United States: New DOD Internal Policy Guidance On Counterfeit Parts: A Preview Of Contractor Regulations?

The Department of Defense (DOD) has issued a new instruction that establishes internal DOD policies for detecting, avoiding, and remediating counterfeit parts in the DOD supply chain, and allocates responsibility among various DOD offices and functions for administering or developing those counterfeit prevention policies. Department of Defense Instruction (DODI) 4140.67, titled "DoD Counterfeit Prevention Policy," was issued on April 26, 2013, and it represents the next — but far from the final — step in the federal government's efforts to deal with the epidemic of counterfeit parts that led to the inclusion of a provision specifically targeted at counterfeit electronic parts in the fiscal year 2012 National Defense Authorization Act (NDAA). That statutory provision — Section 818 of the 2012 NDAA — requires DOD to adopt regulations that would impose far-reaching counterfeit prevention obligations on defense contractors, including provisions that would describe how contractors are to establish or validate so-called "trusted suppliers."

While those Section 818 implementing regulations were due in September 2012, DOD has yet to issue them, reflecting in part the complexity of the underlying issues and the need to consider the impact on the defense supply chain of imposing sweeping new counterfeit prevention obligations. According to a recent update on the status of pending DOD regulations, DOD's draft Section 818 regulations received final internal approval on May 3, 2013 and are being prepared for publication in the Federal Register — meaning they should be forthcoming soon. In the meantime, DODI 4140.67, while short on specifics, provides some valuable insight into the likely contours of those Section 818 regulations by providing DOD's perspective on contractors' role in implementing DOD's counterfeit prevention policy.

DODI 4140.67 supersedes and replaces the March 16, 2012 memorandum titled "Overarching DoD Counterfeit Prevention Guidance," issued by Frank Kendall, Under Secretary of Defense for Acquisition, Technology, and Logistics (Kendall Memorandum). The Kendall Memorandum had represented DOD's initial effort at meeting its obligation under Section 818 to issue internal DOD guidance on counterfeit parts prevention policies and procedures. DODI 4140.67 builds upon many of the same concepts introduced in the Kendall Memorandum, such as addressing "counterfeit materiel" broadly (as opposed to Section 818's limited focus on only "counterfeit electronic parts"), and promoting the use of the Government-Industry Data Exchange Program (GIDEP) as the mechanism for both DOD and industry to use to report known or suspected instances of counterfeiting.

A full copy of DODI 4140.67 is available here. Key provisions of the instruction for defense contractors and subcontractors include the following:

  • Definitions of "counterfeit" and "suspect counterfeit." The first step in formulating a counterfeit detection and prevention system is determining how to define an item as counterfeit. DODI 4140.67 defines the term "counterfeit materiel" as "an item that is an unauthorized copy or substitute that has been identified, marked, or altered by a source other than the item's legally authorized source, and has been misrepresented to be an authorized item of the legally authorized source." The instruction also includes a definition of "suspect counterfeit" materiel — an important concept given that steps must be taken to isolate and prevent introduction of parts that are suspected of being counterfeit even while efforts are ongoing to confirm their status as counterfeit. A suspect counterfeit item, materiel, or product is one "in which there is an indication by visual inspection, testing, or other information that it may meet the definition of counterfeit materiel."
  • Definition of "authentic materiel." The instruction also includes a definition of "authentic materiel," in contrast to counterfeit materiel. Authentic materiel is "made from the proper materials using the proper processes with required testing." Interestingly, while the definition of counterfeit materiel discusses actions taken by other than an item's "legally authorized source," the definition of authentic materiel says nothing about the processes needing to have been performed by an authorized source.
  • Counterfeit prevention policies encompass all parts, not just electronic parts, and include software and information technology. While Section 818 focused on counterfeit electronic parts, an area in which counterfeiting problems have been particularly acute, DOD is not limiting its counterfeit prevention policies to electronic items and, in fact, does not even single out electronic parts explicitly for heightened counterfeit prevention or detection policies. The instruction refers to policies for the prevention of "counterfeit materiel," and "materiel," for purposes of the instruction, includes "software" and "information and communications technology," in addition to tangible items, such as components, sub-components, and equipment.
  • Absence of reference to "covered contractors." In describing DOD's obligation to devise and implement "a program to enhance contractor detention and avoidance of counterfeit electronic parts," Section 818 referred to the program as imposing obligations on covered contractors. Section 818 defined the term "covered contractor" as having the same meaning as in the provision of the fiscal year 2011 NDAA governing contractor business systems, which defined a covered contractor as a contractor subject to the cost accounting standards (CAS) under section 26 of the Office of Federal Procurement Policy Act (41 U.S.C. § 422). That definition does not distinguish between contractors who are subject to full or partial CAS coverage, meaning that a contractor subject even to partial CAS coverage would be deemed to be a covered contractor. Yet the term covered contractor is conspicuously absent from DODI 4140.67. Is its absence merely a byproduct of DOD's intent that the instruction be a high-level and largely inward-looking document establishing internal DOD responsibilities and policy aspirations without dwelling on the "nuts and bolts" of how the anti-counterfeiting policies will be applied to contractors? Or does it instead indicate that DOD has decided to impose its anti-counterfeiting requirements more broadly, on all contractors, not just covered contractors? The Section 818 regulations, when published, will provide the answer. It would not be surprising, however, if DOD viewed the need for covered contractors to flow the enhanced counterfeit avoidance procedures down throughout their supply bases as diminishing the significance of the covered/non-covered contractor distinction. Contractors required to comply with stricter anti-counterfeiting procedures and facing potentially open-ended liability for counterfeit parts discovered in their products will flow the enhanced anti-counterfeiting requirements down to their own suppliers. As those flowed-down obligations ripple through the defense supply chain, the burdens will reach companies that are not themselves subject to CAS coverage — meaning that, as a practical matter, the anti-counterfeiting requirements will impact both covered and non-covered contractors.
  • Stated goal of avoiding "DOD-unique" counterfeit prevention procedures. One of the policies articulated in DODI 4140.67 is DOD's goal of "avoid[ing] establishing DoD-unique anti-counterfeiting procedures." This is a worthy — and arguably even necessary — goal if DOD does not want to risk driving vendors who offer commercial items out of the DOD supply chain, but the instruction does not make clear exactly how DOD intends to avoid DOD-unique procedures. This statement could indicate that DOD will seek to coordinate its anti-counterfeiting procedures with those used by other government agencies, or that DOD will seek to ensure that its counterfeit prevention procedures mirror those used in the commercial sector. The latter approach raises questions about what "commercial" standards DOD would adopt, as the type of anti-counterfeiting procedures necessary varies by industry and there are different anti-counterfeiting standards issued by a number of commercial entities.
  • DOD intention to issue "standardized guidelines" for contractors to use in their quality systems to detect and avoid counterfeit parts. The instruction charges the Under Secretary of Defense for Acquisition, Technology, and Logistics with "identif[ying] and establish[ing] standardized guidelines for contractors to employ in their processes for the detection and avoidance of counterfeit materiel into the DoD supply chain." The adoption of standardized guidelines for contractor counterfeit detection and prevention processes suggests that the Defense Contract Management Agency (DCMA) will inspect or audit contractor compliance with those guidelines as part of its assessment of the adequacy of contractor purchasing and quality systems.
  • DOD intention to establish counterfeit-related "qualification criteria" for suppliers. Section 818 of the 2012 NDAA charged DOD with issuing regulations that would "establish qualification requirements" that DOD could use to "identify trusted suppliers that have appropriate policies and procedures in place to detect and avoid counterfeit electronic parts and suspect counterfeit electronic parts." DODI 4140.67 indicates that "technical anti-counterfeit qualification criteria for suppliers" will be developed through collaboration between DOD Components and the Assistant Secretary of Defense for Research and Engineering. Given the instruction's focus on "materiel" broadly, it appears likely that DOD will adopt technical anti-counterfeit qualification criteria for suppliers of all types of materiel, not just electronic parts.
  • DOD will use GIDEP as the system for reporting suspect and confirmed counterfeit materiel.
  • Emphasis on restitution for discovery of counterfeit parts in delivered items. DODI 4140.67 establishes it as official DOD policy to "[s]eek restitution when cases are confirmed" and to obtain remedies under existing DOD instructions regarding fraud or under Part 46 of the Federal Acquisition Regulation (FAR) regarding Quality Assurance. This policy could pose issues to contractors that delivered products before the problem of counterfeiting gained its current notoriety and before DOD's adoption of enhanced contractor requirements for counterfeit prevention. Will those contractors be held to the same standards as contractors who will deliver items produced under the enhanced anti-counterfeiting procedures required by Section 818? Are products that are "out of warranty" now subject to rework/replacement if a counterfeit part is discovered? The instruction does not provide the parameters of DOD's expectations for "restitution," but does signal that DOD is likely to be aggressive in pursuing financial remedies when counterfeit parts are discovered, no matter how long after delivery.
  • "Risk-based approach" to DOD's internal counterfeit prevention policies. DODI 4140.67 establishes it as official DOD policy to "[e]mploy a risk-based approach to reduce the frequency and impact of counterfeit materiel within DoD acquisition systems and DoD life-cycle sustainment processes." The instruction defines the concept of a risk-based approach as signifying an "analytical strategy to focus attention on areas or applications where failure will produce higher severity of consequences and trigger impacts to the overall mission objectives and human safety." That DOD would espouse a risk-based approach in its internal guidance is not surprising, given that Section 818 directed DOD to "implement a risk-based approach" to minimize the impact of counterfeit electronic parts on DOD. What remains to be seen, however, is whether DOD will maintain this sensible risk-based approach when establishing anti-counterfeiting requirements for contractors. Section 818 directed DOD to implement an anti-counterfeiting program for contractors that would require contractors "to eliminate counterfeit electronic parts from the defense supply chain" — a choice of words that could be interpreted as eschewing a risk-based approach in favor of an "elimination of all counterfeits, no matter the cost or impact" approach. DODI 4140.67 at least appears to recognize that a sound anti-counterfeiting policy requires an analysis of the cost/benefit tradeoffs involved, by directing DOD Component Heads to "implement anti-counterfeiting measures, strategies, plans, and programs that balance the risks caused by [critical materiel and materiel determined to be susceptible to counterfeiting] with the impact to readiness and cost of the measures."

