New Executive Order Bolsters the Nation’s Cyber Defenses
In a significant move to bolster the United States’ cybersecurity framework, President Biden issued an executive order (EO) on 16 January 2025 titled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity” days before leaving the White House. This comprehensive directive outlines measures designed to enhance the security of federal systems, improve transparency in third-party software supply chains, and leverage emerging technologies to fortify cyber defenses.
Combating Cyber Crime, Fraud, and Ransomware
The EO includes several provisions designed to address the prevalence of cybercrime, including fraud and ransomware attacks, which have been on the rise in recent years. For example, the EO addresses the use of stolen and synthetic identities in defrauding public benefits programs. It also encourages the use of digital identity documents for identity verification, provided these requirements adhere to principles of privacy and interoperability. The EO also promotes the development of “Yes/No” validation services to reduce identity fraud, allowing for privacy-preserving verification methods.
The EO also includes specific measures aimed at countering ransomware attacks. It amends Executive Order 13694 of 1 April 2015 to block property and interests in property of persons engaged in significant malicious cyber-enabled activities, including ransomware attacks. This revision allows for the freezing of assets of individuals and entities involved in such activities, effectively creating a financial deterrent against ransomware payments.
Enhancing Third-Party Software Security and Improving Federal Systems’ Cybersecurity
The EO mandates rigorous security standards for software providers to the federal government. Within 30 days, the Office of Management and Budget, in consultation with the National Institute of Standards and Technology and the Cybersecurity and Infrastructure Security Agency (CISA), will recommend contract language requiring software providers to submit secure software development attestations and artifacts, in addition to the Software Bill of Materials currently required. This aims to ensure that only software adhering to secure development practices is used in federal systems, thereby reducing vulnerabilities.
Federal agencies are required to adopt proven security practices, including advanced identity and access management technologies. The directive emphasizes the importance of phishing-resistant authentication methods such as WebAuthn. Furthermore, CISA is tasked with developing technical capabilities to monitor threats across federal systems, which includes gaining timely access to data from agency endpoint detection and response solutions.
The EO directs the modernization of IT infrastructure and networks supporting federal missions, emphasizing the adoption of zero trust architectures and other advanced cybersecurity practices. It also seeks to establish minimum cybersecurity requirements for businesses, thereby raising the baseline of cybersecurity across various sectors.
This EO represents a comprehensive approach to strengthening the nation’s cybersecurity defenses. By setting stringent requirements for software providers, enhancing federal system security, and leveraging emerging technologies, the administration aims to create a more resilient cyber infrastructure. The provisions to combat ransomware by targeting the financial aspects of cybercrime demonstrate a proactive stance in addressing one of the most pressing cybersecurity threats facing the nation today.
GAO Rejects Notion of a Pre-FPR “Continuous Registration Requirement” for SAM
The last week saw GAO sustain two protests that should put the nail in the SAM “continuous registration” coffin.
The Federal Acquisition Regulatory (“FAR”) Council recently revised the standard System for Award Management (“SAM”) registration clause (FAR 52.204-7) to make clear there is no “continuous registration requirement”—contractors need to be registered in SAM only at the time they submit their final, legally-binding proposal.
In two recent decisions, GAO has confirmed that the same was (and is) true under the prior version of FAR 52.204-7 as well. That is, if an agency allows an offeror to submit a revised proposal, and the offeror is properly registered in SAM when that final proposal is submitted, it does not matter if there was some SAM registration failure at an earlier stage of the procurement. The offeror is eligible, and it would be unreasonable for an agency to eliminate an offeror or terminate an award based on a pre-FPR SAM flaw.
In UNICA-BPA JV, LLC, B-422580.3, the protester (“UNICA”) had an active SAM registration when it submitted its final revised proposal, but the Agency later eliminated UNICA from the competition based on the fact that UNICA was not registered in SAM at the time of its initial proposal. That was unreasonable, GAO found, because UNICA had in fact met the stated requirement to be registered in SAM “when submitting an offer,” as the FAR defines “offer” as a proposal that can form a binding contract, and that definition applied only to UNICA’s final, legally-binding proposal, which was compliant. GAO thus found the Agency acted unreasonably by eliminating UNICA from the competition and sustained UNICA’s protest.
In Metris LLC, B-422996.2, the Agency proposed to take corrective action to terminate the award to Metris for having a break in its SAM registration between the time of the initial proposal submission and its final proposal submission. GAO found that Metris’s initial proposal was extinguished when Metris submitted – and the Agency accepted – Metris’s final proposal revision. Because Metris was registered in SAM at the time of the final proposal revision, Metris had an active SAM registration when it submitted its offer, in accordance with FAR 52.204-7. GAO thus recommended that the agency abandon its plans to terminate Metris’s contract award, and instead “maintain its existing award to Metris.”
These cases follow the legal reasoning of Hanford Tank Disposition Alliance, LLC v. United States, 173 Fed. Cl. 269, 312-319 (2024), and should deter agencies from eliminating any more offerors over pre-FPR SAM issues.
2024 False Claims Act Statistics Show More Cases Filed Than Ever Before
The Justice Department released its annual False Claims Act statistics on Wednesday, January 15, detailing the number of cases filed, recoveries made, and relators’ shares awarded in fiscal year 2024. The government recovered $2.9 billion dollars in 2024, with 57% of that total coming from healthcare cases, 3% from defense spending cases, and the remainder from other actions. Seventy-five percent of recoveries came from qui tam actions in which the government intervened and 17% came from cases initiated by the Justice Department, while qui tam actions where the government declined to intervene resulted in only 7% of the year’s recoveries.
2024 also saw more new FCA cases initiated than ever before. There were 1,402 new matters: 423 initiated by the government and a record-shattering 979 initiated by relators.
