Today, the Federal Acquisition Regulatory Council (“FAR Council”) released an Advance Notice of Proposed Rulemaking (the “ANPRM”) describing the agencies’ plan to implement Section 5949 of the National Defense Authorization Act (“NDAA”) for FY 23 (Pub. L. 117-263).

Section 5949 prohibits the Federal Government from procuring certain semiconductor parts, products, or services traceable to named Chinese companies and potentially other foreign countries of concern.  To that end, the ANPRM invites public comment on the proposed contents of an implementing FAR clause, to take effect December 23, 2027.

As discussed below, the FAR Council proposed applying the regulations broadly to all solicitations and contracts, including commercial item and commercially available off-the-shelf (“COTS”) contracts, subject only to a limited waiver.  Although not set out in the statute, the clause would require contractors to conduct a “reasonable inquiry” into their supply chain to detect potential violations.  It would also require both disclosure and the taking of corrective action in the event that nonconforming products or services are discovered. 

More details are below, and our previous coverage of Section 5949 is available here.

Potential Operation of the Rule

As an initial matter, the forthcoming FAR clause would require contractors to apply the twin prohibitions in Section 5949(a)(1).

In broad strokes, Section 5949(a)(1) restricts the procurement or use of “covered semiconductor products or services,” defined to include semiconductors and associated products designed, produced, or provided by Semiconductor Manufacturing International Corporation (SMIC); ChangXin Memory Technologies (CXMT) and Yangtze Memory Technologies Corp (YMTC), plus subsidiaries and affiliates.  In addition, the statute anticipates that additional covered semiconductor products or services controlled by or otherwise connected to the government of a “foreign country of concern” (i.e., Iran, Russia, China, and North Korea) could be added via internal government coordination and publication in the Federal Register.

This restriction has two prongs:

  • First, under Section 5949(a)(1)(A), the U.S. government may not directly procure or obtain any electronic parts, products, or services that include covered semiconductor products or services;
  • Second, under Section 5949(a)(1)(B), the U.S. government may not enter into a contract with an entity to procure or obtain electronic parts or products that use electronic products that include covered semiconductor products or services.  By way of example, the ANPRM explains that this prong could prohibit an agency from acquiring a replacement control panel within a critical system that enables an IoT device that includes a covered semiconductor product or service.  This prohibition does not apply to electronic products used in systems that are not “critical systems,” however.[1] 

The ANPRM did not provide any additional guidance on the definition of “critical systems” beyond what appeared in the statute, nor does it define the term “use” for purposes of the prohibition under 5949(a)(1)(B).  It does, however, contemplate adding certain new definitions, some ofwhich could be construed quite broadly in the context of Section 5949, such as affiliate, electronic parts, and electronic services.

Supply Chain Diligence, Disclosure, and Corrective Action

The FAR clause operationalizes the restriction as follows:

  • Contractors must conduct a reasonable inquiry to detect and avoid the use or inclusion of covered semiconductor products or services in electronic products and electronic services.  In conducting such an inquiry, contractors and subcontractors may reasonably rely on certifications of compliancefrom suppliers of electronic products or services and are not required to conduct independent third-party audits or other formal reviews related to such certifications.  This is a new standard, not outlined in the statute, and is similar to the standard seen in the Section 889 context. 
  • Contractors must make certain disclosures, including (i) disclosures to direct customers regarding the inclusion of a covered semiconductor product or service in electronic products or electronic services, and (ii) notifications to the appropriate Federal authorities within 60 days of learning or suspecting that a product to be used in a critical system contains covered semiconductor products or services.  The clause would include a safe harbor from civil liability or from determinations that the contractor is not presently responsible, provided that the contractor provides the appropriate notification to the Government and makes a comprehensive and documentable effort to identify and remove the covered semiconductor products or services.
  • Contractors must carry out any necessary rework or corrective action if they fail to disclose the inclusion of covered semiconductor products or services in electronic parts or electronic services to direct customers.  The costs of such corrective action would be treated as unallowable costs. 

