Federal agencies and contractors doing business with the federal government are prohibited from procuring or using “covered telecommunications equipment or services” produced by certain designated entities as a “substantial or essential component of any system, or as critical technology as part of any system” under Section 889 of the Fiscal Year 2019 National Defense Authorization Act. There are two components to the ban.
The first, Section 889(a)(1)(A), also known as “Part A,” prohibits the federal government from “procuring or obtaining any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as a critical technology as part of any system.” This became effective on August 13, 2019.
The second part, Section 889(a)(1)(B), or “Part B,” which went into effect on August 13, 2020, prohibits the federal government from “entering into a contract (or extending or renewing a contract) with an entity that uses any equipment, system, or services that use covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.” Read about why section 889 B is important to federal contractors on our blog for more information.
1.Reassess Your Compliance Solutions
Following the publication of the final rule, contractors should examine and reconsider their past compliance efforts to the extent that the rule clarifies or modifies the contractor’s prior assumptions or scope of review.
2.Conduct an Internal Audit Assessment
Identify any manufacturing ties with the five suppliers in the NDAA, including any subsidiaries or affiliates (as with OEM and ODM relationships, be mindful of equipment supplied under another manufacturer’s name).
Also, ensure to check any covered equipment/services delivered on government contracts by any vendor. Further identify any business equipment or systems produced by or having components from a prohibited vendor such as computers, servers, phones, and other electronics capable of executing software commands. This will be required to comply with the second half of Section 889.
3.Determine Whether Limited Waivers Apply
Contractors with the Department of Defense contracts who solely supply food, clothes, supplies, and so on should check with the contracting officer to see if the latest waiver extension applies to your purchase. However, it is important to note that you may still be covered through other covered contracts.
4.Document Compliance Efforts
Given the uncertainty and ambiguity surrounding Part B compliance, contractors must document what they have done to comply or attempt to comply. You must be able to verify your company’s efforts and that you have not just neglected compliance. Create and keep contemporaneous records of “reasonable inquiry,” meetings, compliance materials created, and staff education delivered.
5.Analyze the Ban’s Impact
Evaluate compliance expenses based on the preceding review as Part B, like Part A may have a trickle-down clause or need certification wording.
6.Keep an Eye on the Rulemaking Process
Consider if the issues and expenses raised warrant reaching out to your government relations team during rulemaking, submitting comments on the interim rule, or working with industry organisations that are actively lobbying on behalf of contractors in Section 889 rulemaking.
7.Seek Confirmation From the Contracting Officer
If the company feels that an exemption to Section 889 applies to any of its proposed goods, it should seek confirmation from the contracting officer as soon as possible- ideally, before making the required representation. Be cautious of manufacturers’ or their agents’ sweeping statements that their products or services are “free” from Section 889 without additional proof.
Part B compliance can prove to be expensive, therefore account for compliance expenses separately, as they may be reimbursed.
To secure your organization and help you prepare for section 889 part B, using software solutions such as ComplyShield by SureShield can be beneficial. It can help give you:
To know more about our compliance and software solutions visit our website. You can also read about corporate compliance in healthcare for more information or follow us on LinkedIn and Twitter for some insightful posts and updates.