Each year, Congress presents us in Title VIII of the National Defense Authorization Act (NDAA) a potpourri of procurement reforms, changes, and additions. Some are effective immediately, while some are bound for rulemaking and regulation and surface years from enactment. Some require analyses, reports, and studies which have no immediate impact but provide a roadmap that can and should be used by government contractors in their business planning. Finally, some provisions of the NDAAs just wither away and have no impact whatsoever. Nineteen days before the Trump Administration ended, the US Senate followed the US House of Representatives in overriding the President’s veto of the William (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (H.R. 6395) (FY2021 NDAA), making it law on January 1, 2021. Happy new year! As for its Title VIII, the FY2021 NDAA is no different from its predecessors in its procurement potpourri. Here’s a tour of key provisions you oughta know.

  1. Cost or Pricing Reporting Requirements for DoD Contracts – The $2 Million Threshold Gets Codified.

Section 814 of the FY2021 NDAA adopts the Federal Acquisition Regulation (FAR) Department of Defense (DoD) Class Deviation, first effective on July 1, 2018, increasing thresholds from $750,000 to $2 million for providing cost or pricing information and an accompanying certificate as to its accuracy and completeness under the Truthful Cost or Pricing Data statute (41 U.S.C. ch. 35) (still widely called the “TINA” statute—why would they ever change TINA to TCPD?). The section clears up ambiguities with regard to dollar thresholds for various types of contract actions and effective dates by providing that the $2 million threshold applies to all prime contracts entered into on or after July 1, 2018, and for all subcontracts entered into and modifications made to either the prime or subcontract on or after July 1, 2018, irrespective of the date of the prime contract award.

  1. Small Business Contractor Reforms – Congress Continues Its Attempts to Make It Easier for Small Businesses to Do Business with the Government.

Prompt Payment Act Reform. Section 815 of the FY2021 NDAA removes the option of DoD entering into an agreement with a small business for payment beyond the 15-day accelerated payment requirement under 10 U.S.C. § 2307, allowing no wiggle room for extending payments.

Shifting Certification of Veteran-Owned Businesses to the SBA. Section 862 of the FY2021 NDAA transfers responsibility for verifying Veteran-Owned Small Business status and Service-Disabled Veteran-Owned Small Business (SDVOSB) status from the Department of Veterans Affairs (VA) to the Small Business Administration (SBA). The current system of self-certification for SDVOSBs will be phased out over most likely a period of two years in favor of formal certifications by the SBA itself.

Extending the Look-Back Period for Employee-Based Small Business Size Standards. In determining size standard requirements for small businesses based on the number of employees, Section 863 of the FY2021 NDAA extends the look-back period at the time of self-certification from 12 months to 24 months. For purposes of determining whether a business qualifies as a small business when its North American Industry Classification System (NAICS) Code is assigned a number of employees standard by the SBA, businesses may now look at the average number of employees over the preceding 24 months instead of 12 months (amending 15 U.S.C. § 632(a)(2)(C)(ii)(I)). This provision becomes effective January 1, 2022.

Allowing Use of JV and Subcontractor Past Performance Data. Section 868 of the FY2021 NDAA widens the activities engaged in by a small business competing for an award that can be reviewed for evaluating past performance to include past performance of joint ventures of which it was a member. Section 868 also requires a prime contractor to provide a “record of past performance” to a first-tier subcontractor, upon request, and gives the small business the option of submitting it to a contracting officer evaluating it for a prime award. This exponentially increases the availability of past performance data that a contracting officer may examine in evaluating a small business under a best-value FAR Part 15 procurement. Section 868 gives the SBA four months to promulgate implementing regulations. It is expected that the form of the “record of past performance” will be the subject of intense debate during this rulemaking period.

Extension of 8(a) Term. Section 869 of the FY2021 NDAA is directed to participants in the Minority Small Business and Capital Development Program under Section 8(a) of the Small Business Act (8(a) program). It allows any 8(a) program participant (as of September 9, 2020) to extend its participation in the program for an additional year, subject to new regulations which must be enacted by January 16, 2021. This reform is in specific response to the COVID-19 pandemic. Those new regulations were in fact promulgated on January 13, 2021, and can be found here.