While the overall total recoveries increased by $133 million from the year prior, the types of cases driving the number have shifted slightly. Healthcare recoveries are down $184 million from last year and are the lowest they have been since 2009. Defense spending recoveries are down $464 million and are the lowest they have been in the last several years, though DOJ noted in its press release that a $428 million defense settlement—the second largest in history—came in just after the close of the fiscal year. While those traditional stalwarts of FCA recoveries lagged in 2024, DOJ more than made up for them in recoveries in non-healthcare or defense cases. Recoveries in other cases increased $781 million over the prior year and were the highest they have been in almost a decade.
It is not immediately clear what drove the uptick in non-healthcare and defense cases, though pandemic-related fraud claims accounted for at least $250 million of the recoveries. A menagerie of claims related to other government agencies, programs, and grants also appear to have contributed, including claims related to General Services Administration contracts, Housing and Urban Development grant funds, underpayment of royalties owed for oil and natural gas on federal lands, and Federal Emergency Management Agency (FEMA) projects.
Though the government increased its recoveries, it shared less of that money with whistleblowers. Relators received $50 million less than they did in fiscal year 2023. For qui tam actions in which DOJ intervened, it provided an average of 15.7% of the recoveries to the relator, which is the second-lowest relator share percentage since 2012.
In its press release touting the year-end statistics, the Justice Department highlighted healthcare recoveries in areas it has focused on in recent years, including opioid-related cases, matters alleging unnecessary services and substandard care, Medicare Advantage cases, kickbacks, and Stark Law violations. Though it did not appear to drive significant numbers in 2024, the government also highlighted its emerging cybersecurity initiative to promote cybersecurity requirements for government contractors.
Listen to this article
US Department of Justice Announces US$2.9 Billion in Fiscal Year 2024 False Claims Act Recoveries
On 15 January 2025, the US Department of Justice (DOJ) published its report (Report) announcing civil recoveries under the False Claims Act (FCA) for Fiscal Year (FY) 2024. The recoveries for FY 2024 exceeded US$2.9 billion, approximately US$1.7 billion of which involved the health care industry. The US government has now collected over US$78 billion in recoveries under the FCA since the statute was amended in 1986 to allow for treble damages and increased incentives for whistleblowers. Notably, the 979 qui tam lawsuits filed in FY 2024 marked the highest number in a single year; and the 558 settlements and judgments trailed only just behind the record number set in FY 2023.
As with FY 2023, qui tam cases comprised the largest portion of recoveries, with over 83% (US$2.4 billion) stemming from whistleblower actions. The government paid over US$400 million to whistleblowers in relation to these FY 2024 recoveries. Of the record-setting 979 qui tam suits that were filed in FY 2024, 370 were health care focused.
DOJ also highlighted its “key enforcement priorities” for FY 2024 and provided representative examples. The enforcement priorities included health care fraud, military procurement fraud, pandemic fraud, and cybersecurity fraud. As with prior years, health care fraud was the principal source of FCA recoveries, which included recoveries relating to Medicare Advantage fraud, billing for unnecessary services and substandard care, opioid epidemic-related fraud, kickback schemes, and Stark Law violations.
Health Care Fraud
With Medicare Advantage, also known as Medicare Part C, having become the largest component of the Medicare program, the government continued its focus on Medicare Advantage fraud. In FY 2024, the government secured a substantial recovery from a provider that allegedly paid kickbacks to third-party insurance agents in exchange for recruiting senior citizens to the provider’s primary care clinics. DOJ also highlighted that it is continuing to litigate a number of cases against Medicare Advantage Organizations.
DOJ obtained substantial recoveries from providers who allegedly improperly billed for medically unnecessary services and substandard care. Additionally, the government has continued to focus on opioid crisis-related fraud, with several substantial recoveries against pharmaceutical companies and individual physicians.
In a carry-over from FY 2023, some of the largest health care recoveries in FY 2024 resulted from alleged unlawful kickback schemes and Stark Law violations. The kickback schemes ranged from payments to purportedly induce referrals of dialysis patients, to medical directorships that were intended to induce patient referrals. As to the Stark Law, DOJ highlighted a US$345 million settlement to resolve allegations that a health care network paid compensation to certain physician groups far above fair market value and awarded bonuses tied to referral volume.
Other Enforcement Priorities
In addition to health care-specific recoveries, the government recovered significant funds stemming from military procurement fraud, pandemic fraud, and cyber fraud. The military procurement fraud recoveries included a US$70 million settlement against a contractor to resolve allegations that they overcharged the US Navy for spare parts and materials needed to repair and maintain aircraft used to train naval aviators. Of note, military procurement fraud recoveries could have been much higher in FY 2024, however, a US$428 million settlement with a defense contractor occurred on 16 October 2024, putting that recovery in FY 2025.
The government also resolved an estimated 250 cases, totaling over US$250 million, in connection with pandemic-related fraud. As with FY 2023, the pandemic fraud largely stemmed from the submission of inaccurate information in PPP loan applications, though the DOJ also highlighted a US$12 million recovery that resolved allegations of false claims for COVID-19 testing that were billed to the Health Resources and Services Administration’s Uninsured Program.
In October 2021, DOJ announced its Civil Cyber-Fraud Initiative with the goal of pursuing companies who receive federal funds while failing to follow required cybersecurity standards. In FY 2024, the government entered into several recoveries under the Civil Cyber-Fraud Initiative. DOJ also highlighted a complaint-in-intervention that was filed against a research institution alleging that the defendants had failed to meet cybersecurity requirements in connection with Department of Defense contracts.
