United States: Year In Review: Regulatory Developments

Last Updated: January 26 2016
Article by Cynthia O. Akatugba and Michael C. Mateer

As part of our Year in Review series, we are highlighting the most significant federal regulations of 2015 and summarizing the resulting requirements for federal contractors.

I. Cybersecurity

Cybersecurity was a hot topic in 2015—for good reason.  Following massive data breaches at Fortune 500 companies, the Office of Personnel Management announced in June 2015 that its systems had also been attacked, compromising the personal information of millions of federal employees.  To strengthen its cybersecurity, DoD issued several rules applicable to its contractors.  Primarily, the regulations provide for mandatory reporting for breaches of more classes of information and streamlined reporting channels.  Among other things, contractors must report cybersecurity breaches of their information technology systems not only for unclassified controlled technical information, but also "covered defense information," which includes operations security information, export-controlled information, and any information subject to special protection under other government laws and policies.  Specific regulations include the following:

  1. DoD Privacy Program, 80 FR 4201, Department of Defense, Final Rule, January 27, 2015.

DoD significantly amended its policies and procedures implementing the Privacy Act of 1974.  Effective February 26, 2015, DoD contractors must adopt more rigorous procedures to protect against the disclosure of personally identifiable information (PII) like an individual's name, social security number, or date of birth.  Contractors must limit the availability of records with PII to those who "need to know" and limit collection of PII to when it is necessary to accomplish a DoD purpose.

  1. Supply Chain Risk (DFARS Case 2012-D050), 80 FR 67243, Department of Defense, Final Rule, October 30, 2015.

This regulation allows DoD to consider the impact of supply chain risk—the risk that an adversary will harm important government or contractor information technology systems—in procurements for information technology related to national security systems.  The interim rule established a new provision and clause, DFARS 239.7306, for inclusion in all solicitations and contracts where portions of the contract may be used to support or link with any National Security Systems starting in November 2015.  The final rule does not require prime contractors to flow down supply chain risk requirements to subcontractors and is restricted to covered systems rather than all information technology acquisitions.

  1. Network Penetration Reporting and Contracting for Cloud Services (DFARS Case 2013-D018), 80 FR 81472, Department of Defense, Interim Rule, December 30, 2015.

First issued in August 2015, DoD modified several DFARS sections including 252.204-7008 and 252.204-7012, to require contractors to put safeguards in place that meet the security requirements specified in NIST Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations."  These requirements flowdown to those subcontractors that will house covered defense information or will provide "operationally critical support."  Since August, DoD has provided contractors with several extensions to implement these requirements, including an extension in October issued via class deviation which provided contractors nine months from the date of contract award to implement a specific provision of SP 800-171.  DoD issued another extension in December, which gives contractors until December 31, 2017, to implement all the requirements of SP 800-171.  Comments on the interim rule issued on December 30, 2015, close on February 29, 2016.

II. Contractor Qualifications

The most significant development in the realm of contractor qualifications is a new requirement that offerors disclose unpaid tax liabilities and felony convictions. Based on a provision in the Consolidated and Further Continuing Appropriations Act, 2015, the impact of this requirement on procurement procedures remains to be seen.  Specific contractor qualification regulations in 2015 include the following:

  1. Prohibition on Contracting with Inverted Domestic Corporations, 80 FR 38306, 80 FR 38309, FAR Council, Final Rule, July 2, 2015.

The FAR Council amended the FAR to continue a longstanding rule prohibiting agencies from using appropriated (or otherwise made available) funds for contracts with foreign incorporated entities that are inverted domestic corporations or subsidiaries of such entities. Generally speaking, inverted domestic corporations are corporations or partnerships that were once incorporated in the United States but are now incorporated in a foreign country.  Although the FAR prohibition has been in place since 2008, this rule changes the certification language and notice requirements for contractors.  Offerors on federal solicitations must certify as to whether it is or is not an inverted domestic corporation or subsidiary of one.  In addition, contractors that become an inverted domestic corporation or a subsidiary of such a corporation during contract performance must give written notice to the contracting officer within five business days of the inversion event.

  1. Prohibition on Contracting with Corporations With Delinquent Taxes or a Felony Conviction, 80 FR 75903, FAR Council, Interim Rule, December 4, 2015.

This FAR requirement prohibits the federal government from contracting with entities that have an unpaid tax liability or a federal felony conviction.  Effective February 26, 2016, offerors must specify whether they: (1) have been convicted of a felony under federal law; or (2) have an unpaid federal tax liability for which they have exhausted all judicial and administrative remedies, and that is not being paid pursuant to an agreement with the taxing authority.  Offerors for contracts that are larger than $5 million with the Departments of Commerce, Justice, and NASA, as well as some smaller agencies, must certify that they have filed all federal tax returns for the last three years, have not been convicted of a criminal offense under the tax code, and have not been notified of any unpaid tax liability in the past 90 days, for which the liability remains unsatisfied.  Comments on the interim rule close on February 2, 2016.

