Home/Federal/Federal Register/2026-03065

Proposed Rule2026-03065

Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services

Primary source

Metadata and text below are from the Federal Register, a public-domain U.S. government work. Always verify the official published version before relying on it for any legal matter.

Published

February 17, 2026

Issuing agencies

Management and Budget OfficeFederal Procurement Policy OfficeDefense DepartmentGeneral Services AdministrationNational Aeronautics and Space Administration

Abstract

OFPP, DoD, GSA, and NASA (collectively referred to as the Federal Acquisition Regulatory Council, or FAR Council) are proposing to amend the Federal Acquisition Regulation (FAR) to partially implement a section of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 which prohibits executive agencies from procuring or obtaining certain products and services that include covered semiconductor products or services effective December 23, 2027.

Full Text

<html>
<head>
<title>Federal Register, Volume 91 Issue 31 (Tuesday, February 17, 2026)</title>
</head>
<body><pre>
[Federal Register Volume 91, Number 31 (Tuesday, February 17, 2026)]
[Proposed Rules]
[Pages 7223-7242]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2026-03065]

[[Page 7223]]

=======================================================================
-----------------------------------------------------------------------

OFFICE OF MANAGEMENT AND BUDGET

Office of Federal Procurement Policy

DEPARTMENT OF DEFENSE

GENERAL SERVICES ADMINISTRATION

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

48 CFR Parts 1, 2, 9, 12, 13, 39, 40, and 52

[FAR Case 2023-008; Docket No. FAR 2023-0008, Sequence No. 1]
RIN 9000-AO56

Federal Acquisition Regulation: Prohibition on Certain
Semiconductor Products and Services

AGENCY: Office of Federal Procurement Policy (OFPP), Office of
Management and Budget (OMB); Department of Defense (DoD); General
Services Administration (GSA); and National Aeronautics and Space
Administration (NASA).

ACTION: Proposed rule.

-----------------------------------------------------------------------

SUMMARY: OFPP, DoD, GSA, and NASA (collectively referred to as the
Federal Acquisition Regulatory Council, or FAR Council) are proposing
to amend the Federal Acquisition Regulation (FAR) to partially
implement a section of the James M. Inhofe National Defense
Authorization Act for Fiscal Year 2023 which prohibits executive
agencies from procuring or obtaining certain products and services that
include covered semiconductor products or services effective December
23, 2027.

DATES: Interested parties should submit written comments to the
Regulatory Secretariat Division at the address shown below on or before
April 20, 2026, to be considered in the formation of the final rule.

ADDRESSES: Submit comments in response to FAR Case 2023-008 to the
Federal eRulemaking portal at <a href="https://www.regulations.gov">https://www.regulations.gov</a> by searching
for ``FAR Case 2023-008''. Select the link ``Comment Now'' that
corresponds with ``FAR Case 2023-008''. Follow the instructions
provided on the ``Comment Now'' screen. Please include your name,
company name (if any), and ``FAR Case 2023-008'' on your attached
document. If your comment cannot be submitted using <a href="https://www.regulations.gov">https://www.regulations.gov</a>, call or email the points of contact in the FOR
FURTHER INFORMATION CONTACT section of this document for alternate
instructions.
Instructions: Please submit comments only and cite ``FAR Case 2023-
008'' in all correspondence related to this case. Comments received
generally will be posted without change to <a href="https://www.regulations.gov">https://www.regulations.gov</a>,
including any personal and/or business confidential information
provided. Public comments may be submitted as an individual, as an
organization, or anonymously (see frequently asked questions at <a href="https://www.regulations.gov/faq">https://www.regulations.gov/faq</a>). To confirm receipt of your comment(s),
please check <a href="https://www.regulations.gov">https://www.regulations.gov</a>, approximately two to three
days after submission to verify posting.

