Photo of Michael Wagner

Michael Wagner

Mike Wagner helps government contractors navigate high-stakes enforcement matters and complex regulatory regimes.

Combining deep regulatory knowledge with extensive investigations experience, Mr. Wagner works closely with contractors across a range of industries to achieve the efficient resolution of regulatory enforcement actions and government investigations, including False Claims Act cases. He has particular expertise representing individuals and companies in suspension and debarment proceedings, and he has successfully resolved numerous such matters at both the agency and district court level. He also routinely conducts internal investigations of potential compliance issues and advises clients on voluntary and mandatory disclosures to federal agencies.

In his contract disputes and advisory work, Mr. Wagner helps government contractors resolve complex issues arising at all stages of the public procurement process. As lead counsel, he has successfully litigated disputes at the Armed Services Board of Contract Appeals, and he regularly assists contractors in preparing and pursuing contract claims. In his counseling practice, Mr. Wagner advises clients on best practices for managing a host of compliance obligations, including domestic sourcing requirements under the Buy American Act and Trade Agreements Act, safeguarding and reporting requirements under cybersecurity regulations, and pricing obligations under the GSA Schedules program. And he routinely assists contractors in navigating issues and disputes that arise during negotiations over teaming agreements and subcontracts.

On February 15, 2024, the Department of Defense (“DOD”) issued a final rule that increases the domestic content requirements for defense procurements. 

The new rule amends the Defense Federal Acquisition Regulation Supplement (“DFARS”) to implement Executive Order 14005 (“EO”).  The EO was intended to strengthen the requirements of the Buy American Act (“BAA”) by, among

This is the thirty-third in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to

This is the thirty-second in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through November 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during December 2023.  It also describes key actions taken during December 2023 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, secure software, and federal government contractors.Continue Reading December 2023 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order

In keeping with the trend of increased attention on the False Claims Act’s (“FCA”) qui tam provisions, the Second Circuit recently weighed in on a seeming conflict between the statute and the relator’s obligations under the Federal Rules of Civil Procedure (“FCRP”). Under Rule 4(m) of the FRCP, the court generally must dismiss a complaint if the plaintiff fails to serve the defendant with a complaint and summons within 90 days of filing. Fed. R. Civ. P. 4(m). But a relator bringing suit under the qui tam provisions of the FCA may not serve a defendant until the complaint is unsealed and “until the court so orders.” 31 U.S.C. § 3730(b)(2). In cases brought under the qui tam provisions of the FCA, this creates the potential for questions regarding when the Rule 4(m) service-of-process clock begins to tick.

These questions seldom arise because courts ordinarily unseal a relator’s complaint and simultaneously order the relator to serve the defendant. In which case, the express order to serve the defendant plainly triggers the service-of-process clock under Rule 4(m). But what if the court unseals the relator’s complaint and then delays (or never issues) the order to serve the defendant? This was the question before the Second Circuit last month in U.S. ex rel. Weiner v. Siemens AG, No. 22-2656, 2023 WL 8227913, at 3 (2d Cir. Nov. 28, 2023).Continue Reading Tick-tock, the Court Starts the Clock: Deconflicting the FCA and Rule 4(m) of the FRCP

On October 3, 2023, the Federal Acquisition Regulation (FAR) Council released two new proposed cybersecurity rules. The first of the two, covered in a separate blog, is titled “Cyber Threat and Incident Reporting and Information Sharing,” and adds new requirements to the cybersecurity incident reporting obligations of federal contractors. The second rule, titled “Standardizing Cybersecurity Requirements for Unclassified Federal Information Systems,” covers cybersecurity contractual requirements for unclassified Federal information systems.

Both rules arise from Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). We have covered developments under this Executive Order as part of a series of monthly posts. The first blog summarized the Cyber EO’s key provisions and timelines, and subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through November 2023. This blog describes key requirements imposed by the proposed “Standardizing Cybersecurity Requirements for Unclassified Federal Information Systems” rule (the “Proposed Standardizing Rule”)

Proposed Cybersecurity Requirements for Unclassified Federal Information Systems

As directed by the Cyber EO, the Proposed Standardizing Rule would establish cybersecurity policies, procedures, and requirements for contractors that develop, implement, operate, or maintain Federal Information Systems (“FIS”). Under the rule, a FIS is defined as “an information system used or operated by an agency, by a contractor of an agency, or by another organization on behalf of an agency.”Continue Reading Proposed FAR Rule: “Standardizing Cybersecurity Requirements for Unclassified Federal Information Systems”

This is the thirty first in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described actions taken by various government agencies to implement the Cyber EO from June 2021 through October 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during November 2023.  It also describes key actions taken during November 2023 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, secure software, and federal government contractors.Continue Reading November 2023 Developments Under President Biden’s Cybersecurity andArtificial Intelligence Executive Orders and National Cybersecurity Strategy

Through the Infrastructure Investment and Jobs Act (“IIJA”) and the Inflation Reduction Act, the Department of Energy (“DOE”) has awarded billions of dollars to a series of new infrastructure and clean energy programs.  The scope and size of these programs have, in turn, attracted scrutiny from the DOE’s Office of Inspector General (“OIG”), as evidenced most recently by an OIG Special Report (“Report”) detailing what the OIG characterized as “Management Challenges” at DOE.  The Report is notable for several reasons, but most striking is its sharp criticism of DOE’s apparent reluctance to fully accede to the OIG’s request for vast quantities of agency and contractor data in connection with preventative fraud detection efforts.  This blog will cover the key findings of this Report and the most important takeaways for current and prospective DOE implementing partners.Continue Reading Department of Energy Office of Inspector General Management Challenges Report: Key Findings and Insights

This is the thirtieth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to

Echoing the Obama Administration’s Better Buying Initiative, the Biden Administration announced the Better Contracting Initiative (“BCI”), a four-pronged initiative designed to ensure the Federal Government gets better, and more consistent, terms and prices when purchasing commercial goods and services, while enhancing support for small and disadvantaged businesses.  The Initiative’s four prongs include:Continue Reading More Bang for the Government’s Buck: The Biden Administration Announces the Better Contracting Initiative

This is the twenty-ninth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through August 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during September 2023. Continue Reading September 2023 Developments Under President Biden’s Cybersecurity Executive Order and National Cybersecurity Strategy