As discussed above, for contractors and suppliers anxiously awaiting the Section 818 regulations that will define their own obligations for counterfeit part detection and prevention, DODI 4140.67 is short on specifics as to how DOD's internal anti-counterfeiting policies will impact contractors directly. As the summer movie season kicks into gear, perhaps an apt analogy would be to describe DODI 4140.67 as a movie trailer, with the Section 818 regulations representing the blockbuster movie yet to be released in theaters. Just as a movie trailer provides a "sneak peek" of the movie itself, so too does DODI 4140.67 provide a glimpse into DOD's thinking on the subject of counterfeit parts prevention, thinking that no doubt animated DOD's development of the soon-to-be-published Section 818 regulations that will establish contractors' own anti-counterfeiting obligations.

Based on DODI 4140.67, contractors should expect the upcoming Section 818 counterfeit parts regulations to:

  • Address "counterfeit materiel" broadly, rather than being limited to the "counterfeit electronic parts" specifically addressed in Section 818. While electronic parts remain a particular risk area for counterfeiting, DODI 4140.67 encompasses counterfeit parts of all types and does not single out electronic parts for particular emphasis or special treatment. That approach suggests that DOD is viewing the Section 818 regulations as an opportunity to address counterfeit parts generally, rather than limiting itself to the express "counterfeit electronic parts" mandate of Section 818.
  • Impose stricter requirements for counterfeit prevention and detection on "critical" items. The instruction references "critical item traceability," indicating that DOD will require items designated as both "critical" and "susceptible to counterfeiting" to be traceable back to the original manufacturer through use of a unique item identifier (UII). The instruction refers to the level of traceability sought as "authoritative life-cycle traceability and authentication."
  • Require contractors to report all occurrences of suspect or confirmed counterfeit parts in GIDEP. Whether the regulations will designate an alternative reporting channel remains to be seen, as GIDEP is the only specific resource that has been cited in the internal DOD guidance issued to date. An alternative reporting mechanism may well prove necessary, at least in the short term, as membership in GIDEP is currently limited to U.S. or Canadian companies, meaning that suppliers based outside the United States and Canada would be unable to use GIDEP either (i) to report the discovery of counterfeit parts themselves, or (ii) to monitor reports of counterfeit parts discovered by other defense suppliers. The instruction appears to recognize these existing limitations in GIDEP by charging the Assistant Secretary for Research and Engineering with determining and implementing "enhancements to GIDEP to expand its usefulness and robustness in anit-counterfeiting efforts in the DoD global supply chain."

Foley will provide another Legal News Alert when DOD publishes the Section 818 counterfeit parts regulations, discussing the proposed regulations in depth. In the meantime, if you are interested in a detailed analysis of the legal issues associated with DOD's implementation of Section 818, Foley Senior Counsel Frank S. Murray, Jr. co-authored an October 5, 2012 white paper on the subject as a member of the ABA Public Contract Law Section's Task Force on Counterfeit Parts. That white paper is available here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

In association with
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


From time to time Mondaq may send you emails promoting Mondaq services including new services. You may opt out of receiving such emails by clicking below.

*** If you do not wish to receive any future announcements of services offered by Mondaq you may opt out by clicking here .


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.