Archives: Supply Chain

Subscribe to Supply Chain RSS Feed

Department of Defense’s Interim Rule Imposes New Assessment Requirements But is Short on Detail on Implementation of CMMC

On September 29, 2020, the Department of Defense (DoD) released an interim rule that industry hoped would provide clear guidance with regard to DoD’s implementation of its Cybersecurity Maturity Model Certification (CMMC) framework.  The vast majority of the rule focuses on DoD’s increased requirements for confirming that contractors are currently in compliance with all 110 … Continue Reading

New Section 889 Restrictions Included in Updated Uniform Guidance Regulations from the Office of Management and Budget

On August 13, 2020, the Office of Management and Budget (OMB) released new revisions to its Guidance for Grants and Agreements set forth under 2 CFR (commonly referred to as the Uniform Guidance).  The Uniform Guidance governs the terms of federal funding issued by agencies, including grants, cooperative agreements, federal loans, and non-cash assistance awards.  … Continue Reading

Trump Administration Increases Uncertainty for Pharmaceutical Manufacturing

Last week, President Trump issued an executive order aimed at encouraging the expansion American manufacturing of essential medical products — Executive Order on Ensuring Essential Medicines, Medical Countermeasures, and Critical Inputs Are Made in the United States (August 6, 2020) (the “Order”).  The Order sets forth an ambitious plan requiring extensive agency action on a … Continue Reading

M&A and Section 889: Due Diligence and Integration Considerations

(This article was originally published in Law360 and has been modified for this blog.) Companies in a range of industries that contract with the U.S. Government—including aerospace, defense, healthcare, technology, and energy—are actively working to assess whether or not their information technology systems comply with significant new restrictions that will take effect on August 13, … Continue Reading

“Section 889” Prohibition on “Use” of Covered Telecommunications Equipment by Federal Contractors Released as an Interim Rule

On July 10, 2020, the interim rule implementing Section 889(a)(1)(B) of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Pub. L. No. 115-232) was released by the U.S. Government’s Federal Acquisition Regulatory Council. Section 889 prohibits the U.S. Government from buying (as of August 2019)—or contracting with an entity that uses … Continue Reading

Contractor Supply Chain Readiness – An Update on Expected Regulatory Changes

In recent years, both Congress and the Executive Branch have made it a key priority to mitigate risks across the industrial and innovation supply chains that provide hardware, software, and services to the U.S. government (“USG”).  Five of these initiatives are likely to result in new regulations in 2020, each of which could have a … Continue Reading

CISA Information and Communications Technology Supply Chain Risk Management Task Force Releases New Guidance on Security Resiliency

On May 5, 2020 the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (“CISA”) Information and Communications Technology (“ICT”) Supply Chain Risk Management (“SCRM”) Task Force (the “Task Force”) released a six-step guide for organizations to start implementing organizational SCRM practices to improve their overall security resilience.  The Task Force also released a revised … Continue Reading

“Excuse Me, My Performance Has been Interrupted”– How Excusable Delay Provisions in the FAR May Help Federal Contractors Affected by the Coronavirus

The global spread of the COVID-19 virus may put many federal contractors at risk of missing contractual deadlines. In a growing number of cases, supply chains may become cut off, work spaces may be closed, or employees may need to stay home, all of which could impact a contractor’s ability to perform in a timely … Continue Reading

A New Path to TAA Compliance: U.S.-Made End Products in Acetris

On Monday, the U.S. Court of Appeals for the Federal Circuit issued an opinion in Acetris Health, LLC v. United States, No. 2018-2399 (Fed. Cir. Feb. 10, 2020) (“Acetris”), that would permit pharmaceutical manufacturers to source a drug’s active pharmaceutical ingredient (“API”) from India, China and other non “designated countries” and yet still offer the … Continue Reading

A Closer Look at Version 1.0 of DoD’s Cybersecurity Maturity Model Certification

On January 31, the Department of Defense (“DoD”) released Version 1.0 of its Cybersecurity Maturity Model Certification (“CMMC”).  This is the fourth iteration of the CMMC that DoD has publicly released since it issued the first draft in October, and it is intended to be the version that auditors will be trained against, and that … Continue Reading

