Jump to content

Someone Read the Section 809 Panel Report


Recommended Posts

I would like to highlight a comment I found on a Proposed Rule here, on regulations.gov:

Title VIII, section 8002 of the Federal Acquisition Streamlining Act of 1994 stated that the FAR shall contain, ‘a list of contract clauses to be included in contracts for the acquisition of commercial end items. Such list shall, to the maximum extent practicable, include only those contract clauses – (A) that are required to implement provisions of law or executive orders applicable to acquisitions of commercial items…; or (B) that are determined to be consistent with standard commercial practice.’ Therefore, please include an exception in the proposed FAR Part 12 clause prescription, for commercial product and service industries in which the Contracting Officer determines the Proposed Rule's clausal requirements are not standard.” (Emphasis my own)

Whereas OFPP’s FAR Case in question, No. 2023-021, seeks to add the prescription to its proposed FAR Part 22 clause into FAR 12.301, this comment appears to follow the Section 809 Panel’s Volume 1 Recommendation 2, “Minimize government-unique terms applicable to commercial buying,” instead.

I can appreciate this commenter’s search for a practical way to make our government enforce FASA.  Is this comment the right one to further the 809 Panel’s Recommendation, or does it misunderstand the intent of the Panel?  Or, does it not go far enough?

Link to comment
Share on other sites

I understand the existing tailoring allowance, but my question gets at the statutory requirement the Section 809 Panel said is not being met by any of the clauses in FAR 52.212-5 nor DFARS 12.301 (and I view FAR 12.301(d) and DFARS 212.301(f) to be the same marching orders to COs).  The Panel said the FAR and DAR Councils were applying their clauses to commercial items, despite the fact that that the statutes and E.O.s being promulgated were silent on the matter of commercial item applicability.  This is counter to 41 U.S.C. § 1906 (FAR) and 10 U.S.C. § 2375 (DAR) requirements.  Is the above comment the right one to further the 809 Panel’s Recommendation?  Specifically, this one:

Quote

The FAR Council should do the following:

  • Strike all clauses from 52.212-5, Contract Terms and Conditions Required to Implement Statutes or Executive Orders – Commercial items, based on statute that specifically refer to 41 U.S.C. § 1906, but are inconsistent with commercial practices (see Appendix F, Table F-5).

* * * *

  • Going forward, only include in FAR 52.212-5, Contract Terms and Conditions Required to Implement Statutes or Executive Orders – Commercial Items, those clauses that are based on statutes, executive orders, policies or regulations that specifically refer to 41 U.S.C. § 1906 and state that, notwithstanding section 1906, they are applicable to procurements for commercial products or services.

And this one:

Quote

The Defense Acquisition Regulations (DAR) Council should do the following:

  •  Strike all clauses in DFARS 212.301, Solicitation Provisions and Contract Clauses for the Acquisition of Commercial Items, based on statute that specifically refer to 41 U.S.C. § 1906 or 10 U.S.C. § 2375, but are inconsistent with commercial practices.

* * * *

  •  Going forward, only include in DFARS 212.301, Solicitation Provisions and Contract Clauses for the Acquisition of Commercial Items, those clauses that are based on statutes, executive orders, policies or regulations that specifically refer to 10 U.S.C. § 2375 and state that, notwithstanding § 1906, they are applicable to procurements for commercial products or services.

 

Link to comment
Share on other sites

I see. Instead of the FAR and DAR Council making the call, the contracting officer would make the call on a case-by-case basis. I'm having a hard time imagining how any clause required to implement a statute or executive order would be consistent with standard commercial practice.

Isn't FAR case 2018-013 addressing this issue? You know, the one whose status says "awaiting CAAC concurrence" of a proposed rule as of 2/19/2020?

Link to comment
Share on other sites

Well, CAAC will have to concur on a set of clauses that is a moving target, unless these kinds of Proposed Rule comments prevail.  Meantime, COs can tailor, but only up to a certain point.

19 hours ago, Don Mansfield said:

I'm having a hard time imagining how any clause required to implement a statute or executive order would be consistent with standard commercial practice.

