import { ProsConsCard, InfoBox } from '@/components/mdx'

SAM.gov and USASpending: Federal Contractor Network Intelligence

Federal contracting data sits largely untapped in public-sector OSINT. For analysts digging into government vendors, sanctions evasion, procurement fraud, or corporate due diligence, SAM.gov and USASpending are key.

SAM.gov shows how an entity presents itself to the US government, entity name, DUNS number, registration status.

USASpending tracks the money, award data from FPDS. You see who gets paid, how much, and for what. Unusual payment patterns stick out.

The workflow starts on SAM.gov. You get the identity, registration status, and declared attributes. Then, you move to USASpending. You reconstruct relationships, contract history, and spending patterns. That's your OSINT path.

<ProsConsCard pros={[ "Authoritative US government sourcing for entity registration and award history", "Strong value for link analysis, ownership screening, and fraud pattern detection", "Free access with APIs and bulk downloads for automation" ]} cons={[ "Data quality varies across agencies, contractors, and time periods", "Not all real-world ownership links are explicitly disclosed in federal records", "Subcontract visibility is narrower than prime award visibility" ]} />

1. Why Federal Contracting Data Matters for OSINT

SAM.gov and USASpending together reveal who gets paid by the US government, for what, and through which corporate structures. Federal procurement touches defense, cyber, telecommunications, infrastructure, logistics, health, and research. Public money leaves a trail.

These sources offer broad intelligence value. Identify foreign-owned entities in sensitive contracts. Detect small business fraud where self-certifications don't match reality. Uncover undisclosed corporate relationships between vendors. Map shell company networks sharing addresses, officers, or identifiers. Inconsistencies often surface, justifying deeper review.

Investigative reporters use these sources to trace political influence and public spending. Corporate due diligence teams assess vendor legitimacy and hidden affiliates. Government auditors test compliance claims. Threat intelligence analysts understand supply-chain exposure, government-linked vendors, and ecosystems around strategic contracts.

Federal procurement records are especially useful because they combine legal identity data with money flow data. That is rare in open-source research.

2. SAM.gov Entity Registration Intelligence

SAM.gov Entity Records

SAM.gov registers federal entities. The real value for OSINT lies in the registration details.

A typical SAM record exposes: Legal business name, physical and mailing addresses, CAGE code, DUNS history, UEI, points of contact, business type, exclusion status.

You may also find: Principal office details, ownership structure, socioeconomic claims, such as small disadvantaged business or woman-owned.

Searching SAM.gov

Start with stable identifiers. Entity name works, but exact matches matter. UEI is best if you have it. Address searching helps with co-located companies or mailbox patterns. NAICS code narrows by industry.

Exclusions Search

Excluded entities are barred or restricted from federal contracting, a fraud or misconduct signal. Exclusions don't always mean conviction, but the government found a serious issue. If a related entity remains active while another is excluded, that's a lead.

Analyzing Entity Records

Check ownership type and socioeconomic status. These raise risk questions. A contractor claiming small business status with inconsistent attributes deserves scrutiny. Recurring points of contact, shared email domains, or common phone numbers suggest hidden control.

3. FPDS-NG: Federal Procurement Data System

FPDS-NG is the federal awards database. USASpending pulls contract data from FPDS, so FPDS data shows up in USASpending.

To search FPDS, use Recipient name, Agency, NAICS, PSC code, and award amount range. This helps you find who gets awards. Agencies show department spending. NAICS and PSC codes reveal goods and services bought. Award amounts filter out small vendors.

If a contractor wins the same awards repeatedly, that could indicate specialization or overreliance and weak competition, which can be a relationship.

You can extract historical awards and build timelines by year, agency, and contract type. This helps you see when contractors grew fast, which agencies paid them, and if they switched to sensitive work. Sudden growth happens, and it may or may not be legit.

When analyzing networks, check neighboring awardees, such as those in the same niche, with the same address, or from the same procurement office. Anomalies show up in context.

4. USASpending Bulk Data for Programmatic Analysis

USASpending becomes more powerful when treated as a data source, not just a web interface. Use the bulk download portal and API outputs programmatically.

