Procurement Policy

On September 4, DoD published a proposed rule updating the other transaction (OT) regulations set forth in 32 CFR part 3.  These updates are intended to implement various changes to the prototype OT statute (42 U.S.C § 4022) previously enacted by Congress.  Among other things, those changes included:

  • An expansion of the “appropriate circumstances” under which a prototype OT may be issued, to include situations involving participation by nonprofit research institutions, participation by small businesses, or opportunities “to expand the defense supply base”; and
  • Authority for DoD to issue follow-on “production” OTs on a sole source basis, provided that competitive procedures were used for award of the initial prototype OT.

Although these changes were already applicable to DoD as a matter of statute, the proposed rule would ensure that the CFR is aligned with the statute and that the regulations provide accurate guidance. More details are below.Continue Reading DoD Rolls Out Proposed Changes to Prototype OTA Regulations

This is part of an ongoing series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through May 2024.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during June 2024.  It also describes key actions taken during May 2024 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, national security, and software supply chain security.Continue Reading June 2024 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order

The Federal government may soon adopt new rules for when indefinite delivery contracts and orders are subject to the Cost Accounting Standards. According to a June 18, 2024 notice, the CAS Board is considering multiple different approaches to this issue, and it has invited comments from the public.Continue Reading Wondering Whether Your IDIQ Award Will Be Subject to CAS?  New Rules May Be Coming Soon from the CAS Board.

Today, the Federal Acquisition Regulatory Council (“FAR Council”) released an Advance Notice of Proposed Rulemaking (the “ANPRM”) describing the agencies’ plan to implement Section 5949 of the National Defense Authorization Act (“NDAA”) for FY 23 (Pub. L. 117-263).

Section 5949 prohibits the Federal Government from procuring certain semiconductor parts, products, or services traceable to named Chinese companies and potentially other foreign countries of concern.  To that end, the ANPRM invites public comment on the proposed contents of an implementing FAR clause, to take effect December 23, 2027.

As discussed below, the FAR Council proposed applying the regulations broadly to all solicitations and contracts, including commercial item and commercially available off-the-shelf (“COTS”) contracts, subject only to a limited waiver.  Although not set out in the statute, the clause would require contractors to conduct a “reasonable inquiry” into their supply chain to detect potential violations.  It would also require both disclosure and the taking of corrective action in the event that nonconforming products or services are discovered. 

More details are below, and our previous coverage of Section 5949 is available here.Continue Reading Chips on the Table: FAR Council Releases Advance Notice of Proposed Rulemaking to Implement Prohibition on Purchase and Use of Certain Semiconductors

On March 11, 2024 the Cybersecurity Infrastructure Security Agency (CISA), released the much anticipated final version of its common Secure Software Development Attestation Form.  Finalization of the form is a notable development for developers of software that is sold to the U.S. Government for two reasons.  First, the form is expected to be used widely by Government agencies to fulfill requirements set forth in recent OMB memoranda for those agencies to ensure that the software they procure or use is secure by requiring attestations from software developers.  Second, as set forth under OMB guidance, final approval of the form by the Office of Information and Regulatory Affairs (OIRA) triggers a countdown wherein agencies need to begin collection of the forms within three months for “critical software” and within six months for all other software.Continue Reading OMB Approves Final CISA Secure Software Attestation Common Form, Triggering Clock for Collection

On March 7, 2024, the Department of Transportation’s (“DOT”) Federal Highway Administration (“FHWA”) announced a proposed rule to rescind a longstanding general waiver of Buy America requirements for manufactured products (the “Manufactured Products Waiver”).  If finalized, this would be a major change for the agency, reversing a policy that has been in place for more than 40 years.

FHWA has imposed Buy America requirements for domestic iron and steel on its projects since 1978 (see 23 U.S.C. § 313; 23 CFR § 635.410), but in 1983, the agency determined that it was in the public interest to waive the requirement as to manufactured products based on the agency’s belief that manufactured products were not used in federal highway projects in sufficient quantities to have an effect on the overall cost of a project and therefore did not require Buy America protections.  That general waiver has been in place ever since.

This change in policy comes in the wake of the 2021 Infrastructure Investment and Jobs Act’s Build America, Buy America (“BABA”) provisions, which expanded Buy America coverage broadly in federal financial assistance programs for infrastructure.  BABA requires that all steel, iron, construction materials, and manufactured products used in such products be “produced in the United States.”  BABA also discourages the use of general applicability waivers like FHWA’s Manufactured Products Waiver and required review of existing waivers. 

FHWA sought comments on its longstanding manufactured products waiver in March 2023 and received over 9,400 comments from the public.  Commenters included manufacturers, labor organizations, construction contractors, industry associations, State departments of transportation, and even members of Congress.  Based on a consideration of this feedback and in recognition of other domestic content policies, including Executive Order 14005, “Ensuring the Future Is Made in All of America by All of America’s Workers,” FHWA is proposing to discontinue its Manufactured Products Waiver and modify its regulations to include domestic content requirements for manufactured products.Continue Reading Federal Highway Administration Announces Proposed Rule Ending Longstanding Buy America Waiver for Manufactured Products

This is the thirty-third in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken

Continue Reading January 2024 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order

This is the thirty-second in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through November 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during December 2023.  It also describes key actions taken during December 2023 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, secure software, and federal government contractors.Continue Reading December 2023 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order

This post continues our ongoing coverage of the FY 2024 NDAA. 

The FY 2024 NDAA includes numerous supply chain and stockpile management provisions aimed at addressing a host of perceived vulnerabilities and weaknesses in Department of Defense (“DoD”) supply chain networks used to secure goods and services for our national defense.  Of particular note, this year’s NDAA seeks to address China’s and Russia’s continued dominance in the global supply chain for many critical materials and rare earth elements.  Supply chain- and stockpile-related measures in the NDAA could present significant opportunities for contractors poised to support the U.S. Government’s efforts to on-shore and friend-shore U.S. and DoD sourcing and manufacturing, but Congress’s focus on increasing supply chain visibility could also herald new rounds of compliance and reporting requirements attached to federal procurements.Continue Reading Key Supply Chain Provisions of the National Defense Authorization Act (“NDAA”) for Fiscal Year (“FY”) 2024

This is the thirty first in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described actions taken by various government agencies to implement the Cyber EO from June 2021 through October 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during November 2023.  It also describes key actions taken during November 2023 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, secure software, and federal government contractors.Continue Reading November 2023 Developments Under President Biden’s Cybersecurity andArtificial Intelligence Executive Orders and National Cybersecurity Strategy