  1. Reforming Commercial Item Determinations.

In the FY2021 NDAA, Congress continues to build on prior language protecting suppliers of commercial items (now divided into commercial products and services), and ensuring uniformity in commercial item determinations. Section 816 of the FY2021 NDAA encourages DoD contracting officers to seek support from the Defense Contract Management Association (DCMA), the Defense Contract Audit Association (DCAA), “or other appropriate experts in the Department” in making a determination as to whether a product or service is a commercial product or service. This is consistent with a trend seen in earlier NDAAs and policy guidance which recognizes and acknowledges complaints by the contracting community that many contracting officers either lack the experience or access to centralized data resources, resulting in inconsistent commercial item determinations and/or unnecessary demands on contractors to supply cost or pricing data when it is not required. Although referral and reliance to a centralized source within DCAA and DCMA is not a new concept, Section 816 expands the pool of centralized sources, instructing contracting officers to consider the views of “appropriate public and private sector entities.” This is a clear invitation to third-party trade associations to contribute guidance on the commercial item status of the products and services of their members—one they should willingly take on.

Finally, Section 816 requires contracting officers to prepare a memorandum within 30 days of award summarizing his or her determination as to whether a product or service is a commercial item. The writing presumably can and will be used as a resource for future determinations.

  1. Augmenting Domestic Preference Restrictions – The Continued Push for Domestic Sourcing, Especially of “Critical,” “Strategic,” and “High Priority” Raw Materials and Goods.

Lowering the Threshold for Domestic Sourcing of Berry Amendment Products. Section 817 of the FY2021 NDAA modifies the Berry Amendment (10 U.S.C. § 2533a) reducing the threshold for applicability from the current simplified acquisition threshold ($250,000) to $150,000. The Berry Amendment requires certain “covered items”—primarily food; clothing, tents, and other fabric products; tools; and flatware and dinnerware—when acquired by DoD, to be grown or produced in the United States. The provision is subject to inflation adjustments every five years.

Targeting the Domestic Sourcing of Strategic and Critical Materials. Section 848 of the FY2021 NDAA requires DoD to acquire strategic and critical materials, a term derived from The Strategic and Critical Materials Stockpiling Act (50 U.S.C. § 98 et seq., first enacted in 1939), required to meet the defense, industrial, and essential civilian needs of the US, using an order of preference which looks first to sources located within the United States and then to sources within the “national technology and industrial base” defined by 10 U.S.C. § 2500 to include the United Kingdom, Australia, and Canada, before looking to other appropriate sources. Section 851 requires by March 1, 2021, less than two months from now, a report to Congress by the Secretary of Defense identifying what it considers to be strategic and critical materials used by DoD, the sources for such materials, and gaps, risks, and vulnerabilities in the supply chain of such materials.

Section 848 instructs the Secretary of Defense to expand the National Defense Stockpile and use Defense Production Act (50 U.S.C. § 4531 et seq.) (DPA) authority and other appropriate methods to fully meet the demands of the domestic industrial base and eliminate dependence on vulnerable sources of both the supply of strategic and critical materials and the processing or manufacturing of such materials essential to national security by January 1, 2035. The Secretary is instructed to provide incentives for the defense industrial base to develop robust processing and manufacturing capabilities in the US to refine strategic and critical materials for DoD purposes and maintain secure sources of supply in the event international supply chains are disrupted. It remains to be seen what form those incentives will take.

Targeting the Domestic Sourcing and Increase in Domestic Production of “High Priority” Goods and Services. Section 849 of the FY2021 NDAA obligates the Secretary of Defense to engage in actions to require procurement from the US and close allies, and devote resources (through R&D and procurement activities) to expand domestic production capacity and diversify domestic suppliers of certain “high priority” goods and services. Such goods and services are defined as (1) goods and services for which a waiver, exception, or determination of domestic non-availability determination has been applied under the existing domestic preference statutes and regulations; and (2) the following specific products and materials: electronic components including printed circuit boards, pharmaceuticals, medical devices, therapeutics, vaccines, diagnostic medical equipment and consumables, ventilators, PPE, strategic and critical materials, graphite, coal-based rayon carbon fibers, and aluminum and aluminum alloys. The Secretary must report his initial actions and findings to Congress within a year (January 15, 2022). With regard to aluminum (currently not considered a “specialty metal” under the Specialty Metals prohibitions in 10 U.S.C. §2533b), Section 852 requires a specific report to Congress, due March 22, 2022, on how the DPA could be used to increase domestic aluminum refining, processing, and manufacturing.