The forthcoming FAR clause may broadly apply to “all solicitations and contracts” subject to a limited waiver

The ANPRM contemplates that the FAR clause would be incorporated into “all solicitations and contracts,” including those: (i) valued at or below the simplified acquisition and micro-purchase thresholds; (ii) for the acquisition of commercial products and commercial services; and (iii) for the acquisition of COTS items.  As a result, the ANPRM contemplates that “every unique awardee with electronic products or services would need to conduct a reasonable inquiry” to assess compliance with this rule; that 75 percent of all awardees will have electronic products or services that will be impacted by the prohibition; and that up to 20 percent of semiconductors in those electronic products or services “are not currently compliant with the prohibition.”  The FAR clause would also be required in all subcontracts involving “the supply of any electronic products.”   

The heads of executive agencies would have limited authority to waive the application of these requirements in particular situations, generally where the agency determines that no compliant product or services is available to be procured at prices not prohibitively expensive, and where such waiver could not reasonably be expected to compromise critical U.S. national security interests.  Certain agency heads would have additional authority to waive the application of these requirements where it would be in the critical national security interests of the United States.

Notably, the ANPRM also reiterates that Section 5949’s prohibitions would not require agencies to remove any products or services already in place prior to the December 2027 effective date of the prohibition, nor would it limit the utilization of covered semiconductor products throughout the lifecycle of existing equipment.

Additional requirements to assist contractors and the Government in ensuring compliance with the Section 5949 prohibition

The ANPRM notes that federal rulemakers “are considering requiring offerors to identify the provenance of the supply chain for the semiconductor components for each electronic product to be provided to the Government” in order to allow the Government to validate contractor compliance with the prohibition.  According to the ANPRM, such provenance information could include requiring offerors to identify vendors and facilities responsible for design, fabrication, assembly, packaging, and testing of the products.  Additionally, the ANPRM contemplates that the Department of Commerce may compile a public list of known electronic products and services that include covered semiconductor products or services to assist contractors with identifying prohibited products.

Preparing for Compliance

Contractors are encouraged to submit comments to the FAR Council in response to the questions included in the ANPRM, which ask for feedback on, inter alia, recommendations on how to further clarify the scope of the prohibition, the inclusion of additional definitions, whether industry has sufficient visibility into supply chains, the appropriate procedures for conducting a reasonable inquiry, and the anticipated need for waivers after December 2027.

We are continuing to monitor the FAR Council’s development of this rule for our clients.  If you have any questions concerning the material discussed in this post, please contact the members of our Public Policy, Cybersecurity, and Government Contracts groups.


[1] The ANPRM indicates that because the FAR definition of “products” already includes “parts,” the implementing rule would refer only to electronic products and services.  

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Susan B. Cassidy Susan B. Cassidy

Susan is co-chair of the firm’s Aerospace and Defense Industry Group and is a partner in the firm’s Government Contracts and Cybersecurity Practice Groups. She previously served as in-house counsel for two major defense contractors and advises a broad range of government contractors…

Susan is co-chair of the firm’s Aerospace and Defense Industry Group and is a partner in the firm’s Government Contracts and Cybersecurity Practice Groups. She previously served as in-house counsel for two major defense contractors and advises a broad range of government contractors on compliance with FAR and DFARS requirements, with a special expertise in supply chain, cybersecurity and FedRAMP requirements. She has an active investigations practice and advises contractors when faced with cyber incidents involving government information, as well as representing contractors facing allegations of cyber fraud under the False Claims Act. Susan relies on her expertise and experience with the Defense Department and the Intelligence Community to help her clients navigate the complex regulatory intersection of cybersecurity, national security, and government contracts. She is Chambers rated in both Government Contracts and Government Contracts Cybersecurity. In 2023, Chambers USA quoted sources stating that “Susan’s in-house experience coupled with her deep understanding of the regulatory requirements is the perfect balance to navigate legal and commercial matters.”

Her clients range from new entrants into the federal procurement market to well established defense contractors and she provides compliance advices across a broad spectrum of procurement issues. Susan consistently remains at the forefront of legislative and regulatory changes in the procurement area, and in 2018, the National Law Review selected her as a “Go-to Thought Leader” on the topic of Cybersecurity for Government Contractors.

In her work with global, national, and start-up contractors, Susan advises companies on all aspects of government supply chain issues including:

  • Government cybersecurity requirements, including the Cybersecurity Maturity Model Certification (CMMC), DFARS 7012, and NIST SP 800-171 requirements,
  • Evolving sourcing issues such as Section 889, counterfeit part requirements, Section 5949 and limitations on sourcing from China
  • Federal Acquisition Security Council (FASC) regulations and product exclusions,
  • Controlled unclassified information (CUI) obligations, and
  • M&A government cybersecurity due diligence.

