Insights

On December 23, 2024, the Servicemember Quality of Life Improvement and National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2025 (FY 2025 NDAA) (P.L. 118-159) was signed into law.  The final FY 2025 NDAA takes a narrower approach to acquisition policy and supply chain changes than watchers expected, but it still makes some consequential changes for contractors.  Read on as Crowell & Moring’s Government Contracts group discusses the FY 2025 NDAA’s new supply chain restrictions and requirements, changes to bid protest jurisdiction, cybersecurity requirements, and more.

The National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2024, signed into law on December 22, 2023, makes numerous changes to acquisition policy. Crowell & Moring’s Government Contracts Group discusses the most consequential changes for government contractors here. These include changes that impose a new conflict of interest regime for government contractors with a connection to China, impose new restrictions and requirements, require government reporting to Congress on acquisition authorities and programs, and alter other processes and procedures to which government contractors are subject. The FY 2024 NDAA also includes the Federal Data Center Enhancement Act, the American Security Drone Act, and the Intelligence Authorization Act for FY 2024.

On October 5, 2023, the Federal Acquisition Regulation (FAR) Council published an interim rule to prohibit, in the performance of a government contract, the delivery or use of “covered articles” (which includes certain information technology and telecommunications equipment, hardware, systems, devices, software, and services) subject to a Federal Acquisition Supply Chain Security Act (FASCSA) exclusion or removal order.  The interim rule also imposes obligations for a related “reasonable inquiry” at the time of proposal submission and quarterly monitoring during contract performance.  These changes implement the FASCSA of 2018 (P.L. 115-390).  While the Federal Acquisition Security Council (FASC) and the order-issuing agencies (Department of Homeland Security (DHS), Department of Defense (DoD), and the Office of the Director for National Intelligence (ODNI)) have not yet issued any such FASCSA orders, those orders will be identified in the System for Award Management (SAM) or – in some cases – identified in and specific to the contract and any resulting subcontracts.

On September 14, 2023, the Senate Committee on Homeland Security & Governmental Affairs hosted a hearing called “Governing AI Through Acquisition and Procurement” (Hearing).  Senator Gary Peters (D-MI) opened the Hearing, explaining that the purpose was to explore how the U.S. government would purchase AI technologies and establish guidelines and standards for the development and use of those technologies.  Sen. Peters noted that over half of AI tools used by the federal government are purchased from commercial vendors and that the U.S. government should be careful in its procurement and use of these tools.

Federal contractors must be registered on SAM.gov to be eligible for award of federal contracts.  Failure to do so can have significant consequences, as the recent U.S. Court of Federal Claims (CFC) decision in Myriddian, LLC v. United States, No. 23-443 makes clear. 

On March 22, 2023, the Department of Defense (DoD) issued a proposed rule that would amend the Defense Federal Acquisition Regulation Supplement (DFARS) to require certain contractors to provide export authorizations to the Defense Authorization Management Agency (DCMA).

The National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2023, signed into law on December 23, 2022, makes numerous changes to acquisition policy. Crowell & Moring’s Government Contracts Group discusses the most consequential changes for government contractors here. These include changes that provide new opportunities for contractors to recover inflation-related costs, authorize new programs for small businesses, impose new clauses or reporting requirements on government contractors, require government reporting to Congress on acquisition authorities and programs, and alter other processes and procedures to which government contractors are subject. The FY 2023 NDAA also includes the Advancing American AI Act, the Intelligence Authorization Act for FY 2023, and the Water Resources Development Act of 2022, all of which include provisions relevant for government contractors.

On October 7, 2022, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) simultaneously published a final rule strengthening the antiboycott regulations in Part 766 of the Export Administration Regulations (EAR) (the “Final Rule”), as well as a memorandum on the new rule’s implementation (the “Final Rule Memo”), issued by the Assistant Secretary for Enforcement. Pursuant to the Final Rule, BIS will make three primary changes:

On January 12, 2022 the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued a federal register notice delaying the effective date of new controls on cybersecurity items and an accompanying new license exception. The rules are now set to take effect on March 7, 2022.

During December 2021, the House and Senate reached agreement on a compromise National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2022.  On December 23, 2021, Congress presented S. 1605 to President Biden, which he signed on December 27, 2021. 

Today, December 6th, is the deadline to file comments on the Department of Commerce’s Bureau of Industry and Security’s (BIS) interim final rule introducing export controls over cybersecurity items. The rule was issued on October 21st and broadly speaking covers intrusion software and internet protocol (IP) network communication surveillance that software is “subject to the Export Administration Regulations (EAR),” i.e., is either exported from the United States or is developed and exported from abroad with more than a minimal percentage of U.S.-origin content.[i]