Insights

On August 14, 2025, the Office of Federal Procurement Policy (OFPP) and the Federal Acquisition Regulatory Council (FAR Council) issued draft revisions to FAR Part 8 and FAR Part 12 (as well as to FAR Parts 4 and 40). These are the latest rewrites under the Revolutionary FAR Overhaul (RFO) initiative pursuant to Executive Order 14275, “Restoring Common Sense to Federal Procurement,” which we previously reported on here.

In this eighth alert in our weekly series on the EU Pharma Package, we continue our overview of initiatives with respect to security of supply and shortage prevention and mitigation. Our last alert looked at how the Pharma Package seeks to address these issues. However, the Pharma Package does not exist in isolation, and in this alert we will discuss the interplay between its measures and those contained in other important EU initiatives such as the proposed Critical Medicines Act (CMA), and the Medicinal Countermeasures Strategy and the EU Stockpiling Strategy.

A California Court of Appeal recently provided employers with a wage and hour victory and meal period guidance in Bradsbery v. Vicar Operating, Inc. As a matter of first impression, the Court held that upon hire, employees can prospectively waive all meal periods owed during any five-to-six-hour shifts they will work throughout the course of their employment. This decision provides helpful guidance for employers seeking to implement enforceable meal period waivers.

In the last few months, both Washington State and Pennsylvania enacted significant legislation addressing the malicious use of deepfakes—artificial intelligence-generated or manipulated media. These new laws reflect a growing national and state-level trend to regulate AI-generated content, especially when used to harm individuals or mislead the public.

On August 18, 2025, the Small Business Administration (SBA) published a notice of tribal consultation to be held in Michigan on September 17, 2025. In addition to seeking input from the Native American community on the management and operation of SBA’s Capital Access and Government Contracting and Business Development programs, SBA is focusing on the nonmanufacturer rule (NMR).

Automated vehicles (AVs) have received heightened attention from the automotive industry and regulators this summer when it comes to improving and expanding AV technology in the US. Here are some developments:

On August 11, 2025, the U.S. Department of Justice (“DOJ”) announced that it had unsealed an indictment against two Mexican businessmen for alleged violations of the Foreign Corrupt Practices Act (“FCPA”). DOJ asserts that the defendants, both Mexican nationals living in Texas, paid bribes to officials at Petróleos Mexicanos (“PEMEX”), and its subsidiary, PEMEX Exploración y Producción (“PEP”) to secure contracts worth an estimated $2.5 million. These charges come amidst a period of uncertainty regarding FCPA enforcement following the Trump administration’s temporary pause on FCPA enforcement and the subsequent issuance of new investigation and enforcement guidelines.

GAO’s recent sustain of the protest filed by emissary LLC provides valuable lessons for potential offerors with respect to organizational conflict of interest (OCI) mitigation plans (and their impact on technical approach), as well as their descriptions of key personnel qualifications.

In an effort to update and modernize the FDA’s regulation of sunscreen, Representative John Joyce (R-Ohio) and a group of bipartisan members of Congress introduced in June the Supporting Accessible, Flexible, and Effective Sunscreen (SAFE) Standards Act.  If enacted, the bill would establish a more flexible regulatory scheme at the FDA, decrease the cost in the approval process and expand the array of sunscreen available for purchase.

On 8 August, the UK Department for Science, Innovation & Technology (“DSIT”) published a report titled “Emerging technologies and their effect on cyber security” (the “Report”). It examines how the convergence of AI, IoT, Quantum, Edge Computing, Blockchain and other emerging technologies is transforming the cyber threat landscape. We’ve summarised below some of their key findings and takeaways. In the pursuit of growth and efficiencies many companies are considering how to adopt emerging technology into their operational processes, and the Report provides a useful guide as to emerging cyber risks and where the UK Government’s attention is focused as it launches the Cyber Resilience Bill later this year.

