The Department of Defense (DOD) has issued a new instruction that establishes internal DOD policies for detecting, avoiding, and remediating counterfeit parts in the DOD supply chain, and allocates responsibility among various DOD offices and functions for administering or developing those counterfeit prevention policies. Department of Defense Instruction (DODI) 4140.67, titled “DoD Counterfeit Prevention Policy,” was issued on April 26, 2013, and it represents the next — but far from the final — step in the federal government’s efforts to deal with the epidemic of counterfeit parts that led to the inclusion of a provision specifically targeted at counterfeit electronic parts in the fiscal year 2012 National Defense Authorization Act (NDAA). That statutory provision — Section 818 of the 2012 NDAA — requires DOD to adopt regulations that would impose far-reaching counterfeit prevention obligations on defense contractors, including provisions that would describe how contractors are to establish or validate so-called “trusted suppliers.”
While those Section 818 implementing regulations were due in September 2012, DOD has yet to issue them, reflecting in part the complexity of the underlying issues and the need to consider the impact on the defense supply chain of imposing sweeping new counterfeit prevention obligations. According to a recent update on the status of pending DOD regulations, DOD’s draft Section 818 regulations received final internal approval on May 3, 2013 and are being prepared for publication in the Federal Register — meaning they should be forthcoming soon. In the meantime, DODI 4140.67, while short on specifics, provides some valuable insight into the likely contours of those Section 818 regulations by providing DOD’s perspective on contractors’ role in implementing DOD’s counterfeit prevention policy.
DODI 4140.67 supersedes and replaces the March 16, 2012 memorandum titled “Overarching DoD Counterfeit Prevention Guidance,” issued by Frank Kendall, Under Secretary of Defense for Acquisition, Technology, and Logistics (Kendall Memorandum). The Kendall Memorandum had represented DOD’s initial effort at meeting its obligation under Section 818 to issue internal DOD guidance on counterfeit parts prevention policies and procedures. DODI 4140.67 builds upon many of the same concepts introduced in the Kendall Memorandum, such as addressing “counterfeit materiel” broadly (as opposed to Section 818’s limited focus on only “counterfeit electronic parts”), and promoting the use of the Government-Industry Data Exchange Program (GIDEP) as the mechanism for both DOD and industry to use to report known or suspected instances of counterfeiting.
A full copy of DODI 4140.67 is available here. Key provisions of the instruction for defense contractors and subcontractors include the following:
- Definitions of “counterfeit” and “suspect counterfeit.” The first step in formulating a counterfeit detection and prevention system is determining how to define an item as counterfeit. DODI 4140.67 defines the term “counterfeit materiel” as “an item that is an unauthorized copy or substitute that has been identified, marked, or altered by a source other than the item’s legally authorized source, and has been misrepresented to be an authorized item of the legally authorized source.” The instruction also includes a definition of “suspect counterfeit” materiel — an important concept given that steps must be taken to isolate and prevent introduction of parts that are suspected of being counterfeit even while efforts are ongoing to confirm their status as counterfeit. A suspect counterfeit item, materiel, or product is one “in which there is an indication by visual inspection, testing, or other information that it may meet the definition of counterfeit materiel.”
- Definition of “authentic materiel.” The instruction also includes a definition of “authentic materiel,” in contrast to counterfeit materiel. Authentic materiel is “made from the proper materials using the proper processes with required testing.” Interestingly, while the definition of counterfeit materiel discusses actions taken by other than an item’s “legally authorized source,” the definition of authentic materiel says nothing about the processes needing to have been performed by an authorized source.
- Counterfeit prevention policies encompass all parts, not just electronic parts, and include software and information technology. While Section 818 focused on counterfeit electronic parts, an area in which counterfeiting problems have been particularly acute, DOD is not limiting its counterfeit prevention policies to electronic items and, in fact, does not even single out electronic parts explicitly for heightened counterfeit prevention or detection policies. The instruction refers to policies for the prevention of “counterfeit materiel,” and “materiel,” for purposes of the instruction, includes “software” and “information and communications technology,” in addition to tangible items, such as components, sub-components, and equipment.
