Each year, the U.S. government invests hundreds of millions of dollars in research and development initiatives, impacting virtually all industry sectors of the U.S. economy. Most of that investment is funded by the Department of Defense (DOD), National Institutes of Health, Department of Energy and other agencies through grants, cooperative agreements and procurement contracts awarded to companies, universities, hospitals and nonprofit entities (collectively, recipients). In turn, recipients rely on the technical resources of other market participants, such as subcontractors, consultants and vendors, as well as hospitals and laboratories, to provide manufacturing, research, clinical studies, support and fill/finish operations, among other things.

Compliance Requirements

Regardless of the specific form of funding agreement, any time the U.S. government underwrites all or part of the cost of R&D, there are many conditions that attach to the award and performance of the agreement, and recipients learn early on that they are subject to a plethora of compliance requirements. They also learn that they are required by the terms of their funding agreements to flow-down much of that compliance burden to their subcontractors. In turn, however, subcontractors are often surprised to learn during performance that they have accepted or are otherwise subject to many of the same federal compliance requirements imposed on the original funding recipient.

Companies that are most often involved in commercially funded medical research activities are especially at risk of hidden compliance requirements when they are involved, to a lesser extent, in federally funded research activities. And for those subcontractors that are not located in the United States, the compliance analysis can be further complicated, depending on where their work is actually performed (in the United States, at a government facility located overseas or at a nongovernmental overseas facility). The longer performance progresses without subcontractor awareness of their compliance obligations, the greater the risk that the subcontractor will not be able to cure any material noncompliance, which could have a significant adverse impact on their entitlement to payment.

Each federal funding agreement includes myriad clauses dealing with such things as intellectual property (invention disclosures and title elections, patent and licensing obligations, data rights); cost accounting (allowable costs, audit rights, close-out obligations); cybersecurity and data privacy; subcontracting; property acquisition and management; and many others. Procurement contracts will be subject to the Federal Acquisition Regulation (FAR) and, depending on the funding agency, may also be subject to the DOD FAR Supplement (DFARS) or other agency supplements to the FAR.

Grants and cooperative agreements that are categorized as “non-procurement” agreements will be subject to agency-specific rules, regulations and contract clauses applicable to those types of agreements. Many of these requirements may be embedded in an easy-to-overlook hyperlink tucked into the award document. When subcontractors agree to comply with all applicable federal, state and local laws — a seemingly innocuous provision — they may be signing up to a federal compliance burden that they are ill-prepared to take on.


One straightforward and reliable approach to identifying these potentially hidden compliance risks is to ask your customer who their customer is or who the ultimate customer is — and who is ultimately funding your proposed activities. If the federal government is funding any part of the project, it is a virtual certainty that the recipient will be subject to regulatory compliance under the terms of the funding agreement and will be required to flow-down to its lower-tier recipients and subcontractors much of that same compliance burden. From the outset, it is highly advisable to know — before you sign your agreement — who is in the chain of customers and who is ultimately paying for the project.