Susan has an active internal investigations practice that assists clients when allegations of non-compliance arise with procurement requirements, such as in the following areas:

  • Procurement fraud and FAR mandatory disclosure requirements,
  • Cyber incidents and data spills involving sensitive government information,
  • Allegations of violations of national security requirements, and
  • Compliance with MIL-SPEC requirements, the Qualified Products List, and other sourcing obligations.

In addition to her counseling and investigatory practice, Susan has considerable litigation experience and has represented clients in bid protests, prime-subcontractor disputes, Administrative Procedure Act cases, and product liability litigation before federal courts, state courts, and administrative agencies.

Susan is a former Public Contract Law Procurement Division Co-Chair, former Co-Chair and current Vice-Chair of the ABA PCL Cybersecurity, Privacy and Emerging Technology Committee.

Prior to joining Covington, Susan served as in-house senior counsel at Northrop Grumman Corporation and Motorola Incorporated.

Photo of Michael Wagner Michael Wagner

Mike Wagner represents companies and individuals in complex compliance and enforcement matters arising in the public procurement context. Combining deep regulatory expertise and extensive investigations experience, Mike helps government contractors navigate detailed procurement rules and achieve the efficient resolution of government investigations and…

Mike Wagner represents companies and individuals in complex compliance and enforcement matters arising in the public procurement context. Combining deep regulatory expertise and extensive investigations experience, Mike helps government contractors navigate detailed procurement rules and achieve the efficient resolution of government investigations and enforcement actions.

Mike regularly represents contractors in federal and state compliance and enforcement matters relating to a range of procurement laws and regulations. He has particular experience handling investigations and litigation brought under the civil False Claims Act, and he routinely counsels government contractors on mandatory and voluntary disclosure considerations under the FAR, DFARS, and related regulatory regimes. He also represents contractors in high-stakes suspension and debarment matters at the federal and state levels, and he has served as Co-Chair of the ABA Suspension & Debarment Committee and is principal editor of the American Bar Association’s Practitioner’s Guide to Suspension & Debarment (4th ed.) (2018).

Mike also has extensive experience representing companies pursuing and negotiating grants, cooperative agreements, and Other Transaction Authority agreements (OTAs). In this regard, he has particular familiarity with the semiconductor and clean energy industries, and he has devoted substantial time in recent years to advising clients on strategic considerations for pursuing opportunities under the CHIPS Act, Inflation Reduction Act, and Bipartisan Infrastructure Law.

In his counseling practice, Mike regularly advises government contractors and suppliers on best practices for managing the rapidly-evolving array of cybersecurity and supply chain security rules and requirements. In particular, he helps companies assess and navigate domestic preference and country-of-origin requirements under the Buy American Act (BAA), Trade Agreements Act (TAA), Berry Amendment, and DOD Specialty Metals regulation. He also assists clients in managing product and information security considerations related to overseas manufacture and development of Information and Communication Technologies & Services (ICTS).

Mike serves on Covington’s Hiring Committee and is Co-Chair of the firm’s Summer Associate Program. He is a frequent writer and speaker on issues relating to procurement fraud and contractor responsibility, and he has served as an adjunct professor at the George Washington University Law School.

Photo of Stephanie Barna Stephanie Barna

Stephanie Barna draws on over three decades of U.S. military and government service to provide advisory and advocacy support and counseling to clients facing policy and political challenges in the aerospace and defense sectors.

Prior to joining the firm, Stephanie was a senior…

Stephanie Barna draws on over three decades of U.S. military and government service to provide advisory and advocacy support and counseling to clients facing policy and political challenges in the aerospace and defense sectors.

Prior to joining the firm, Stephanie was a senior leader on Capitol Hill and in the U.S. Department of Defense (DoD). Most recently, she was General Counsel of the Senate Armed Services Committee, where she was responsible for the annual $740 billion National Defense Authorization Act (NDAA). Additionally, she managed the Senate confirmation of three- and four-star military officers and civilians nominated by the President for appointment to senior political positions in DoD and the Department of Energy’s national security nuclear enterprise, and was the Committee’s lead for investigations.

