Final Rule on Supply Chain Risk Fails to Provide Additional Guidance, Protection, or Relief from Uncertain Application
Client Alert | 1 min read | 11.02.15
On October 30, DoD published a final rule (a) requiring evaluation of supply chain risk when acquiring information technology that is either a covered National Security System ("NSS"), part of a covered NSS, or in support of a covered NSS; and (b) authorizing DoD to exclude primes or subs from a particular procurement if they fail to mitigate identified supply chain risks adequately. DoD made relatively modest changes to the 2013 interim rule (e.g., removing the flow-down requirement applicable to subs at any tier) but largely rejected industry input (e.g., declining to identify specific standards or controls to mitigate supply chain risk and declining to create a mechanism for challenging exclusion from a particular source selection).
Contacts

Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 6 min read | 11.19.25
The facts before the Third Circuit in the recently decided case of Patel v. United States illustrate how parties can put themselves in a bind if they make factual admissions when resolving a criminal case involving fraud on the government while not simultaneously resolving the government’s civil claims under the False Claims Act (FCA) for the same underlying conduct.
Client Alert | 4 min read | 11.18.25
DOJ Announces Major Enforcement Actions Targeting North Korean Remote IT Worker Schemes
Client Alert | 6 min read | 11.18.25
Client Alert | 2 min read | 11.14.25