Am I correctly inferring you would not check any of the 107 possible clauses "to implement provisions of law or Executive orders" that the CO can incorporate into a commercial contract where the clause says "[Contracting Officer check as appropriate]" in paragraphs (b) and (c) of FAR 52.212-5?  After all - and drastic as it seems - that is essentially what the 809 Panel recommended the FAR Council do, in Volume 1 Appendix F, Tables, F-5 through F-8.

Link to comment
Share on other sites

3 minutes ago, WifWaf said:

Am I correctly inferring you would not check any of the 107 possible clauses "to implement provisions of law or Executive orders" that the CO can incorporate into a commercial contract where the clause says "[Contracting Officer check as appropriate]" in paragraphs (b) and (c) of FAR 52.212-5?  After all - and drastic as it seems - that is essentially what the 809 Panel recommended the FAR Council do, in Volume 1 Appendix F, Tables, F-5 through F-8.

If the rule were to check them off if I determined that the clause was consistent with standard commercial practice, then I don't see how any would apply.

Imagine the howling by SBA if a CO decided not to check off the small business subcontracting plan clause, or DoL if a CO  decided not to check off Service Contract Labor Standards clause, or domestic sources if a CO didn't check off Buy American.

Link to comment
Share on other sites

  • 2 weeks later...

I apologize I just saw this.   My thought is this...

Leaving the decision to the CO is trouble some.  Many COs and the contract writing systems they use have trouble getting the right clause in a contract.  Imagine having to review a statue to determine application.

Examples.  Does not this wording make SCA applicable - 41 U.S.C. chapter 6702. ". .applies to any contract or bid specification for a contract, whether negotiated or advertised, that..."

Likewise The American Recovery and Reinvestment Act of 2009, by my recollection (did not research) had a requirement that any project private or public that used its fund must use USA steel.

 

Link to comment
Share on other sites

  • 1 month later...

Revisiting this thread because the latest FAR Final Rule to arise from an Executive Order is a case study in civic action.  It shows what happens when the public simply acquiesces to the regulators.  Compare its comment I located here (at regulations.gov, Tracking Number ln9-m78q-sml9) that does not shine FASA's light on the FAR Council's proposed rule:

Quote

In addition, the following language from the FAR Case on the use of the omnibus clause in certain types of contracts is unclear and we request it to be clarified. Does the following language mean that the omnibus clause must be used as a standard contract term and condition for all commercial products and services unless a written justification, exception, or a specific exemption is provided by the requiring official to the contracting officer? Please explain or clarify the intent of this language, which could significantly impact the acquisition of commercial products and services, such as computers and IT services if the omnibus clause is not required.

"As discussed in section III. of this preamble, this new omnibus clause is included in the clause at FAR 52.212–5, Contract Terms and Conditions Required To Implement Statutes or Executive Orders— Commercial Products and Commercial Services, and the clause at FAR 52.213–4, Terms and Conditions—Simplified Acquisitions (Other Than Commercial Products and Commercial Services). In the clause at FAR 52.212–5, the contracting officer will check the box next to FAR clause 52.223–XX to show that it applies to acquisition of commercial products and commercial services; this will be the case unless there is a written justification, exception, or exemption that covers all potential sustainable products and services in an acquisition. For simplified acquisitions, a new paragraph proposed at FAR 13.302–5 directs the contracting officer to remove FAR clause 52.223–XX from the clause at FAR 52.213–4 when there is a written justification, exception, or exemption that covers all potential sustainable products and services in an acquisition."

...To this one (at regulations.gov, Tracking Number luh-gcv4-yszk, also viewable here) about the instant thread's Proposed Rule, that does shine FASA's light on it:

Quote

As you know, Federal law provides that no provision of law enacted after October 13, 1994, will be applicable to procurement of commercial products or services unless, among other things, the FAR Council determines in writing that it would not be in the best interests of the government to exempt contracts for the procurement of commercial products or services from the law. 41 U.S.C. § 1906(b)(2). 
...
Thus, the Coalition recommends that the final rule provide an exception for contracts for commercial items and services, or at a minimum, exempt commercial providers from flowing these requirements down to subcontractors or suppliers.

