Insights

On March 26, 2025, the Department of Justice (DOJ) announced that defense contractor MORSECORP Inc. (MORSE) will pay $4.6 million to settle allegations that MORSE violated the False Claims Act (FCA) by failing to comply with cybersecurity requirements and subsequently submitting false or fraudulent claims for payment in its contracts with the Departments of the Army and Air Force. This is the first FCA settlement that is based on a defense contractor’s failure to reevaluate and promptly update its self-assessment score in the Supplier Performance Risk System (SPRS) after a third-party assessment resulted in a lower score.

On his first day in office, President Trump rolled out a sprawling set of directives to the heads of numerous government agencies charged with shaping U.S. trade policy.  While stopping short of enacting new tariffs, the Presidential Memorandum defining an “America First Trade Policy” lays the investigative groundwork for potentially sweeping changes to tariffs and the existing trade environment.   The Memorandum requires various agencies—including, e.g., the Department of Commerce, the Department of the Treasury, and the Office of the U.S. Trade Representative (“USTR”)—to issue upward of twenty reports by April 1, 2025, each one covering a unique trade-related issue pertaining to certain key themes, including unfair and unbalanced trade with all U.S. trading partners, the relationship and impact of trade relations with the People’s Republic of China, and the state of economic security matters relevant for goods entering and exiting the United States. 

On January 15, 2025, the FAR Council released a proposed rule (FAR CUI Rule) that would amend the FAR to implement federal government-wide Controlled Unclassified Information (CUI) cybersecurity, training, and incident reporting requirements for government contractors and subcontractors.  The rule’s key cybersecurity requirements closely mirror the Department of Defense’s Cyber Maturity Model Certification (CMMC) program (for example, compliance with National Institute of Standards and Technology Special Publication 800-171, Revision 2), but broaden the scope to include contractors and subcontractors working across all federal agencies.  The Rule is intended to standardize the handling of CUI by federal government contractors and subcontractors in accordance with Executive Order 13556, including by: