1. Home
  2. |Insights
  3. |New FAR Part 40 to Address Supply Chain and Information Security Requirements

New FAR Part 40 to Address Supply Chain and Information Security Requirements

Client Alert | 1 min read | 04.15.24

On April 1, 2024, the Department of Defense (DoD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) issued a final rule updating the Federal Acquisition Regulation (FAR) to add Part 40 on information security and supply chain security. This first action did not implement any new requirements; however, separate rulemakings will follow to relocate existing information security and supply chain security policies and procedures to the new Part 40. Additionally, new related regulations will be housed in Part 40. These actions suggest that the flow of information security and supply chain regulations is likely to continue unabated for at least the next few years.

As noted, Part 40 will consolidate the various information security and supply chain security regulations currently distributed throughout the FAR. It ultimately will include regulations concerning prohibitions, exclusions, supply chain risk information sharing, safeguarding information, and supply chain security requirements. For example, the Section 889 prohibition and policies would be placed in Part 40, as would provisions implementing Federal Acquisition Supply Chain Security Act exclusion and removal orders.

Supply chain and information risks that are not considered to be related to security, such as labor restrictions, climate risks, and human trafficking, will not be in Part 40 and will continue to be covered in other parts of the FAR.

Insights

Client Alert | 4 min read | 07.02.25

FTC Orders Divestitures in Retail Fuel Outlet Deal and Signals a Return to More Standard Remedy Discussions

Merger consent orders are back at the FTC, and the FTC’s most recent action showcases how the current leadership is analyzing divestiture proposals. Last week, the FTC approved a proposed consent agreement in Alimentation Couche-Tard Inc.’s (ACT) acquisition of retail fuel outlets from Giant Eagle, Inc. that paired standard retail divestitures with a “prior notice” requirement that ACT notify the agency of future acquisitions in certain markets regardless of size. This FTC has signaled greater acceptance of remedies than the prior administration, and this most recent consent puts that on display, with Commissioner Meador providing merging parties guidance on designing effective remedies....