  1. Securing the Defense Industrial Base – Protecting the DIB from Subversive Acts by Rogue Countries, Foreign Influence, and Bad Actors.

Source Restrictions on the New Axis of Evil – China, Russia, Iran, and North Korea. Section 841 of the FY2021 NDAA amends 10 U.S.C. § 2533c, effective January 1, 2023, restricting the acquisition of printed circuit boards (any partially manufactured or complete bare printed circuit board or fully or partially assembled printed circuit board that performs a mission critical function in any product or service that is not a commercial product or commercial service) from China, Russia, Iran, and North Korea above the micro-purchase threshold that perform “mission critical” functions in any product or service that is not a commercial item. Section 844 modifies 10 U.S.C. § 2533c, prohibiting the acquisition of certain sensitive materials, such as tantalum metals and alloys melted and produced in China, Russia, Iran, and North Korea, to extend the scope of prohibition on the acquisition of such materials “to those materials “mined, refined, [or] separated” in those countries, effective January 1, 2026.

Widening the Examination of Foreign Ownership of Prime and Subcontractors to Mitigate Risks and Influence Under Classified Contracts. Section 847 of the FY2020 NDAA expanded the foreign influence disclosure requirements under 10 U.S.C. § 2509 and the National Industrial Security Program Operating Manual (DoD 5220.22-M) (NISPOM). The prior NDAA required contractors seeking classified security clearances to disclose to the Defense Counterintelligence and Security Agency (DCSA) (still widely called DSS—why would they ever change DSS to DCSA?) all foreign owners considered to be “beneficial owners” for purposes of assessing Foreign Ownership Control or Influence (FOCI). The term “beneficial owner” is borrowed from Section 240.13d-3 of Title 17 of the Code of Federal Regulations (CFR) covering regulations under the Securities and Exchange Act and includes “any person who, directly or indirectly, through any contract, arrangement, understanding, relationship, or otherwise has or shares: (1) [v]oting power which includes the power to vote, or to direct the voting of, such security; and/or, (2) [i]nvestment power which includes the power to dispose, or to direct the disposition of, such security.”

Section 819 of the FY2021 NDAA attempts to accelerate reforms and additional restrictions contained in the FY2020 NDAA by giving the secretary of defense a deadline of March 1, 2021, to provide a timeline for the issuance of regulations, training, and systems for reporting of beneficial ownership and FOCI by “covered contractors and subcontractors” (defined in Section 847 of the FY2020 NDAA as a company with a contract of $5 million or more but generally excepting suppliers of commercial products and services), and the designation of officials and organizations responsible for such implementation. DoD has until July 1, 2021, to revise all relevant policies, including the Department of Defense Supplement to the FAR (DFARS). Moreover, Section 819 requires DoD to obtain reports and conduct examinations of covered contractors and subcontractors to assess compliance with FOCI restrictions.

Making Review of Foreign Beneficial Owners Part of Responsibility Determinations on All DoD Contracts. Section 847 of the FY2020 NDAA’s obligation to disclose beneficial owners also extended to contracting officers for purposes of making responsibility determinations in contract awards. With regard to responsibility determinations, Section 885 of the FY2021 NDAA amends 41 U.S.C. § 2313(d) to require disclosure of beneficial ownership in a GSA-maintained database on contractors and grant recipients (the Federal Awardee Performance and Integrity System (FAPIS) database (see FAR 9.104-6)) with a federal agency contract or grant over $500,000. Including foreign beneficial owners in FAPIS presumably will make information concerning foreign beneficial owners more accessible to contracting officers in weighing the responsibility of prospective contractors. Contracting officers will now have the flexibility to reject prospective contractors as eligible for awards based on concerns about ownership.

Making a List of Critical National Security Technology and Checking It Twice to Determine Post-Employment Restrictions. Section 837 of the FY2021 NDAA mandates that DoD establish and maintain a list of critical national security technology that may require certain restrictions on “current or former employees, contractors or subcontractors (at any tier) of the Department of Defense that contribute to such technology,” and review existing authorities under which DoD employees may be subject to post-employment restrictions with foreign governments and with organizations including government contractors subject to FOCI.

