Government Contracts & Investigations Blog

Latest updates on Developments Affecting Government Contracts & Investigations

Latest from Government Contracts & Investigations Blog

The Cybersecurity and Infrastructure Security Agency (“CISA”) recently released its new Proposed Rule pursuant to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”), which was published in the Federal Register on April 4, 2024 and is open for public comment through June 3, 2024. The Proposed Rule will be published in Part 6 of the Code of Federal Regulations, in a new Section 226, as part of the Department of Homeland Security’s regulations on Domestic Security.
Continue Reading CISA Cyber Incident Reporting for Critical Infrastructure Will Significantly Impact Government Contractors, Suppliers, and Service Providers

In January 2022, we warned software companies selling indirectly against attempting to enforce the terms of their End User License Agreement (“EULA”) directly against the Federal Government based on the decision of the Civilian Board of Contract Appeals (“CBCA”) in Avue Technologies Corp. Earlier this month, the Federal Circuit gave software companies some hope by vacating the CBCA’s decision. Read on, though, before filing your claim.
Continue Reading Finally Invited to the Party? Federal Circuit Opens the Door for Software Companies Selling Through Resellers to Bring a Contract Claim Against the Federal Government

GSA long has stated that the “MAS program is designed to mirror commercial buying practices.” (Don’t laugh – I’m serious! Slide 12 if you don’t believe me.) In the commercial marketplace, SaaS licenses are sold for set periods of time (typically annual terms) and paid for in advance. Historically, GSA refused to accept this commercial term, explicitly prohibiting customer agencies from paying in advance when acquiring SaaS through the MAS program. Software companies, rejoice, because GSA finally has seen the light!
Continue Reading Paid in Full: GSA Approves Advance Payment for SaaS Licenses

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Office of Management and Budget (“OMB”) released the highly-anticipated Secure Software Development Attestation Form (also known as the “Common Form”) and on March 18, 2024 CISA’s repository for the forms went live.
Continue Reading CISA Opens Repository for Submission of Software Security Attestation Forms

Class Deviation Prohibits DoD from Requiring Contractors to Disclose Emissions

Over the past two years, the FAR Council has been working to develop a rule that would amend the Federal Acquisition Regulation (“FAR”) to require contractors to inventory and report their greenhouse gas (“GHG”) emissions and climate-related financial risk in order to be eligible for Federal awards. (Prior posts are available here and here.)
Continue Reading Updates on GHG Emissions Disclosure Requirements

In January 2024, the Government Accountability Office (“GAO”) published 31 bid protest decisions, two of which resulted in decisions sustaining the protesters’ challenges. There were also two requests for costs, one of which was denied, and one request for consideration, which was, unsurprisingly, denied. Below is a summary of the notable decisions from January and what potential protesters can learn from them.
Continue Reading Bid Protest Hub – January 2024

On January 26, 2024, the Federal Risk and Authorization Management Program (“FedRAMP”) published a draft Emerging Technology Prioritization Framework developed in response to President Biden’s Executive Order 14110 on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (previously analyzed by our colleague here and discussed in a flash briefing available here). The Executive Order charged FedRAMP with developing a framework to prioritize Emerging Technologies in the FedRAMP authorization process, starting with generative AI.
Continue Reading Emerging AI Landscape: FedRAMP Publishes Draft Emerging Technology Prioritization Framework in Response to Executive Order on Artificial Intelligence

Welcome back to the Cost Corner, where we provide practical insight into the complex cost and pricing requirements that apply to Government contractors. The current topic is Federal Acquisition Regulation (FAR) Cost Principles applicable to contracts with commercial organizations. The previous four Cost Corner articles addressed the Cost Principles pertaining to the general criteria for determining the allowability of costs, direct and indirect costs, accounting for unallowable costs, and penalties for unallowable costs. This article begins coverage of FAR 31.205, Selected Costs, which includes forty-seven Cost Principles, each of which governs the allowability of a particular type of cost. The
Continue Reading The Cost Corner: Government Contracts Cost and Pricing – Compensation for Personal Services (Part I)

