This is the tenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the secondthirdfourthfifthsixthseventheighth, and ninth blogs described the actions taken by various Government agencies to implement the EO from June 2021 through January 2022, respectively.

This blog summarizes key actions taken to implement the Cyber EO during February 2022.  As with steps taken during prior months, the actions described below reflect the implementation of the EO within the Government.  However, these activities portend further actions in March 2022 that are likely to impact government contractors, particularly those who provide software products or services to government agencies.

Continue Reading February 2022 Developments Under President Biden’s Cybersecurity Executive Order

On February 23, 2022, Gregory E. Demske, Chief Counsel to the Inspector General for HHS’s Office of Inspector General (“OIG”), provided opening remarks and answered questions during the Federal Bar Association’s annual Qui Tam Conference.  Mr. Demske spoke about OIG’s role in False Claims Act (“FCA”) enforcement and resolutions, and discussed enforcement priorities for the upcoming year.

Continue Reading Senior HHS Official Discusses Role of OIG in FCA Resolutions and Enforcement Priorities for 2022

On the heels of the FTC’s opposition to Lockheed Martin’s acquisition of Aerojet Rocketdyne and Lockheed’s termination of the deal, the Department of Defense (DoD) released a report expressing concerns about the state of competition among its contractors.  Of particular note, the report encourages DoD action to (1) increase oversight of M&A transactions and (2) obtain greater IP rights in matters involving defense industrial base contractors.  Although the report is light on specifics and identifies objectives that are in some tension with each other, the report is a reminder to companies that the U.S. Government, the single largest purchaser in the country, remains focused on enhancing competition. To that end, we anticipate seeing Executive Branch action in the coming months that seeks to further that policy objective. Continue Reading DoD Signals Increased Scrutiny of Gov Con M&A and Renewed Interest in Background IP Rights

On February 4, 2022, the National Institute for Standards and Technology (“NIST”) published its Recommended Criteria for Cybersecurity Labeling of Consumer Software (“Software Labeling Criteria”).  NIST also published guidance to federal agencies regarding practices for enhancing software supply chain security when they acquire software (“Supply Chain Security Guidance”).  Both the Software Labeling Criteria and the Supply Chain Security Guidance were issued by NIST pursuant to Section 4 of Executive Order 14028, “Improving the Nation’s Cybersecurity” (the “Cyber EO”), which was issued by President Biden on May 12, 2021.  The Cyber EO and its implementation are the subject of several previous Covington blogs that are available here.

These documents have relevancy to U.S. government contractors and technology companies alike.  The Software Labeling Criteria may serve as a model for labeling requirements on software products purchased by consumers, and therefore should be reviewed closely by all software developers and resellers.  The Supply Chain Security Guidance will likely have more immediate impacts, as the Cyber EO requires (1) that the Office of Management and Budget (“OMB”) take “appropriate steps” to require that agencies comply with the Guidance with respect to software purchased after the date of the EO, and (2) that the FAR to be amended to require all agencies to procure software (defined to include firmware, operating systems, applications, and cloud-based services) in accordance with the Guidance.

Continue Reading NIST Publishes Recommended Criteria for Cybersecurity Labeling for Consumer Software and Guidance to Federal Agencies on Practices to Enhance Supply Chain Security When Procuring Software

Two federal agencies recently released a joint Request for Information (“RFI”) in the latest in a series of concrete steps to meet the Biden Administration’s goal to achieve 100 percent carbon pollution-free electricity (CFE)[1] in federal operations by 2030.  The RFI, issued by DLA-Energy and GSA, offers industry a chance to shape future federal CFE procurements by providing information on carbon-free electricity supplied in competitive retail markets.  Although not itself a procurement opportunity, the information submitted under the RFI will inform the parameters and conditions of CFE competitions that the federal government expects to begin as soon as this year, with contract deliveries starting in 2023.

Continue Reading RFI Begins to Chart Course for Federal Clean Energy Procurements

On December 22, 2021, the Defense Security Cooperation Agency (DSCA) announced the Fiscal Year 2021 transaction figures for the Foreign Military Sales (FMS) Program, reporting $34.8 billion in total transaction value.  FMS declined for the second consecutive year, down 31 percent from $50.8 billion dollars in transactions in FY 2020.  The 2021 figure represents the lowest volume of FMS transactions since FY 2016.

