Like the sailors of old, the government contracting community ventures forth knowing full well that danger lies ahead – although fortunately not in the form of a kraken, leviathan, or other mythical sea monster. Rather, these perils and risks are embedded in sweeping new regulations that, like an unseen reef, will be arriving and taking effect all too quickly. On July 14, 2020, the FAR Council published a long-awaited (or perhaps long-dreaded) Interim Rule implementing Section 889(a)(1)(B) of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019 (Section B). Effective August 13, 2020, Section B prohibits executive agencies from “entering into, or extending or renewing, a contract with an entity that uses any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.” Unlike its counterpart, Section 889(a)(1)(A) of the NDAA for FY 2019 (Section A), which prohibits agencies from “procuring or obtaining equipment or services that use covered telecommunications equipment or services as a substantial or essential component or critical technology,” the restrictions of Section B go far beyond the immediate contract between the contractor and the government. Instead, Section B directs contractors to discontinue any and all use of covered telecommunications equipment or services. Even accounting for the choppy seas caused by the ongoing pandemic, the exceedingly broad scope of Section B promises sharp, jagged, and uncharted hazards to contractors attempting to implement compliant policies and procedures.
What Lies Beneath
“Covered telecommunications equipment,” as currently defined by FAR 4.2101, includes equipment and services produced or provided by Huawei Technologies Company or ZTE Corporation (or any subsidiary or affiliate of those entities) and certain video surveillance products or telecommunications equipment and services produced or provided by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, or Dahua Technology Company (or any subsidiary or affiliate of those entities). The Interim Rule requires contractors to submit a representation with each offer that, after conducting a “reasonable inquiry,” covered telecommunications equipment or services are not being used by the offeror. Like all representations to the government, the requirement on the surface belies the threat of what’s beneath – a false or misleading statement concerning covered telecommunications equipment could have catastrophic consequences, including but not limited to contract termination and the ever-present specter of actions and investigations under the False Claims Act. Thus, it will be critical for contractors to act expeditiously to ensure that they have a clear understanding of the Interim Rule’s expansive requirements – including what is required by the “reasonable inquiry” that each contractor must now undertake.
Considering the potential consequences of noncompliance, contractors of every variety – including small businesses – must now pay closer attention to their own operations and to supply chains to ensure that they are not using, or that they can swiftly excise, all “covered telecommunications equipment” in their operations. As is typical in the world of federal procurement, the existing FAR definitions – and those added in the Interim Rule to address the restrictions of Section B – do not dictate precisely what a contractor must do in order to comply with the new prohibitions. While the Interim Rule establishes a definition of what constitutes a “reasonable inquiry” to be incorporated into FAR 4.2101, Definitions, and FAR 52.204–25, Prohibition on Contracting for Certain Telecommunications and Video Surveillance Services or Equipment, in actuality the definition is little more than a mirage that provides minimal substantive guidance:
Reasonable inquiry means an inquiry designed to uncover any information in the entity’s possession about the identity of the producer or provider of covered telecommunications equipment or services used by the entity that excludes the need to include an internal or third-party audit.
Read literally, this definition is subject to infinite interpretations as to what an inquiry “designed to uncover any information” would entail. The definition is similarly deficient in that it fails to describe what constitutes “information in the entity’s possession.” That said, the Interim Rule does provide that the inquiry:
… includes examining relationships with any subcontractor or supplier for which the prime contractor has a Federal contract and uses the supplier or subcontractor’s “covered telecommunications” equipment or services as a substantial or essential component of any system. A reasonable inquiry is an inquiry designed to uncover any information in the entity’s possession – primarily documentation or other records – about the identity of the producer or provider of covered telecommunications equipment or services used by the entity. A reasonable inquiry need not include an internal or third-party audit.
