Federal prime contractors operate under a clear obligation: verify that every subcontractor on the team is eligible to receive federal contract dollars. The Federal Acquisition Regulation requires it. Contracting officers expect it. Auditors check for it. And yet the practical question of how to screen a subcontractor — what databases to check, in what order, and with what level of geographic context — varies wildly across compliance programs. This guide walks through the public federal databases available for subcontractor screening, the manual workflow most teams use today, where that workflow falls short, and how geographic intelligence reports automate the gaps.
The three essential federal databases
Every federal contractor screening workflow starts with three free public databases. Each contains a different piece of the contractor-responsibility picture, and each has its own quirks for searching and interpreting the results.
SAM.gov — the System for Award Management
SAM.gov is the federal government's central registration database for entities doing business with the United States government. Every contractor and grant recipient must register here. Each registration includes the entity's legal name, Unique Entity Identifier (UEI), physical address, NAICS codes, business types, and registration status. SAM.gov is the authoritative source for whether an entity is currently active, expired, or has never registered. The public search interface at sam.gov supports lookups by entity name, UEI, and several other fields.
USAspending.gov — federal spending data
USAspending.gov is the official source for federal contract award data, operated by the Department of the Treasury. It contains every federal prime award, including the awarding agency, award amount, NAICS code, place of performance, and contracting officer information. For subcontractor screening, USAspending tells you what the entity has actually been awarded by the government — whether they have a real federal contracting track record or are a newly registered entity with no awards history.
SAM Exclusion List — the federal debarment database
The SAM Exclusion List (formerly the Excluded Parties List System, or EPLS) contains records of entities and individuals barred from receiving federal contracts. With 167,681 records spanning decades of enforcement actions, it is the most comprehensive debarment database in the world. Each record includes the entity name, UEI when available, the excluding agency, the action date, and the type of exclusion. The exclusion list is the single most important check in any subcontractor screening workflow.
The manual screening process
For most compliance teams, the typical subcontractor screening workflow looks something like this:
- Lookup the entity in SAM.gov by name or UEI to verify they have an active registration.
- Check the exclusion list separately to ensure the entity is not debarred or suspended.
- Search USAspending.gov to confirm the entity has a track record of federal awards.
- Document the findings in your contractor responsibility determination.
This process works for individual entity checks. Done carefully, it takes about 15 to 30 minutes per subcontractor. For a compliance team handling a few new vendors per quarter, manual screening is sustainable. For a team handling dozens or hundreds of subcontractors across multiple geographic markets, the workflow becomes a bottleneck.
What manual searches miss
The bigger limitation is not speed — it is geographic blindness. SAM.gov's public search interface lets you look up one entity at a time, but it does not let you efficiently search for all entities registered at the same address. That means a manual workflow can verify your specific subcontractor while remaining completely unaware that the same registered address hosts several other entities — some of which may be expired, some of which may be on the exclusion list, and some of which may share patterns worth understanding.
This gap matters because federal exclusion enforcement frequently produces clustered patterns. When the Defense Logistics Agency debars a metals supplier, there are often related entities at the same address or with similar names that warrant verification. Single-entity searches will not surface these connections. Geographic context surfaces them automatically.
Our analysis of 67,594 address clusters identified 129 clusters nationwide that contain at least one entity matching the federal exclusion list. The exclusion match rate is 0.19 percent — rare overall, but concentrated in the largest contracting markets. Virginia and California tie at the top with 19 exclusion-matched clusters each. Texas follows with 12, then Maryland and Florida at 10 each. For compliance teams operating in those jurisdictions, the geographic dimension is the difference between catching a relevant pattern and missing it entirely. Read more about entity co-location patterns.
Automating due diligence with geographic intelligence
State-level intelligence reports collapse the manual workflow into a fundamentally different shape. Instead of looking up each subcontractor individually and hoping you have the geographic context, you start with a pre-built dataset of every cluster in the state, every entity in every cluster, and every exclusion match cross-referenced against the federal debarment list.