Whistleblower Suits
Given the record-setting number of qui tam cases filed in FY 2024, it will be important to continue to monitor developments regarding the constitutionality of the qui tam provisions. On 30 September 2024, a judge in the US District Court for the Middle District of Florida held that the qui tam provisions of the FCA violate the Appointments Clause of Article II of the US Constitution. This first-of-its-kind decision has sparked a wave of filings by the defense bar. With the Middle District of Florida’s decision on appeal, there are sure to be many developments on this issue in the coming months.
The FY 2024 settlements and judgments provide an insight into the government’s enforcement priorities and potential future enforcement areas. The firm’s forthcoming article The False Claims Act and Health Care: 2024 Recoveries and 2025 Outlook will provide an in-depth analysis of the 2024 recoveries, as well as some key enforcement areas to look out for in 2025.
DOJ Reports Substantial Procurement Fraud Recoveries in FY 2024
The Department of Justice (DOJ) recently announced that it obtained more than $2.9 billion in False Claims Act (FCA) settlements and judgments in the fiscal year ending Sept. 30, 2024.
DOJ reports that matters that involved the healthcare industry comprised the largest portion of these FCA recoveries in FY 2024, but that “procurement fraud” recoveries, once again, were significant for DOJ this past year.
Among the more notable procurement fraud recoveries from the past year were:
A large government contractor paid $428 million to resolve allegations that it knowingly provided false cost and pricing data when negotiating with the Department of Defense for numerous government contracts and double billed on a weapons maintenance contract, leading to the company receiving profits in excess of negotiated rates. This is the second largest government procurement fraud recovery under the False Claims Act in history.
A large federal contractor paid $70 million to resolve allegations they overcharged the U.S. Navy for spare parts and materials needed to repair and maintain the primary aircraft used to train naval aviators. The government alleged that these entities, which were owned by the same parent company, entered into an improper subcontract that resulted in the Navy paying inflated costs for parts.
A federal contractor paid $811,259 to resolve allegations that it knowingly supplied valves that did not meet military specifications. The government alleged that, under a U.S. Navy contract, the company invoiced for military-grade valves to be installed on certain combat ships when the company knew the valves had not met the testing requirements to be deemed military grade.
DOJ brought claims against a federal contractor and an individual estate of the founder, majority owner and chief operating officer of the company for allegedly causing the submission of false claims to the Department of Defense under contracts to provide Army combat uniforms. The government alleged that the company and the founder falsified the results of the insect repellant testing to conceal failing test results, including by inappropriately combining results from different rounds of testing, re-labeling test samples to hide the true origin of the samples, and performing re-tests of uniforms in excess of what the contract permitted.
A government contractor paid $55.1 million to satisfy a judgment that it made knowingly false claims to the United States when it misrepresented its commercial sales practices during the negotiation and subsequent performance of a General Services Administration (GSA) contract. The court found that the false disclosures induced GSA to accept and then continue to pay higher prices than it would have had it known of the company’s actual commercial pricing practices. The court also found that the company continuously violated the Price Reduction Clause, “a standard term in these types of contracts that requires the contractor throughout performance of the contract to maintain GSA’s price position in relation to an identified customer or category of customer agreed upon in contract negotiations.”
The City of Los Angeles paid $38.2 million to resolve allegations that it failed to meet federal accessibility requirements when it sought and used Department of Housing and Urban Development (HUD) grant funds for multifamily affordable housing. The government alleged that the city failed to make its affordable multifamily housing program accessible to people with disabilities. The government also alleged that the city failed to maintain a publicly available list of accessible units and their accessibility features, and the city, on an annual basis, falsely certified to HUD that it complied with related grant requirements.
A federal contractor paid $26.8 million to resolve allegations that Hahn Air failed to remit to the United States certain travel fees collected from commercial airline passengers flying into or within the United States.
A government contractor paid $18.4 million to resolve allegations that it billed for time not worked at the National Nuclear Security Administration’s Pantex Site near Amarillo, Texas.
A large federal contractor paid $11.8 million to resolve allegations that it submitted false claims to the Federal Emergency Management Agency for the replacement of certain educational facilities located in Louisiana that were damaged by Hurricane Katrina. The government alleged that the contractor submitted to FEMA fraudulent requests for disaster assistance funds and did not correct applications that included materially false design, damage and replacement eligibility descriptions. Combined with settlements with other entities involved in the alleged conduct, the government recovered over $25 million in connection with the disaster assistance applications prepared by the contractor.
Listen to this post
SBA Final Rule Impacts Small Business Government Contractor Valuations
Go-To Guide:
Small Business Administration Final Rule will impact the valuation of small business government contractors holding Multiple Award Contracts (MACs) and Federal Supply Schedules (FSS). The rule takes effect Jan. 16, 2025.
Under the rule, if a business cannot recertify as small 30 days following a merger or acquisition (i.e., disqualifying recertification), it will no longer be eligible for options or task orders set-aside for small businesses under MACs.
Disqualifying recertifications made before Jan. 17, 2026, will not affect eligibility for small business MAC orders or options. This delayed effect encourages the sale of small business contractors holding MACs in 2025.
The rule eliminates an exception for FSS orders and blanket purchase agreements (BPAs). As of Jan. 16, 2025, a disqualifying recertification makes an FSS vendor ineligible for FSS orders or BPAs set aside for small businesses.
For transactions involving two small business contractors and for single award contracts, the rule does not impact future orders or options eligibility.
Effective Jan. 16, 2025, the United States Small Business Administration (SBA)’s Final Rule will significantly impact mergers & acquisitions involving small business government contractors and investors in the government contracting industry. A September 2024 GT Alert summarizes important aspects of the SBA’s Proposed Rule and discusses key changes that might impact small business government contractors. The Final Rule echoes much of the Proposed Rule’s language and will affect the landscape for small business contractors and investors in the federal government contracting industry.
