Insights

On April 7, 2025, the Defense Contract Audit Agency (DCAA) announced agency reorganization plans aimed at reducing the number of field offices and centralizing audit operations. DCAA plans to close 40 smaller audit suboffices around the country, many staffed with fewer than 10 personnel, to reduce the costs of associated leases. The agency will also consolidate the existing Region Audit Directorates for the Eastern, Central and Western Regions and four Corporate Audit Directorates (CADs), located proximate to large contractors, into three new Directorates—Land, Sea, and Air. The audit offices of the CADs will be merged into the new Directorate that most closely aligns with a contractor’s product. DCAA’s announcement states that the organizational restructuring will be completed by September 30, 2025. The full text of the announcement is available here.

Most protests involve competitive procurements and the many rules governing how agencies are to conduct such procurements. In certain circumstances, agencies are permitted to bypass some of these rules and limit competition. But, as GAO noted in a recently issued sustain decision, the authority to use noncompetitive procedures does not provide the agency carte blanche.

On March 26, 2025, the Department of Justice (DOJ) announced that defense contractor MORSECORP Inc. (MORSE) will pay $4.6 million to settle allegations that MORSE violated the False Claims Act (FCA) by failing to comply with cybersecurity requirements and subsequently submitting false or fraudulent claims for payment in its contracts with the Departments of the Army and Air Force. This is the first FCA settlement that is based on a defense contractor’s failure to reevaluate and promptly update its self-assessment score in the Supplier Performance Risk System (SPRS) after a third-party assessment resulted in a lower score.

On March 12, 2025, the Government of Canada announced plans to launch the Canadian Program for Cyber Security Certification (CPCSC). CPCSC is a cybersecurity compliance verification program that aims to protect sensitive unclassified government information handled by Canadian government contractors and subcontractors within Canada’s defense sector. Canada will roll out CPCSC to contractors in four phases, with the first phase launching this month.

On March 24, 2025, the Federal Risk and Authorization Management Program (FedRAMP) unveiled “FedRAMP 20x,” a proposal to make FedRAMP more efficient by automating FedRAMP security assessments and continuous monitoring, simplifying required technical controls, and leaning on industry to provide tooling and solutions to support automation. 

On March 20, 2025, the White House issued Executive Order (“EO”), “Eliminating Waste and Saving Taxpayer Dollars by Consolidating Procurement,” to consolidate domestic civilian contracting for “common goods and services” within one agency—the General Services Administration (“GSA”). The EO defines “common goods and services” as those described in the Category Management system first developed as part of a previous effort, dating back to 2014, to coordinate spending across the government.

On February 26, the European Commission presented its Clean Industrial Deal (CID). As a follow-up to the European Green Deal, the CID aims to strengthen the competitiveness of European industry while at the same time accelerating the decarbonization of the economy.

As a result of the Procurement Act 2023, the UK procurement regime  changed on 24 February 2025. To read about the key changes, please see our article Understanding the UK’s New Procurement Regime in 2025.

United States Attorneys’ Offices recently announced a number of False Claims Act (FCA) settlements arising out of the Paycheck Protection Program (PPP). These settlements reveal several trends that PPP loan recipients should be aware of.

On February 24, 2025, in Raytheon Company v. United States, Judge Bonilla of the Court of Federal Claims (CFC) submitted the latest—and perhaps most definitive—entry in a growing body of jurisprudence confirming the CFC’s Tucker Act bid protest jurisdiction encompasses challenges to awards made under the Department of Defense’s Other Transaction Agreement (OTA) authority. Upon establishing a framework for considering its ability to review OTA awards, the CFC declared itself “the de facto forum for bid protests involving ‘other transactions’ and ‘other transaction agreements.’” 

FY 2024 saw continued growth in False Claims Act enforcement, with a record year for new qui tam and government-initiated actions, and the highest total recovery in three years. Enforcement of pandemic-related fraud and cybersecurity noncompliance increased, and health care, procurement, and small business fraud violations were again priority areas. A groundbreaking opinion from the District Court for the Middle District of Florida may have teed up a potentially landscape-shifting decision about the viability of the qui tam mechanism in the not too distant future. And a landmark administrative law decision at the U.S. Supreme Court may impact many FCA cases to come. Significant decisions regarding retaliation, excessive fines, the first-to-file rule, and the public disclosure bar were also handed down by courts of appeals. Crowell attorneys discuss these highlights and others in a “Feature Comment” published in The Government Contractor.