III. Employment and Labor

Topics still very much under debate for the rest of the business community were put to rest for federal contractors with a series of Executive Orders and Department of Labor Regulations that, among other things, raise the minimum wage and protect conversations about compensation in the workplace.  Specific regulations include the following:

  1. Prohibitions Against Pay Secrecy Policies and Actions, 80 FR 54933, Department of Labor, Final Rule, September 11, 2015.

The Department of Labor, Office of Federal Contract Compliance Programs (OFCCP) amended the Equal Opportunity clause and other regulations to provide that, effective January 11, 2016, contractors cannot maintain pay secrecy policies.  This regulation prohibits contractors from firing or discriminating against any employee or job applicant because of inquiries about compensation.  It allows employees and job applicants to file complaints with OFCCP if they believe an employer discriminated against them for discussing or disclosing compensation information.  In addition, contractors must disseminate a nondiscrimination provision provided by the OFCCP.

  1. Establishing a Minimum Wage for Contractors, 80 FR 55646, 80 FR 57874, Department of Labor, Notice, September 16, 2015.

The Department of Labor issued a notice that beginning on January 1, 2016, the applicable minimum wage for employees of federal contractors is $10.15 per hour for workers performing work on or in connection with covered contracts and $5.85 per hour for tipped employees.

Relatedly, on December 4, 2015, the FAR Council adopted as final and effective immediately an earlier interim FAR rule that provides that contractors with contracts containing the FAR clauses at 52.222-6, Construction Wage Rate Requirements, or 52.222-41, Service Contract Labor Standards, i.e., "covered contracts," cannot pay less than the applicable minimum wage to workers for all hours worked on or in connection with a covered contract.  Contractors must also include a minimum wage contract clause in covered subcontracts and require covered subcontractors to include the substance of the clause in covered lower-tier contracts.  Contractors can request price adjustments only after the effective date of the new annual minimum wage, and prices will be adjusted only for increased labor costs (including subcontractor labor costs) as a result of an increase in the minimum wage.  For more information on the final rule, see 80 FR 75915.

  1. Further Amendments to Equal Employment Opportunity, 80 FR 75907, FAR Council, Final Rule, December 4, 2015.

This rule implements Executive Order 13672, which amends the Equal Opportunity Clause, FAR 52.222-26, to add sexual orientation and gender identity to the lists of prohibited bases of discrimination.  This change will affect all contracts and subcontracts containing the Equal Opportunity Clause.  Thus, under the new version of the clause, federal contractors and subcontractors cannot discriminate in employment matters on the basis of race, color, religion, sex, sexual orientation, gender identity, or national origin.

  1. Updating Federal Contractor Reporting of Veterans' Employment, 80 FR 75908, FAR Council, Interim Rule, December 4, 2015.

The FAR Council amended various FAR provisions to implement a final rule issued by the Department of Labor Veterans Employment and Training Service in September 2014.  Under this rule, contractors and subcontractors must report, as part of their annual Federal Contractor Veterans' Employment Report VETS-4212, the total number of employees and new hires who qualify for certain categories of protected veterans status as opposed to the previous requirement to report the total number of veterans protected in each job category.  This rule becomes effective on February 26, 2016, and applies to solicitations and contracts awarded or modified after that date.  Comments close on February 2, 2016.

IV. Human Trafficking

The attention to human trafficking in the past five years has culminated in procurement provisions aimed at combatting this problem in federal contracting, which became effective early in 2015.  Specific regulations include the following:

  1. Ending Trafficking in Persons, 80 FR 4967, FAR Council, Final Rule, January 29, 2015.

Effective March 2, 2015, new FAR clauses provide that contractors and subcontractors cannot use misleading or fraudulent recruitment practices; destroy, conceal, or confiscate identity or immigration documents; charge employees recruitment fees; provide housing that fails to meet the host country housing and safety standards; or fail to provide a written employment contract.  For acquisitions of supplies or services to be performed outside the United States that exceed $500,000, contractors and subcontractors must have a compliance plan that includes procedures to prevent human trafficking and to monitor, detect, and terminate any agents or subcontractors engaged in such activities and certify implementation of the compliance plan.  Contracting officers must report substantiated violations of this rule in the Federal Awardee Performance and Integrity Information System (FAPIIS) system, which contains information contracting officers must consider in making responsibility determinations.  In addition, the contracting officer will post information about violations by subcontractors to the prime contractor's record.  Prime contractors have an opportunity to post "any mitigating factors" in FAPIIS.

  1. Further Implementation of Trafficking in Persons Policy (DFARS Case 2013-D007), 80 FR 4999, Department of Defense, Final Rule, January 29, 2015.