The term “critical national security technology” appears to be a new one. The FY2019 NDAA repealed that portion of the Export Administration Act of 1979 which required the creation and maintenance of the Military Critical Technologies List (MCTL). It remains to be seen whether “critical national security technology” will borrow from the now defunct list, the U.S. Munitions List relied upon by the International Traffic in Arms Regulation (ITAR) or some other list.

Section 837 addresses restrictions on current or former employees of contractors and subcontractors (of any tier) of DoD that contribute significantly to critical national security technology identified by DoD. It suggests that DoD adopt “mechanisms” prohibiting such employees from working directly for companies owned by the Chinese government or companies determined by a cognizant federal agency to be under the ownership, control, or influence of the Chinese government.

Securing Software from Womb to Tomb. Section 835 of the FY2021 NDAA requires the development of requirements for software security criteria to be included in all solicitations for commercial and developmental acquisitions and the evaluation of proposals “including the delineation of what processes were or will be used for a secure software development life cycle.” The criteria must include secure coding practices, management of supply chain risks, secure deployment, configuration and installation procedures, and management tools to ensure the appropriate level of security. DoD is also vested with responsibility for developing procedures for a security review of any code delivered. The statute instructs DoD to work in coordination with new cybersecurity acquisition policy efforts (i.e., Cyber Maturity Model Certification (CMMC)).

  1. Other Transaction Agreements – Expanding Use and Getting Out the Word.

Section 833 of the FY2021 NDAA requires that by April 1, 2021, the secretary of defense will maintain a comprehensive single list, available to the public, of all consortia used by DoD “to announce or otherwise make available opportunities” to enter into an Other Transaction Agreement (OTA) under 10 U.S.C. § 2371 (research) and 10 U.S.C. § 2371b (prototypes). This addresses frequent complaints by prospective OTA recipients about the lack of a centralized database and publication of OTA opportunities through the hundreds (and growing by the day) of consortium management companies, seen as the gatekeepers for much of DoD’s OTA opportunities.

Other sections of the FY2021 NDAA specifically direct segments of DoD to consider the use of OTAs in new procurements (Section 1752 allowing the newly established National Cyber Director authority to enter into OTAs; Section 2866(c)(1) suggesting the secretary of the army use OTAs for a pilot program for the development of an online real estate inventory tool; Section 5301 authorizing the National Institute of Standards and Technology (NIST) to use OTAs for work associated with establishing standards, best practices, and guidelines on Artificial Intelligence (AI); and Section 9903 authorizing DoD to use OTAs for the domestic development of microelectronics manufacturing and R&D facilities.

  1. Software Procurement – DoD Continues Its Push to Innovate.

Extending MOSA Beyond Major Systems. Section 804 of the FY2021 NDAA builds on past NDAA directives supporting the Modular Open Systems Approach (MOSA) for the modification and development of major weapon systems (now embodied in 10 U.S.C. § 2446b), pursuant to which an open architecture with severable modules is used, including open system interfaces designed according to accepted standards. In past NDAAs, DoD has been permitted to assert government purpose rights in technical data and computer software related to the interfaces between models for major weapon systems even if developed at private expense. See 10 U.S.C. §2320(a)(2)(G) (now 10 U.S.C. § 3771(a) by Section 1833 of the FY2021 NDAA). Section 804 extends those rights to interfaces in all modular weapons systems and instructs DoD to expand them to cover software-based non-weapon systems including software-based business systems and cybersecurity systems.

New Software Licensing Models. Section 834 of the FY2021 NDAA requires, subject to availability of appropriations, each military department and each combatant command with procurement authority to propose for approval by the secretary of defense, up to three initiatives for a pilot program to use “consumption-based solutions” for “software-intensive” warfighting capability. Examples for the use of this innovative licensing methodology are provided right in the statute and include analysis of sensor data, securing warfighter networks, and the swift transport of information across various networks and network modalities. Consumption-based software licensing is cutting edge; the model permits the end user to pay for an application or device based on actual usage of the product. The interest in advanced forms of software licensing is quite a contrast to the now archaic “restricted rights” license in DFARS 252-227-7014, which is still the default government software license for non-commercial computer software developed at private expense.