1. Home
  2. |Insights
  3. |New SF-328 Released and Embedded Guidance Seeks More Information Up Front

New SF-328 Released and Embedded Guidance Seeks More Information Up Front

Client Alert | 26 min read | 05.16.25

On May 12, 2025, the Defense Counterintelligence and Security Agency (DCSA) released a new SF-328[1] consisting of 9 questions and 6 pages of instructions that detail the types of supporting documentation requested and identify information required by different responding entities (e.g., corporate, non-profit, academic, etc.). With this SF-328, DCSA is seeking certain frequently requested information and documents with initial SF-328 submissions rather than obtaining these documents through communications or revised SF-328 submissions. Additionally, when completed, the new SF-328 is considered Controlled Unclassified Information (CUI).

The form now consists of 9 questions rather than 10 as shown below[2]:

May 2025 SF-328

November 2018 SF-328


The new SF-328 expressly states that the form is authorized for use in the National Industrial Security Program, to carry out Section 847 of the 2020 NDAA[3], the DoD Enhanced Security Program, the DoD Small Business Innovation Research and Small Business Technology Transfer (SBIR/STTR) programs, and the DoD Cybersecurity Maturity Model Certification (CMMC) program. The form also acknowledges that applicable Freedom of Information Act (FOIA) exemptions will be invoked by the government to withhold the document from public disclosure when submitted by an entity in confidence and properly marked.

Key Takeaways

Cleared entities and entities that otherwise are required to submit SF-328s should consider:

  • reviewing the new SF-328 to evaluate whether the company or entity has undergone changes requiring reporting under the new form and guidance; and
  • beginning updates to SF-328s or initial preparations of SF-328s early, including identifying all company or entity stakeholders under the new SF-328 guidance.

Crowell is available to support preparation of the new SF-328 and related filings and further discuss questions concerning the new form.

[1] Most browsers will show an error page when opening the SF-328 link within an internet browser window. If that occurs, we recommend that you download/save the SF-328 PDF (at the error page) and then open the downloaded PDF file from your desktop (not your browser) to view the form.

[2] The 2018 form question 8 regarding nominee shares is now subsumed by the supplemental information requested in the instructions under question 1 of the 2025 form.

[3] See also Crowell & Moring, New SF-328 for Foreign Ownership, Control, and Influence Assessments Approved, Publication Imminent; Crowell & Moring, Why Should They Have All the Fun? DoD Instruction Expands DCSA’s FOCI Reach Beyond Cleared Contractors.

Insights

Client Alert | 2 min read | 06.06.25

USPTO Director Clarifies Burden on IPR Petitioners Relying on Prior Art Cited During Prosecution

Acting USPTO Director Coke Morgan Stewart recently issued a Director Review decision on May 19, 2025, in Ecto World, LLC v. RAI Strategic Holdings, Inc, IPR2024-01280, Paper 13 (PTAB May 19, 2025), that was subsequently designated as precedential by the Patent Trial and Appeal Board (PTAB). The decision seeks to eliminate inconsistencies amongst PTAB panels in using its discretion to deny institution under 35 U.S.C. § 325(d). ...