Section 889 Compliance: A Must-Know Guide for Federal Contractors

pricereporter.com > Price Reporter Blog > About GSA Contracts > Section 889 Compliance: A Must-Know Guide for Federal Contractors
Section 889

Section 889 of the John S. McCain National Defense Authorization Act (NDAA) for Fiscal Year 2019 represents a pivotal change in federal procurement policy. Aimed at safeguarding national security, this legislation places strict prohibitions on the federal government’s ability to procure telecommunications equipment and services from certain foreign companies, particularly those with ties to the People’s Republic of China. The law seeks to mitigate risks associated with espionage and cyber threats, which have become increasingly prevalent in today’s interconnected global economy.

Check if you Qualify to be a GSA Contractor
Click here

For federal contractors, compliance with Section 889 is crucial. Failure to meet the requirements can result in disqualification from federal contracts, severe penalties, and reputational damage. Even though the law was implemented several years ago, its requirements remain highly relevant today. Contractors must not only be aware of the initial prohibitions but also stay vigilant regarding any updates or changes in the legislation that could affect their eligibility to work with federal agencies.

What is Section 889?

Section 889 of the NDAA was enacted to address growing concerns about national security threats posed by foreign telecommunications companies. The law specifically targets risks related to espionage, cyber threats, and data security by limiting the use of certain telecommunications equipment and services in federal contracts. Section 889 is divided into two key parts, each with distinct provisions that federal contractors must comply with:

Part A: Prohibition on Federal Procurement of Certain Telecommunications Equipment

Part A of Section 889, effective since August 13, 2019, prohibits the federal government from procuring or obtaining telecommunications equipment or services from certain foreign companies. These restrictions are aimed at preventing the use of equipment that could compromise national security, particularly by enabling foreign surveillance or cyberattacks.

Under Part A, federal agencies cannot purchase equipment, systems, or services that use telecommunications technology from specific Chinese companies. The prohibited companies include:

  • Huawei Technologies Company
  • ZTE Corporation
  • Hytera Communications Corporation
  • Hangzhou Hikvision Digital Technology Company
  • Dahua Technology Company

The ban extends to all telecommunications equipment and services that are considered essential or critical components of any system. This provision is broad, ensuring that even peripheral devices, if made by these companies, are excluded from federal procurement.

Part B: Prohibition on Contracting with Entities Using Restricted Telecommunications Equipment

Part B, which took effect on August 13, 2020, goes a step further by prohibiting federal agencies from entering into, renewing, or extending contracts with any entity that uses covered telecommunications equipment or services, even if the equipment is not directly used in a federal contract. This means that if a contractor uses technology from the prohibited companies in any aspect of its operations—whether domestic or overseas—it may be disqualified from federal contracting.

Part B expands the scope of compliance beyond procurement to include operational usage. Contractors are required to conduct a “reasonable inquiry” to determine if they are using any prohibited equipment in their supply chain or operational infrastructure. This provision affects a wide range of industries, from information technology and finance to healthcare and manufacturing, making it crucial for contractors to closely monitor their technology usage.

Ongoing Compliance Expectations

The list of prohibited companies under Section 889 primarily includes Chinese telecommunications giants such as Huawei, ZTE, Hikvision, Dahua, and Hytera. However, the law also allows for the possibility of adding more companies in the future if they are found to pose similar national security risks. As a result, contractors must remain vigilant and keep up-to-date with any changes or additions to this list.

Ongoing compliance requires contractors to routinely evaluate their supply chains, assess potential risks, and ensure that their telecommunications equipment and services do not violate Section 889. This is not a one-time certification but an ongoing responsibility that must be integrated into a contractor’s operational and procurement practices to maintain eligibility for federal contracts.

Compliance Requirements

Federal contractors must comply with the specific obligations outlined in both Part A and Part B of Section 889 to ensure they remain eligible for government contracts. Below is a breakdown of the critical requirements under each part.

Part A Compliance: Key Obligations for Contractors

Part A of Section 889, which has been in effect since August 2019, restricts federal agencies from procuring or obtaining telecommunications equipment or services linked to specific foreign companies. The intent is to prevent the use of technology that poses national security risks, particularly those involving potential cyberattacks or surveillance threats.

Summary of Prohibited Equipment and Services

Part A applies to any telecommunications equipment or services that are considered a “substantial or essential” component of a system or are classified as critical technology. Contractors need to ensure that no such equipment is present in any products or services they offer to the federal government, even if it is a peripheral component of a larger system.