I will be interested to read the FAR Council's response when the instant one goes to Final Rule.  The two distinct groups may have their individual motives for commenting, I understand.  I, on the other hand, am only interested in furthering a just society.  So far, we have the FAR Council's response to the first comment above, which I provide below.  Once the second one receives its response, I will edit this post or start a new thread in the "What Happened" Forum here.

Quote

Response: The requirements of FAR 52.223-23 apply to acquisitions of commercial products and services, as well as acquisitions valued at or below the simplified acquisition threshold, unless an exception or exemption applies or there is a written justification that it is not practicable to acquire sustainable products and services (i.e., the agency cannot acquire sustainable products or services competitively within a reasonable performance schedule, that meet reasonable performance requirements, or at a reasonable price). This rule amends the clause at FAR 52.212-5, Contract Terms and Conditions Required To Implement Statutes or Executive Orders—Commercial Products and Commercial Services, to ensure that the clause is included in contracts for commercial products and services. This rule amends the clause at FAR 52.213-4, Terms and Conditions—Simplified Acquisitions (Other Than Commercial Products and Commercial Services), to ensure that the omnibus clause is also included in simplified acquisitions, when the acquisition is not for commercial products or commercial services (in other words, not covered by FAR 52.212-5).  [Federal Register direct link is https://www.federalregister.gov/d/2024-07931/p-121]

Link to comment
Share on other sites

  • 8 months later...

Final update.  On January 8, 2025, the Proposed Rule in my O.P. was rescinded.  Reminder, our interest in this thread was to examine the regulators' adherence to FASA.  I guess we will have to wait for another scenario where a proposed rule conflicts with it.  No worries - the comment at the O.P of this thread is reusable.  See also the comment letter from the Coalition for Government Procurement that I link to above.

FWIW, the withdrawal notice says:

Quote

In light of the limited time remaining in the current Administration, OFPP, DoD, GSA, and NASA have decided to withdraw the proposed policy and rule and focus their attention on other priorities, including directives in recent National Defense Authorization Acts. This will also help ensure that the agencies can benefit from the latest information on this topic if they return to it in the future. Accordingly, for these independently sufficient reasons, the proposed policy and rule published on January 30, 2024, at 89 FR 5843, are withdrawn and FAR Case 2023-021 is closed.

The comments were not addressed.

Link to comment
Share on other sites

Well, we didn't have to wait long for another challenge to FASA!  On January 15, 2025, they did it again.  See the Proposed Rule at 90 FR 4278.  Section II. Discussion and Analysis says, "(16) FAR clause 52.212-5 is updated to reflect that FAR clause 52.204-XX is applicable to acquisitions of commercial products and services."  Meanwhile the basis for the Proposed Rule is the 2010 Executive Order 13556, "Controlled Unclassified Information".  The EO does not refer to 41 U.S.C. § 1906, nor does it even contain the word "commercial".

Here is the burden of proposed clause FAR 52.204-XX:

Quote

Controlled Unclassified Information (DATE)

(a) Identifying controlled unclassified information. The SF XXX, Controlled Unclassified Information, that is incorporated into this contract identifies what controlled unclassified information (CUI) is involved in the contract. The Contractor is required to safeguard only the CUI that is identified in the SF XXX. However, see paragraph (c)(2) of this clause.

(b) Definitions. As used in this clause—

Adequate security means security protections commensurate with the risk of harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction of information.

Contractor-attributional information means information that identifies the Contractor or its employees directly or identifies them indirectly by grouping information that can be traced back to the Contractor ( e.g., program description or facility locations).

Contractor bid or proposal information means any of the following information submitted to a Federal agency as part of or in connection with a bid or proposal to enter into a Federal agency procurement contract, if that information has not been previously made available to the public or disclosed publicly:

(1) Cost or pricing data as defined by 10 U.S.C. 3701(1), with respect to procurements subject to that section, and 41 U.S.C. 3501(a)(2), with respect to procurements subject to that section.

(2) Indirect costs and direct labor rates.

(3) Proprietary information about manufacturing processes, operations, or techniques marked by the Contractor in accordance with applicable law or regulation.