As recently as FY 2019, FMS program sales totaled $55.4 billion, with a $51 billion average transaction value from 2017-2019.  FMS transactions slipped slightly in FY 2020 to $50.8 billion but then cratered this past year.  Because FMS program sales figures fluctuate annually due to a few, high-value transactions, DSCA includes three-year rolling averages in their annual reports rather than only single year fluctuations.  For example, FMS sales declined 28 percent in FY 2016 before recouping most of those losses the next year.  Therefore, the significant 2021 decline may be an anomaly.  Even though 2021 FMS numbers may recover quickly, several notable takeaways remain.

First, the steep decline in FMS in FY 2021 may not signal a decrease in America’s commitment to its global allies.  Indeed, even though FMS declined by 31 percent, the United States increased funding to the Foreign Military Financing (FMF) program from $3.3 billion to $3.8 billion.  In addition, U.S. contributions to the Building Partner Capacity programs remained relatively steady, declining slightly from $2.69 billion to $2.34 billion.  The decrease in overall FMS figures was driven by a 36 percent fall in foreign government-funded transactions.

Second, Direct Commercial Sales (DCS) arrangements between U.S. defense contractors and foreign governments dropped 16.8 percent in FY 2021, from $124.3 billion in FY 2020 to $103.4 billion.  FMS involve the U.S. government directly procuring defense materiel or services before transferring materiel or services to a foreign defense ministry.  In contrast, DCS do not involve the U.S. as a contractual party.  The U.S. government oversees DCS, and U.S. export controls laws govern all DCS.  But, compared to its direct involvement in FMS, the U.S. government’s oversight of DCS is primarily indirect.  Therefore, the decline in DCS may indicate that the budgetary concerns of America’s allies drove the contemporaneous decline in FMS more than the Pentagon’s shifting priorities did.

Third, certain critical factors may impede FMS figures from rebounding quickly in FY 2022.  Besides the COVID-19 pandemic’s ongoing impact on national defense budgets, the country-by-country figures published by DSCA reveal areas for potential regression in FY 2022.  For example, the FY 2021 figures included approximately $1.26 billion in sales to Afghanistan, an amount that likely will decrease given the recent regime change.  The FY 2021 numbers include a $1.5 billion allocation to France, which appears to have been boosted by an unusually large $1.3 billion transaction to supply aircraft launch and recovery equipment for France’s naval carrier program.  In FY 2022, U.S. sales to France may regress closer to $220 million, the average for transactions with France from the preceding four years.  Germany also entered into an unusually large $1.7 billion FMS contract for P-8A aircraft and accompanying services and equipment.

On the other hand, the United States’ recent commitment to support Australia’s submarine program may offset decreases in U.S. arms sales to countries like Afghanistan, France, and Germany in the long term.  The 2021 agreement between the United States and the United Kingdom to deliver nuclear submarines to Australia will likely have a lasting impact on U.S. defense exports.  Still, the budgetary impact of those commitments on DSCA programs remains uncertain.

Finally, the recent DSCA report detailed America’s efforts in its institutional capacity building (ICB), international military training and education (IMTE), and humanitarian assistance (HA) programs.  In particular, the United States has trained over 38,500 foreign military students and has conducted 383 advisory, education, and training engagements with civilian officials and military officers of allied nations.  The United States military is engaged in over 801 HA projects, and the Department of Defense has spent over $124 million in foreign HA, $119 million through COVID relief legislation, and $1.96 billion in support of over 80,000 Afghan evacuees.  Annual FMS statistics reporting typically has not included these programs.

Two points do not make a trend.  Thus, two years of declining FMS totals do not provide sufficient data to draw firm conclusions about U.S. defense exports.  But, whereas in 2019 the question was whether annual sales in the $55 billion range would become standard, now the question remains whether FMS transactions will rebound in 2022.  Moreover, DSCA has signaled its commitment to international efforts, including HA, that further U.S. defense interests through alternative channels.