The bulk award datasets allow analysis of entire populations, not just individual cases. This enables detection of patterns across thousands of vendors, such as address reuse, shared IDs, procurement outliers. Key fields for OSINT are recipient_name, recipient_uei, award_amount, awarding_agency, place_of_performance.

Other fields to consider are recipient location, award mods, assistance vs contract type, parent-recipient fields.

A strong workflow involves joining SAM and USASpending data on UEI, or on entity name and address. This helps identify shared-address entities, subsidiary networks. Vendors at the same address may claim different specialties, receive awards from related offices.

Repeated patterns don't prove abuse, but they justify further investigation.

Look for anomalies that scale. Zero-dollar mods are usually admin actions; repeated use may need review.

Undisclosed parents emerge when vendors share officers or addresses with larger groups. PO box addresses on big awards are a flag, especially with sensitive work or vague service descriptions.

Data prep is crucial. Clean addresses, normalize entity names; agency names change. Dirty data means noisy link analysis, more false positives.

5. Worked Example: Mapping a Subcontractor Network

Practical Investigation of Prime Contractors and Subcontractors

A practical investigation typically starts with a known prime contractor. Look up its UEI and legal name in SAM.gov and confirm its address, points of contact, ownership type, and business categories.

Obtain the prime's award history from USASpending, focusing on contracts in the target program or agency. Review subaward data to identify subcontractors, places of performance, and vendor relationships, including subcontractors and their relationships.

Check for undisclosed corporate relationships by comparing UEIs, addresses, phone numbers, and contacts across the prime and subcontractors. Similarities, such as shared suite numbers or similar legal names, may suggest common control.

Supplement your data with external sources. Cross-reference SAM data with OpenCorporates and state business registries to identify directors, parent companies, and offshore links. A subcontractor on a federal program may be tied to an overseas parent or a sanctions-adjacent business, OpenCorporates and state business registries.

Exercise restraint when evaluating the data. Shared addresses do not necessarily indicate fraud, and foreign ownership does not necessarily imply malign intent. Combine indicators with contract sensitivity, exclusion records, or unusual award patterns.

The frontmatter and any additional elements such as tables, code blocks, inline code, links, and MDX comment blocks remain unchanged.

6. Tools and Automation

USASpending and SAM.gov APIs for OSINT

USASpending offers a free API that handles complex queries across awards, recipients, and agencies. The API allows for filtering results, making it suitable for repeatable screening and dashboard-style workflows. Analysts can build pipelines to pull all recipients in a category, rank them by award value, and flag those with suspicious address or ownership patterns.

SAM.gov provides API access, offering registration and exclusions data in JSON format. This data is useful for creating watchlists, and entity data can be refreshed periodically. The data can also be used for automated enrichment of federal contractor datasets. Exclusions data provides a direct government-generated risk signal for investigations involving fraud, including exclusions data.

The two APIs can be used together to provide more comprehensive data. Use SAM.gov for declared identity and status, and use USASpending for award history and scale. When combined with OpenCorporates and sanctions lists, you can test whether a federal contractor links to a broader corporate group, check for sanctioned jurisdiction exposure, and look for patterns of administrative red flags, such as SAM.gov exclusions and USASpending award history.

Threat teams often focus on vendors, but also need to consider infrastructure, access, and dependency. Federal contractors are part of broader supply chains, which can hide relationships that become operationally important.

Final Assessment

Using SAM.gov and USASpending Together

Researching federal contractors on SAM.gov has its limits. You get registration details, reps, and DUNS numbers. Nothing more.

USASpending, pulling from FPDS, shows the money, contracts awarded, dollars disbursed, and offers bulk downloads for data miners.

Combine identity records from SAM.gov with award histories from USASpending, add some external enrichment. Now you have a method for tracking contractor networks.

Journalists, auditors, and threat analysts use these platforms. They are free, authoritative, and flawed, and not much on their own. They are powerful together. SAM.gov provides identity records, USASpending provides award histories, external enrichment adds more information. The combination enables tracking contractor networks.