(4) Information marked by the Contractor as “Contractor bid or proposal information” in accordance with applicable law or regulation.

(5) Information marked in accordance with 52.215-1(e).

Controlled unclassified information (CUI) means information that the Government creates or possesses, or that an entity creates or possesses for or on behalf of the Government, that a law, regulation, or Governmentwide policy requires or permits an agency to handle using safeguarding or dissemination controls. CUI does not include—

(1) Classified information;

(2) Covered Federal information;

(3) Information a Contractor possesses and maintains in its own systems that did not come from, or was not created or possessed by or for, an executive branch agency or an entity acting for an agency (see 32 CFR 2002.4); or

(4) Federally-funded basic and applied research in science, technology, and engineering at colleges, universities, and laboratories in accordance with National Security Decision Directive 189.

CUI Basic means the subset of CUI for which the authorizing law, regulation, or Governmentwide policy does not set out specific handling or dissemination controls. CUI Basic must be handled according to the uniform set of controls set forth in 32 CFR part 2002 and the CUI Registry.

CUI categories means those types of information for which laws, regulations, or Governmentwide policies require or permit agencies to exercise safeguarding or dissemination controls, and which has been listed in the CUI Registry.

CUI incident means improper access, use, disclosure, modification, or destruction of CUI, in any form or medium.

CUI Registry means the online repository for all information, guidance, policy, and requirements on handling CUI. Among other information, the CUI Registry identifies all approved CUI categories and subcategories, provides general descriptions for each, identifies the basis for controls, establishes markings, and includes guidance on handling procedures (see https://archives.gov/cui).

CUI Specified means the subset of CUI for which the authorizing law, regulation, or Governmentwide policy contains specific handling controls that it requires or permits agencies to use and that differ from those for CUI Basic. The CUI Registry indicates which laws, regulations, and Governmentwide policies include such specific requirements.

Federal information system means an information system (44 U.S.C. 3502(8)) used or operated by an agency, or by a contractor of an agency or by another organization, on behalf of an agency.

Handling means any use of CUI, including but not limited to collecting, developing, receiving, transmitting, storing, marking, safeguarding, transporting, disseminating, re-using, and disposing of the information.

Information means any communication or representation of knowledge such as facts, data, or opinions in any medium or form, including textual, numerical, graphic, cartographic, narrative, electronic, or audiovisual forms (see Office of Management and Budget (OMB) Circular No. A-130, Managing Information as a Strategic Resource).

Information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information (44 U.S.C. 3502(8)).

Lawful Government purpose means any activity, mission, function, operation, or endeavor that the Government authorizes or recognizes as within the scope of its legal authorities or the legal authorities of non-executive branch entities such as state and local law enforcement.

Limited dissemination control means any control identified on the CUI Registry that agencies may use to limit or specify CUI dissemination.

On behalf of an agency means a Contractor uses or operates an information system or maintains or collects information for the purpose of processing, storing, or transmitting Federal information, and those activities are not incidental to providing a service or product to the Government.

(c) Identifying and reporting information the Contractor believes or has reason to know is potentially CUI.

(1) The Contractor shall notify the Contracting Officer within 8 hours of discovery if—

(i) The Contractor discovers any information that the Contractor believes is CUI that is not identified in the SF XXX or is not marked or properly marked as required in the SF XXX; or

(ii) There is any inconsistency between this clause and an SF XXX incorporated into the contract.

(2) The Contractor shall take action to appropriately safeguard any information the Contractor believes is CUI that is not identified in the SF XXX or is not marked or properly marked as required in the SF XXX until a Contracting Officer makes a determination.

(3) If the Contractor discovers any information that the contractor believes is CUI that is not identified in the SF XXX that is involved in a suspected or confirmed CUI incident, the Contractor shall notify the Contracting Officer and comply with paragraph (g) of this clause.

(4) The Contractor is not entitled to use Government-provided information for its own purposes, whether or not the information is marked as CUI, unless the information is in the public domain, or unless the information was lawfully made available to the Contractor by someone other than the Government.