 

As discussed in our previous post, multiple federal courts have issued preliminary injunctions blocking the Biden Administration’s COVID-19 vaccine mandate for employees of federal contractors.  On January 27, 2022, the United States District Court of Arizona issued a new and additional injunction barring enforcement of the mandate within the State of Arizona.  In so doing, the Arizona court added to the injunctions previously issued by the U.S. District Courts for the Eastern District of Kentucky, Western District of Louisiana, Eastern District of Missouri, Middle District of Florida, and Southern District of Georgia.

The Georgia injunction is the only one of the rulings that applies nationwide.  Like the Arizona injunction, the Missouri, Florida, and Kentucky injunctions are limited to specific states (collectively, Kentucky, Ohio, Tennessee, Missouri, Nebraska, Alaska, Arkansas, Iowa, Montana, North Dakota, South Dakota, Wyoming, and Florida).  The Louisiana injunction is also limited, but its limitations are based on entities rather than geography; it applies to contracts and other agreements between the federal government and the governments of Louisiana, Mississippi, and Indiana.  The Biden Administration has appealed these earlier decisions; we expect that an appeal of the Arizona decision to the Ninth Circuit will likewise be forthcoming.

At the same time, the Biden Administration’s other primary COVID-19 initiative for large employers — the vaccination and testing emergency temporary standard issued by the Occupational Safety and Health Administration (the so-called “OSHA Mandate”) — was stayed by the United States Supreme Court on January 13, 2022.  In the wake of that decision, OSHA announced on January 25, 2022 that it is withdrawing the enforceable emergency temporary standard.

While the Supreme Court’s decision halted immediate application of the OSHA Mandate, the emergency temporary standard qualifies as a proposed rule for purposes of OSHA’s notice-and-comment rulemaking process under 29 U.S.C. § 655, and OSHA has announced that it will continue to consider the emergency temporary standard pursuant to that process.  Accordingly, OSHA could attempt to promulgate a final rule (as opposed to an emergency temporary standard) that addresses vaccines or testing requirements.

The rest of this post consists of (1) an overview of the Arizona decision regarding the federal contractor vaccine mandate; and (2) an update on the status of the other challenges to the federal contractor vaccine mandate, including the Kentucky, Louisiana, Missouri, Florida, and Georgia litigations.

Continue Reading COVID-19 Vaccine Mandate Update: Arizona District Court Issues Additional Injunction; Mandate Remains Enjoined Nationwide; OSHA Mandate Withdrawn

This is the ninth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the second, third, fourth, fifth, sixth, seventh, and eighth blogs described the actions taken by various government agencies to implement the EO from June through December 2021, respectively.

This blog summarizes key actions taken to implement the Cyber EO during January 2022.  As with steps taken during prior months, the actions described below reflect the implementation of the EO within Government.  However, these activities portend further actions in February 2022 that are likely to impact government contractors, particularly those who provide software products or services to government agencies.

Continue Reading January 2022 Developments Under President Biden’s Cybersecurity Executive Order

On February 1, 2022, the Department of Justice (“DOJ”) released its annual report summarizing False Claims Act (“FCA”) enforcement activity in FY 2021.  The report confirmed what many practitioners already suspected: FY 2021 was another banner year in FCA enforcement.  DOJ’s annual judgments and settlements exceeded $5.6 billion, making FY 2021 the second largest annual recovery ever (and the largest since 2014).  But beyond this top line number, a closer analysis of the figures in DOJ’s report offers additional insight on strategies for preventing and mitigating costly FCA exposure.

Continue Reading DOJ Records Historic False Claims Act Recoveries in FY 2021

On January 25, 2022, the Fourth Circuit joined the growing number of circuits to hold that under the False Claims Act, “a defendant cannot act ‘knowingly’ if it bases its actions on an objectively reasonable interpretation of the relevant statute when it has not be warned away from the interpretation by authoritative guidance” and that “this objective standard precludes inquiry into a defendant’s subjective intent.”  United States ex rel. Sheldon v. Allergan, No. 20-2330, (4th Cir. Jan. 25, 2022) (“Opinion”) at 12.

Continue Reading Fourth Circuit Sheldon Decision Confirms Objective Standard For Scienter Under FCA