What Did GAO Find Wrong With Texas Detention Facility Contracts in 2026?

According to GAO, the Texas detention facility contract issue is an evidence problem as much as an operations problem. The reports show that DHS and ICE could not always prove what was required, what was inspected, what failed, and what was fixed. For federal contractors, that matters because FAR-based performance starts with a written requirement, then an inspection standard, then an acceptance record that can survive review. When those pieces are missing, agencies cannot defend the award, the continuation of work, or the use of taxpayer funds. The lesson extends beyond immigration detention: GSA contractors need audit-ready files, SBA participants need clean subcontracting records, and OMB-aligned controls need to be documented before they are tested. In 2026, the risk is bigger because oversight failures do not stay local. They become the template auditors use when Congress, GAO, DHS, or an inspector general asks whether larger expansion dollars should be approved.

Per FAR 46.401, agencies are supposed to match inspections to contract requirements, and GAO found that this is exactly where the Texas detention portfolio broke down. The contract files did not consistently show that facility inspections were tied to measurable requirements, that deficiencies were tracked to closure, or that correction timelines were enforced in a uniform way. GAO's 2025 follow-up sharpened the point: DHS still had not defined goals and measures strong enough to tell whether its inspection programs were actually effective. For contractors, this is the opposite of a paperwork formality. It is the difference between a file that proves performance and a file that invites protest, cure notice, or adverse past-performance review. Under OMB Circular A-123, internal controls must be documented and monitored; detention oversight showed why undocumented controls fail first when the program expands. The takeaway for firms supporting federal facilities, logistics, and security services is simple: if you cannot show the evidence, you cannot show compliance.

According to GAO's 2025 follow-up, DHS still had not defined goals and measures that would let leaders judge whether facility inspection programs were succeeding or failing. That matters because an inspection program without a metric becomes a checklist exercise rather than a control system. GAO's message is that inspections must answer concrete questions: How often are facilities reviewed? How severe are the findings? How quickly are deficiencies fixed? How many recur within 90 days? Those are the kinds of measures that give contracting officers, program managers, and oversight officials evidence they can use. For contractors, the same standard applies under GSA procurement discipline and SBA subcontracting oversight: if your reporting cannot show trend lines, closure rates, and recurring failures, your performance story is weak. The Texas facilities became a warning because the data gaps were not minor. They made it impossible to know whether the government was buying safer operations or simply buying more paper.

Under OMB M-25-21, agencies will increasingly expect documented governance for high-risk decisions, and the detention-file lesson is that governance without measurement is hollow. GAO's reports show that DHS lacked a consistent way to translate inspection results into management action, which left open the possibility that serious deficiencies could repeat across facilities and contracts. That is a contractor problem, too, because performance reviews usually follow the government's own control gaps. If a contractor gives the agency incomplete reports, late corrective actions, or vague evidence, the file will read as noncompliance even when field staff worked hard. DoD's CMMC framework makes the same point in cybersecurity: controls are only real when evidence proves they operate. Contractors supporting detention, corrections, security, or facilities should therefore treat every inspection, log entry, and remediation ticket as contract evidence, not internal admin. In 2026, expansion risk is real because larger programs magnify weak systems instead of fixing them.

According to GSA guidelines, contractors must assume that every operational record can become an audit exhibit, and the Texas detention contract warning proves it. The government is not just buying services; it is buying proof that services were delivered to a measurable standard. That is why small business partners in the SBA ecosystem should care as much as prime contractors. If a subcontractor closes defects late, skips evidence, or submits vague status reports, the prime's file gets weaker and the entire team absorbs the risk. FAR-based contracting does not reward good intentions; it rewards documented performance. When a program expands, undocumented practices get exposed faster because more sites, more staff, and more funding create more opportunities for inconsistency. In detention work, the consequence is obvious. In facilities, logistics, professional services, and cyber support, the same pattern shows up as CPARS pain, invoice disputes, option-year hesitation, and lower technical confidence during source selection.

According to GAO, the core issue is not whether individual employees did their jobs; it is whether the system proved they did. That distinction should shape how contractors write procedures in 2026. Build one source of truth for inspections, one workflow for corrective actions, and one management dashboard that shows due dates, repeat findings, and closure rates. If you are a DoD or DHS contractor, align those records with CMMC-style evidence discipline so the documentation is usable during both operational review and cybersecurity review. If you are a GSA Schedule holder, keep the file clean enough to survive a contract audit. If you are an SBA small business participant, make sure subcontracting records, personnel logs, and performance artifacts line up. GAO's detention-facility criticism is really a warning against scaling bad habits. Expansion money does not forgive weak controls; it multiplies them, and procurement teams notice that quickly when renewals, orders, and award decisions come up.