This GT Alert highlights several aspects of the Final Rule.
Small Business Recertification Applicable to Multiple Award Contracts
Small businesses government contractors must recertify their size and small business program status (i.e., 8(a), HUBZone, women-owned, or service-disabled veteran-owned) within 30 days of a merger, sale, or acquisition. Traditionally, following a recertification, the size of a small business (including its affiliates) was determined at the time the business submitted its initial offer that included price. When the small business received a contract award, the business was generally considered small throughout the life of that contract (including options thereunder). Before the Final Rule, that was generally true even where a large business merged with or acquired the small business.
Single Award vs. Multiple Award Contracts
The Final Rule draws a distinction between single award and MACs. Whether a small business can continue to receive future orders under an underlying contract after a disqualifying recertification depends upon whether the underlying contract or agreement is a single award or MAC. For single award small business contracts (or any unrestricted contract), a business that recertifies as other than small (i.e., “large”) remains eligible to receive orders and options. Conversely, for MACs set-aside for small businesses, a business that recertifies as other than small would be ineligible to receive orders and options.
One-Year Delay
This aspect of the Final Rule delays the effective date to Jan. 17, 2026, and explicitly states that it should not be retroactively applied. In response to industry comment, the Final Rule notes that it makes sense to allow some time to adapt and plan how best to comply with the new recertification provisions. Once in effect, the Final Rule will apply to existing contracts, but the provisions making businesses ineligible for orders or options after disqualifying recertifications will apply only to future disqualifying recertifications (i.e., ones that occur after Jan. 17, 2026). Accordingly, businesses that have made or will continue to make disqualifying recertifications before Jan. 17, 2026, will continue to be eligible to receive orders and options after Jan. 16, 2025.
The Final Rule’s delayed application will increase transaction volume involving small business contractors through Jan. 17, 2026. Until that date, the current regulatory regime will govern transactions involving a small business, meaning small businesses with set-aside MACs will continue to be eligible for set-aside orders even after they are acquired by a large business. If the transaction closes after Jan. 17, 2026, however, small businesses will not be eligible for set-aside orders or new MAC options.
This aspect of the Final Rule takes effect Jan. 17, 2026.
Eliminating the Federal Supply Schedule Exception
General Services Administration (GSA) Federal Supply Schedule (FSS) Multiple Award Schedule (MAS) Contracts
There has been a recognized exception to recertification requirements for set-aside orders or BPAs placed against an FSS contract, meaning that size status would be determined by the underlying FSS contract award date (or the date of its recertification for an option exercise). The Final Rule eliminates this exception and is not subject to the one-year delay. Therefore, as of Jan. 16, 2025, if a small business submits a disqualifying recertification, it will be ineligible for set-aside orders or BPAs under its GSA FSS MAS contract.
This aspect of the Final Rule takes effect Jan. 16, 2025.
Notable Exception: Transactions Between Two Small Businesses
The Final Rule carves out an exception for transactions involving two small businesses. In response to industry comment, the Final Rule amends which businesses will be ineligible for orders and options after a disqualifying certification due to merger, sale, or acquisition.
The Final Rule makes ineligible only those contract holders that have disqualifying recertifications involving a merger, sale, or acquisition with a large business. Where two small businesses individually qualify as small before a transaction, the Final Rule allows the contract holder to remain eligible for orders issued under an underlying set-aside MAC. As a result, small businesses will be poised to engage in transactions with other small businesses.
This aspect of the Final Rule takes effect Jan. 16, 2025.
Application to Outstanding Offers (the “180 Day Rule”)
The Final Rule also clarifies the effect of transactions that occur after a small business submits an offer for a set-aside opportunity and prior to award. Traditionally, if a merger, sale, or acquisition occurred after 180 days from the date in which a small business submitted an offer and the business could not recertify as small following the transaction, the government could still award to the business. This was generally true for single award and MAC set-asides.
Under the Final Rule, if the transaction occurs within 180 days of offer submission and the business submits a disqualifying recertification, the business will be ineligible for award.
But for transactions that occur after 180 days of offer submission, the Final Rule again draws a distinction between single award and MAC set-aside opportunities. If the merger, sale, or acquisition occurs after 180 days of offer submission and the business submits a disqualifying recertification, the business will still be eligible for single award set-asides. But if the transaction occurs after 180 days of offer submission and the business submits a disqualifying recertification, the business will be ineligible for a set-aside MAC or task order thereunder.
This aspect of the Final Rule takes effect Jan. 16, 2025.
Authorization to Protest a Size Recertification
Traditionally, there was no mechanism to allow a size protest or request for a formal size determination from another interested small business who believes that a size recertification is incorrect. For example, if a small business recertified as small following a merger, sale, or acquisition, another MAC contract holder could not challenge that recertification arguing the small business was not eligible for award.
The Final Rule authorizes MAC contract holders to request a formal size determination relating to size recertifications. Because the Final Rule will render a small business ineligible for orders set-aside under a MAC following a disqualifying recertification, the SBA believes that other contact holders should have the ability to question a size recertification.
This aspect of the Final Rule takes effect Jan. 16, 2025.
Conclusion
These changes will impact M&A activity, size protests, and related small business counseling and compliance. Small business regulations are consistently one of the most active areas of regulatory change. With a new administration and Congress, there is potential for further changes to these or other small business regulations.
Supreme Court Won’t Consider Federal Contractor Minimum Wage Mandate
The Supreme Court on Monday, Jan. 13, 2025, declined to take up a decision addressing the president’s authority under the Procurement Act to issue a minimum wage mandate for employees working on federal government contracts. The denial of the petition for certiorari keeps a circuit split intact, and leaves federal contractors to navigate the wage mandate’s uncertain legal status while complying with the latest minimum wage hike to $17.75 per hour, which took effect Jan. 1.