- Absence of reference to “covered contractors.” In describing DOD’s obligation to devise and implement “a program to enhance contractor detention and avoidance of counterfeit electronic parts,” Section 818 referred to the program as imposing obligations on covered contractors. Section 818 defined the term “covered contractor” as having the same meaning as in the provision of the fiscal year 2011 NDAA governing contractor business systems, which defined a covered contractor as a contractor subject to the cost accounting standards (CAS) under section 26 of the Office of Federal Procurement Policy Act (41 U.S.C. § 422). That definition does not distinguish between contractors who are subject to full or partial CAS coverage, meaning that a contractor subject even to partial CAS coverage would be deemed to be a covered contractor. Yet the term covered contractor is conspicuously absent from DODI 4140.67. Is its absence merely a byproduct of DOD’s intent that the instruction be a high-level and largely inward-looking document establishing internal DOD responsibilities and policy aspirations without dwelling on the “nuts and bolts” of how the anti-counterfeiting policies will be applied to contractors? Or does it instead indicate that DOD has decided to impose its anti-counterfeiting requirements more broadly, on all contractors, not just covered contractors? The Section 818 regulations, when published, will provide the answer. It would not be surprising, however, if DOD viewed the need for covered contractors to flow the enhanced counterfeit avoidance procedures down throughout their supply bases as diminishing the significance of the covered/non-covered contractor distinction. Contractors required to comply with stricter anti-counterfeiting procedures and facing potentially open-ended liability for counterfeit parts discovered in their products will flow the enhanced anti-counterfeiting requirements down to their own suppliers. As those flowed-down obligations ripple through the defense supply chain, the burdens will reach companies that are not themselves subject to CAS coverage — meaning that, as a practical matter, the anti-counterfeiting requirements will impact both covered and non-covered contractors.
- Stated goal of avoiding “DOD-unique” counterfeit prevention procedures. One of the policies articulated in DODI 4140.67 is DOD’s goal of “avoid[ing] establishing DoD-unique anti-counterfeiting procedures.” This is a worthy — and arguably even necessary — goal if DOD does not want to risk driving vendors who offer commercial items out of the DOD supply chain, but the instruction does not make clear exactly how DOD intends to avoid DOD-unique procedures. This statement could indicate that DOD will seek to coordinate its anti-counterfeiting procedures with those used by other government agencies, or that DOD will seek to ensure that its counterfeit prevention procedures mirror those used in the commercial sector. The latter approach raises questions about what “commercial” standards DOD would adopt, as the type of anti-counterfeiting procedures necessary varies by industry and there are different anti-counterfeiting standards issued by a number of commercial entities.
- DOD intention to issue “standardized guidelines” for contractors to use in their quality systems to detect and avoid counterfeit parts. The instruction charges the Under Secretary of Defense for Acquisition, Technology, and Logistics with “identif[ying] and establish[ing] standardized guidelines for contractors to employ in their processes for the detection and avoidance of counterfeit materiel into the DoD supply chain.” The adoption of standardized guidelines for contractor counterfeit detection and prevention processes suggests that the Defense Contract Management Agency (DCMA) will inspect or audit contractor compliance with those guidelines as part of its assessment of the adequacy of contractor purchasing and quality systems.
- DOD intention to establish counterfeit-related “qualification criteria” for suppliers. Section 818 of the 2012 NDAA charged DOD with issuing regulations that would “establish qualification requirements” that DOD could use to “identify trusted suppliers that have appropriate policies and procedures in place to detect and avoid counterfeit electronic parts and suspect counterfeit electronic parts.” DODI 4140.67 indicates that “technical anti-counterfeit qualification criteria for suppliers” will be developed through collaboration between DOD Components and the Assistant Secretary of Defense for Research and Engineering. Given the instruction’s focus on “materiel” broadly, it appears likely that DOD will adopt technical anti-counterfeit qualification criteria for suppliers of all types of materiel, not just electronic parts.
- DOD will use GIDEP as the system for reporting suspect and confirmed counterfeit materiel.
- Emphasis on restitution for discovery of counterfeit parts in delivered items. DODI 4140.67 establishes it as official DOD policy to “[s]eek restitution when cases are confirmed” and to obtain remedies under existing DOD instructions regarding fraud or under Part 46 of the Federal Acquisition Regulation (FAR) regarding Quality Assurance. This policy could pose issues to contractors that delivered products before the problem of counterfeiting gained its current notoriety and before DOD’s adoption of enhanced contractor requirements for counterfeit prevention. Will those contractors be held to the same standards as contractors who will deliver items produced under the enhanced anti-counterfeiting procedures required by Section 818? Are products that are “out of warranty” now subject to rework/replacement if a counterfeit part is discovered? The instruction does not provide the parameters of DOD’s expectations for “restitution,” but does signal that DOD is likely to be aggressive in pursuing financial remedies when counterfeit parts are discovered, no matter how long after delivery.