FOR FURTHER INFORMATION CONTACT: For clarification of content, contact
FAR Policy by email at <a href="/cdn-cgi/l/email-protection#03454251736c6f6a607a436470622d646c75"><span class="__cf_email__" data-cfemail="c88e899ab8a7a4a1abb188afbba9e6afa7be">[email&#160;protected]</span></a> or call 202-969-4075. For
information pertaining to status, publication schedules, or alternate
instructions for submitting comments if <a href="https://www.regulations.gov">https://www.regulations.gov</a>
cannot be used, contact the Regulatory Secretariat Division at 202-501-
4755 or <a href="/cdn-cgi/l/email-protection#52150113003735013731123521337c353d24"><span class="__cf_email__" data-cfemail="2a6d796b784f4d794f496a4d594b044d455c">[email&#160;protected]</span></a>. Please cite ``FAR Case 2023-008.''

SUPPLEMENTARY INFORMATION:

I. Background

The FAR Council is proposing to revise the FAR to implement
paragraphs (a), (b), (c), and (h) of section 5949 of the James M.
Inhofe National Defense Authorization Act (NDAA) for Fiscal Year (FY)
2023 (Pub. L. 117-263, 41 U.S.C. 4713 note). Section 5949 prohibits
executive agencies from procuring or obtaining certain products and
services that include covered semiconductor products or services
effective December 23, 2027.
Semiconductors are tiny electronic devices that are essential to
America's economic and national security. Semiconductors power our
consumer electronics, automobiles, data centers, critical
infrastructure, and virtually all military systems. These devices power
tools as simple as a power adapter and as complex as a fighter jet or a
smartphone. They are also essential building blocks of the technologies
that will shape our future, including artificial intelligence,
biotechnology, and clean energy. For additional information on
semiconductors, visit <a href="https://www.nist.gov/semiconductors">https://www.nist.gov/semiconductors</a> and <a href="https://www.nist.gov/chips">https://www.nist.gov/chips</a>.
The National Counterintelligence and Security Center, located in
the U.S. Office of the Director of National Intelligence, has
identified semiconductors as one of the technology sectors in which the
stakes of disruption are potentially greatest for U.S. economic and
national security. There are numerous opportunities for adversaries and
other threat actors to introduce hardware backdoors, malicious
firmware, and malicious software into a semiconductor during
production. Since semiconductors are key components of U.S. critical
infrastructure (e.g., information technology, communications) and have
many military applications, it is vital that these threat vectors are
addressed during the production process. Semiconductors are ultimately
integrated into end products, and the difficulty in identifying and
mitigating risks to semiconductor hardware, firmware, and software
grows exponentially after integration.
Due to this significant national security risk, Congress included a
prohibition for certain covered semiconductors in section 5949 of the
James M. Inhofe NDAA for FY 2023. The statute prohibits the head of an
executive agency from procuring or obtaining, or extending or renewing
a contract to procure or obtain, any electronic parts, products, or
services that include covered semiconductor products or services. In
addition, section 5949 prohibits the head of an executive agency from
entering into a contract, or extending or renewing a contract, with an
entity to procure or obtain electronic parts or products that use any
electronic parts or products that include covered semiconductor
products or services. However, executive agencies are not required to--
(1) Remove or replace any products or services resident in
equipment, systems, or services, prior to the effective date of the
prohibition; or
(2) Prohibit or limit the utilization of covered semiconductor
products or services throughout the lifecycle (e.g., replacement
component, spare part, support service) of existing equipment acquired
prior to December 23, 2027.
On May 3, 2024, the FAR Council published in the Federal Register
an advanced notice of proposed rulemaking (ANPR) (see 89 FR 36738). The
ANPR sought feedback from the public on the amendments to the FAR being
considered to accomplish the stated objectives when implementing
section 5949 of the James N. Imhofe NDAA for FY 2023. Eighteen
respondents submitted comments in response to the notice. Many
respondents offered feedback on the specific questions in the notice to
include:
<bullet> Recommendations on ways to further clarify the scope of
the prohibition;
<bullet> Recommendations for clarifying the proposed definitions;

[[Page 7224]]

