Cost, Compliance & Risks

Now That’s a Lot of Money: DOJ’s Record-Setting FCA Year Reflects Intensifying Enforcement Pressure on Government Contractors

By Franklin Turner, Matt Wright & Alex Major on February 19, 2026

The Department of Justice (DOJ) recently announced that False Claims Act (FCA) settlements and judgments exceeded $6.8 billion in fiscal year 2025. This massive haul is the largest annual recovery in the statute’s storied history. Although health care enforcement continues to account for the majority of recoveries, DOJ’s annual statistics confirm that procurement fraud, cybersecurity compliance, pandemic-program enforcement, and trade-related fraud remain core enforcement priorities that government contractors should not ignore. The FY 2025 numbers reinforce a familiar message: FCA enforcement remains one of DOJ’s most powerful tools for policing federal spending, and contractors should expect continued scrutiny of their certifications, representations, and contract compliance systems.

Swept Away: FY2026 NDAA Updates to CAS and Certified Cost or Pricing Data Thresholds

By Andrew Hamilton on January 13, 2026

Posted in Cost, Compliance & Risks, Defense & National Security, Regulatory & Statutory Developments

The FY2026 National Defense Authorization Act (NDAA) became law on December 18, 2025, enacting a tidal wave of the Trump administration’s priorities with respect to Department of Defense (DoD) procurement. One key priority reflected in the NDAA is reducing compliance burdens so that (i) established DoD contractors are incentivized to pursue awards and (ii) more companies opt in to being a DoD contractor to grow the industrial base. Importantly, Section 1804 and Section 1806 of the NDAA take action on this priority by raising the dollar thresholds for complex domains of government contracting: the Cost Accounting Standards (CAS) and submission of certified cost or pricing data. While these changes are welcome developments, companies should be cognizant that a steady stream of compliance requirements remains even with these increased thresholds.

CAS Madness Takes Its Toll: The Detailed Work of Conforming CAS to GAAP

By Andrew Hamilton on October 22, 2025

Posted in Contract Performance & Administration, Cost, Compliance & Risks, Regulatory & Statutory Developments

This year, The Rocky Horror Picture Show celebrates the 50th anniversary of its release. While that cult classic film has stood the test of time, another relic of the 1970s, the Cost Accounting Standards (CAS), is showing its age. When CAS was initially promulgated, Congress determined that the generally accepted accounting principles (GAAP) were not enough to satisfy the government’s requirements for evaluating contract costing and pricing. However, in the decades since, GAAP has evolved, and there are now areas of overlap that have arisen since CAS was first promulgated. Recognizing this overlap, the government has set in motion a review to determine which parts of CAS could be addressed by GAAP, which is the commercial standard regularly used by companies. If there were accounting areas where GAAP could stand in place of CAS, the government wants to reduce the overall burden in the procurement process by allowing contractors to more heavily rely on GAAP, which they are already using to report on their daily business activities.

New “Unlawful Discrimination” Guidance from DOJ Underscores Risks to Federal Grant Recipients

By Andrew Hamilton on August 11, 2025

Posted in Cost, Compliance & Risks, Investigations & Enforcement, Regulatory & Statutory Developments

Earlier this year, we addressed a growing sense of confusion and unease among federal contractors relating to shifting diversity, equity, and inclusion (DEI) standards. Specifically, awardees had to take stock of the Department of Justice’s (DOJ) newly launched Civil Rights Fraud Initiative. DOJ explained that it intended to pursue False Claims Act (FCA) cases against “any recipient of federal funds that knowingly violates federal civil rights law,” with an emphasis on unlawful DEI workplace programs. But given this year’s abrupt shift regarding DEI standards, contractors were left to guess which conduct could put them in DOJ’s crosshairs. On July 29, DOJ elaborated on what it considers “unlawful discrimination,” issuing Guidance for Recipients of Federal Funding Regarding Unlawful Discrimination (“Guidance”) to all federal agencies. The Guidance outlines what DOJ deems “best practices” so that any organization that receives federal financial assistance—e.g., universities, local governments, and nonprofit organizations—can take practical steps “to minimize the risk of violations.”

