Strengthen America Strengthen America A 21st-Century Compact

§ Legislative Act Physical

Congressional Analytical Services Modernization

Current Status

  • Existing Law: 31 U.S.C. § 702 (GAO), 2 U.S.C. § 601 (CBO), 2 U.S.C. § 166 (CRS). Legislative Reorganization Act of 1970

  • Current Authority: Each agency operates under separate congressional oversight with independent technology procurement and workforce management

  • Existing Limitations: No unified technology standards across agencies. No independent technical oversight body. No statutory productivity benchmarks. No mechanism for cross-agency data sharing or platform consolidation

Problem

  • Specific Harm: Congressional support agencies produce 5,650 analytical products annually at $155,752 per product—approximately 40% above comparable international parliamentary research services.¹ Government IT projects historically average 45% cost overruns with only 0.5% meeting all targets for time, budget, and benefits.² Without independent technical oversight, the proposed $195M investment faces substantial failure risk.

  • Who is Affected: 535 Members of Congress and their staffs relying on timely, accurate analytical support for legislative decisions affecting 330M Americans

  • Gaps in Current Law: No statutory requirement for technology modernization coordination. No independent body to halt failing projects. No standardized APIs for federal data access. No performance-based vendor accountability framework

  • Accountability Failures: Each agency self-assesses technology project success with no binding external review authority. Historical pattern: agencies report "successful completion" while users experience degraded service. No mechanism exists to prevent the classic government IT failure mode of continued spending on underperforming systems.

Proposed Reform

  • Primary Policy Change: Establish unified Congressional Analytical Technology Infrastructure with mandatory independent oversight, binding performance gates, and automatic project termination triggers

  • New Requirements: (1) Creation of GAO Information Technology and Cybersecurity (ITC) team with authority to halt expenditures, composed of two members appointed by the Speaker of the House, two by the Senate Majority Leader, one appointed jointly by minority leadership, the GAO CIO ex officio non-voting, and two external technology experts with no current government contracts appointed by the Comptroller General for staggered four-year terms. (2) Standardized Federal Data Bridge API access for all three agencies conforming to OMB M-23-22³ with OAuth 2.0 authentication, NIST SP 800-63B role-based access controls,4 FedRAMP High baseline audit logging, and TLS 1.3 minimum encryption. (3) Quarterly productivity metrics with public reporting on Congress.gov measuring analytical products per FTE, average request-to-delivery time, cost per product, and Member satisfaction. (4) Performance-based vendor contracts with liquidated damages including 15% performance bonds, 2% monthly liquidated damages for delays exceeding 30 days, clawback provisions for functionality shortfalls, prohibition on cost-plus pricing, and source code escrow. (5) Phased appropriation structure: Phase I—$65M for assessment, vendor selection, and pilot. Phase II—$85M available only upon GAO ITC certification of 80% milestone achievement within 110% of budget. Phase III—$45M for workforce enhancement and contingency. (6) Congressional Analytical Technology Pay Scale providing compensation up to 130% of General Schedule equivalents for data scientists, ML engineers, cybersecurity specialists, and cloud architects. (7) Cross-agency collaboration platform with shared access to non-classified work products, coordinated scheduling, and pooled expertise

  • New Prohibitions: (1) No continued funding beyond Phase I without GAO ITC certification of milestone achievement. (2) No sole-source technology contracts exceeding $5M. (3) No agency self-assessment as basis for continued appropriation. (4) No obligation of Phase II or III funds absent written GAO ITC certification filed with Appropriations Committees

  • Enforcement: GAO ITC binding authority over expenditure continuation with decisions final and not subject to agency appeal. GAO audit of GAO ITC decisions by separate audit team with no modernization involvement. Automatic appropriation rescission upon cumulative cost overruns exceeding 125% of authorized phase budget or productivity improvement below 50% of targets. Rescission notice filed within 14 days. Congressional override available by two-thirds vote of both Appropriations Committees via concurrent resolution with specific findings. Whistleblower protections under 5 U.S.C. § 2302(b)(8)5 for employees reporting waste, fraud, or abuse with direct Office of Special Counsel access

Definitions

  • "Analytical Product": A completed report, cost estimate, legal analysis, research memorandum, or testimony prepared by GAO, CBO, or CRS in response to a congressional request or pursuant to statutory mandate, excluding routine correspondence and administrative documents.