- “Risk-based approach” to DOD’s internal counterfeit prevention policies. DODI 4140.67 establishes it as official DOD policy to “[e]mploy a risk-based approach to reduce the frequency and impact of counterfeit materiel within DoD acquisition systems and DoD life-cycle sustainment processes.” The instruction defines the concept of a risk-based approach as signifying an “analytical strategy to focus attention on areas or applications where failure will produce higher severity of consequences and trigger impacts to the overall mission objectives and human safety.” That DOD would espouse a risk-based approach in its internal guidance is not surprising, given that Section 818 directed DOD to “implement a risk-based approach” to minimize the impact of counterfeit electronic parts on DOD. What remains to be seen, however, is whether DOD will maintain this sensible risk-based approach when establishing anti-counterfeiting requirements for contractors. Section 818 directed DOD to implement an anti-counterfeiting program for contractors that would require contractors “to eliminate counterfeit electronic parts from the defense supply chain” — a choice of words that could be interpreted as eschewing a risk-based approach in favor of an “elimination of all counterfeits, no matter the cost or impact” approach. DODI 4140.67 at least appears to recognize that a sound anti-counterfeiting policy requires an analysis of the cost/benefit tradeoffs involved, by directing DOD Component Heads to “implement anti-counterfeiting measures, strategies, plans, and programs that balance the risks caused by [critical materiel and materiel determined to be susceptible to counterfeiting] with the impact to readiness and cost of the measures.”
As discussed above, for contractors and suppliers anxiously awaiting the Section 818 regulations that will define their own obligations for counterfeit part detection and prevention, DODI 4140.67 is short on specifics as to how DOD’s internal anti-counterfeiting policies will impact contractors directly. As the summer movie season kicks into gear, perhaps an apt analogy would be to describe DODI 4140.67 as a movie trailer, with the Section 818 regulations representing the blockbuster movie yet to be released in theaters. Just as a movie trailer provides a “sneak peek” of the movie itself, so too does DODI 4140.67 provide a glimpse into DOD’s thinking on the subject of counterfeit parts prevention, thinking that no doubt animated DOD’s development of the soon-to-be-published Section 818 regulations that will establish contractors’ own anti-counterfeiting obligations.
Based on DODI 4140.67, contractors should expect the upcoming Section 818 counterfeit parts regulations to:
- Address “counterfeit materiel” broadly, rather than being limited to the “counterfeit electronic parts” specifically addressed in Section 818. While electronic parts remain a particular risk area for counterfeiting, DODI 4140.67 encompasses counterfeit parts of all types and does not single out electronic parts for particular emphasis or special treatment. That approach suggests that DOD is viewing the Section 818 regulations as an opportunity to address counterfeit parts generally, rather than limiting itself to the express “counterfeit electronic parts” mandate of Section 818.
- Impose stricter requirements for counterfeit prevention and detection on “critical” items. The instruction references “critical item traceability,” indicating that DOD will require items designated as both “critical” and “susceptible to counterfeiting” to be traceable back to the original manufacturer through use of a unique item identifier (UII). The instruction refers to the level of traceability sought as “authoritative life-cycle traceability and authentication.”
- Require contractors to report all occurrences of suspect or confirmed counterfeit parts in GIDEP. Whether the regulations will designate an alternative reporting channel remains to be seen, as GIDEP is the only specific resource that has been cited in the internal DOD guidance issued to date. An alternative reporting mechanism may well prove necessary, at least in the short term, as membership in GIDEP is currently limited to U.S. or Canadian companies, meaning that suppliers based outside the United States and Canada would be unable to use GIDEP either (i) to report the discovery of counterfeit parts themselves, or (ii) to monitor reports of counterfeit parts discovered by other defense suppliers. The instruction appears to recognize these existing limitations in GIDEP by charging the Assistant Secretary for Research and Engineering with determining and implementing “enhancements to GIDEP to expand its usefulness and robustness in anit-counterfeiting efforts in the DoD global supply chain.”