(5) The Contractor shall appropriately identify information the Contractor owns and provides to the Government ( e.g., contractor bid or proposal information, contractor-attributional information, or contractor proprietary business information). The Government will determine in accordance with agency procedures whether the information provided by the Contractor is CUI or entitled to other protections ( e.g., contractor-attributional information associated with a CUI incident).

(d) Safeguarding CUI.

(1) The Contractor shall safeguard CUI that the Government identifies in the SF XXX and ensure handling consistent with 32 CFR 2002.14.

(i) This includes CUI that the Government provides to the Contractor or CUI that the Contractor collects, develops, receives, transmits, uses, handles, or stores in performance of the contract.

(ii) For CUI located within a Federally-controlled facility, the Contractor shall follow agency CUI policies and shall ensure that any Contractor employees handling CUI within Federally-controlled facilities meet the prerequisites identified within Part B on the SF XXX for training and for access to CUI.

(iii) For CUI located within a non-Federally-controlled facility, the Contractor shall follow CUI policies and shall ensure that any Contractor employees handling CUI within the non-Federally-controlled facility comply with the requirements identified in Part C of the SF XXX.

(iv) Any applicable agency-specific policies for safeguarding or handling CUI will be identified in the SF XXX.

(v) When information is not identified as CUI, it may be covered Federal information requiring information system security controls in accordance with Federal Acquisition Regulation clause 52.204-21, Basic Safeguarding of Covered Contractor Information Systems.

(2) The Contractor shall permit access to CUI only as described in the SF XXX.

(3) Except for its own information, the Contractor is not responsible for identifying or marking unmarked or mismarked CUI unless doing so is specifically included in the SF XXX, such as when the Contractor generates or develops the CUI.

(4) No Contractor employee shall be permitted to have or retain access to, create, collect, use, process, store, maintain, disseminate, disclose, dispose of, or otherwise handle CUI unless the employee has completed training on properly handling CUI that, at a minimum, includes the elements required in the SF XXX.

(5) Contractors operating information systems that access, use, process, store, maintain, or transmit CUI identified in the contract, shall implement the following requirements:

(i) When the Contractor is operating an information system identified in the SF XXX as a Federal information system—

(A) The Contractor shall comply with agency-identified security requirements from the latest version of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 and any CUI Specified requirements identified in the SF XXX; and

(B) If using cloud computing services, the Contractor shall comply with agency-identified security requirements, but at no less than the Federal Risk and Authorization Management Program (FedRAMP) Moderate baseline ( https://www.fedramp.gov/documents/).

(ii) When the Contractor is operating a non-Federal information system, the Contractor shall—

(A) Comply with the security requirements of NIST SP 800-171 Revision 2, “Protecting Controlled Unclassified Information in Non-Federal Information Systems and Organizations” (available via the internet at https://dx.doi.org/10.6028/NIST.SP.800-171) or as authorized by the Contracting Officer. Additional controls other than NIST SP 800-171 Revision 2 may be specified in the contract's requirements document, in accordance with 32 CFR 2002.14(h)(2), to address unique requirements to protect CUI Basic at higher than the moderate confidentiality level;

(B) Comply with all additional security requirements for CUI Specified identified by the agency in the SF XXX;

(C) Implement additional information security requirements the Contractor reasonably determines necessary to provide adequate security in a dynamic environment;

(D) Comply with any requirements from NIST SP 800-172, Enhanced Security Requirements for Protecting Controlled Unclassified Information, identified by the agency. For any requirements in NIST SP 800-172 identified by the agency, the organizational defined parameters (ODP) provided in Attachment 1 of SF XXX shall be applied for applicable security requirements;

(E) Ensure that, if the Contractor uses a cloud service provider to store, process, or transmit any CUI identified in SF XXX—

( 1) The cloud service provider meets security requirements established by the Government for the FedRAMP Moderate baseline ( https://www.fedramp.gov/documents/); and

( 2) The additional requirements in paragraphs (d)(5)(ii)(B) and (C), and (g) of this clause are met; and

(F) Submit the system security plan, and any associated plans of action required by NIST SP 800-171, Revision 2, for any planned implementations or mitigations to the Government upon request to demonstrate the Contractor's implementation or planned implementation of the security requirements.