On February 26, 2025, the White House issued an Executive Order (“EO”), “Implementing the President’s ‘Department of Government Efficiency’ Cost Efficiency Initiative,” to transform federal spending on “covered” contracts, grants, and loans. The EO defines “[c]overed contracts and grants” as “discretionary spending through Federal contracts, grants, loans, and related instruments, but excludes direct assistance to individuals; expenditures related to immigration enforcement, law enforcement, the military, public safety, and the intelligence community; and other critical, acute, or emergency spending, as determined by the relevant Agency Head.”

Federal Trade Commission Chair Andrew Ferguson announced on February 24, 2025, that the FTC will create the agency’s “first-ever” labor task force, signaling the agency’s continued focus on competition in labor markets, answering an open question from companies as to the fate of the agency’s no-poach and non-compete enforcement priorities. On February 26 Chair Ferguson followed up on his announcement with a Directive Regarding Labor Markets Task Force, providing additional details on the task force and the agency’s priorities.

On February 21, 2025, President Trump issued a National Security Policy Memorandum (“NSPM”) announcing the Administration’s “America First Investment Policy” (the “Investment Policy”)[1] affirming the United States’ commitment to open investment while safeguarding national security. Aimed at promoting investment in the United States from allied countries while imposing stricter measures on both inbound and outbound investments from “foreign adversaries,” the Investment Policy incentivizes foreign investment in the United States by announcing a “fast track” process “to facilitate greater investment from specified allied and partner sources in United States businesses involved with United States advanced technology and other important areas.” The NSPM defines “foreign adversaries” to include the People’s Republic of China (the “PRC” or “China”), including Hong Kong and Macau, Cuba, Iran, North Korea, Russia, and the Maduro regime in Venezuela.[2]

On February 24, 2025, the Small Business Administration (SBA) issued a “Day One” memo outlining SBA Administrator Kelly Loeffler’s priorities. 

Late on Friday, a federal judge in Maryland issued a preliminary injunction pausing certain elements of the Trump Administration’s two recent executive orders (“EOs”) addressing “illegal DEI programs.” The two EOs, Exec. Order 14151, Ending Radical and Wasteful Government DEI Programs and Preferencing (the “J20 Order”) and Exec. Order 14173, Ending Illegal Discrimination and Restoring Merit-Based Opportunity (“J21 Order”), contain a number of provisions that, among other things, direct the federal government to dismantle “illegal DEI programs” within federal agencies and federal contractors. Please refer to our prior alert on these EOs for a full breakdown of the provisions in each.

Amidst a flurry of executive cost-cutting, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification program—often known just as “CMMC”— appears to be defying the odds and only picking up steam. Marking the first CMMC developments under the new administration, the DoD has published guidance that previews what to expect once CMMC is finalized. These developments suggest that the current administration intends to pick up where it left off, having first introduced the CMMC program during President Trump’s first term.

On February 18, President Trump issued an Executive Order titled “Ensuring Accountability for All Agencies” that directs independent agencies (as well as Cabinet Departments and their sub-agencies) to route all “proposed and final significant regulatory” and budgetary actions through the White House and the Office of Management and Budget. If implemented to its full extent, this action will significantly strengthen the authority of the White House by weakening the political autonomy of these independent agencies. As an assertion of the President’s inherent powers under Article II of the U.S. Constitution, it also stands to weaken congressional influence over these independent agencies, both through the appropriations and confirmation processes.

On February 13, 2025, a coalition of sixteen state attorneys general issued a “Multi-State Guidance Concerning Diversity, Equity, Inclusion, and Accessibility Employment Initiatives” (the Guidance). Led by Attorney General Andrea Campbell of Massachusetts and Attorney General Kwame Raoul of Illinois, and joined by the Attorneys General of Arizona, California, Connecticut, Delaware, Hawaii, Maine, Maryland, Minnesota, Nevada, New Jersey, New York, Oregon, Rhode Island, and Vermont, the Guidance is a direct response to concerns from the private sector in the aftermath of President Trump’s recent Executive Order 14173, which  directed federal agencies “to encourage the private sector to end illegal discrimination and preferences, including DEI.” The Guidance clarifies “the state of the law for businesses, nonprofits, and other organizations operating” in their respective states.

On February 13, 2025, Judge Amir Ali of the U.S. District Court for the District of Columbia issued a temporary restraining order in two combined cases—one filed by U.S. Agency for International Development (USAID) contractors, a second by USAID grant recipients—challenging Executive Order 14169, “Reevaluating and Realigning United States Foreign Aid,” which paused almost all foreign assistance funding.