Relevant FAR and DFAR Clauses

To ensure compliance with Part A, contractors must adhere to the following regulations:

  • FAR Clause 52.204-24: Requires contractors to disclose whether they use any prohibited telecommunications equipment when submitting offers.
  • FAR Clause 52.204-25: Outlines the prohibition on contracting for certain telecommunications and video surveillance services or equipment.
  • DFARS Clause 252.204-7018: Provides additional guidelines specific to defense contractors regarding the use of prohibited technology.

Available Exceptions and Waiver Procedures

While Part A imposes strict restrictions, there are some exceptions. For instance, telecommunications equipment that does not have access to data or interact with user data is excluded from the prohibition. Additionally, certain backhaul and roaming services are allowed under specific circumstances.

If a contractor finds compliance with the law challenging due to operational constraints, they can apply for a waiver. Waivers are granted by the head of the contracting agency on a case-by-case basis. To obtain a waiver, contractors must provide a compelling justification, outline the presence of the restricted equipment in their supply chain, and submit a phase-out plan for replacing the equipment.

Part B Compliance: Additional Obligations for Contractors

Part B, which came into effect in August 2020, expanded the scope of Section 889 by prohibiting federal agencies from contracting with any company that uses restricted telecommunications equipment in their internal operations.

Impact on Contractors’ Use of Technology

Part B requires contractors to review not only the products and services they provide to the government but also their internal operations. The rule prohibits the use of restricted telecommunications equipment within the company’s infrastructure, regardless of whether it directly relates to government work. Contractors must evaluate all areas of their business, including IT systems, communications infrastructure, and even remote work setups—to ensure compliance.

Certification and Reporting Requirements

To comply with Part B, contractors must provide certification that their organization does not use prohibited telecommunications equipment. This certification is typically included in the proposal process, using FAR Clause 52.204-24, which requires a declaration about the use of covered equipment.

Contractors are also required to conduct a reasonable inquiry into their operations and supply chains. This inquiry must be thorough enough to identify whether prohibited equipment is in use but does not require a third-party audit. If contractors discover that they are using restricted equipment, they must report it immediately and work with the contracting officer to address the issue, which may include applying for a waiver or developing a phase-out plan.

Practical Tips for Reasonable Inquiry and Due Diligence

  • Review Supplier Agreements: Ensure that suppliers and subcontractors comply with Section 889, as their non-compliance can impact your eligibility.
  • Audit Technology Infrastructure: Conduct regular audits of your telecommunications and video surveillance systems to confirm that no prohibited equipment is in use.
  • Keep Documentation: Maintain detailed records of your inquiries and assessments to demonstrate compliance in case of future audits or investigations.

By following these steps, contractors can maintain compliance with both Part A and Part B of Section 889, thereby safeguarding their federal contracts and ensuring they avoid potential penalties.

Compliance Requirements for Federal Contractors

Steps to Ensure Compliance

Ensuring compliance with Section 889 requires a proactive approach, particularly when it comes to assessing risk within your supply chain and verifying the compliance of subcontractors and third-party partners. Below are key steps and best practices to help federal contractors meet the requirements of both Part A and Part B of Section 889.

Risk Assessment: Reviewing Supply Chains for Prohibited Telecommunications Equipment

The first step in achieving compliance with Section 889 is conducting a thorough risk assessment of your supply chain. This involves identifying any equipment, systems, or services that may include telecommunications technology from prohibited foreign companies. Here are some guidelines for carrying out an effective risk assessment:

  1. Map Your Supply Chain: Begin by mapping out your entire supply chain, including direct suppliers, subcontractors, and vendors. Understanding the flow of equipment and services throughout your organization will help you identify potential areas of risk.
  2. Categorize High-Risk Areas: Focus on parts of your supply chain that involve telecommunications and video surveillance equipment, as these are the most likely to contain restricted technologies. Pay special attention to systems that play a substantial or essential role in your operations.
  3. Check for Prohibited Equipment: Ensure that no equipment or services from prohibited companies (e.g., Huawei, ZTE, etc.) are present in your supply chain. This includes examining products that may use components from these companies, even if they are not primary suppliers.
  4. Stay Informed: Since Section 889 is an evolving regulation, it’s crucial to stay updated on any changes to the list of prohibited companies or technologies. Ensure that your compliance team monitors new announcements from the government that could affect your supply chain.

