Compliance

Subscribe to Compliance via RSS

Following a tumultuous start to fiscal year 2026, including a government shutdown that lasted 43 days, the National Defense Authorization Act for fiscal year 2026 (NDAA 2026), Pub. L. 119-60, was passed by Congress and signed into law on December 18, 2025. NDAA 2026 is a critical legislative act, setting acquisition reforms and policies and authorizing appropriations and funding levels for the Department of Defense (DoD). With $900.6 billion in funding for the DoD, NDAA 2026 contains a plethora of acquisition reform provisions and critical updates impacting defense contractors. Title XVIII of NDAA 2026 significantly increased certain acquisition thresholds, including triggers for the Truthful Cost or Pricing Data Act (formerly the Truth in Negotiations Act) and Cost Accounting Standards application, which you can read about here. Additionally, NDAA 2026 increases the thresholds for noncompetitive acquisitions and when information technology requirements qualify as a major system.Continue Reading FY2026 NDAA: Major Increases to Critical Acquisition Thresholds

Connecticut has become an unexpected focal point for bid rigging enforcement in public contracting. Many government contractors still see this risk as a federal problem driven by the Department of Justice and the Procurement Collusion Strike Force. Yet Connecticut is showing that a state attorney general, using state antitrust law, can reshape everyday service contracts in a very direct way.Continue Reading Procurement Collusion Strike Force: The State Edition

The US Department of Justice’s (DOJ) new Data Security Program (DSP), designed to protect sensitive information and national security-related data from misuse by foreign actors, took full effect on October 6, 2025. The program introduces new restrictions on how companies handle and share sensitive US personal data and government-related data, especially when certain foreign entities are involved. With enforcement underway, companies should understand who is covered, what activities are restricted, and what compliance measures are required. Failure to comply with the rules can result in civil or criminal penalties.Continue Reading DOJ Launches New Data Security Program—What Your Company Needs to Know

The DoD has finally crossed the CMMC finish line, but for contractors, the race is just beginning. With the Final Rule effective Nov. 10, award eligibility will hinge on a “current” CMMC status in SPRS, backed by annual affirmations and strict compliance. The next two months are critical for getting race-ready. In this Featured Comment

Government procurement is essential to modern governance. But when firms rig bids, allocate markets, or otherwise collude, taxpayers pay more, honest competitors are shut out, and trust erodes. In recent months, US agencies have continued to emphasize the importance of fair competition in government procurement, scrutinizing regulations that may favor incumbents or unfairly limit competition and expanding whistleblower options.Continue Reading Rigging the Game? Antitrust Risks in the Public Contracting Arena

On July 31, 2025, the Court of Federal Claims (COFC) issued its decision in The DaVinci Company v. United States. The case is noteworthy for contractors grappling with geographical supply chain concerns because it elucidates the extent to which two cornerstone country-of-origin procurement statutes—the Buy American Act (BAA) and the Trade Agreements Act (TAA)—can be misunderstood and misapplied by the government.Continue Reading Making Hay of the Interplay Between the TAA and BAA—COFC Sustains Protest Against the VA’s Improper Sourcing of a Critical Pharmaceutical

Ding ding.” – Apollo Creed,
Rocky III

September 30. All (most?) federal years end the same way, at least on paper—like a prizefight, with the clock ticking down; an agitated, uncertain crowd; a lot of money on the table; and a ref capable of stopping the match at any moment. This year will be at once both no different and a completely different beast. With ever-recent uncertainty surrounding appropriations, continuing-resolution (CR) risk, evolving Federal Acquisition Regulation (FAR) language, the tightening screws of cyber attestations, industry supply-chain and acquisition changes, and grant closeouts that always take longer than you’d think, September is not a month for contractor improvisation. It’s a month when a dedicated corner team, a game plan, and crisp execution all are paramount.Continue Reading And in This Corner … the Sweet Science of Federal Contracting’s Year-End

Earlier this year, we addressed a growing sense of confusion and unease among federal contractors relating to shifting diversity, equity, and inclusion (DEI) standards. Specifically, awardees had to take stock of the Department of Justice’s (DOJ) newly launched Civil Rights Fraud Initiative. DOJ explained that it intended to pursue False Claims Act (FCA) cases against “any recipient of federal funds that knowingly violates federal civil rights law,” with an emphasis on unlawful DEI workplace programs. But given this year’s abrupt shift regarding DEI standards, contractors were left to guess which conduct could put them in DOJ’s crosshairs. On July 29, DOJ elaborated on what it considers “unlawful discrimination,” issuing Guidance for Recipients of Federal Funding Regarding Unlawful Discrimination (“Guidance”) to all federal agencies. The Guidance outlines what DOJ deems “best practices” so that any organization that receives federal financial assistance—e.g., universities, local governments, and nonprofit organizations—can take practical steps “to minimize the risk of violations.”Continue Reading New “Unlawful Discrimination” Guidance from DOJ Underscores Risks to Federal Grant Recipients

On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction of a fortified cyber defense across federal operations. This directive updates the nation’s digital stronghold, modernizing risk management, defending against quantum and artificial intelligence (AI) threats, and drawing sharper lines in the battle against foreign cyber adversaries. For technology companies and federal suppliers, this is a clarion call to reinforce their digital walls and sharpen their defenses. Agencies will soon build these secure-by-design principles into every contract and procurement decision. In this era of fortress-building, failing to meet these standards not only will leave your gates unguarded but also could bar you from the entire federal marketplace. The EO may read like ordinary policy, but don’t be misled: It’s a direct command for companies to strengthen their cyber defenses or be locked out of federal opportunities altogether.Continue Reading Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

Beware the Jabberwock, my son! The jaws that bite! The claws that catch!”

– Lewis Carroll: “Jabberwocky,” Through the Looking-Glass, and What Alice Found There (1872)

There is a growing sense of confusion and unease among many federal contractors and grant recipients in these early days of the second Trump administration. In a time when some agencies face dislocation and downsizing (or, as with USAID, effective disbandment), contractors may feel like Alice stepping through the Looking Glass into a world strangely inverted from the one they knew. This shift is especially evident in the administration’s rejection of seemingly all diversity, equity, and inclusion (DEI) policies—long used to prevent discrimination, comply with civil rights laws, and foster inclusive environments in the American workforce.Continue Reading Through the Looking Glass: Shifting DEI Standards Expose Contractors to False Claims Act Risk