Government Contracts Regulatory Compliance

This is the thirty-fourth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs describes described the actions taken by various government agencies to implement the Cyber EO from June 2021through January 2024.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during February 2024.  It also describes key actions taken during February 2024 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, secure software, and federal government contractors. Continue Reading February 2024 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order

The Department of Labor’s Office of Federal Contract Compliance Programs (“OFCCP”) has now opened its Contractor Portal for the 2024 Affirmative Action Program (“AAP”) certification period with a deadline of July 1, 2024.Continue Reading OFCCP 2024 Affirmative Action Program Certifications: What You Need to Know

On March 11, 2024 the Cybersecurity Infrastructure Security Agency (CISA), released the much anticipated final version of its common Secure Software Development Attestation Form.  Finalization of the form is a notable development for developers of software that is sold to the U.S. Government for two reasons.  First, the form is expected to be used widely by Government agencies to fulfill requirements set forth in recent OMB memoranda for those agencies to ensure that the software they procure or use is secure by requiring attestations from software developers.  Second, as set forth under OMB guidance, final approval of the form by the Office of Information and Regulatory Affairs (OIRA) triggers a countdown wherein agencies need to begin collection of the forms within three months for “critical software” and within six months for all other software.Continue Reading OMB Approves Final CISA Secure Software Attestation Common Form, Triggering Clock for Collection

This is the thirty-third in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to

This is the thirty-second in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through November 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during December 2023.  It also describes key actions taken during December 2023 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, secure software, and federal government contractors.Continue Reading December 2023 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order

On January 30, 2024, the Federal Acquisition Regulatory Council (“FAR Council”) proposed a new “Pay Equity and Transparency in Federal Contracting” rule for government contractors.  The proposed rule intends to increase race and gender equity for employees of federal prime contractors and subcontractors by prohibiting them from requesting and relying on certain information about job applicants’ compensation history and requiring contractors to disclose compensation rates in job announcements for certain positions.  These requirements would apply to all prime contracts and subcontracts – including for commercial products and services – where the principal place of performance is within the United States, regardless of dollar amount or tier.  The proposed rule is the latest in a number of steps the Biden Administration has taken to address discriminatory pay practices in federal procurement and contracting since announcing an Executive Order on Advancing Economy, Efficiency, and Effectiveness in Federal Contracting by Promoting Pay Equity and Transparency in March 2022. 

The proposed rule’s potential impact and implications for contractors — as well as opportunities to submit comments on the issue — are discussed below.Continue Reading New Proposed Rule on Pay Equity and Transparency in Federal Contracting

The Civilian Board of Contract Appeals has published its annual report for FY 2023, providing data regarding the number of appeals and contractor success rates at the Board.  The data illustrated a number of noteworthy points — and a few welcome trends — for the contracting community.Continue Reading Contractors Had a Strong Success Rate Before the CBCA in FY 2023

This post continues our ongoing coverage of the FY 2024 NDAA. 

The FY 2024 NDAA includes numerous supply chain and stockpile management provisions aimed at addressing a host of perceived vulnerabilities and weaknesses in Department of Defense (“DoD”) supply chain networks used to secure goods and services for our national defense.  Of particular note, this year’s NDAA seeks to address China’s and Russia’s continued dominance in the global supply chain for many critical materials and rare earth elements.  Supply chain- and stockpile-related measures in the NDAA could present significant opportunities for contractors poised to support the U.S. Government’s efforts to on-shore and friend-shore U.S. and DoD sourcing and manufacturing, but Congress’s focus on increasing supply chain visibility could also herald new rounds of compliance and reporting requirements attached to federal procurements.Continue Reading Key Supply Chain Provisions of the National Defense Authorization Act (“NDAA”) for Fiscal Year (“FY”) 2024

On December 22, 2023, President Biden signed into law the 2024 National Defense Authorization Act (“FY 2024 NDAA”).  Sections 1841 through 1843 of the new law address Unidentified Anomalous Phenomena (“UAP”).

The version of the FY 2024 NDAA enacted in the Senate in July of this year incorporated the Unidentified Anomalous Phenomena Disclosure Act of 2023—which would have mandated the Federal Government’s exercise of eminent domain over UAP-related material controlled by private persons or entities.  As discussed in greater detail below, the eminent domain mandate was not included in the final version of the NDAA passed by both chambers of Congress.  The newly enacted law requires only the establishment of a government wide UAP records collection; that government offices transfer UAP records to the collection; and that records be reviewed for disclosure (or not) against a set of criteria under which public release could be “postponed.”  Nonetheless, the substance of these final UAP provisions and Congress’s renewed interest in UAP may be a harbinger of things to come for government contractors and research entities, especially those involved in defense, intelligence, and other national security projects.  We expand on the background, evolution, and national security implications of the UAP amendment—and its potential impacts on contractors and other private entities—below.Continue Reading Implications of the Unidentified Anomalous Phenomena (UAP) Amendment in the 2024 National Defense Authorization Act (NDAA)

This is the thirty first in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described actions taken by various government agencies to implement the Cyber EO from June 2021 through October 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during November 2023.  It also describes key actions taken during November 2023 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, secure software, and federal government contractors.Continue Reading November 2023 Developments Under President Biden’s Cybersecurity andArtificial Intelligence Executive Orders and National Cybersecurity Strategy