Previously, as a senior executive in the Office of the Army General Counsel, Stephanie served as a legal advisor to three Army Secretaries. In 2014, Secretary of Defense Chuck Hagel appointed her to be the Principal Deputy Assistant Secretary of Defense for Manpower and Reserve Affairs. In that role, she was a principal advisor to the Secretary of Defense on all matters relating to civilian and military personnel, reserve integration, military community and family policy, and Total Force manpower and resources. Stephanie was later appointed by Secretary of Defense Jim Mattis to perform the duties of the Under Secretary of Defense for Personnel and Readiness, responsible for programs and funding of more than $35 billion.

Stephanie was also previously the Deputy General Counsel for Operations and Personnel in the Office of the Army General Counsel. She led a team of senior lawyers in resolving the full spectrum of issues arising from Army wartime operations and the life cycle of Army military and civilian personnel. Stephanie was also a personal advisor to the Army Secretary on his institutional reorganization and business transformation initiatives and acted for the Secretary in investigating irregularities in fielding of the Multiple Launch Rocket System and classified contracts. She also played a key role in a number of high-profile personnel investigations, including the WikiLeaks breach. Prior to her appointment as Deputy, she was Associate Deputy General Counsel (Operations and Personnel) and Acting Deputy General Counsel.

Stephanie is a retired Colonel in the U.S. Army and served in the U.S. Army Judge Advocate General’s Corps as an Assistant to the General Counsel, Office of the Army General Counsel; Deputy Staff Judge Advocate, U.S. Army Special Forces Command (Airborne); Special Assistant to the Assistant Secretary of the Army (Manpower & Reserve Affairs); and General Law Attorney, Administrative Law Division.

Stephanie was selected by the National Academy of Public Administration for inclusion in its 2022 Class of Academy Fellows, in recognition of her years of public administration service and expertise.

Photo of Peter Terenzio Peter Terenzio

Peter Terenzio routinely advises clients regarding the multiple regulatory regimes that apply to federal contractors. His practice also extends outside of traditional government procurement contracts to include federal grants and Other Transaction Authority (OTA) research, prototype, and production agreements.

Among other things, Peter…

Peter Terenzio routinely advises clients regarding the multiple regulatory regimes that apply to federal contractors. His practice also extends outside of traditional government procurement contracts to include federal grants and Other Transaction Authority (OTA) research, prototype, and production agreements.

Among other things, Peter regularly helps clients with the constantly evolving domestic-preference requirements promulgated pursuant to various federal laws, including, for example, the Buy American Act (BAA) and Trade Agreements Act (TAA), but also including more recently the Inflation Reduction Act (IRA) and Infrastructure Investment and Jobs Act (IIJA). He also has particular experience with helping clients navigate the complicated prevailing wage rules imposed by the Davis Bacon Act (DBA) and Service Contact Act (SCA). Peter has used this regulatory knowledge to help clients negotiate the specifics of their contracts, grants, and OTA agreements.

Peter also has significant experience with the disputes that may arise during the execution of government prime contracts. He knows how to work closely with the client’s subject matter experts to prepare and submit detailed requests for equitable adjustment (REAs) in order to secure much-needed price or schedule relief. Where necessary, he has assisted clients with converting their REAs into certified claims, and when disputes cannot be resolved at the Contracting Officer level, he has helped clients vindicate their contractual rights in litigation before the Boards of Contract Appeals.

Photo of Ryan Burnette Ryan Burnette

Ryan Burnette is a government contracts and technology-focused lawyer that advises on federal contracting compliance requirements and on government and internal investigations that stem from these obligations. Ryan has particular experience with defense and intelligence contracting, as well as with cybersecurity, supply chain…

Ryan Burnette is a government contracts and technology-focused lawyer that advises on federal contracting compliance requirements and on government and internal investigations that stem from these obligations. Ryan has particular experience with defense and intelligence contracting, as well as with cybersecurity, supply chain, artificial intelligence, and software development requirements.

Ryan also advises on Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) compliance, public policy matters, agency disputes, and government cost accounting, drawing on his prior experience in providing overall direction for the federal contracting system to offer insight on the practical implications of regulations. He has assisted industry clients with the resolution of complex civil and criminal investigations by the Department of Justice, and he regularly speaks and writes on government contracts, cybersecurity, national security, and emerging technology topics.