Through the Looking Glass: Shifting DEI Standards Expose Contractors to False Claims Act Risk

By Matt Wright, Alex Major & Franklin Turner on May 27, 2025

Posted in Cost, Compliance & Risks, Investigations & Enforcement, Regulatory & Statutory Developments

“Beware the Jabberwock, my son! The jaws that bite! The claws that catch!”

– Lewis Carroll: “Jabberwocky,” Through the Looking-Glass, and What Alice Found There (1872)

There is a growing sense of confusion and unease among many federal contractors and grant recipients in these early days of the second Trump administration. In a time when some agencies face dislocation and downsizing (or, as with USAID, effective disbandment), contractors may feel like Alice stepping through the Looking Glass into a world strangely inverted from the one they knew. This shift is especially evident in the administration’s rejection of seemingly all diversity, equity, and inclusion (DEI) policies—long used to prevent discrimination, comply with civil rights laws, and foster inclusive environments in the American workforce.

Check Your Process or Pay Your Fine: Recent 6-Figure Fines from the California Privacy Protection Agency

By Erin Prest on May 13, 2025

Posted in Cost, Compliance & Risks, Data Privacy & Protection, Investigations & Enforcement, Regulatory & Statutory Developments

The California Privacy Protection Agency (CPPA) recently fined clothing retailer Todd Snyder almost $350,000 for two types of consumer privacy errors. Due to technical errors during a 40-day period, it was impossible for Todd Snyder website users to request to opt out of having their information sold or shared. When users clicked the button for the Cookie Preferences Center, the consent banner would appear but instantly disappear, thus making it impossible for anyone to actually opt out. For those who were able to actually access the preferences center, Todd Snyder over-collected information from its users who wanted to opt out of having their information sold or shared. Todd Snyder’s data request form required users to verify their identity by submitting a photograph of themselves holding their identity document, even when they wanted to opt out.

Mo’ Data, Mo’ Problems: Antitrust Risk in the Age of Big Data

By Erin Prest on April 22, 2025

Posted in Competition & Antitrust, Cost, Compliance & Risks, Data Privacy & Protection, Regulatory & Statutory Developments

New Hart-Scott-Rodino premerger notification rules, which took effect in February, require that companies now provide more information than ever before about their prospective mergers. Meanwhile, both federal and state antitrust enforcers continue to step up scrutiny of data-related antitrust harms such as information sharing, monopolization, and price coordination, and private litigants are also filing claims. Data has long been used by companies to benchmark performance metrics, from pricing to inventory levels, and to manage revenue. But as data volume has increased, so too has the risk of violating antitrust laws through higher levels of interconnection. Big data could facilitate price coordination, potentially rising to the level of price fixing, and could thus entrench the market power of companies that have amassed data critical to the ability to compete.

Follow the Breadcrumbs: Where Does Consumer Data Go as 23andMe Goes Bankrupt?

By Erin Prest & Katarina Overberg on April 15, 2025

Posted in Corporate Governance, Teaming, & Acquisitions, Cost, Compliance & Risks, Data Privacy & Protection, Regulatory & Statutory Developments

23andMe, a pioneer in the DNA testing kit industry, announced that it has filed for Chapter 11 bankruptcy protection and recently asked to select an independent customer data representative regarding any sale of user data. Its bankruptcy raises issues about data privacy and what companies must do to protect that data for the benefit of their customers and to protect themselves from litigation or violations of US and international privacy laws.

A Federal Contractor’s Survival Guide to Executive Actions and DOGE-Related Impacts: Part 2—Suspensions and Stop-Work Orders, Contract Modifications, Tariffs, and Other Considerations

By Maria Panichelli on April 3, 2025

Posted in Contract Performance & Administration, Cost, Compliance & Risks, Executive Orders & Policy Actions, Regulatory & Statutory Developments

In recent months, federal contractors have seen an uptick in very specific types of contracting activity. As a result of various Executive Orders and DOGE directives for agencies to conduct contract reviews and engage in mass contract cancellations, there has been a flurry of terminations for convenience, suspensions/stop-work orders, and contract modifications. Payments—even those undisputedly…

A Federal Contractor’s Survival Guide To Executive Actions And DOGE-Related Impacts: Part 1—Unpaid Invoices And Terminations For Convenience

By Maria Panichelli on March 27, 2025