Earlier this year, we highlighted a notable Court of Federal Claims (CFC) decision recognizing that an energy savings performance contract (ESPC) contractor may be able to recover proposal preparation costs under the CFC’s bid protest jurisdiction. Now, in Siemens Government Technologies, Inc. v. United States, another CFC decision has reaches a similar conclusion and goes even further — also highlighting the potential to recover under the Court’s Contract Disputes Act (CDA) jurisdiction.  

On July 23, 2025, the Internal Revenue Service (“IRS”) issued interim guidance for Large Business & International Division (“LB&I”) audit procedure. The IRS announced three major changes: (1) the Acknowledgement of Facts Information Document Request (“AOF IDR”) will be eliminated; (2) Accelerated Issue Resolution (“AIR”) applies to Large Corporate Compliance (“LCC”) cases; and (3) the IRS must conduct additional review before denying a taxpayer’s request to participate in the Fast Track Settlement (“FTS”). These changes reflect the IRS’s continued push to make its examinations “more efficient and current.”

In this seventh alert in our weekly series on the Pharma Package, we will discuss the increasing focus on shortages of medicinal products in the EU and the prevention and mitigation measures as proposed by the European Commission, the European Parliament and the Council of the EU.

On 1 August 2025, the UK’s Arbitration Act 2025 (the “Act”) came into force. It applies to arbitrations and arbitration-related court proceedings commenced on or after that date and reinforces London’s status as a leading hub for international arbitration.

On August 5, 2025, Royal Sovereign International Inc. (Royal Sovereign), a defunct New Jersey importer of portable air conditioners, pled guilty to one count of willfully violating the Consumer Product Safety Act (CPSA) for its failure to report dangerous defects in portable air conditioners that had been linked to multiple fires and one death. The company also agreed to a civil settlement with the Department of Justice and the Consumer Product Safety Commission (CPSC) that included $395,786.48 in restitution to victims and a $16,025,000 civil penalty, which was suspended to $100,000 for inability to pay.

On 11 July 2025, the European Data Protection Supervisor, (“EDPS”), the independent supervisory authority, which oversees the processing of personal data by EU institutions, bodies, offices and agencies, (“EUIs”) confirmed that the European Commission, (“Commission”) has succeeded in bringing its use of Microsoft 365 within the requirements of applicable European data protection rules thanks to additional measures adopted by both the Commission and Microsoft.

On August 7, 2025, President Trump issued an Executive Order (EO) titled, “Improving Oversight of Federal Grantmaking,” setting out the framework for sweeping changes to the grantmaking process.  The order purports to address the Administration’s concerns about federal grants supporting controversial or ineffective programs and incurring excessive administrative costs.  The EO implements three key changes to federal grant requirements. 

On July 28, 2025, Cadence Design Systems Inc. (“Cadence” or “the Company”), a global electronic design automation (“EDA”) technology company based in San Jose, California, agreed to plead guilty in a settlement with the U.S. Department of Justice’s National Security Division (“NSD”) and the U.S. Attorney’s Office for the Northern District of California. Through its guilty plea, Cadence agreed to resolve charges that it committed criminal violations of export controls by selling EDA hardware, software, and semiconductor design intellectual property (“IP”) technology to the National University of Defense Technology (“NUDT”), a Chinese military university on the U.S. Entity List since 2015 due to its involvement in military and nuclear simulation activities. In addition, Cadence simultaneously resolved a civil enforcement action brought by the U.S. Department of Commerce, Bureau of Industry and Security (“BIS”) related to the same underlying conduct.

On August 7, 2025, the FAR Council issued a final rule amending FAR 52.204-7 to clarify that, effective immediately, an offeror’s failure to maintain continuous System for Award Management (SAM) registration between proposal submission and contract award does not render the offeror ineligible for award, so long as the offeror was registered in SAM at the time of proposal submission and is registered at the time of contract award. The final rule should address situations like TLS Joint Venture, LLC, B-422275, Apr. 1, 2024, 2024 CPD ¶ 74, where an offeror’s SAM registration lapsed for a single day between the proposal submission and award dates, and GAO found the offeror ineligible for award.

On July 24, 2025, President Trump signed an Executive Order titled “Saving College Sports” (the “Order”). The White House also released an accompanying Fact Sheet regarding the Order.