Ryan is especially experienced with:

  • Government cybersecurity standards, including the Federal Risk and Authorization Management Program (FedRAMP); DFARS 252.204-7012, DFARS 252.204-7020, and other agency cybersecurity requirements; National Institute of Standards and Technology (NIST) publications, such as NIST SP 800-171; and the Cybersecurity Maturity Model Certification (CMMC) program.
  • Software and artificial intelligence (AI) requirements, including federal secure software development frameworks and software security attestations; software bill of materials requirements; and current and forthcoming AI data disclosure, validation, and configuration requirements, including unique requirements that are applicable to the use of large language models (LLMs) and dual use foundation models.
  • Supply chain requirements, including Section 889 of the FY19 National Defense Authorization Act; restrictions on covered semiconductors and printed circuit boards; Information and Communications Technology and Services (ICTS) restrictions; and federal exclusionary authorities, such as matters relating to the Federal Acquisition Security Council (FASC).
  • Information handling, marking, and dissemination requirements, including those relating to Covered Defense Information (CDI) and Controlled Unclassified Information (CUI).
  • Federal Cost Accounting Standards and FAR Part 31 allocation and reimbursement requirements.

Prior to joining Covington, Ryan served in the Office of Federal Procurement Policy in the Executive Office of the President, where he focused on the development and implementation of government-wide contracting regulations and administrative actions affecting more than $400 billion dollars’ worth of goods and services each year.  While in government, Ryan helped develop several contracting-related Executive Orders, and worked with White House and agency officials on regulatory and policy matters affecting contractor disclosure and agency responsibility determinations, labor and employment issues, IT contracting, commercial item acquisitions, performance contracting, schedule contracting and interagency acquisitions, competition requirements, and suspension and debarment, among others.  Additionally, Ryan was selected to serve on a core team that led reform of security processes affecting federal background investigations for cleared federal employees and contractors in the wake of significant issues affecting the program.  These efforts resulted in the establishment of a semi-autonomous U.S. Government agency to conduct and manage background investigations.

Photo of Daniel Raddenbach Daniel Raddenbach

Daniel Raddenbach assists clients in navigating the complex regulatory regimes that apply to federal contractors. In addition to providing regulatory advice, he routinely works with clients in the government contracts M&A space to provide regulatory reviews and risk analyses of potential transactions. He…

Daniel Raddenbach assists clients in navigating the complex regulatory regimes that apply to federal contractors. In addition to providing regulatory advice, he routinely works with clients in the government contracts M&A space to provide regulatory reviews and risk analyses of potential transactions. He also represents contractors in complex disputes, including litigation and claims against the federal government and prime-sub disputes.

Most recently, Daniel has specialized in assisting clients in the semiconductor industry to apply for and negotiate CHIPS Act funding awards to construct or modernize semiconductor fabrication facilities. He regularly advises clients on the ramifications of applying for funding under the CHIPS Act programs, providing analysis on topics including CHIPS programmatic requirements, the national security guardrails, and federal labor law requirements (including Davis-Bacon), among others.

Photo of Jasmine Wang Jasmine Wang

Jasmine Wang represents government contractors on complex regulatory matters at all stages of the public procurement process. Her multi-faceted practice encompasses numerous industries, where she advises clients on compliance, enforcement, and the risks associated with various regulatory regimes.

Jasmine’s experience includes coordinating due…

Jasmine Wang represents government contractors on complex regulatory matters at all stages of the public procurement process. Her multi-faceted practice encompasses numerous industries, where she advises clients on compliance, enforcement, and the risks associated with various regulatory regimes.

Jasmine’s experience includes coordinating due diligence processes in large scale M&A transactions involving government contracts, advising companies on cutting edge legislative, litigation, and regulatory developments, and representing clients in bid protests, including before the Small Business Administration (SBA), and other adversarial matters. Jasmine’s practice also focuses on issues at the intersection of government contracts and employment law, where she counsels clients on compliance and enforcement questions arising from the Office of Federal Contract Compliance Programs (OFCCP) and contractor obligations under the Davis-Bacon Act and CHIPS Act.

Before joining the firm, Jasmine clerked for The Honorable Andrew S. Hanen in the Southern District of Texas. She maintains an active pro bono practice focused on civil rights and reproductive justice.