With the federal government back to work, we saw several
important federal initiatives continue in earnest in November. Two
of these initiatives will have a tremendous impact on
nonprofits' reliance on federal grant and contract funds
– the President's cybersecurity efforts under Executive Order 13636 issued this past
February, as well as the President's efforts to curb human
trafficking, based on an Executive Order from September 2012.
Also, keep an eye out in the coming weeks and months for the
anticipated release of the Super Circular (the consolidation of the
various Office of Management and Budget Circulars, which are the
primary regulatory framework for nonprofits' administration,
cost principles, and audit practices as they relate to federal
funds).
Cybersecurity Regulation of Grantees
On November 14-15, 2013, the National Institute of Standards and
Technology (NIST) held a workshop at North Carolina State University on
the preliminary Cybersecurity Framework (PCF). Venable
attended this workshop, as well as all of the
previous NIST workshops addressing the Framework.
Of particular interest to federal grantees is EO 13636's
direction to the Department of Homeland Security (DHS) to
"coordinate the establishment of a set of incentives designed
to promote participation in the [voluntary program]." That
being said, the vast majority of these incentives likely would
require federal legislation to be realized. As a result, DHS stated
at one of the topic-specific working sessions earlier this month
that it only can offer "a very limited set of incentives"
in the near term. Indeed, it appears that the only incentive
mentioned by DHS that would be available at "launch time"
in February 2014 is prioritization of support and technical
assistance. Other "incentives" noted in the DHS
presentation include continuing engagement with the insurance
industry and private sector "to understand the role of
insurance in organizational risk;" coordinating with the
General Services Administration and the Department of Defense on
procurement considerations; working to link existing federal grant
programs to adoption of the Framework; discussing rate recovery for
price-regulated industries with responsible state and federal
agencies; and examining the potential for regulatory streamlining
to promote adoption.
Consequently, while nonprofits may not be particularly focused on
cybersecurity, much like several other social reform efforts of
prior administrations, the President may use the procurement and
non-procurement (i.e., grant) programs as a means of
implementing cybersecurity protocol and requirements at large.
Venable has tracked and
written extensively on the development of the preliminary Cybersecurity Framework developed
by NIST.
Human Trafficking
On September 25, 2012, President Obama issued Executive Order
13627, Strengthening Protections Against Trafficking in
Persons in Federal Contracts. Comments were due this month on a
proposed rule issued by the Federal Acquisition Regulation (FAR)
Council to implement the President's Executive Order.
In short, the proposed rule strengthens prior legislation by
imposing several new and significant responsibilities on
contractors and subcontractors to act affirmatively to prevent
human trafficking and forced labor. First, the rule prohibits
certain conduct, such as the:
- Destruction, concealment, confiscation, or denial (in any manner) of an employee's access to their identity documents (e.g., passport, work visa, etc.);
- Use of misleading or fraudulent recruitment practices;
- Charge of recruitment fees to employees;
- Provision or arrangement of housing that fails to meet the host country safety standards;
- Failure to provide a written employment contract, recruitment agreement, or similar document in the employee's native language; and
- Failure to pay return transportation costs upon the end of employment for those brought into the U.S. for the purpose of working on a U.S. government contract or subcontract.
In addition to the prohibited conduct, contractors and
subcontractors must also:
- Protect and interview all employees suspected of being victims or witnesses to prohibited activities;
- Not hinder or prevent the cooperation of employees with government authorities; and
- Self-report to the agency inspector general if the contractor/subcontractor becomes aware of credible violations.
The failure to comply can result in significant penalties,
including:
- Civil fines;
- Criminal penalties; and/or
- A listing in the Federal Awardee Performance and Integrity Information System (FAPIIS).
Thus, contractors and subcontractors in receipt of federally
funded contracts should be mindful of these eminent requirements
and develop a compliance program to meet these standards.
Alternatively, with respect to nonprofits that receive their
federal funds solely through federal grants (i.e.,
non-procurement), these requirements do not currently apply.
However, such nonprofits should be mindful that it would be a
natural extension for the non-procurement regulation to be updated
to adopt similar standards in the future.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.