Final Rule on Supply Chain Risk Fails to Provide Additional Guidance, Protection, or Relief from Uncertain Application
Client Alert | 1 min read | 11.02.15
On October 30, DoD published a final rule (a) requiring evaluation of supply chain risk when acquiring information technology that is either a covered National Security System ("NSS"), part of a covered NSS, or in support of a covered NSS; and (b) authorizing DoD to exclude primes or subs from a particular procurement if they fail to mitigate identified supply chain risks adequately. DoD made relatively modest changes to the 2013 interim rule (e.g., removing the flow-down requirement applicable to subs at any tier) but largely rejected industry input (e.g., declining to identify specific standards or controls to mitigate supply chain risk and declining to create a mechanism for challenging exclusion from a particular source selection).
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 4 min read | 11.18.25
DOJ Announces Major Enforcement Actions Targeting North Korean Remote IT Worker Schemes
On November 14, 2025, the U.S. Department of Justice (DOJ) announced a sweeping series of enforcement actions, including four guilty pleas and more than $15 million in civil forfeitures against the Democratic People’s Republic of Korea (DPRK or North Korea) for remote information technology (IT) worker schemes. These actions underscore the federal government’s escalating focus on the exposure of U.S. companies to North Korean IT worker infiltration, following a series of U.S. Government action against the DPRK.
Client Alert | 6 min read | 11.18.25
Client Alert | 2 min read | 11.14.25
Client Alert | 6 min read | 11.14.25
Microplastics Update: Regulatory and Litigation Developments in 2025