President Biden issued Executive Order (EO) 14026 in 2021, which increased from $10.95 to $15 the minimum hourly wage for employees working on federal government contracts, and provided for annual increases to the minimum wage. In 2022, the U.S. Department of Labor (DOL) issued regulations implementing the EO.
In the case rejected by the Supreme Court, a Colorado federal court refused to grant a preliminary injunction barring enforcement of the wage mandate. The U.S. Court of Appeals for the Tenth Circuit affirmed. Bradford v. United States DOL, 2024 U.S. App. LEXIS 10382 (D. Colo. Apr. 30, 2024). The appeals court held the plaintiffs were not likely to show that the DOL lacked statutory authority to issue the DOL rule implementing EO 14026. The appeals court did not issue a final decision on the merits, however. The plaintiffs’ petition for certiorari asked the justices to address whether the wage mandate exceeds the president’s authority under the Procurement Act and, if not, whether the statute improperly gives lawmaking authority to the president. Their petition was denied, leaving these critical questions unresolved.
Meanwhile, two other challenges to the federal contractor wage mandate are pending.
In November, the U.S. Court of Appeals for the Ninth Circuit held that the president lacked authority under the Procurement Act to issue EO 14026. State of Nebraska v. Su, 2024 U.S. App. LEXIS 28010 (9th Cir Nov. 5, 2024). The appeals court also held the DOL regulation implementing the EO was arbitrary and capricious because the DOL failed to consider alternatives to the $15 rate, such as a lower wage rate or phasing in the $15 rate over several years.
Again, however, the Ninth Circuit also did not address the merits. Instead of invalidating EO 14026 and the implementing regulation, the Ninth Circuit sent the case back to the federal district court in Arizona, which had upheld the wage mandate in a legal challenge brought by several states. On remand, the district court is expected to issue a preliminary injunction barring application of the wage mandate, although it is not clear whether the injunction will apply to just the plaintiff states (to the extent of their relationships with the federal government as federal contractors) or as a complete ban to enforcement within the states. On Dec. 20, 2024, the DOL filed a petition for en banc rehearing of the divided Ninth Circuit panel decision.
The wage mandate is also facing an ongoing challenge in the U.S. Court of Appeals for the Fifth Circuit. The appeals court will consider the Biden Administration’s appeal of a 2023 decision invalidating EO 14026 in a case brought by the states of Louisiana, Mississippi, and Texas. The Texas district court had narrowly enjoined the wage mandate only as applied to the plaintiff state governments, refusing to issue a nationwide injunction because it did not want to “encroach” upon other federal courts that had upheld the executive order. State of Texas v. Biden, 2023 U.S. Dist. LEXIS 171265 (S.D. Tex. Sept. 26, 2023). The appeals court heard oral argument last August. The Fifth Circuit could reverse the Texas court and uphold EO 14026, setting up a split with the Ninth Circuit. This outcome is unlikely, however.
For now, the minimum wage mandate is in effect. But a broader reprieve (through a variety of avenues) may be forthcoming. The Trump Administration may opt to abandon the Fifth Circuit appeal and the bid to rehear the Ninth Circuit panel’s holding. President-Elect Trump also may opt to rescind President Biden’s executive order and decline to defend the wage mandate.
The FAR Council Publishes Long-Awaited CUI Rule
On January 15, 2025, the Federal Acquisition Regulation (“FAR”) Council issued its long-awaited “CUI Rule.” CUI, or Controlled Unclassified Information, is information that the government creates or possesses, or that an entity creates or possesses for or on behalf of the government, that a law, regulation, or governmentwide policy requires or permits an agency to handle using safeguarding or dissemination controls. For nearly 15 years, contractors have struggled to determine what information meets this definition. The CUI rule is an opportunity for the federal government to finally provide contractors with the guidance needed to better identify and safeguard the CUI they receive in connection with their federal contracts.
Contractors Handling CUI Will Be Subject to a New FAR Clause
The federal government will implement the bulk of the CUI Rule through a new FAR clause: FAR 52.204-XX. FAR 52.204-XX will apply to all contracts where CUI is involved in the contract, except for contracts that are for purely commercially available off-the-shelf items. The CUI rule also makes clear that federal agencies, not contractors, are responsible for determining whether contracts will involve CUI.
Safeguarding Requirements
Under FAR 52.204-XX, contractors are only required to safeguard the CUI identified in a newly created form, SF XXX, which agencies will provide with each contract. The following safeguarding requirements will apply to any CUI identified in the SF XXX:
Any special safeguarding requirements identified in the SF XXX.
For contractor’s own information systems (i.e., non-federal information systems), the contractor must comply with National Institute of Standards and Technology (“NIST”) SP 800-171, Revision 2 security requirements.
For Federal information systems, the contractor must comply with agency-identified security requirements from the latest version of NIST SP 800-53.
For cloud service providers (“CSP”), the CSP must comply with the FedRAMP Moderate security requirements.
Reporting Requirements
FAR 52.204-XX introduces two new reporting requirements. First, contractors are subject to a new cyber incident reporting requirement. Under this requirement, contractors must report any suspected or confirmed “CUI incident” that occurs on a non-federal information system within eight hours of discovery to a yet-to-be-identified agency official. A “CUI incident” is the improper access, use, disclosure, modification, or destruction of CUI. If a contractor is found to be at fault for the CUI incident, the contractor “may be” liable for costs incurred by the government in responding to and mitigating the incident.
