A new proposed Federal Acquisition Regulation (FAR) rule issued on January 22, 2016, seeks to ensure that employees and subcontractors are not restricted from lawfully reporting fraud, waste, or abuse to federal authorities and would impose a representation that contractors must provide to be eligible for contract award.  Also, as discussed in this advisory, there is experience with a similar restriction outside the FAR which contractors may want to consider in connection with their compliance programs.  Interested parties should submit written comments to the Regulatory Secretariat on or before March 22, 2016 to be considered in the formation of the final rule.

Why This Proposed Rule?

This proposed FAR rule seeks to implement Section 743 of Division E, Title VII of the Consolidated and Further Continuing Appropriations Act of 2015 (Pub. L. 113-235).  Section 743 prohibits the use of appropriated funds for a contract, grant, or cooperative agreement with an entity that requires its employees or subcontractors “seeking to report fraud, waste, or abuse to sign internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or contractors from lawfully reporting such waste, fraud, or abuse to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information.”  The goal of Section 743 is to prevent possible use of internal confidentiality agreements to stifle whistleblowers.

Represent or Be Ineligible for Award

The proposed rule requires a contractor to represent that it does not require employees or subcontractors to sign internal confidentiality agreements or statements that prohibit or otherwise restrict such employees or subcontractors from lawfully reporting waste, fraud, or abuse to a designated and authorized federal investigative or law enforcement agency.  Failure to do this renders a contractor ineligible for award of a federal contract.  In addition, the proposed rule requires contractors to affirmatively inform their employees and subcontractors that the prohibitions of any previously signed internal confidentiality agreements covered by the proposed regulations are no longer in effect.

The proposed FAR rule has a broad reach.  DoD, GSA, and NASA are proposing to apply it to all solicitations and resultant contracts that are funded with FY 2015 funds or subsequent FY funds that are subject to the same prohibition on confidentiality agreements.  It would even apply to contracts and subcontracts for acquisitions below the simplified acquisition threshold – as well as to contracts and subcontracts for the acquisition of commercial items (including commercially available off-the-shelf items).  The announcement in The Federal Registerjustifies this broad reach by noting that it is not in the Government’s best interest to waive applicability of the proposed rule to those contracts and subcontracts, since that would exclude a significant number of acquisitions and thereby limit the “benefits” of this proposed rule.

This proposed rule does not apply to Standard Form 312 (Classified Information Nondisclosure Agreement) or Standard Form 4414 (Sensitive Compartmented Information Nondisclosure Agreement) or any other form issued by a Federal department or agency governing the nondisclosure of classified information.

Similar Requirements Exist Outside the FAR

Regulatory limitations like that in the proposed FAR rule are not limited to Government contracts.  The Securities and Exchange Commission (SEC) has a similar regulation and, on April 1, 2015, the SEC announced its first enforcement action against a company for allegedly including improperly restrictive language in a confidentiality statement presented to employees during internal investigations.  There, the SEC asserted that KBR, Inc. violated SEC Rule 21F-17, promulgated under the whistleblower provisions of the Dodd-Frank Act, which states that "[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement. . . with respect to such communications."   Without admitting SEC’s allegations, KBR agreed to pay a $130,000 civil penalty and to take other remedial actions to resolve the matter.  The SEC’s administrative order is available here.

According to the administrative order, KBR had been using a form confidentiality statement when conducting certain internal investigations as part of its compliance program related to federal securities laws.  The SEC enforcement action challenged KBR’s use of this form confidentiality statement because it included a warning that employees could face disciplinary action, up to and including termination, if they discussed the subject matter or particulars of the interview without the prior approval of KBR’s legal department.  See.  However, the SEC’s administrative order resolving the matter also states that it was unaware of any instances where KBR actually prevented an employee from communicating directly with the SEC or any instances where KBR took action to enforce confidentiality or otherwise prevent such communications.  Nonetheless, the SEC believed that the language in the KBR form confidentiality statement undermined the purpose of SEC Section 21F and Rule 21F-17(a), which is to “encourage individuals to report [possible securities law violations] to the Commission.”  

As part of this settlement, KBR agreed to amend the confidentiality statement to provide that it did not prohibit an employee from reporting violations of federal law to the Government or require them to tell the company that they had made such a disclosure or report.  Id.  The SEC’s Chief of Office of the Whistleblower said that “[o]ther employers should similarly review and amend existing and historical agreements that in word or effect stop their employees from reporting potential violations to the SEC.”  The SEC press release is available here.

Intersection of the Proposed Rule and Contractor Compliance Programs and FAR 52.203-13

Government contractors have considerable experience with compliance programs including FAR provisions regarding internal reporting of improper conduct.  The development of those programs can be traced back to the Defense Industry Initiative in 1986 and today many are grounded in FAR 52.203-13’s “Contractor Code of Business Ethics and Conduct.”  This FAR clause provides for standards and procedures to facilitate timely discovery of improper conduct by contractors in connection with federal contracts, and includes provisions calling for an internal reporting mechanism, such as a hotline that allows for anonymity or confidentiality, through which employees may report suspected instances of improper conduct, as well as for instructions that encourage employees to make such reports.  Contractor internal control programs can also provide for internal investigations of employee (or subcontractor) reports of potential misconduct and, where there is credible evidence of violations of certain enumerated federal laws, for making a disclosure to the appropriate agency Inspector General.

In this context, it is far from clear that another regulation is necessary.  In addition to contractor compliance programs, federal law already extends certain protections to whistleblowers in the procurement context, the FAR and agency supplements impose certain requirements for informing contractor employees of such protections, and some agencies still expect the “prominent” display of fraud and other “hotline” posters for direct reporting to appropriate agencies.  Further, the type of confidentiality agreement targeted by this regulation – one that “prohibits” employees or subcontractors from “lawfully reporting” waste, fraud, or abuse to authorized Government authorities – could also be subject to challenge as contrary to public policy. 

Nonetheless, government contractors may wish to consider KBR’s experience at the SEC.  There, the form at issue stated that its purpose was to “protect the integrity of this review” – a purpose that reflects an understandable desire to avoid, for example, water cooler gossip about a pending internal investigation.  The SEC, however, had concerns that the form went too far and could silence potential whistleblowers.  As a result, contractors may wish to consider SEC’s guidance above – to review and amend confidentiality agreements used in their government contracting compliance programs that “in word or effect” could be construed as “prohibiting” the lawful reporting of waste, fraud, or abuse to the Government.