The 60-second workflow looks like this:
- You receive a proposal from a potential subcontractor.
- You note their registered address from the SAM record.
- You open the state CSV in Excel and press Ctrl+F to search for the address.
- You instantly see every entity at that location, including SAM status, UEIs, and any exclusion matches.
- You document the findings in your contractor responsibility determination.
The screening question is the same. The answer is more complete. And the workflow takes less than a minute instead of 15 to 30 minutes per vendor. See a sample of the CSV format to understand exactly what you receive.
Geographic intelligence does not replace your responsibility determination process — it accelerates it. The questions you ask, the documentation you produce, and the ultimate award decision remain yours. The data simply gives you address-level context that manual SAM lookups cannot provide.
FAR requirements for subcontractor responsibility
The Federal Acquisition Regulation places specific obligations on prime contractors. While CDA does not provide legal advice or compliance interpretation, the following FAR sections are the most commonly cited reference points for subcontractor screening obligations:
- FAR 9.104-1 — General standards. Establishes the baseline standards of responsibility a prospective contractor must meet, including adequate financial resources, ability to comply with the proposed delivery schedule, and a satisfactory record of integrity and business ethics.
- FAR 9.104-4 — Subcontractor responsibility. Requires prime contractors to determine the responsibility of prospective subcontractors using the same general standards.
- FAR 9.405 — Effect of listing. Prohibits federal agencies from awarding contracts to entities listed on the exclusion list.
- FAR 52.209-6 — Protecting the government's interest. The contract clause requiring prime contractors to certify that they are not knowingly using subcontractors that are debarred, suspended, or proposed for debarment.
For specific legal interpretation of these requirements, consult qualified procurement counsel. The point of this article is operational: how do you actually do the screening that these requirements assume you will do? The answer is that the public databases provide the raw material, and geographic intelligence makes that raw material practical to query at scale.
Common pitfalls to avoid
A few patterns recur often enough in subcontractor screening to warrant explicit mention:
- Trusting the website over the SAM record. A subcontractor's website may show a polished corporate address that does not match the registered SAM address. Always use the SAM-registered address as the canonical input for screening — that is the address the federal government recognizes for procurement purposes.
- Skipping inactive entities. Some compliance programs filter out expired SAM registrations on the assumption that they are not relevant. But an expired registration co-located with active contractors can be a meaningful pattern, particularly when paired with an exclusion match. Treat expired entities as part of the geographic context, not as noise to be filtered out.
- Confusing UEI matches with name matches. A UEI exact match against the exclusion list is a high-confidence finding. A name match without a UEI match requires additional verification — common entity names produce false positives if you do not check city and other identifying details.
Documentation: what to keep and why
The screening workflow only matters if you can defend it later. Compliance teams that handle subcontractor responsibility determinations should keep three categories of documentation for every screening event:
- Inputs. The subcontractor name, UEI, registered address, and the date the screening was performed. These establish what was checked and when.
- Findings. The SAM registration status, any exclusion matches (positive or negative), the list of co-located entities at the registered address, and any anomalies noted during review. These establish what was discovered.
- Determination. A short written rationale explaining how the findings support the responsibility determination. This is the deliverable that ties everything together.
Geographic intelligence reports support all three. The CSV export gives you the raw inputs and findings in a format that can be archived directly. The PDF report provides the methodology and broader context that supports the determination. Some compliance programs simply screenshot the relevant CSV rows for each subcontractor and attach them to the responsibility determination file. Others maintain a parallel screening database that imports the CSV monthly and runs automated checks against it as new subcontractors come in.
The right approach depends on your team's workflow and the volume of screening you do. The point is that the documentation exists and can be produced if anyone ever asks "how did you verify this subcontractor?"
Where to start
If your compliance footprint is concentrated in one or two states, start with those state reports. Virginia, California, and Texas are the largest contracting markets and the most common starting points. If you operate across a region, the regional bundles offer 25 percent savings. Either way, the goal is the same: turn the geographic dimension of contractor due diligence into a routine workflow rather than a manual research project that consumes your compliance team's time.