Second, contractors must notify the contracting officer within eight hours of discovery of any information that the contractor “believes” is CUI that is not identified in the SF XXX or is not marked or properly marked as required in the SF XXX. The contractor must then “appropriately safeguard” that information while the contracting officer determines whether it is CUI.
Subcontractors
Contractors are required to include FAR 52.204-XX in subcontracts, at any tier, or other contractual instruments that will involve CUI identified in the SF XXX. The term “other contractual instruments” has the potential to extend the reach of this new FAR clause to third parties that are not directly supporting the contract effort, but who have access to CUI.
Overall, FAR 52.204-XX, and the CUI rule as a whole, have the potential to bring much-needed clarity to federal contractors regarding which contracts involve CUI, what type of CUI contractors will receive, and what safeguards they must put in place. Whether that clarity materializes will depend on how federal agencies implement the rule.
Practical Considerations for Navigating Tariff Risk on Construction Projects
As the second Trump administration begins next week, developers, contractors, subcontractors and suppliers are evaluating the extent of the construction industry’s international ties – and contractual exposure to potential tariff increases. While President-elect Trump has been forthright about his intent to impose and increase tariffs, he has not provided details about which products, goods, and countries may be affected.
This uncertainty leaves many in the construction industry concerned, and both upstream and downstream parties are carefully negotiating contractual risk of changes in tariffs. Broadly speaking, tariffs are typically considered import (or export) taxes imposed on goods and services imported from another country (or exported). In the United States, Congress has the power to set tariffs, but importantly, the president can also impose tariffs under specific laws (most notably in recent years, the Trade Act of 1974), citing unfair trade practices or national security.
Many different contractual provisions may be impacted by the introduction of new tariffs: tax provisions, force majeure provisions, change in law provisions, and price escalation provisions, for example. Procurement contracts routinely rely on Incoterms, which allocate tariff risk to either buyer or seller depending on the selected Incoterm. Negotiating an appropriate allocation of risk of changing tariffs can be as much an art as science and requires consideration of how tariffs are administered and their effects on the market. Consider, for example, the following:
Tariffs are paid by the importer of record to U.S. Customs & Border Protection. If a contractual party is not the importer of record, such party will not be directly liable for payment of tariffs.
Instead, tariffs raise the ultimate cost of goods or services because importers increase their price to buyers to account for the tariffs.
Tariffs also tend to indirectly increase the cost of goods or services related or equivalent to the goods or services subject to tariffs by raising demand for domestic or non-affected substitute goods or services.
Some goods and services are higher risk than others (e.g., goods originating from China, and potentially in a second Trump administration, goods originating from Canada and Mexico). Understanding the extent of the international reach of a construction project’s supply chain may assist in evaluating exposure and negotiating appropriate relief from imposition of new or increased tariffs.
Having a working knowledge of how tariffs are implemented and their impacts on related markets is important to assessing and mitigating contractual risk. Parties to a construction contract may have different methods for managing tariff impacts. A supplier may choose to source goods from less risky countries, even if the cost of such goods is incrementally higher than their Chinese equivalent in the short term. A buyer may choose to enter into a master supply agreement, allowing the buyer to set a long-term fixed price on a guaranteed volume of goods that in turn permits the seller to better forecast its demand and supply chain. Many developers and contractors may negotiate shared risk of changed tariffs, establishing a change order threshold or cost-sharing ratio. Ultimately, those who consider and carefully negotiate provisions addressing changes in tariffs will be better prepared to face and manage their economic impact.
Listen to this post
What’s Next for OFCCP Under The Second Trump Term?
With President Trump’s second administration set to begin on January 20, 2025, federal contractors and subcontractors are anxiously awaiting what he might do with respect to the Office of Federal Contract Compliance Programs (“OFCCP”) and the employment obligations imposed on federal government contractors. While the Trump transition team has not signaled exactly what is in store, it seems likely that changes are coming. Below we provide some thoughts on what might occur.
Of course, once President Trump takes office, we will be monitoring developments closely and alerting our readers here. Stay tuned!
Looking Back at Trump 1.0
To set the stage, when President Trump first took office in 2017, many predicted the end of OFCCP. In some ways, the precise opposite occurred. Under then-Director Craig Leen, OFCCP was incredibly active during the Trump Administration, issuing over a dozen Directives and multiple new regulations, instituting new types of audits, and obtaining record recoveries for employees.
Even so, OFCCP during President Trump’s first term took an approach that was widely seen as contractor-friendly, establishing procedures that provided contractors with more transparency and consistency in their dealings with OFCCP. Many of those efforts were rescinded by the Biden administration.
Other efforts during this period were more controversial. OFCCP expanded the existing exemption to religious entities’ compliance with the anti-discrimination provisions of Executive Order 11246 by adding new definitions to “clarify the scope” of EO 11246’s religious exemption. In addition, toward the end of his administration, President Trump issued Executive Order (“EO”) 13950, which prohibited federal contractors from including certain concepts in their diversity trainings, including concepts commonly covered in unconscious bias and social privilege trainings. Both of these measures were eliminated by the Biden administration.
What Could Happen During Trump 2.0?
As noted above, the Trump transition team has not revealed plans for OFCCP in the new administration, and predictions about what President Trump would do to OFCCP at the outset of his first administration proved to be wrong. However, there are a number of potential outcomes contractors should look out for.
The End of Executive Order 11246?
Project 2025, a policy blueprint prepared “by over 100 respected organizations from across the conservative movement,” and which has been popularly associated with the incoming administration, proposes several measures to limit OFCCP’s scope – including rescinding EO 11246. This is something President Trump could do with a stroke of a pen on Day 1, and in so doing eliminate OFCCP’s race and sex equal employment and affirmative action obligations imposed on federal contractors.