As of January 2015, federal contractors and subcontractors working in or outside the United States must display hotline posters on combating trafficking in persons and whistleblowing, unless it is a contract for the acquisition of commercial items or a contract that does not exceed $5 million.  In addition, offerors must represent that they:  (1) do not engage in human trafficking, (2) have hiring and subcontracting policies to prevent human trafficking, and (3) have notified employees and subcontractors of their responsibility to report violations.  In addition, the rule incorporates the contractor employee bill of rights, developed in 2009 by the Army Air Force Exchange Services as Concessionaire Bill of Rights, into DFARS clause 252.225-7040(d)(8), Contractor Personnel Supporting U.S. Armed Forces Deployed Outside the United States.  Among other things, this provision states that an employee has the right to hold their own identity or immigration documents and receive agreed-upon wages on time.

V. Small Business

  1. Sole Source Contracts for Women-Owned Small Businesses, 80 FR 81888, FAR Council, Interim Rule, December 31, 2015.

The FAR Council recently amended various FAR provisions to allow contracting officers to award sole-source contracts to women-owned small businesses (WOSBs) and economically disadvantaged women-owned small businesses (EDWOSB).  This is in addition to the set-aside procedures already available for WOSBs and EDWOSBs.  Based on an earlier rule by the Small Business Administration, 80 FR 55019, an WOSB or EDWOSB is eligible for a sole source contract of up to $6.5 million for manufacturing and $4 million for all other contracts so long as the firm is responsible, the contracting officer does not have a reasonable expectation that two or more WOSBs or EDWOSBs will submit offers, and the offered price is fair and reasonable.  The Small Business Administration's rule became effective on October 14, 2015.  Comments on the FAR rule close on February 29, 2016.

VI. Whistleblowers

The government continued its focus on encouraging whistleblowers to report fraud, waste, and abuse.  Specific regulations include the following:

  1. Prohibition on Contracting with Entities That Require Certain Internal Confidentiality Agreements, DARS Tracking Number: 2016-O0003, Department of Defense, Class Deviation, October 29, 2015.

Based on provisions in the 2015 Continuing and Further Appropriations Act, DoD issued this class deviation prohibiting contractors from requiring their employees or subcontractors to sign confidentiality agreements that would restrict the employees or subcontractors from reporting fraud, waste, or abuse, or cooperating with law enforcement investigations of such allegations. the class deviation creates DFARS clauses 252.203-7996 and 252.203-7997.  Under these DFARS clauses, contractors must notify their employees and subcontractors that any such prior restrictions are invalid. Moreover, in submitting an offer for a solicitation with a DoD agency, offerors must represent that they do not require their employees or contractors to sign or comply with a prohibited confidentiality agreement.  The new DFARS clauses have appeared in DoD solicitations since the end of October 2015, and Contracting Officers are required to modify DoD contracts awarded after October 1, 2015 to include the clause, if feasible.

VII. Miscellaneous

  1. Adjustment of Acquisition-Related Thresholds, 80 FR 38293, FAR Council, Final Rule, July 2, 2015.

In 2015, we also saw an increase in the acquisition-related thresholds in the FAR to adjust for inflation. An "acquisition-related threshold" is a dollar amount specified in law, Executive order, or regulation that is a factor in determining the applicable acquisition procedures.  Adjustments to most of these thresholds occur every five years. The DoD issued a separate rule, 80 FR 36903, 80 FR 45899, to update the threshold amounts in multiple DFARS provisions.  The FAR and DFARS rules provide the various new threshold amounts.  In most cases, thresholds increased by 7 to 12 percent.

  1. Permanent Authority for Use of Simplified Acquisition Procedures for Certain Commercial Items, 80 FR 38311, FAR Council, Final Rule, July 2, 2015.

The FAR Council made permanent the simplified procedures under FAR subparts 13.5 and 18.2 for purchases of commercial items over the simplified acquisition threshold but under $6.5 million.  The simplified acquisition procedures may also be used for acquisitions that do not exceed $12 million when the acquisition is for commercial items that are to be used in support of a contingency operation or to facilitate the defense or recovery from nuclear, biological, chemical, or radiological attack.

  1. Taxes-Foreign Contracts in Afghanistan (DFARS Case 2014-D003), 80 FR 81467, Department of Defense, Final Rule, December 30, 2015.

Finally, while U.S. presence in Afghanistan has significantly decreased since 2014, federal contractors continue to perform services under various contracts.  Pursuant to the bilateral security agreement, entitled "The Security and Defense Cooperation Agreement between the Islamic Republic of Afghanistan and the United States of America," signed on September 30, 2014, and the North Atlantic Treaty Organization (NATO) Status of Forces Agreement (SOFA) signed on September 30, 2014, contracts performed in Afghanistan are exempt from Afghan taxes.  This rule creates two new clauses:  (1) DFARS 252.229-7014, Taxes—Foreign Contracts in Afghanistan; and (2) DFARS 252.229-7015, Taxes—Foreign Contracts in Afghanistan (North Atlantic Treaty Organization Status of Forces Agreement).  Contracting Officers must include these clauses in solicitations and contracts to be performed in Afghanistan, including those solicitations and contracts below the simplified acquisition threshold and those for the acquisition of commercial items or commercially available off-the-shelf items.

Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Morrison & Foerster LLP. All rights reserved

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Cynthia O. Akatugba
Michael C. Mateer
In association with
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.