Trump Administration Renews Focus on Anti-Human Trafficking Efforts

The Trump Administration has declared this month National Slavery and Human Trafficking Prevention Month, calling on industry associations, law enforcement, private businesses, and others to work toward ending modern slavery and human trafficking. This proclamation follows the Administration’s efforts to combat human trafficking, which we have previously discussed here, and comes on the heels of … Continue Reading

Commerce Department Proposes Rule Impacting Information and Communications Technology Supply Chains

On November 27, 2019, the Department of Commerce issued a proposed rule to implement the May 15, 2019 Executive Order entitled “Securing the Information and Communications Technology and Services Supply Chain.”  Once finalized and effective, the regulations will govern the process and procedures that the Secretary of Commerce will use to determine whether certain transactions … Continue Reading

New FAR Rule Expands Counterfeit Reporting Obligations

Last week, the FAR Council issued a Final Rule, setting forth new FAR provisions that require the reporting of certain counterfeit and suspect counterfeit parts and certain major or critical nonconformances to the Government – Industry Data Exchange Program (“GIDEP”).[1]  This Final Rule comes more than five years after the rule was first proposed in … Continue Reading

How Much Is Enough? Federal Circuit Appeal May Decide Level of U.S. Manufacturing Required Under the TAA

A long-standing dispute over the approach to country of origin determinations under the Trade Agreements Act (“TAA”) may soon be resolved, as the Federal Circuit recently heard oral argument in one of two cases presently examining key aspects of this statute.  Among other questions presented, the court may decide the standard for determining whether a … Continue Reading

CISA Information and Communications Technology Supply Chain Risk Management Task Force Issues New Interim Report

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency’s (“CISA”) Information and Communications Technology (“ICT”) Supply Chain Risk Management Task Force (the “Task Force”) recently released an interim public report.  The report describes the Task Force’s efforts over the last year to develop recommendations for securing the Government’s supply chain, and outlines the potential … Continue Reading

Navy Modifies Acquisition Supplement to Tighten Cybersecurity Requirements and Implement the Geurts Memorandum

Almost a year after Assistant Secretary of the Navy James Geurts issued his September 28, 2018 memorandum (Geurts Memo) imposing enhanced security controls on “critical” Navy programs, the Navy has issued an update to the Navy Marine Corps Acquisition Regulations Supplement (NMCARS) to implement those changes more formally across the Navy.  Pursuant to this update, a new … Continue Reading

DoD Releases Public Draft of Cybersecurity Maturity Model Certification and Seeks Industry Input

On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment.  The CMMC was created in response to growing concerns by Congress and within DoD over the increased presence of cyber threats and intrusions aimed at the Defense Industrial … Continue Reading

Section 889 Update: First Wave of Acquisition Prohibitions Take Effect

The FAR Council released an Interim Rule in August implementing part of Section 889 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019.  In this briefing, we highlight points where the Interim Rule provides clarity; definitional issues that remain unresolved; and new procedural requirements that government contractors should track. The Interim … Continue Reading

Senate Armed Services Subcommittee on Cybersecurity Holds Hearing to Discuss the Responsibilities of the Defense Industrial Base

On March 26, 2019, the Senate Armed Services’ Subcommittee on Cybersecurity held a hearing to receive testimony assessing how the Department of Defense’s (“DOD”) cybersecurity policies and regulations have affected the Defense Industrial Base (“DIB”). To gain a better understanding of the DIB’s cybersecurity concerns, the Subcommittee invited William LaPlante, Senior Vice President and General … Continue Reading

Jumping to Exclusions: New Law Provides Government-Wide Exclusion Authorities to Address Supply Chain Risks

On the eve of the recent government shutdown over border security, Congress and the President were in agreement on a different issue of national security:  mitigating supply chain risk.  On December 21, 2018, the President signed into law the Strengthening and Enhancing Cyber-capabilities by Utilizing Risk Exposure Technology Act (the “SECURE Technology Act”) (P.L. 115-390).  … Continue Reading
LexBlog