(e) Compliance.

(1) The Contracting Officer may require the submission of supporting documentation to verify compliance with the contract's security requirements, or may require access to Contractor facilities or systems, as listed in SF XXX.

(2) For applicable non-Federal information systems, the agency may conduct validation actions in accordance with NIST SP 800-171A, Assessing Security Requirements for Controlled Unclassified Information and, if applicable, NIST SP 800-172A, Assessing Enhanced Security Requirements for Controlled Unclassified Information.

(f) Training.

(1) General CUI training. All Contractor employees who will handle CUI shall complete general CUI training before doing so, and periodically complete refresher training thereafter, as described in the training sections at Section II of Part B and Section III of Part C of the SF XXX. The Contractor shall maintain documentation of employee training and shall provide it to the Contracting Officer upon request.

(2) Additional training.

Additional agency-specific training. Contractor employees shall also take any additional training described in the SF XXX sections on training. This additional training augments the general CUI training and may include specialized training for a particular category of CUI or for certain employees handling CUI in a specific situation, or other similar circumstances.

(g) CUI incidents.

(1) For CUI in a Federally-controlled facility, the Contractor shall report CUI incidents in accordance with agency policy.

(2) For CUI in a non-Federally-controlled facility, the Contractor shall report—

(i) Any suspected or confirmed CUI incident to the agency website or single point of contact identified in Part C, Section IV of the SF XXX; if there is no point of contact identified there the Contractor should contact the Contracting Officer for instructions;

(ii) Within 8 hours of discovery; and

(iii) As many of the applicable data elements located at https://dibnet.dod.mil/portal/intranet/ as are available in the initial report and provide any remaining applicable data elements as soon as they become available.

(3) When the Contractor discovers a suspected or confirmed CUI incident, the Contractor shall—

(i) Determine and inventory what CUI was or could have been improperly accessed, created, collected, used, processed, stored, maintained, disseminated, disclosed, or disposed of;

(ii) Construct a timeline of user activity;

(iii) Determine methods and techniques used to access CUI; and

(iv) Cooperate and exchange information with agency officials, as determined necessary by the agency, in order to effectively report and manage a suspected or confirmed CUI incident.

(4) If the suspected or confirmed CUI incident has occurred on an information system, preserve and protect images of all known affected information systems and all relevant monitoring and packet capture data until the Government declines interest or 90 days from the date of the submission of the report passes without the Government requesting the media and data, whichever is sooner.

(5) Unmarked or mismarked CUI is not considered a CUI incident unless the mismarking or lack of marking has resulted in the mishandling or improper dissemination of the information.

(6) If the Contractor is a FedRAMP authorized (Joint Authorization Board or Agency) cloud service provider, the Contractor shall also report to the point(s) of contact specified in the FedRAMP incident reporting guidelines as documented in the Cloud Service Provider Incident Response Plan.

(7) The reporting requirements of this clause do not relieve the Contractor from the requirement to follow any applicable laws, regulations, or policies outside of this clause.

(8) If the Contractor is determined to be at fault for a CUI incident ( e.g., not safeguarding CUI in accordance with contract requirements), the Contractor may be financially liable for Government costs incurred in the course of the response and mitigation efforts in addition to any other damages at law or remedies available to the Government for noncompliance.

(9)(i) The Government will protect contractor bid or proposal information, contractor proprietary business information, and contractor-attributional information related to a CUI incident, against unauthorized use or release to the extent required by law.

(ii) The agency may release outside the Government contractor bid or proposal information, contractor proprietary business information, and contractor-attributional information that is not created by or for the Government, but that is related to a CUI incident—

(A) To entities with missions that may be affected by such information;

(B) To entities that may be called upon to assist in the diagnosis, detection, or mitigation of CUI incidents; or

(C) For national security purposes, including cyber situational awareness.

(iii) The Government may use and release contractor bid or proposal information, contractor proprietary business information, and contractor-attributional information, created by or for the Government and related to a CUI incident, outside of the Government for purposes and activities associated with responding to a CUI incident and for any other lawful Government purpose or activity.

(iv) In any authorized release, the Government will minimize the contractor proprietary business information and contractor-attributional information that it includes.