It is also possible President Trump may not rescind EO 11246, but instead limit its scope. Currently, employment obligations are imposed on contractors with contracts as low as $10,000, and more onerous requirements – such as creating affirmative action programs – are triggered by contracts as low as $50,000. Raising those limits, which have been in place for decades, would lessen the burden on smaller contractors and allow the agency to focus its resources on larger contractors.
In addition, some have speculated that OFCCP under the new Trump Administration may pivot to focus on discrimination with respect to traditionally advantaged groups (i.e., men and whites).
Reinstatement of Executive Order 13950
Many speculate that President Trump will reinstate the controversial Executive Order on Combating Race and Sex Stereotyping, which President Biden rescinded shortly after taking office in January 2021. As we previously reported, this order required that new contracts entered into with the federal government include a clause prohibiting federal contractors from including certain concepts in their diversity and awareness trainings – including concepts “that:
One race or sex is inherently superior to another race or sex;
An individual, by virtue of his or her race or sex, is inherently racist, sexist, or oppressive, whether consciously or unconsciously;
An individual should be discriminated against or receive adverse treatment solely or partly because of his or her race or sex;
Members of one race or sex cannot or should not attempt to treat others without respect to race or sex;
An individual’s moral character is necessarily determined by his or her race or sex;
An individual, by virtue of his or her race or sex, bears responsibility for actions committed in the past by other members of the same race or sex;
Any individual should feel discomfort, guilt, anguish, or any form of psychological distress on account of his or her race or sex; or
Meritocracy or traits such as a hard work ethic are racist or sexist, or were created by a particular race to oppress another race.”
The order referenced various existing government DEI trainings as examples of trainings that “perpetuate racial stereotypes and division and can use subtle coercive pressure to ensure conformity of viewpoint… [and] have no place in programs and activities supported by Federal taxpayer dollars.” This is also something President Trump could do on Day 1, and seems likely given statements made by President Trump and his transition team regarding DEI initiatives.
Reinstatement of Religious Exemption Rule
Another likely possibility under the incoming administration is the DOL’s reinstatement of the final rule, “Implementing Legal Requirements Regarding the Equal Opportunity Clause’s Religious Exemption.” As we previously reported, the rule clarified the scope of OFCCP’s religious exemption and arguably expanded the scope of EO 11246’s existing exemption for religious entities’ compliance with its anti-discrimination provisions.
Return to Contractor-Friendly Enforcement Provisions
If OFCCP survives, it may reinstitute contractor-friendly enforcement procedures. For example, under the first Trump administration, OFCCP issued a rule – Nondiscrimination Obligations of Federal Contractors and Subcontractors: Procedures To Resolve Potential Employment Discrimination – which set forth procedures before OFCCP could issue notices of violation (“NOV”) aimed at increasing the transparency of the process and providing contractors with adequate time and information to respond to initial findings prior to the issuance of any NOV. That rule, along with other administrative actions aimed at increasing transparency and fairness, were eliminated by the Biden administration. It is likely OFCCP under the next administration will reinstitute those policies and procedures.
Potential OFCCP-EEOC Merger
It is possible that OFCCP may find a new home within another department or be dismantled altogether. As we previously reported, President Trump’s last term included a failed budget proposal to combine OFCCP and the Equal Employment Opportunity Commission (“EEOC”).
Conclusion
While we do not know what exactly will happen to OFCCP once President Trump re-takes office, it seems all but assured that changes are coming. It is important for federal contractors to stay on top of developments and make any necessary adjustments.
2025 Budget Reconciliation Roadmap: Impacts and Action Steps
Overview
The budget reconciliation process is a critical legislative tool that allows Congress to pass budget-related measures with a simple majority in the Senate, bypassing the filibuster and expediting passage of significant legislative priorities. Established under the Congressional Budget Act of 1974, reconciliation is designed to align revenue and spending with Congress’ annual budget resolution. This mechanism is particularly valuable when one party controls Congress and the White House, as it allows major initiatives to advance without bipartisan support. However, reconciliation is subject to strict rules, including the “Byrd Rule,” which restricts provisions to those with direct budgetary impacts, i.e., with direct impact on either spending or revenues.
Prior Uses of Reconciliation During President Trump’s first term, budget reconciliation was a key tool for advancing significant legislative priorities, including the Tax Cuts and Jobs Act of 2017, which enacted sweeping tax changes. Similarly, the Biden Administration utilized reconciliation to pass key components of its agenda, such as the American Rescue Plan Act of 2021, which provided critical pandemic relief and economic stimulus. These examples highlight reconciliation’s utility in enacting transformative policies under unified government control.
Trump and Congressional Agenda for Reconciliation For the incoming Trump administration and Republican-majority Congress, reconciliation will be instrumental in enacting an ambitious agenda, that encompasses tax provisions, border security, energy production and deregulation, and defense funding. As stakeholders in energy, maritime, transportation, trade, defense, and railway, and Native American and Alaska Native affairs, all stakeholders should prepare for significant opportunities and risks as these measures take shape.
Reconciliation Strategy: One Bill or Two?President-elect Trump’s position on the scope and structure of reconciliation has evolved in recent weeks. While initially favoring a single comprehensive package, he has expressed openness to a two-bill strategy. The first bill would focus on energy, border security, and defense, while the second would address tax provisions and broader fiscal priorities.
House Speaker Mike Johnson (R-LA) has strongly advocated for a single reconciliation bill, arguing that it is the most efficient way to advance Trump’s agenda within the first 100 days. Johnson’s approach is supported by House Budget Committee Chairman Jodey Arrington (R-TX) and House Ways and Means Chairman Jason Smith (R-MO), who believe a unified package will maximize legislative momentum. However, Senate Republicans, including Budget Committee Chairman Lindsey Graham (R-SC), have emphasized the urgency of addressing border security and defense separately to mitigate national security risks, with tax policy changes following later this year in a second bill. This internal debate could impact the timeline and scope of reconciliation efforts.