<bullet> Input on the proposed solicitation provision and contract
clause;
<bullet> Input on the waiver authority;
<bullet> Whether entities have sufficient visibility into their
supply chain to understand if their supply chain uses covered
semiconductor products or services;
<bullet> Information that is normally requested from subcontractors
and suppliers about semiconductor provenance;
<bullet> The procedures to conduct reasonable inquiries;
<bullet> The use of covered semiconductor products or services and
the impact the prohibition will have on entities;
<bullet> The categories of products or services currently being
provided to the Government for which entities anticipate needing a
waiver when the prohibition is effective;
<bullet> The time entities anticipate it will take to find
alternative semiconductors that are compliant;
<bullet> The impact implementation of section 5949 will have on
small entities;
<bullet> The challenges entities anticipate facing in effectively
complying with the prohibition; and
<bullet> Methods for identifying the provenance of the supply chain
for electronic products and electronic services.
Some respondents emphasized the importance of aligning the rule
with congressional intent and cautioned against broadening the scope
beyond what is mandated. Some respondents discouraged taking the
proposed actions given that the electronics supply chain is complex,
and covered electronic parts can be incorporated into other parts at
almost every phase of a manufacturing process. Respondents urged action
to mitigate compliance costs and protect proprietary information. Some
respondents suggested the contracting officers should have discretion
as to when section 5949 requirements would apply rather than applying
the requirements across-the-board to all solicitations, contracts, and
purchases with the requirements.

II. Discussion and Analysis

After considering inputs on the ANPR and consulting with other
agencies, the FAR Council is proposing to amend the FAR to implement
subsections (a), (b), (c), and (h) of section 5949 of the NDAA for FY
2023. On or after December 23, 2027, Federal agencies will be
prohibited from procuring or obtaining--
(1) Electronic products or services that include covered
semiconductor products or services (section 5949(a)(1)(A)); and
(2) Electronic products, for use in critical systems, that use
electronic products that include covered semiconductor products or
services (section 5949(a)(1)(B)).

A. Overview of Rule

This proposed FAR rule implements the prohibition on certain
semiconductor products and services.

B. Policy

The proposed rule provides a new section at FAR 40.20X, Prohibition
on certain semiconductor products and services, with a new
corresponding solicitation provision at FAR 52.240-XX, Certification
Regarding Certain Semiconductor Products and Services, and a new
corresponding contract clause at FAR 52.240-YY, Prohibition on Certain
Semiconductor Products and Services.
This section will provide contracting officers with policies and
procedures for acquiring electronic products or electronic services in
accordance with the prohibition on covered semiconductor products and
services.
Offerors and contractors will also play a key role in this process
by adhering to the solicitation and contract when proposing to provide
or when providing any electronic products or electronic services.
1. Offeror Reasonable Inquiry
Before submitting an offer in response to a Government
solicitation, an entity would be required to conduct a reasonable
inquiry to determine whether the electronic products or electronic
services it provides to the Government include covered semiconductor
products or services or use electronic products that include covered
semiconductor products or services.
To conduct this inquiry, an entity will need to assess which
electronic products or electronic services are included in its
offerings to the Government and seek out information to identify the
source of semiconductor products or services included in those
offerings. In conducting this inquiry an entity may consult the
Department of Commerce website, search supplier websites, search
manufacturer websites, or use supply chain illumination or other due
diligence tools. If an entity is unable to find information to confirm
that an electronic product or electronic service does not use or
include a covered semiconductor product or service, the entity would
need to look to its suppliers to conduct reasonable inquiries and
provide the required certification in the solicitation provision at FAR
52.240-XX. It is expected that most entities will conduct a full review
of the electronic products and electronic services that they may offer
to the Government, rather than assess on a solicitation-by-solicitation
basis.
2. Offeror Certification
When an offeror submits an offer in response to a solicitation
containing the new requirement, the offeror will certify, as required
by the new provision at FAR 52.240-XX, that it has conducted a
reasonable inquiry, and that the offeror does not propose to (1)
provide to the Government any electronic products or electronic
services that include covered semiconductor products or services; and
(2) does not provide to the Government, for use in critical systems
identified by the Government, electronic products that use electronic
products that include covered semiconductor products or services. These
measures are necessary to build security and resilience in Government
supply chains. In accordance with FAR 1.107, the certification
requirement is specifically imposed by the statute for contractors (see
section 5949(h)(1)(A)) and subcontractors (see section 5949(h)(6)).
Therefore, the Administrator for Federal Procurement Policy does not
need to approve the inclusion of the certification requirement imposed
by this proposed rule.
3. Offeror Disclosure
The proposed rule also requires an offeror to disclose if they are
providing electronic products or electronic services that are not
compliant with the prohibition. If, as a result of the initial
reasonable inquiry, an offeror discovers that an electronic product or
electronic service to be offered to the Government under the
solicitation includes covered semiconductor products or services, the
offeror will need to disclose with its offer any information about the
covered semiconductor product or service that is known at the time of
submission of its offer. This disclosure includes, for example,
information about the manufacturer, the risks associated with including
the covered semiconductor product or service, and whether there are any
available alternatives to the semiconductor product or service. The
purpose for this disclosure is so that the Government may decide
whether an exception may apply or to pursue a waiver.
4. Disclosure Safe Harbor
Prior to award, an offeror or lower-tier supplier that provides a
disclosure regarding covered semiconductor