Best Practices for Identifying Potential Risks and Ensuring Compliance

To ensure you remain compliant, it’s essential to implement best practices that help you continuously identify risks and address them promptly. Here are some effective strategies:

  1. Regular Audits: Conduct regular audits of your telecommunications and IT systems to ensure that no prohibited equipment is used in your internal operations or within your supply chain. These audits should cover not only the systems you supply to the government but also your broader operations.
  2. Supplier Certifications: Require all suppliers to certify that they do not use prohibited telecommunications equipment. This certification can be included as part of your vendor agreement or purchase order terms.
  3. Establish a Compliance Team: Designate a team within your organization responsible for overseeing Section 889 compliance. This team should coordinate audits, track supply chain compliance, and stay informed on regulatory updates.
  4. Implement a Monitoring Program: Use automated tools or platforms that provide ongoing monitoring of your supply chain. These tools can alert you to any risks, such as the inclusion of restricted technology by a new vendor.

Vendor Due Diligence: Ensuring Subcontractors and Third-Party Partners Meet Compliance Standards

Section 889 not only requires that your organization comply with the regulations but also that any subcontractors or third-party partners involved in your projects meet the same standards. This means that vendor due diligence is crucial for maintaining compliance. Here’s how to approach it:

  1. Screen All Vendors: Before entering into contracts, screen all potential vendors and subcontractors to ensure they are not using prohibited telecommunications equipment. This includes any subcontractors providing technology, systems, or services that may integrate into your supply chain.
  2. Contractual Clauses: Include specific language in your contracts requiring subcontractors and third-party vendors to comply with Section 889. This ensures that they are legally obligated to avoid using prohibited equipment and services.
  3. Perform Ongoing Assessments: Due diligence should not be a one-time project. Conduct regular reviews of subcontractors and third-party partners to ensure continued compliance. Establish clear reporting channels for subcontractors to notify you of any potential issues.
  4. Establish a Reporting Mechanism: Create a system for subcontractors and third parties to report any concerns related to the use of prohibited telecommunications equipment. This allows for early detection of non-compliance and helps prevent it from impacting your federal contracts.

Documentation and Certification Tips

Maintaining proper documentation and certifications is key to proving your compliance with Section 889. Here are a few tips to help you manage this process effectively:

  1. Keep Detailed Records: Document every step of your risk assessments, including the checks performed on suppliers, audits of your systems, and any certifications you collect from vendors. These records should be easily accessible in case of an audit or inquiry from the government.
  2. Supplier and Subcontractor Certifications: Collect and store certifications from your suppliers and subcontractors stating that they do not use prohibited telecommunications equipment. Make sure these certifications are regularly updated.
  3. Self-Certification: Ensure your organization’s own self-certifications are thorough and regularly reviewed. Certify that you are not using restricted technology when submitting bids, and make sure this certification is reflected in your procurement processes.
  4. Regularly Review Compliance Documentation: Set up a schedule for reviewing and updating compliance documentation. This will help ensure that your records are always up to date and that you’re prepared for any government review or audit.

By following these steps and maintaining diligent oversight, you can significantly reduce the risk of non-compliance with Section 889 and protect your federal contracting opportunities.

Steps to Ensure Compliance with Section 889

Penalties and Consequences for Non-Compliance

Failure to comply with Section 889 can result in severe legal and financial consequences for federal contractors. As the law is designed to protect national security, violations are taken seriously by federal agencies, and non-compliance can lead to significant penalties that may jeopardize a contractor’s business relationships with the U.S. government.

Legal and Financial Risks of Violating Section 889

Contractors who violate Section 889 face a range of legal and financial risks, including:

  1. Contract Termination: One of the most immediate consequences of non-compliance is the termination of existing contracts. If a federal agency discovers that a contractor is using prohibited telecommunications equipment or services, they may terminate the contract immediately, regardless of the stage of the project. This can result in lost revenue, as well as the costs associated with winding down the contract.
  2. Debarment and Suspension: Contractors found to be in violation of Section 889 can either be debarred or temporarily suspended from doing business with the federal government. Debarment is a serious consequence that bars a contractor from bidding on or receiving new government contracts for a specified period of time. Suspension, while typically temporary, can also have long-term consequences on a company’s ability to secure federal contracts.
  3. Fines and Penalties: Non-compliant contractors may also face financial penalties. These can include fines imposed by federal agencies or the government seeking reimbursement for funds already paid under a non-compliant contract. Fines can vary depending on the severity of the violation and the contractor’s level of cooperation in addressing the issue.
  4. Legal Action: In extreme cases, contractors who willfully ignore or violate Section 889 may face legal action. The U.S. government can initiate lawsuits against contractors for breaches of contract or violations of federal regulations. This could result in lengthy litigation, legal fees, and additional financial burdens.
  5. Damage to Reputation: Beyond the direct legal and financial penalties, non-compliance with Section 889 can severely damage a contractor’s reputation. Once a contractor is found in violation, it may become more difficult to secure future contracts, not only with the government but also with other businesses that value regulatory compliance. Loss of trust can have long-term effects on a company’s business operations and market position.

Examples of Enforcement Actions

The U.S. government has made it clear that Section 889 will be strictly enforced, with several cases already highlighting the serious consequences for contractors who fail to comply. Below are examples of the types of enforcement actions contractors may face:

  • Contract Suspensions: Several contractors have faced suspension of ongoing contracts after federal audits revealed the use of prohibited telecommunications equipment in their supply chains. In these cases, the government halted further payments and required the contractor to remove or replace the restricted equipment before the contract could resume.
  • Bid Disqualification: In other instances, contractors have been disqualified from bidding on federal contracts due to non-compliance with Section 889. Even if a contractor is otherwise well-qualified for the contract, failure to certify compliance with the law can result in immediate exclusion from the bidding process.
  • Agency-Wide Alerts: There have been cases where the U.S. General Services Administration (GSA) and other federal agencies have issued alerts to all contracting officers about companies that were found to be in violation of Section 889. This type of enforcement action spreads the risk across multiple government contracts, further isolating the non-compliant contractor from federal opportunities.

Contract Suspension or Termination

If a contractor is found to be non-compliant with Section 889 during the performance of a contract, the government may choose to suspend or terminate the agreement. The impact of this can be devastating:

  1. Contract Suspension: Suspension may occur while the contractor works to remedy the non-compliance, such as by replacing the prohibited equipment or providing alternative solutions. During this period, no further payments will be made, and the project will be put on hold. This can result in significant delays, lost revenue, and increased operational costs.
  2. Contract Termination: If non-compliance is not rectified, or if the violation is deemed severe, the contract can be terminated outright. In such cases, the contractor may be required to return any payments already received, as well as cover any additional costs incurred by the government in finding a replacement contractor. This could also lead to the contractor being debarred from future government contracts.

To avoid these penalties and consequences, contractors must ensure full compliance with Section 889, implementing thorough risk assessments and due diligence processes to mitigate the risk of violations.

Contract Suspension or Termination

Updates and Future Trends

As technology continues to evolve and the global landscape of telecommunications grows more complex, compliance with Section 889 will require ongoing attention and adaptation. Federal contractors need to be aware of new developments in both technology and procurement rules that could impact their operations and compliance obligations.

Ongoing Developments in Technology and Procurement

The rapid pace of technological advancement, particularly in the telecommunications sector, poses new challenges for contractors striving to remain compliant with Section 889. Emerging technologies such as 5G networks, the Internet of Things (IoT), and artificial intelligence (AI) are increasingly integrated into business operations, and these technologies often involve complex supply chains that span multiple countries. As a result, contractors must be vigilant in ensuring that none of the components they use in their systems come from restricted entities.

One significant area of concern is the rise of 5G technology. While 5G offers tremendous potential in terms of speed and connectivity, it also brings heightened risks, as some of the key suppliers of 5G infrastructure are based in countries that are subject to Section 889 restrictions. Contractors working on federal projects must carefully vet their 5G suppliers and equipment to avoid violating the law.

In addition to technological advancements, the procurement landscape is also shifting. The U.S. government has been steadily increasing its focus on supply chain security and the risks posed by foreign influence on critical infrastructure. This means that future federal procurement rules may become even more stringent, expanding the list of restricted technologies and suppliers. Contractors will need to ensure they remain agile and ready to adapt to new procurement guidelines as they emerge.

Possible Updates to Federal Procurement Rules

The Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) are continually updated to reflect the latest in federal procurement policy. It is likely that further updates will be introduced to strengthen the enforcement of Section 889 and to address new security risks posed by evolving technology.