(10) An agency, at its sole discretion, may obtain assistance from Federal agencies or entities outside the Government, such as third-party firms to aid incident response activities.

(11) The SF XXX will list in Part C, Section IV incident reporting requirements that differ from or are in addition to those in this clause, such as requirements for CUI in a CUI Specified category.

(h) Subcontracts.

(1) Except for the acquisitions in paragraph (h)(2), in subcontracts at any tier, or other contractual instruments, for which performance involves CUI identified in the SF XXX, Controlled Unclassified Information (CUI) Requirements, the Contractor shall—

(i) Include this clause, including this paragraph (h), without alteration except to identify the parties;

(ii) Include the information in the SF XXX, Controlled Unclassified Information (CUI) Requirements, modified as required to address the CUI that applies to the subcontract; and

(iii) Require subcontractors to notify the prime Contractor or next higher tier subcontractor within 8 hours of discovery of a suspected or confirmed CUI incident.

(2) Paragraph (h)(1) of this clause does not apply to acquisitions exclusively for commercially available off-the-shelf items or Federally-funded basic and applied research in science, technology, and engineering at colleges, universities, and laboratories in accordance with National Security Decision Directive 189 when the Contractor does not provide any CUI to the subcontractor.

(End of clause)

Are these regulators simply disregarding laws established by Congress?

Link to comment
Share on other sites

How about the Proposed Rule at 90 FR 4376.  This one is written to implement the Preventing Organizational Conflicts of Interest in Federal Acquisition Act (Pub. L. 117-324, 41 U.S.C. 2303 note), enacted December 27, 2022.  The Act does not refer to 41 U.S.C. § 1906, nor does it even contain the word "commercial".  The regulators, however, impose the following clause burdens on commercial contracts.  Is this what Congress intended??

Quote

FAR 52.203-DD Postaward Disclosure of Organizational Conflict of Interest (Date)

(a) Definition. “Organizational conflict of interest,” as used in this clause, means that an entity or its affiliate(s) has impaired objectivity or an unfair competitive advantage as a result of other activities or relationships with other entities or their affiliates, including with public, private, domestic, and foreign entities. An entity or its affiliate may have an unfair competitive advantage as a result of biased ground rules or through unequal access to information. As used in this definition—

(1) “Biased ground rules” means a situation in which an entity or its affiliate, as part of its performance of a Government contract, has or may have materially influenced the development of the requirement, evaluation criteria, or other source selection procedures for another Government contract. The primary concern is that the entity could skew the future competition, whether intentionally or not, in favor of itself;

(2) “Entity” means an individual, corporation, or other organization;

(3) “Impaired objectivity” means a situation in which an entity or its affiliate has or may have financial or other interests or an incentive to provide other than impartial advice to the Government, or the entity or its affiliate's objectivity in performing the contract work is or might be otherwise impaired; and

(4) “Unequal access to information” means a situation in which an entity or its affiliate has or may have an unfair competitive advantage because—

(i) Access to the information was provided to the entity or its affiliate by the Government. Such information may include proprietary and source selection information, e.g., proposals, financial information;

(ii) The information is not available to all potential offerors; and

(iii) Having access to the information would assist the entity in obtaining the contract.

(b) Disclosures. (1) Except as provided in paragraph (b)(3) of this clause, the Contractor shall provide the Contracting Officer a full disclosure in writing within 5 days if the Contractor identifies—

(i) Financial or other interests that could result in an organizational conflict of interest that was not previously addressed and for which a waiver has not been granted;

(ii) A change to any relevant facts relating to a previously identified organizational conflict of interest; or

(iii) Specific client and industry relationships, if identified by the Contracting Officer, that may present a conflict with the work to be performed:

[ Contracting Officer shall insert entity name(s), if applicable].

(2) The Contractor shall disclose organizational conflicts of interest identified during performance of the contract, as well as newly discovered organizational conflicts of interest that existed before contract award. This disclosure shall include a description of—

(i) The organizational conflict(s) of interest in sufficient detail for agency evaluation; and

(ii) Actions to address the organizational conflict(s) of interest that—

(A) The Contractor has taken or proposes to take; or

(B) The Contractor recommends that the Government take.