[[Page 7225]]

products or services in electronic products that are manufactured or
assembled by an entity other than the offeror or lower-tier supplier
will not be subject to civil liability nor determined to be not
presently responsible based on such notification (see section
5949(h)(7) of the NDAA for FY 2023). Additionally, an offeror or lower-
tier supplier that provides a disclosure regarding covered
semiconductor products or services in electronic products manufactured
or assembled by such offeror or lower tier supplier will not be subject
to civil liability nor determined to be not presently responsible based
on such notification if the offeror or lower-tier supplier makes a
comprehensive and documentable effort to identify and remove the
covered semiconductor products or services(see section 5949(h)(8) of
the NDAA for FY 2023).
5. Contractor Notification
On or after December 23, 2027, paragraph (f) of proposed contract
clause FAR 52.240-YY requires contractors to report to the contracting
officer if they identify, have reason to suspect, or are notified by a
subcontractor at any tier or any other source that any covered
semiconductor product or service purchased by the Federal Government,
or purchased by a Federal contractor or subcontractor for delivery to
the Federal Government during contract performance contains covered
semiconductor products or services, regardless of whether an exception
applies. Reports must be provided in writing within 72 hours of
identification.
Reporting this information to the contracting officer will allow
the Government to assess the risk and make a determination on how to
proceed.
While subsection (h)(5) of section 5949 provides contractors up to
60 days to give notice to the Government that an electronic product for
use in a critical system contains a covered semiconductor product or
service, on or after December 23, 2027, the clause proposed at FAR
52.240-YY, requires reporting within 72 hours for any electronic
product or electronic service that contains a covered semiconductor
regardless of an exception in paragraph (c) of the clause. Reporting
within this timeframe is necessary to protect the Government by
ensuring the Government is aware of any covered semiconductor product
or service soon after discovery by the contractor. Similar reporting
requirements exist for related prohibitions and cybersecurity
requirements required by the clause at FAR 52.204-23, Prohibition on
Contracting for Hardware, Software, and Services Developed or Provided
by Kaspersky Lab Covered Entities(3 business days), the clause at FAR
52.204-25, Prohibition on Contracting for Certain Telecommunications
and Video Surveillance Services or Equipment (1 business day), Cyber
Incident Reporting for Critical Infrastructure Act of 2022, Division Y
of Public Law 117-103 (72 hours), and Defense FAR Supplement (DFARS)
252.204-7012, Safeguarding Covered Defense Information and Cyber
Incident Reporting (72 hours). The FAR Council has proposed a 72-hour
reporting deadline, similar to these related reporting requirements,
because the Government's need to safeguard economic and national
security against the potential risks of any covered semiconductor
product or service is time sensitive. Prevention and mitigation
opportunities substantially increase when the Government is quickly
made aware of any covered semiconductor product or service. The FAR
Council recognizes that contractors need sufficient time to report the
occurrence upon discovery. While the statute authorizes the proposed
rule to set a notification timeframe of up to 60 days, after
considering the foregoing risks to economic and national security and
comparing similar reporting requirements, the FAR Council has
determined that a 72-hour reporting timeframe is the appropriate
deadline because it falls well within the 60-day notification ceiling
the statute sets on the regulation while affording contractors
sufficient time to report the occurrence upon discovery. To prevent
double reporting and any potential confusion, the FAR Council has
proposed this timeframe to implement the regulatory notification
deadline within the 60-day reporting ceiling required by subsection
(h)(5) of section 5949. This proposed rule implements the statute's
reporting requirement and sets the notification deadline at 72 hours to
protect national security by ensuring appropriate awareness of covered
semiconductor products and services within Federal information systems
and networks.
6. Safe Harbor
After award, a contractor or subcontractor that provides a timely
notification regarding electronic products or electronic services
prohibited by paragraph (b) of the clause proposed at FAR 52.240-YY
that are manufactured or assembled by an entity other than the
contractor or subcontractor will not be subject to civil liability. In
addition, such a contractor or subcontractor will not be determined to
be not a presently responsible contractor based on such notification
(see section 5949(h)(7) of the NDAA for FY 2023).
Additionally, a contractor or subcontractor that provides a
notification to the Government, contractor, or subcontractor regarding
covered semiconductor products or services in electronic products or
services manufactured or assembled by such contractor or subcontractor
shall not be subject to civil liability nor determined to be not a
presently responsible contractor on the basis of such notification, if
the contractor or subcontractor makes a comprehensive and documentable
effort to identify and remove the covered semiconductor products or
services (see section 5949(h)(8) of the NDAA for FY 2023).
7. Disclosure to Non-Federal Entities
The proposed clause which flows down to subcontractors, requires
contractors and subcontractors that are semiconductor covered entities
to disclose the inclusion of a covered semiconductor product or service
in electronic products or electronic services to non-Federal customers
outside of the Government. Neither the statute, nor the proposed rule,
are prescriptive regarding the contents or method of disclosure. It is
possible that a contractor or subcontractor may choose to include this
information or disclaimer in its marketing material, on its website,
and in any sales agreements to non-Federal customers.
8. Applicability to Subcontractors
Section 5949(c) mandates prime contractors to incorporate the
substance of these prohibitions and applicable implementing contract
clauses into contracts. This proposed rule requires that prime
contractors insert FAR 52.240-YY into all subcontracts for the supply
of any electronic products and services.
The Department of Commerce will host a website listing entities
determined by the Secretary of Commerce or Secretary of Defense to be
an entity owned or controlled by, or otherwise connected to, the
government of a semiconductor foreign country of concern. This list
will identify the effective date for the determination and can be used
to determine whether a semiconductor, semiconductor product, or
semiconductor services is a covered semiconductor product or service
(see FAR 52.240-XX(d)(2)). The Department of Commerce is also
considering hosting a website for the list of organizations where the
organization has certified that electronic products or services