85 FR 42669.
While this explanation is better than an open sea of ambiguity, it still leaves ample rocks upon which to crash. At a minimum, it is clear that contractors will need to have discussions with their subcontractors and suppliers to verify that the prohibited equipment is not lurking somewhere in the contractor’s supply chain. Contractors should also ensure that they carefully document the steps taken and the information obtained from their subcontractors and suppliers so that, if questioned, the “reasonableness” of the inquiry can be readily demonstrated.
As the clock is ticking, contractors wishing to address these requirements should review existing agreements with all suppliers in order to incorporate the Section B prohibitions. Notably, the Interim Rule specifies that the requirements of Section B “will not flow down because the prime contractor is the only ‘entity’ that the agency ‘enters into a contract’ with, and an agency does not directly ‘enter into a contract’ with any subcontractors, at any tier.” Here again lies the danger down below. Even if the prohibitions are not required to be flowed down, contractors would be steering their ship toward disaster if they do not incorporate these restrictions into their subcontracts.
Beware of the False Lighthouse
With the theoretical aim of providing additional guidance, the Interim Rule identifies six steps that should be incorporated into a contractor’s compliance plan. While these steps serve as a convenient tempo and timeline for compliance, they do little more than muddy already unclear waters:
- Regulatory Familiarization – Requiring that contractors read and understand the rule for compliance.
- Corporate Enterprise Tracking – This step provides some additional limited guidance as to what constitutes a “reasonable inquiry,” implying that the inquiry should be anchored to a larger “corporate enterprise tracking” system to be developed by contractors. In addition to establishing internal tracking of equipment, systems, and services, such a system (and, by extension, a reasonable inquiry) also requires an entity to examine its subcontractor/supplier relationships for possible usage of “covered telecommunications.”
- Education – Training purchasing/procurement employees to ensure they are familiar with the company’s compliance plan.
- Cost of Removal – If the use of covered equipment and services is identified, contractors should implement procedures to assess the cost of removing and replacing covered telecommunications equipment or services.
- Representation – A two-fold obligation: first the contractor must submit to the government a representation as to whether the entity uses covered telecommunications equipment and services, then it must also alert the government if use is discovered during contract performance.
- Cost to Develop a Phase-Out Plan and Submit Waiver Information – For contractors requesting a waiver, (1) develop a plan to phase out existing covered telecommunications equipment or services, and (2) provide waiver information to the government.
While the first steps regarding knowledge, tracking, and training seem straightforward (even if only by comparison), the latter steps – which are obviously intended to be supported by individual agency requirements – only serve to raise questions as to the scope and potential impact of the Interim Rule. For example, the Interim Rule explicitly rejects a uniform waiver process, meaning each agency will have to make its own process and determinations. Accordingly, contractors should be proactive in collecting information to support future requests for waivers if and when the agencies are able to design and implement their unique waiver processes. In addition, the Interim Rule is silent as to the allowability of the costs to remove and replace “covered telecommunications equipment or services,” if identified. The Interim Rule estimates the cost impact of these new requirements to both contractors and the government is billions of dollars, and it acknowledges multiple times that there is “substantial uncertainty underlying these estimates.” While we cannot say for certain whether contractors will ultimately be reimbursed by the government in any way for these significant costs, we can reasonably predict that if the costs are ultimately deemed allowable, the government will carefully scrutinize every dollar spent by contractors on these compliance efforts. Therefore, contractors would be well-advised to start identifying, estimating, and carefully documenting compliance costs in order to position themselves to obtain the maximum amount of reimbursement if and when allowed.
Through a tempest of a changing environment and new regulations, federal contractors now find themselves embarking upon a narrow course between two lurking alternatives: (1) allocate time and resources toward the development and implementation of a comprehensive compliance plan that accounts for the strictest interpretation of the prohibition, or (2) steer too close to the whirlpool of noncompliance and risk being swallowed whole by a par. While it will certainly take a strong hand to navigate this storm, contractors who put in the compliance effort now should see smooth sailing ahead.