  • "Federal Data Bridge API": A standardized application programming interface conforming to Federal API Standards (OMB M-23-22)³ enabling authenticated, audited access to federal datasets with encryption in transit (TLS 1.3 minimum) and granular access controls.

  • "Productivity Improvement": The percentage increase in analytical products completed per full-time equivalent employee, measured against the baseline established within 90 days of enactment, adjusted for product complexity using a standardized weighting methodology approved by GAO ITC.

  • "Performance Gate": A predetermined milestone requiring GAO ITC certification before subsequent appropriation tranche becomes available for obligation.

  • "Material Deviation": A variance of 20% or greater from planned schedule, budget, or functionality targets as specified in the approved project plan filed with GAO ITC.

What Changes

  • Before: Three congressional support agencies operate separate technology infrastructure with no unified oversight, no binding performance requirements, and no mechanism to halt failing projects. Agencies self-report success metrics. Government IT projects historically fail at 99.5% rate for meeting all targets.²

  • After: Unified technology platform with standardized API access, independent oversight board with binding halt authority, phased appropriations requiring certified milestone completion, automatic rescission for cost overruns or productivity shortfalls, and vendor accountability through performance bonds and liquidated damages. Citizens and Congress gain assurance that $195M investment cannot proceed without demonstrated results at each phase.

ROI

Costs:

Item 10-Year
Technology Infrastructure $75,000,000
Process Automation $40,000,000
Workforce Enhancement $35,000,000
Risk Contingency $45,000,000
Operating Costs (annual) $325,000,000
Total $520,000,000

Savings:

Item Gross Capture Net
Additional Analytical Products $1,320,000,000 85% $1,122,000,000
Avoided Personnel Costs $1,210,000,000 75% $907,500,000
Total $2,530,000,000 80% $2,029,500,000

Societal Benefits:

Benefit Annual NPV (3%) NPV (7%)
Enhanced Legislative Decision-Making $50,000,000 $429,000,000 $350,000,000
Reduced Administrative Burden $25,000,000 $214,000,000 $175,000,000
Improved Government Efficiency $75,000,000 $643,000,000 $525,000,000
Total $150,000,000 $1,286,000,000 $1,050,000,000

Summary:

Category 10-Year Notes
Total Investment $520,000,000 Includes contingency and operating costs
Direct Savings $2,029,500,000 Risk-adjusted for 45% historical overrun rate
Societal Benefits $1,286,000,000 NPV at 3% discount rate
Net Benefit $2,795,500,000 Conservative 15% productivity target

References

  1. UK Parliamentary Office of Science and Technology modernization review (2019); European Parliamentary Research Service capacity study (2021)
  2. Standish Group CHAOS Report (2020) documenting 0.5% government IT project success rate
  3. OMB M-23-22 (Federal API Standards)
  4. NIST SP 800-63B (Digital Identity Guidelines)
  5. 5 U.S.C. § 2302(b)(8) (Whistleblower Protections)
  6. 31 U.S.C. § 702 (GAO authority)
  7. 2 U.S.C. § 601 (CBO establishment)
  8. 2 U.S.C. § 166 (CRS mandate)
  9. Legislative Reorganization Act of 1970, Pub. L. 91-510
  10. GAO-21-524 (Federal IT modernization challenges)
  11. Estonia X-Road interoperability platform
  12. UK Government Digital Service standards
  13. Australian Parliamentary Service technology modernization (2018-2022)
  14. Bowsher v. Synar, 478 U.S. 714 (1986) (congressional control over legislative branch officers)
  15. INS v. Chadha, 462 U.S. 919 (1983) (legislative veto limitations informing override mechanism design)