[[Page 7226]]

produced or provided by that organization do not contain any prohibited
covered semiconductor products or services (see FAR 52.240-XX(d)(1)). A
contractor would be able to reasonably rely on the certifications
provided by the Department of Commerce website without the need for
further inquiry unless the contractor discovers any discrepancies or
has reason to doubt the accuracy of any certification made by any
listed organization.

C. Prohibition

The proposed rule implements the prohibition required by section
5949(a)(1)(A) of the NDAA for FY 2023 and section 5949(a)(1)(B) of the
NDAA for FY 2023 at FAR 40.20X-2. The prohibition will become effective
on or after December 23, 2027, unless an exception applies. Section
5949(a)(1)(B) goes beyond the prohibition in section 5949(a)(1)(A) by
prohibiting Federal agencies from acquiring electronic products, used
within critical systems that use electronic products that incorporate
covered semiconductor products or services. Examples of what section
5949(a)(1)(B) could restrict a Federal agency from acquiring include,
but are not limited to, (1) a control panel within a critical system
that enables an Internet of Things (IoT) device that includes a covered
semiconductor product or service or (2) an unmanned aircraft ground
control station that controls an unmanned aircraft that includes a
covered semiconductor product or service.
The prohibitions are implemented through the proposed solicitation
provision at FAR 52.240-XX, Certification Regarding Certain
Semiconductor Products and Services, prescribed at FAR 40.20X-6(a), and
the proposed contract clause at FAR 52.240-YY, Prohibition on Certain
Semiconductor Products and Services, prescribed at FAR 40.20X-6(b).
The prohibitions impact any product or service that uses or
provides electronic products or electronic services to the Government.
Due to the prevalence of electronic products and electronic services,
the FAR Council anticipates this would impact a significant number of
contracts and orders.
Additionally, section 5949 of the NDAA for FY 2023 does not exempt
micro-purchases, as there would be national security risks associated
with allowing purchases of covered semiconductors under the micro-
purchase threshold. Many electronic products and electronic services
that are critical to the mission of the Federal Government are procured
under the current micro-purchase threshold, and it is important that
this rule address such risks. Therefore, section 40.20X will apply to
all acquisitions of products, non-commercial services, commercial
information technology (IT) services, and commercial telecommunications
services, including contracts at or below the micro-purchase threshold,
for commercial products (including commercially available off-the-shelf
items). Commercial products or commercial services for which there are
no alternative sources available are excepted from the semiconductor
prohibition until December 23, 2028. These procedures will assist the
Federal Government in identifying and mitigating risks to semiconductor
hardware, firmware, and software, in turn making the supply chain more
resilient, while taking into consideration the availability of
alternative sources, the impact on small entities, and the
identification and processing of any waivers that may be necessary.