Scope of Potential Legislation
Tax ProvisionsTax changes are expected to play a significant role in the reconciliation process, with the extension of the 2017 tax cuts at its core. These extensions aim to provide continued relief for businesses and high-earner individuals while reducing corporate tax rates further to enhance global competitiveness and attract investment. Additional measures under consideration include eliminating taxes on tipped income to support the service industry, eliminating taxes on Social Security benefits, simplifying the tax code by reducing brackets, and eliminating certain deductions to streamline compliance and reduce costs. A new revenue-generating mechanism involving tariffs on imports is also being proposed.
Border Security and DefenseBorder security and defense funding are poised to feature prominently in the reconciliation agenda. Significant allocations are anticipated for border wall construction, advanced surveillance technologies, and enhanced U.S. Customs and Border Protection and Immigration and Customs Enforcement operations. Simultaneously, the military will receive increased funding to address strategic vulnerabilities and modernize equipment. These measures not only aim to provide immediate legislative wins but also to mitigate pressing national security concerns.
Energy PolicyEnergy policy will focus on streamlining permitting processes for critical infrastructure projects, such as pipelines, renewable energy installations, and oil and gas export terminals. Domestic energy production will be promoted through the reduction of regulatory barriers, particularly in the oil, gas, and nuclear sectors. Further, energy independence initiatives, including incentives for clean energy and advanced technology adoption, will be advanced. However, proposals to reform environmental protections, such as the National Environmental Policy Act (“NEPA”) review process, are expected to face legal and public opposition, even as they aim to accelerate project timelines. Whether or not permitting reform meets the Byrd Rule by saving tax revenues remains to be seen.
Debt CeilingDebt ceiling adjustments are also on the table, with plans to raise the debt limit within the reconciliation package to ensure government solvency and avoid market disruptions. To secure support from conservative members, this increase will likely be paired with $2.5 trillion in spending cuts over ten years, focused on discretionary spending and the reduction of waste and inefficiencies. It remains to be seen whether these tax cuts can be balanced out simply with discretionary spending cuts. Balancing the debt limit increase with long-term fiscal sustainability will be a key focus.
Tentative Timeline and Legislative Actions
Early February: Adoption of a budget resolution with reconciliation instructions is expected, providing the framework for committees to draft detailed legislation.
March 14, 2025: Deadline to pass final fiscal 2025 spending bills to avoid a government shutdown.
Early April: House passage of the reconciliation package, with the goal of Senate approval by the end of April or early May.
May 2025: Final reconciliation measures enacted, aligning with Trump’s first 100 days.
It is important to note that this is an ambitious one-bill strategy timeline, and dates could be delayed due to lengthy negotiations. A two-bill approach may stretch until the end of the 2025 calendar year to meet the deadline for expiration of the original Trump tax cuts.
Implications for Stakeholders
EnergyIn the energy sector, increased project approvals and decreased regulatory hurdles may present significant opportunities for developers of fossil fuels, renewables, and nuclear energy. However, potential reforms of environmental protections may lead to legal risks for stakeholders. Moreover, the introduction of tariffs on imports, aimed at funding reconciliation priorities, could disrupt supply chains for energy infrastructure projects reliant on imported materials and potentially cause consumer prices to rise, creating inflation-related risks. This may be ameliorated if the incoming Administration, as reported, focuses the tariffs on only certain critical imports. This may, though, positively impact domestic energy producers due to an increased demand for low-cost, non-tariffed energy.
Maritime and TransportationThe maritime and transportation sectors stand to benefit from infrastructure investments that could drive growth in port modernization and rail projects. Streamlined regulatory approvals are expected to accelerate construction timelines, creating additional opportunities for stakeholders involved in large-scale projects. However, proposed discretionary spending cuts could reduce the availability of federal grants that support critical transportation infrastructure upgrades.
Native American/Alaska Native AffairsFor Native American and Alaska Native communities, the reallocation of federal funding poses a significant risk to vital services, including healthcare, education, and housing programs. Advocacy will be essential to ensure equitable treatment and representation in legislative negotiations. Despite these challenges, tribes, native organizations, and corporations may find opportunities to leverage energy and infrastructure investments to promote economic development, including through federal contracts, provided their interests are safeguarded in the reconciliation process.
What to Watch
Legislative DevelopmentsThe reconciliation strategy debate between a single comprehensive package and a two-bill approach will significantly shape the legislative process. Stakeholders should closely monitor the resolution of this debate, as it will determine the sequencing, timeline, and scope of legislative priorities. The progress of key committees in drafting specific provisions will also be critical to understanding how reconciliation impacts various industries.
Stakeholder AdvocacyProactive stakeholder advocacy will play a vital role in shaping favorable outcomes. Engaging with congressional offices to advocate for specific language in reconciliation provisions, particularly those impacting energy, defense, transportation, trade, and tribal programs, will be essential. Building coalitions to amplify industry voices and address shared concerns about proposed cuts or regulatory changes can further strengthen advocacy efforts.
Market ImpactsAdditionally, stakeholders should evaluate the market implications of proposed tax policies, including corporate rate reductions and import tariffs, to understand their potential impact on profitability and supply chain operations. Assessing the implications of energy deregulation measures on project feasibility and financing opportunities will also be critical. Finally, stakeholders should prepare for potential shifts in federal funding priorities, particularly those affecting grant-dependent programs and projects, to mitigate risks while seizing new opportunities.
Download This Alert