News & Analysis as of August 3, 2025

DFARS

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

What Contractors Need to Know About DoD’s New IP Guidebook

Morrison & Foerster LLP - Government... on 7/23/2025

Earlier this year, the Department of Defense (DoD) published an “Intellectual Property Guidebook for DoD Acquisition.” It is the culmination of many years of work and the most insightful data rights guidance out of the...more

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on 4/28/2025

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Six Essential Tips for Avoiding Product Substitution Issues on Government Contracts

Seyfarth Shaw LLP on 3/20/2025

In celebration of the release of the 6th Edition of the Government Contracts Compliance Handbook, we are sharing six essential tips for avoiding product substitution issues in government contracting. Product substitution is...more

Regulatory Shifts in Aerospace and Defense: What Businesses Need to Know as 2025 Takes Flight

Morgan Lewis on 3/20/2025

The aerospace and defense industry is facing a rapidly shifting legal landscape in 2025, shaped by regulatory updates, enforcement trends, and geopolitical considerations. With increased scrutiny on foreign investments,...more

Marking Commercial Technical Data After FlightSafety

Morrison & Foerster LLP - Government... on 3/13/2025

There is no law or regulation instructing contractors how to mark commercial technical data delivered to the Department of Defense (DoD). Yet the DoD Federal Acquisition Regulation Supplement (DFARS) is quite clear that...more

Ethics Rules Applicable to Hiring Former Federal Government Employees

Bass, Berry & Sims PLC on 3/6/2025

As the Trump administration continues to eliminate federal positions and reduce contract and grant outlays, many private companies will likely be eyeing current and former government employees for employment over the coming...more

Bid Protest Spotlight: Registration, Substantiation, Experience

Morrison & Foerster LLP - Government... on 2/24/2025

To kick off the new year, this bid protest spotlight highlights two U.S. Government Accountability Office decisions involving System for Award Management (SAM) registration requirements when submitting an “offer” and an...more

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on 2/21/2025

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

At Long Last – The FAR CUI Rule is Here!

Sheppard Mullin Richter & Hampton LLP on 1/30/2025

The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more

DoD Updates Data Rights Regulations for SBIR/STTR Programs

Morrison & Foerster LLP - Government... on 1/24/2025

As of January 17, 2025, the Department of Defense’s data rights regulations and contract clauses look a little different, yet substantively very little has changed. The update is to formally incorporate changes the Small...more

Weekly Update for Government Contractors and Commercial Businesses – January 2025 #4

PilieroMazza PLLC on 1/23/2025

FY2025 NDAA: Significant Impacts on Small and Large Defense Contractors - The Servicemember Quality of Life Improvement and National Defense Authorization Act for Fiscal Year 2025 (FY2025 NDAA), signed into law on December...more

Client Alert: FAR Council Issues Long-Awaited Proposed Rule to Implement Controlled Unclassified Information Program

Jenner & Block on 1/22/2025

On January 15, 2025, the Department of Defense (DOD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) (collectively, “the FAR Council”) issued a long-anticipated proposed...more

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on 1/17/2025

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

SHARE IT Act Requires Agencies to Share Custom-Developed Source Code Throughout the Government

Morrison & Foerster LLP - Government... on 1/14/2025

On December 23, 2024, President Biden signed the Source Code Harmonization and Reuse in Information Technology Act (“SHARE IT Act” or “the Act”), which provides a formal mechanism for federal agencies to store and share...more

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on 1/8/2025

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

Penn State, GA Tech Cybersecurity Cases Join 10 Others FCA Attorney Has Under Seal

Health Care Compliance Association (HCCA) on 12/9/2024

Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more

DoD Releases Final CMMC Program Rule, Formally Initiating Its Cybersecurity Program

Vinson & Elkins LLP on 11/22/2024

On October 15, 2024, the Department of Defense (“DoD”) released its final rule (the “Final Rule”) formally establishing the Cybersecurity Maturity Model Certification (“CMMC”) program, nearly three years after first...more

DoD Announces Cybersecurity Maturity Model Certification 2.0 Final Rule (Finally!)

Bass, Berry & Sims PLC on 11/12/2024

After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more

DOJ Continues Crackdown on Cybersecurity Compliance with $1.25M FCA Settlement

Wiley Rein LLP on 10/29/2024

The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more

Department of Defense Finalizes Rule Adding New Cybersecurity Requirements for Defense Contractors and Subcontractors

Snell & Wilmer on 10/23/2024

The U.S. Department of Defense (DOD) has published a Final Rule to implement the Cybersecurity Maturity Model Certification (CMMC) program, which establishes minimum cybersecurity requirements for nearly all DOD contracts....more

15 Key Takeaways from the Final CMMC Program Rule Issued by DOD

Holland & Knight LLP on 10/17/2024

The U.S. Department of Defense (DOD) has long questioned whether contractors and their supply chains have been fully compliant with existing cybersecurity requirements aimed at protecting Controlled Unclassified Information...more

U.S. Government Intervenes in Georgia Tech Cybersecurity False Claims Case

Pillsbury Winthrop Shaw Pittman LLP on 9/9/2024

The Georgia Tech case serves as yet another reminder of the importance of contractor compliance with cybersecurity requirements in federal contracts. The Government alleges that Georgia Tech failed to comply with the...more

DOJ Went Down to Georgia: Lessons Learned from Recent Cybersecurity Enforcement Actions

McCarter & English Blog: Government Contracts... on 9/5/2024

Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more

DOJ on Campus: DOJ’s First Intervention in False Claims Act Case Alleging University Knowingly Failed to Meet Contractual...

Dorsey & Whitney LLP on 9/5/2024

Cybersecurity requirements for federal contractors and grantees continue to proliferate—and those requirements do not just come with contractual risk. Increasingly, the United States government is leveraging enforcement...more

Department of Justice Intervenes in Cybersecurity Qui Tam Action Against Georgia Tech

Alston & Bird on 9/3/2024

On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp....more

51 Results

View per page

Page: of 3

Compliance › Federal Contractors › DFARS

"My best business intelligence, in one easy email…"