Some potential updates contractors should anticipate include:

  1. Expansion of Restricted Companies: As global tensions and security concerns continue to grow, it’s possible that the U.S. government may add more companies to the list of restricted entities. Contractors should be prepared to regularly review their supplier lists and adapt quickly to any changes in the law.
  2. Broader Coverage of Emerging Technologies: New regulations may be introduced that target specific types of emerging technologies, such as 5G infrastructure, AI systems, and IoT devices. These technologies could become subject to additional restrictions, and contractors may need to conduct more in-depth audits of their supply chains to ensure compliance.
  3. Increased Reporting Requirements: The U.S. government may also introduce new reporting and certification requirements, making it mandatory for contractors to provide more detailed disclosures about their supply chains and technology usage. This could involve submitting regular compliance reports or implementing enhanced monitoring systems to track the use of prohibited equipment.

The Importance of Staying Informed

Given the dynamic nature of both technology and federal procurement regulations, contractors must prioritize staying informed about any changes that could affect their operations. Failure to keep up with regulatory updates could lead to unintentional non-compliance, contract suspension, or legal penalties.

To stay ahead of potential changes, contractors should:

  1. Subscribe to Regulatory Updates: Make it a priority to regularly review updates from agencies such as the General Services Administration (GSA), Department of Defense (DoD), and other federal bodies that publish procurement rules. This will ensure that contractors are aware of any new regulations as soon as they are issued.
  2. Participate in Industry Webinars and Conferences: Many federal agencies and industry groups hold webinars and conferences to discuss upcoming changes in procurement policy. Attending these events can provide valuable insights into the future direction of federal contracting and how to stay compliant.
  3. Establish a Compliance Monitoring System: Implement an internal system for monitoring compliance and auditing supply chains. This system should be flexible enough to accommodate new regulations and should provide an easy way to verify whether your technology and vendors meet the latest requirements.
  4. Engage Legal and Compliance Experts: Consulting with legal or compliance professionals who specialize in federal procurement can help contractors stay informed and prepared for any updates or changes in regulations.

By staying informed and proactively adapting to new trends, contractors can ensure continued compliance with Section 889 and protect their federal contracting opportunities in the future.

The Importance of Staying Informed

Conclusion

Section 889 of the NDAA is a crucial regulation for federal contractors, designed to protect national security by prohibiting the use of certain foreign telecommunications equipment. Compliance with both Part A (focused on procurement) and Part B (covering the contractor’s internal use) is essential to maintaining eligibility for government contracts.

At Price Reporter, we help GSA contractors navigate these complex regulations, providing expert guidance and tailored solutions to ensure compliance. With over 1,000 GSA contracts managed and 17+ years of experience, we are here to help you protect your federal business opportunities and grow successfully in the government sector. Contact us today for expert assistance.

FAQ: What Federal Contractors Need to Know About Section 889

What is the main purpose of Section 889 of the NDAA?

Section 889 was implemented to protect U.S. national security by prohibiting federal agencies from purchasing or using certain telecommunications equipment from foreign companies linked to potential cyber threats. The law aims to limit the risks associated with espionage and unauthorized access to sensitive government data. This regulation is particularly focused on equipment from companies with ties to the Chinese government, such as Huawei and ZTE.

Which companies are prohibited under Section 889?

Section 889 specifically bans the use of telecommunications equipment and services from companies such as Huawei Technologies, ZTE Corporation, Hytera Communications, Hangzhou Hikvision, and Dahua Technology. These companies have been identified as posing potential national security risks due to their connections to the Chinese government. Contractors must ensure that no products from these companies are included in their systems or services when working with the federal government.

What are the key differences between Part A and Part B of Section 889?

Part A of Section 889 prohibits federal agencies from procuring telecommunications equipment from restricted companies, while Part B expands the restriction to any contractor using such equipment in their operations. Part A focuses on direct government procurement, while Part B covers the contractor’s entire supply chain and internal operations. Both parts require contractors to certify compliance through a reasonable inquiry into their use of prohibited technologies.

What are the consequences for non-compliance with Section 889?

Non-compliance with Section 889 can result in severe consequences, including contract termination, financial penalties, and possible suspension or debarment from future government contracts. In some cases, contractors may face legal action if they knowingly violate the regulation. Moreover, non-compliance can harm a contractor’s reputation, making it difficult to secure future contracts with both government agencies and private businesses.

How can contractors ensure they comply with Section 889?

Contractors should conduct a thorough risk assessment of their supply chains to ensure no prohibited telecommunications equipment is being used. Regular audits, vendor certifications, and a compliance monitoring system can help contractors stay compliant. Additionally, partnering up with experienced GSA consultants like Price Reporter can provide contractors with expert guidance on navigating the complexities of Section 889 and avoiding compliance issues.

Also on pricereporter.com
Click to rate
[Total: 1 Average: 5]
Leave feedback

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.