Investigations, Enforcement, & Compliance Alerts

The Federal Improvement in Technology Procurement Act (FIT Procurement Act) was introduced by Senators Gary Peters (D-MI) and Ted Cruz (R-TX) in late March 2024.

On May 3, 2024, the federal government took steps to ban federal purchases of semiconductor products from certain U.S. foreign adversaries in a proposed rule that would affect the majority of federal contracts. The proposed rule would amend the Federal Acquisition Regulation (FAR) to implement section 5949 of the 2023 National Defense Authorization Act (Pub. L. 117-263) (NDAA).

Health care companies and stakeholders should be prepared for an uptick in antitrust complaints and investigations in the short term, driven by the launch of HealthyCompetition.gov. Despite the anticipated short-term impact, the long-term impact remains uncertain and depends on the sustained engagement and use of the tipline by the public.

On Feb. 22, 2024, the US Department of Justice (DOJ) released its annual False Claims Act (FCA) recovery statistics and announced that it obtained more than $2.68 billion in settlements and judgments in fiscal year (FY) 2023 from civil cases involving fraud and false claims against the government, a 21% increase over the prior year's recoveries. As such, FY 2023 was another strong year for FCA enforcement and marked the fifteenth straight year where recoveries exceeded $2 billion. This past fiscal year also saw records set in several areas, including the highest number of settlements and judgments in DOJ history and a record number of civil investigative demands (CIDs) issued in connection with investigating FCA claims, revealing highly robust FCA investigative activity in 2023, which could signal even greater FCA judgments and recoveries in future years.

On March 13, 2024, three years since the proposal by the European Commission (the Commission), the lawmakers in the European Parliament approved the Artificial Intelligence (AI) Act (AI Act), the first regulation on artificial intelligence in the world, with an overwhelming majority of 523 votes in favor, 46 against and 49 abstentions. The AI Act will most likely take effect in May, after its final endorsement.

The Department of Justice is intensifying its corporate enforcement efforts with a new whistleblower program. DOJ has made it clear that corporations and individuals with knowledge of corporate misconduct should “come see us before we come see you.”

Government contractors that sell software to the federal government, either directly or indirectly through a reseller agreement, frequently attempt to preserve and protect their copyright and other intellectual property rights by incorporating commercial licensing terms from an End User Licensing Agreement (EULA) into their government contracts. Many in-house lawyers have been closely monitoring questions related to EULA enforceability because the inclusion of favorable terms in a EULA can have a tremendous impact on the rights and obligations of all parties to a contract with the government. Two recent cases from government contract tribunals evaluate the limits on the enforceability of EULAs incorporated into government contracts and show the ramifications of failing to completely understand their terms.

The Department of Labor (DOL) recently announced a final rule that implements Executive Order 14055 “Nondisplacement of Qualified Workers Under Service Contracts” (the EO).

On December 9, 2023, the European Commission (Commission) announced that a political agreement was reached between the European Parliament and the Council on the Artificial Intelligence (AI) Act (AI Act), as proposed by the Commission in April 2021. It is considered the first text of its kind in the world.

On October 23, 2023, the United States Department of Labor (DOL) updated the Davis-Bacon and Related Acts (DBRA) regulations.

On September 21, 2023, President Biden directed federal agencies to consider contractors’ greenhouse gas emissions when making procurement decisions. This announcement, along with Executive Order 14030, which directs the Federal Acquisition Regulatory Council (FAR Council) to promulgate rules instructing agencies to consider the environmental impact of their contracts, demonstrates a continued interest by the Biden administration to use government procurement as a vehicle for reducing greenhouse emissions. The administration plans to incentivize government contractors to lower their environmental impact by requiring “significant” and “major” Federal suppliers to publicly disclose their greenhouse gas emissions by (1) mandating that the largest contractors commit to meeting science-based emission reduction goals and (2) creating rules requiring agencies to consider the environmental impact of contractors in the bid process.

In analyzing a government contractor target for a proposed acquisition—such as a merger, asset sale, or stock purchase—due diligence may uncover a seller’s noncompliance with certain Federal Acquisition Regulations or other applicable regulations.

On October 30, 2023, President Biden signed an Executive Order regarding “Safe, Secure, and Trustworthy Artificial Intelligence.” The administration’s goal is to provide a legal and regulatory framework for the largely unregulated world of artificial intelligence (AI) so that the U.S. can reap the benefits of AI while avoiding the pitfalls. This wide-reaching order directs government agencies to promulgate rules, form task forces, and provide guidance on the risks of AI to national security, biological research, data privacy, civil rights, consumer protections, and the ability of workers to bargain collectively. While this order will have a broad impact across the entire economy, government contractors will be particularly impacted in the coming months and years as they are forced to adapt to emerging rules and regulations governing how they can use AI and what forms of AI the government will approve for use on government contracts. This order signals a shift in how federal agencies will operate in the future, and those changes will require contractors to adapt, whether or not they actively use AI in their operations.

The Department of Defense (DOD) is expected to finalize a new rule by the end of 2023 that will significantly enhance the Cybersecurity Maturity Model Certification (CMMC) framework and related cybersecurity requirements for defense contractors. 

The National Institute of Standards and Technology (NIST) continues to update its guidance, through Special Publication 800-171 (NIST SP 800-171) on how defense contractors and subcontractors of federal agencies should protect Controlled Unclassified Information (CUI). NIST SP 800-171 revision 3, which is expected to be published in early 2024, contains significant changes from the current version (revision 2). Among many modifications, the initial public draft of revision 3, released on May 10, 2023, introduces new security controls, incorporates more detailed security requirements, and provides mechanisms for agencies to tailor their security requirements to their specific needs. These changes may require contractors currently handling CUI to review and revise their information security controls to remain in compliance with their contracts.

The federal government will officially shut down at 12:01 a.m. on Sunday, October 1, unless Congress agrees to pass a spending bill or a continuing resolution. The Biden administration yesterday began notifying federal employees that a shutdown is likely. This would be the fourth government shutdown in the past ten years, the longest of which lasted 34 days.

On June 2, 2023, the Federal Government issued a new Federal Acquisition Regulation (FAR) clause, FAR 52.204-27, the No TikTok on Government Devices Act, which prohibits the presence or use of the TikTok app on information technology (IT) equipment used by government contractors and contractor personnel in the performance of a contract (“TikTok Ban” or “Ban”). The Government enacted the Ban to safeguard government information amid national security concerns. The new regulation is effective immediately and applies to all new government contracts, including those at or below the simplified acquisition threshold, contracts for commercial products (including commercially available, off-the-shelf items), and contracts for commercial services.

On February 23, 2023, the European Commission’s Corporate Management Board announced that it has suspended the use of the TikTok application on its corporate devices and on personal devices enrolled in the European Commission mobile device service.

In recent remarks on successive days, Department of Justice (DOJ) Deputy Attorney General Lisa Monaco and DOJ Assistant Attorney General Kenneth Polite announced significant changes to the DOJ’s corporate criminal enforcement policies. These changes, announced first by Monaco on September 15, 2022, are “a mix of incentives and deterrence” designed to speed up investigations and establish additional rules and guidelines for companies facing investigation by the DOJ.

The U.S. Department of Justice’s latest Foreign Corrupt Practices Act (FCPA) resolution with Glencore plc and related entities raises new questions about independent compliance monitors, and whether they are back to stay.