In a previous article, we analyzed what made protests successful at the Government Accountability Office (“GAO”) in Fiscal Year 2023 (“FY23”). Now, we want to share some insights we gained while conducting the same analysis of bid protest decisions at the Court of Federal Claims (“COFC” or the “Court”).
Continue Reading What Makes a Successful Protest at the Court of Federal Claims

To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the past year) and 2024 Forecast (that previews what we expect to see in 2024). This Recap & Forecast covers the following five high-interest topic areas related to cybersecurity and data protection:
Continue Reading Governmental Practice Cybersecurity and Data Protection, 2023 Recap & 2024 Forecast Alert

Since our last Bid Protest Hub article in November, the Government Accountability Office (“GAO”) has published 37 bid protest decisions, two of which have resulted in decisions sustaining the protester’s challenge. As we enter into the new year, it remains critical for government contractors to understand what issues win at the GAO and why. Below, we cover a few important GAO decisions you should know from December 2023.
Continue Reading Bid Protest Hub – December 2023

Welcome back to the Cost Corner, where we provide practical insight into the complex cost and pricing requirements that apply to Government contractors. This is the third article in a multi-part series on the Federal Acquisition Regulation (“FAR”) Cost Principles applicable to contracts with commercial organizations. The first article in the series addressed the criteria for determining the allowability of costs. The second addressed the allocation of direct and indirect costs. This Cost Corner focuses accounting for unallowable costs. The applicable Cost Principle is FAR 31.201-6, Accounting for Unallowable Costs. Among other requirements, FAR 31.201-6 incorporates by reference the practices
Continue Reading Government Contracts Cost and Pricing: Accounting for Unallowable Costs

Well, the wait is over. Just as 2023 came to a close, on December 26, 2023, the Department of Defense (“DoD”) published the much-anticipated Proposed Rule for the DoD’s Cybersecurity Maturity Model Certification (“CMMC”) program (the “Proposed Rule”). It has been just over two years since “CMMC 2.0” was announced in November 2021 (which we previously discussed here). And while there is nothing particularly surprising in the Proposed Rule, there certainly are several notable additions and clarifications. Below we outline the key portions of the Proposed Rule that will be of particular importance to defense contractors.
Continue Reading New Year, New Rules: The CMMC Proposed Rule is Here

On November 17, 2023, the Department of Defense (“DOD”) published a Final Rule – over five years in the making – addressing DOD policies regarding the applicability of laws to commercial products, commercial services, and commercially available off-the-shelf (“COTS”) products (DFARS Case 2017-D010). Partially implementing Section 874 of the Fiscal Year 2017 National Defense Authorization Act, DOD has imposed new regulations that expressly prohibit Contracting Officers (“CO”) and prime contractors alike from incorporating regulatory requirements of the Federal Acquisition Regulation (“FAR”) and the Defense Federal Acquisition Regulation Supplement (“DFARS”) in prime contracts and subcontracts unless mandated by regulatory text.
Continue Reading It’s the Most Wonderful Time for New DOD Flow Down Policies: Flowing Down Too Many Clauses Will Get Prime Contractors More Than a Lump of Coal

In addition to prohibiting the flow-down of non-mandatory FAR/DFARS clauses (which we talk about here), the Department of Defense (“DOD”) Final Rule in connection with the Defense Federal Acquisition Regulation Supplement (“DFARS”) Case 2017-D010 also touched on the decades-long debate as to which entities actually are subcontractors performing under a Federal prime contract. Yes, you read that correctly – there is no single definition for the terms “subcontract” or “subcontractor.” After almost 40 years of confusion, it appears the DFARS and Federal Acquisition Regulation (“FAR”) Councils are trying to end the debate once and for all.
Continue Reading New Year, (Potentially) New Definition for “Subcontract”