GSA’s supposedly commercial marketplace.

GSA schedules act as “catalogs” of commercial products and services for government agencies, with pre-negotiated pricing and terms that enable quicker purchasing than traditional government contracting vehicles. GSA first awarded the schedule contract in question to Symantec Corporation (Symantec) in 2007. Like all schedule contracts at the time, it required Symantec to submit a CSP form, which discloses information about standard discounting policies, and a PRC, which requires notification should the contractor ever reduce a price that serves as a baseline for discounts given to government customers.

In January 2023, the court found that Symantec’s CSPs failed to disclose the frequency of non-published discounts, information about a points-reward discounting program, and other pertinent information about one of its rebate programs. United States ex rel. Morsell v. NortonLifeLock Inc., 651 F. Supp. 3d 95 (D.D.C. 2023). The court found that these undisclosed discounts and rebates triggered the PRC, yet Symantec did not report them to the government, and instead falsely certified that its CSP had not changed at least 18 times. The court determined that this series of events constituted multiple FCA violations, including that the incomplete CSP disclosure fraudulently induced the GSA to award the schedule contract to Symantec.

However, in January 2023 at least, the court found it impossible to tabulate damages or penalties. The court reasoned that it could not calculate with reasonable certainty the amount GSA would have paid but for the violations, concluding that “determining how much of a discount GSA would have received had the CSP disclosures been complete and accurate would amount to little more than pulling a number out of thin air.” Nonetheless, the court attempted to “estimate” damages, first by adopting 3% as “the rebate that GSA would have received if Symantec had provided truthful information about its rebate programs,” and then by applying that to a “ballpark estimate” of the baseline for rebate damages. Using this formula, the court concluded single damages totaled $356,316.72, rendering treble-damages US$1,068,950.16. Lastly, the court declined to impose penalties because it could not identify the precise “sales on which [GSA] should have received a discount” and thereby which sales were premised on false statements. As the court could identify 21 specific false statements, the court applied an $11,000 penalty to each, for a total of $231,000.

The United States moved to amend and supplement the findings under Federal Rules of Civil Procedure 52(b) and 59(a)(2). On January 16, the court granted the motion in part, agreeing that it erred in calculating the rebate damages and drastically increasing the penalties imposed.

First, the court found it erred in calculating the rebate damages by applying the 3% rebate against the amount of discount that the government would have received absent Symantec’s failure to disclose the rebates in the CSP. Agreeing with the United States’ argument that “a rebate is measured against a product’s sale price, not against the discounts it received,” the court found that the correct rebate damages would be 3% of what the “[g]overnment contends it should have paid in total.” As the court admittedly could not determine with reasonable certainty what the government should have paid had Symantec disclosed the discounts, it used the amount the government actually paid for the total sales under the schedule contract from 2007-2012. The court admitted that this calculation was overstated because the actual payment by the government was obviously greater than the hypothetical payment that included a rebate. However, the court stated that the overage was mitigated by the fact that the 3% rate was a “conservative” figure and that it was still declining to award discount damages. Despite these “mitigations,” the resulting treble damages totaled US$16,121,696.04.

Second, and even more concerningly, the court reversed its earlier conclusion that it could not determine the total number of false statements to which penalties should apply. Instead, the court now reasoned that, because the undisclosed rebates could have impacted the price of every sale Symantec made under its GSA schedule contract, every sale Symantec made under the contract was premised on a false statement. The court accepted the government’s assertion that there were 3,352 such transactions, to each of which the court applied an $11,000 penalty, for a total penalty amount of US$36,872,000.

The dramatic damages and penalty increases seem likely to be appealed. For starters, the court’s admission that it lacked any basis on which to calculate the baseline to apply the 3% rebate calls into question how the resulting figure could ever be calculated with the requisite reasonable certainty needed to support a damages award. Even more concerning, the finding that every transaction under a GSA schedule contract for a period of five plus years is premised on a false statement is a worst-case scenario for schedule contractors, which obtain GSA schedules precisely so they can enter into a large number of often small dollar value transactions with the government. The government has never denied it received the products or services it paid for, and under the CSPs Symantec provided, the government likely received the products or services at a fair, or at the very least not unreasonable, price. While CSP and PRC compliance has long been a thorn in GSA schedule contractors’ side, this decision risks making that thorn an atomic bomb, out of proportion to the pricing benefits the government seeks.

© Arnold & Porter Kaye Scholer LLP 2024 All Rights Reserved. This blog post is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.