Presumption of Declination with Voluntary Disclosure, Cooperation, and Remediation of FCPA Violations

Deputy Attorney General Rod J. Rosenstein recently announced a revision to the U.S. Department of Justice (“DOJ”) policy on corporate enforcement of the Foreign Corrupt Practices Act (“FCPA”). The revision codifies a pilot program established during the Obama administration, which allows some companies that voluntarily disclose possible violations of the FCPA to avoid criminal prosecution. The new Corporate Enforcement Policy will be codified in the U.S. Attorney’s Manual. These announcements came during Mr. Rosenstein’s speech at the 34th International Conference on the FCPA, on November 29, 2017. Mr. Rosenstein’s overall theme was that global corruption negatively impacts business, society, and governments, and he asked corporate America to help fight corruption through compliance programs, as a matter of American safety and security. Continue Reading

Confused by the Evolving Travel Ban? Here’s a Cheat Sheet with the Latest Guidance

While the Travel Ban continues to move up and down the federal court system, here are the latest rules governing travel for citizens of the affected countries as a result of the U.S. Supreme Court’s lifting of the lower courts’ injunctions on December 4, 2017, a December 22 ruling by the Ninth Circuit invalidating the latest travel ban but not enjoining it, and recent action by a Federal District Court in Seattle partially lifting the refugee ban on December 23, 2017: Continue Reading

Clearly Erroneous Audit Assertion – An Expensive Thorn in Contractors’ Sides

Auditing by the Defense Contract Audit Agency (“DCAA”) is a ubiquitous cost of doing business with the Department of Defense, and one which many defense contractors have come to dread. Unfortunately, far too often the DCAA’s audit reports rely upon faulty evidence and/or unreasonable interpretations that ignore the plain language of contracts, procurement regulations, and existing decisional law. When this happens, contractors typically have no choice but to engage in the costly process of challenging the audit findings and, when contracting officers lack the will to butt heads with the DCAA, to pursue litigation (and incur unallowable costs) to obtain relief from noncompliance determinations that never should have issued in the first place. Continue Reading

The Numbers Don’t Lie: The SEC Pursues a More Streamlined Enforcement Agenda

One of the most eye-catching items in the recently released 2017 Annual Report of the Enforcement Division of the Securities and Exchange Commission (SEC or the Commission) is the significant decline in enforcement activity from 2017. The report, issued on November 15th and summarizing the agency’s activity from October 1, 2016 to September 30, 2017, has drawn scrutiny from numerous commentators, who view the decline as the result of an ideological shift from the aggressive, prosecutorial style of enforcement of ex-Chairwoman Mary Jo White to a more restrained approach under new Chairman Jay Clayton. However, the SEC insists that despite this shift, it is not “slowing down.”[1] Instead, the SEC has identified new target areas that financial industry professionals should keep in mind. Continue Reading

NIST Releases Highly-Anticipated Draft Special Publication on Assessing the Security Requirements in NIST SP 800-171 for Controlled Unclassified Information (CUI)

Pursuant to DFARS 252.204-7012, DoD contractors are to implement the security requirements in NIST Special Publication (SP) 800-171 by December 31, 2017. NIST SP 800-171 includes security requirements for protecting Controlled Unclassified Information (CUI) in nonfederal systems and is expected soon to be required under civilian agency contracts through a forthcoming FAR case. On November 28, 2017, NIST released its highly-anticipated draft publication, NIST SP 800-171A on “Assessing Security Requirements for Controlled Unclassified Information.” Like NIST SP 800-53A, which provides assessment procedures related to the requirements in NIST SP 800-53 (containing security requirements for federal systems), the draft publication will “help organizations develop assessment plans and conduct efficient, effective, and cost-effective assessments of the security requirements in Special Publication 800-171.” The draft special publication includes assessment procedures relating to each of the security requirements in the fourteen families included in NIST SP 800-171 and describes methods by which companies can “generate evidence to support the assertion that the security requirements have been satisfied.” Thus, it appears an organization that conducts the suggested assessments in the draft publication and generates supporting documentation can present this to its agency customer as proof of compliance with NIST SP 800-171 (of course, this is subject to any agency-specific clauses or demands relating to safeguarding CUI). Continue Reading

While Protests and the Sustain Rate Decrease, the Effectiveness Rate Continues Its Upward Climb – A Brief Review of GAO’s FY 2017 Bid Protest Statistics

On November 13, U.S. Government Accountability Office (“GAO”) published its Annual Report to Congress (B-158766, November 13, 2017), which contains the statistics for bid protests filed at GAO in FY 2017. Continue Reading

Surprise, Surprise, Congress Does Listen — Well, Kind Of

An Analysis of NDAA Section 846’s Online Marketplace Provisions

There has been a lot of speculation about the future of commercial items purchasing within the federal Government since Representative Mac Thornberry circulated his “Section 801” proposal to hand over the bulk of DOD COTS purchasing to one or two existing online commercial marketplaces. (See Section 801 article HERE). Industry groups mobilized, companies called their legislators, and the media contributed several stories describing the wide spread criticism of the House NDAA proposal. To the surprise of many, however, the Senate seems to have heard industry’s concerns – or at least some of them. Continue Reading

Achieving Cyber-Fitness In 2017: Part 5—Cyber Incident Reporting And Response

Reprinted from The Government Contractor, with permission of Thomson Reuters. Copyright © 2017. Further use without the permission of West is prohibited. For further information about this publication, please visit http://legalsolutions.thomsonreuters.com, or call 800.328.9352.

As discussed in parts 1–4 of this series, the Defense Federal Acquisition Regulation Supplement cybersecurity clause, Safeguarding Covered Defense Information and Cyber Incident Reporting, mandates contractor compliance with the security controls in National Institute of Standards and Technology Special Publication 800-171 by December 31. DFARS 252.204-7012. Continue Reading

Industry Struggles With Ever Changing Acquisition Rules

Note: This post was originally published in the October 2017 issue of the National Defense Industrial Association’s National Defense magazine.

Recent studies show that the percentage of overall research and development spending sponsored by the government has dropped sharply over the last 50 years.

Whereas government funding accounted for 67 percent of R&D in 1964, it accounted for 23 percent in 2015, a 44 percent reduction. For the government, this is not a salutary development. Increasingly, “state of the art” is being defined by the commercial marketplace, without government participation and often without its access to the resulting technological advances. Continue Reading

Travel Ban: Déjà Vu All Over Again, Again

On September 24, President Trump issued a “Presidential Proclamation Enhancing Vetting Capabilities and Processes for Detecting Attempted Entry Into the United States by Terrorists or Other Public-Safety Threats.” Most people know it better as Travel Ban 3.0 or EO3 (for “Executive Order #3”), the President’s third attempt to impose travel restrictions on nationals of certain countries who seek to enter the United States. If it feels like you’ve seen this movie before, that’s because you have. Continue Reading

LexBlog