Change Log

  • Section 2(b) Added—GAO Information Technology and Cybersecurity (ITC) team: Created entirely new oversight body with binding halt authority. The original proposal mentioned an "independent oversight board" in passing under "Critical Success Factors" but gave it no statutory basis, composition, or enforcement power. This is the classic "fox guarding the henhouse" problem—agencies cannot self-certify their own project success. GAO ITC provides independent review with real teeth: binding authority to stop expenditures, not merely advisory recommendations agencies can ignore.

  • Section 2(c) Added—Phased Appropriation with Performance Gates: Replaced lump-sum $195M authorization with three-tranche structure requiring GAO ITC certification between phases. Historical evidence shows 99.5% of government IT projects fail to meet all targets. The original proposal's "contingency funding" approach assumes problems will be solved by throwing more money at them. Phase gates create accountability checkpoints that prevent the typical failure mode of continued spending on doomed projects. If Phase I fails, $130M remains unspent.

  • Section 2(a) Modified—Federal Data Bridge API Specification: Replaced vague "unified data platform consolidating federal datasets" with specific technical requirements including OAuth 2.0, NIST SP 800-63B, FedRAMP High baseline, and named source agencies. Federal Scale & Modernization criterion requires technical precision. "Data platform" means nothing in a contract. Specific API standards, authentication protocols, and compliance frameworks create enforceable requirements and prevent vendor lock-in.

  • Section 2(e) Added—Vendor Accountability Requirements: Created binding contractor obligations including performance bonds, liquidated damages, and source code escrow. Original proposal mentioned "performance-based contracts" without specifying enforcement mechanisms. Government IT contracts routinely lack meaningful penalties for failure. Liquidated damages of 2% per month and 15% performance bonds align contractor incentives with project success. Source code escrow prevents the common failure mode where government cannot transition away from underperforming vendors.

  • Section 3(b) Added—Automatic Rescission Trigger: Created mandatory funding termination at 125% cost overrun or 50% productivity shortfall. The original proposal's 45% contingency buffer incentivizes cost overruns—vendors and agencies know extra money is available. Automatic rescission at 125% creates a hard ceiling. The 50% productivity threshold ensures partial success cannot be rebranded as mission accomplished.

  • Section 3(c) Added—GAO Audit of ICTB: Required separate GAO team to audit the oversight body itself. Accountability Structure criterion—who watches the watchmen? GAO ITC has significant power. Without external review, it could become captured or ineffective. GAO audit using staff uninvolved in modernization activities creates independence.

  • Section 2(d) Modified—Reporting Requirements: Changed internal agency metrics to mandatory public reporting on Congress.gov with quarterly cadence. Estonia's X-Road and UK GDS succeed partly through radical transparency. Public metrics create accountability beyond formal oversight. Members and staff become additional monitors when they can see whether promised productivity improvements materialize.

  • Oversight Body Consolidation (December 2025): Consolidated ICTB (Independent Congressional Technology Board) into GAO Information Technology and Cybersecurity (ITC) team per Federal Oversight Consolidation Act. Consolidating 35 oversight bodies into 4 empowered entities reduces bureaucratic fragmentation while maintaining binding accountability.

  • 2025-12-07 - Legislative Language Removal: Merged unique provisions into Proposed Reform. Deleted Legislative Language section.

  • 2025-12-07 - Inline Citations: Added superscript citations. Standardized References section.

  • 2025-12-07 - Template Standardization: Reformatted to match standard template structure, converted ROI to required table format, separated semicolon chains into complete sentences for improved readability, standardized spacing throughout document.

  • 2025-12-11 - Zero New Bodies Architecture: Updated oversight entity references per Federal Oversight Consolidation Act. Replaced proposed GAO divisions with existing infrastructure (GAO teams, DOJ OIG). No new bureaucratic entities created.