(3) Where such disclosure would constitute a violation of law ( e.g., the Securities Exchange Act of 1934, 15 U.S.C. 78a et seq.), the Contractor shall withhold information only until the law no longer prohibits disclosure.

(c) Termination. If, in compliance with this clause, the Contractor reports financial or other interests that the Contracting Officer identifies as an organizational conflict of interest that cannot be addressed in a manner acceptable to the Government, the Contracting Officer may terminate the contract, one or more orders, the blanket purchase agreement, or the basic ordering agreement.

(d) Subcontracts. The Contractor shall include the substance of this clause, including this paragraph (d), in subcontracts exceeding the simplified acquisition threshold where the work includes or may include tasks that may result in an organizational conflict of interest, other than subcontracts for commercial products, commercial services, and commercially available off-the-shelf items. The Contractor shall modify the terms “Contractor” and “Contracting Officer” appropriately to reflect the change in parties.

(End of clause)

Quote

FAR 52.203-MM Mitigation of Organizational Conflicts of Interest (Date)

(a) Definition. “Organizational conflict of interest,” as used in this clause, is defined in the clause 52.203-DD, Postaward Disclosure of Organizational Conflict of Interest.

(b) Mitigation plan. The Government-approved organizational conflict of interest mitigation plan (mitigation plan) and its obligations are hereby incorporated as an attachment to the contract. While implementation of a mitigation plan is the Contractor's responsibility, the Government retains the right to review implementation of the plan.

(c) Changes. (1) Either the Contractor or the Government may propose changes to the mitigation plan. Such changes are subject to the mutual agreement of the parties and will become effective only upon written approval of the revised mitigation plan by the Contracting Officer and incorporation into the contract.

(2) The Contractor shall propose an update to the mitigation plan within 30 days of—

(i) Any changes to the legal construct of its organization, any subcontractor changes, or any significant management or ownership changes that impact the mitigation plan; or

(ii) A change to the contract requirements that impacts the mitigation plan.

(d) Noncompliance. (1) The Contractor shall report to the Contracting Officer any noncompliance with this clause or with the mitigation plan, whether by its own personnel, those of the Government, other contractors, or subcontractors.

(2) The report shall describe the noncompliance and the actions the Contractor has taken or proposes to take to cure and mitigate such noncompliance and avoid repetition of the noncompliance.

(3) After conducting such further inquiries and communications as may be necessary, the Contracting Officer and the Contractor shall agree on appropriate corrective action, if any, or the Contracting Officer will direct corrective action, subject to the terms of this contract.

(e) Subcontracts. (1) The Contractor shall include the substance of this clause, including this paragraph (e), in subcontracts exceeding the simplified acquisition threshold where the subcontract work is addressed in the mitigation plan, other than subcontracts for commercial products, commercial services, and commercially available off-the-shelf items.

(2) The Contractor shall modify the terms “Contractor” and “Contracting Officer” appropriately to reflect the change in parties.

(3) The Contractor shall provide the Contracting Officer with information on the flowdown of this clause upon request.

(End of clause)

Quote

FAR 52.203-LL Limitation on Future Contracting (Date)

(a) Limitation. The Contractor and any of its affiliates shall be disqualified from performing ___ [Before contract award, Contracting Officer to describe the work that the Contractor will be disqualified from performing] as a contractor or as a subcontractor. The disqualification will last until ___. [Before contract award, Contracting Officer to determine appropriate length of prohibition or identify the appropriate ending event for the limitation on future contracting.]

(b) Subcontracts. (1) The Contractor shall include the substance of this clause, including this paragraph (b), in subcontracts exceeding the simplified acquisition threshold where the work includes tasks that are encompassed by the description of work provided in paragraph (a) of this clause, other than subcontracts for commercial products, commercial services, and commercially available off-the-shelf items. The Contractor shall modify the terms “Contractor” and “Contracting Officer” appropriately to reflect the change in parties.

(2) Upon request, the Contractor shall provide information to the Contracting Officer with regard to flowdown of this clause.

(End of clause)

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...