D. Exceptions and Waivers

1. Exceptions
Section 5949 of the NDAA for FY 2023 includes exceptions and
waivers. As proposed at FAR 40.20X-3, agencies are not required to (1)
Remove or replace any products or services resident in equipment,
systems, or services, prior to December 23, 2027; or (2) Prohibit or
limit the utilization of covered semiconductor products or services
throughout the lifecycle (e.g., replacement component, spare part,
support service) of existing equipment acquired prior to December 23,
2027.
Additionally, based on public comments received in response to the
advance notice of proposed rulemaking and the expected impact to
entities, commercial products or commercial services for which there
are no alternative sources available are excepted from the
semiconductor prohibition until December 23, 2028. This will allow
entities additional time to find reasonable alternatives and limit the
volume of waivers that would need to be processed by the Government.
Semiconductors, semiconductor products, and semiconductor services
which are determined by Secretary of Commerce or Secretary of Defense
to be a covered semiconductor product or service after contract award,
are excepted from the prohibition unless the contract is modified to
include such covered semiconductor product or service.
Section 5949 is silent on the applicability of these requirements
to acquisitions of commercial products and commercial services. The law
does not include terms making express reference to 41 U.S.C. 1906 and
its application to acquisitions of commercial products or commercial
services, nor does the law independently provide for criminal or civil
penalties. Therefore, this law does not apply to acquisitions of
commercial products and commercial services unless the FAR Council
makes a written determination as required by 41 U.S.C. 1906. The FAR
Council intends to make a determination to only apply section 5949 to
acquisitions for commercial products, commercial IT services, and
commercial telecommunications services. This determination is being
implemented through an exception. Without this exception, this
prohibition would impact many categories of commercial services (e.g.,
hotel accommodations) where the risk is very low to the Government and
the Government is a very small share of the overall market. This
targeted exception will allow the Government to focus this prohibition
on all electronic products, non-commercial services, IT services, and
telecommunication services where the risk is considered greatest.
Therefore, the prohibition will not apply to commercial service
procurements except for procurements for IT services and
telecommunication services.
To align with the intent of the statute and avoid unintended
consequences of regulating electronic services not directly related to
the purpose of the procurement, electronic services that are incidental
to the performance of the contract (e.g., contractor payroll) are also
excepted.
2. Waivers
The proposed text at FAR 40.20X-5 provides the procedures for the
head of an agency to waive, for a renewable period of not more than two
years per waiver, the prohibitions at 40.X02 if the head of the agency-
(1) In consultation with the Secretary of Commerce, determines that
no compliant product or service is available to be procured as, and
when, needed at United States market prices or a price that is not
considered prohibitively expensive (i.e., would impose significant
difficulty or expense considering the agency resources available); and
(2) In consultation with the Secretary of Defense or the Director
of National Intelligence, determines that such waiver could not
reasonably be

[[Page 7227]]

expected to compromise the critical national security interests of the
United States.
Additionally, the Secretary of Defense may provide a waiver for any
executive agency if the Secretary of Defense determines that the waiver
is in the critical national security interests of the United States.
The Director of National Intelligence may provide a waiver for any
executive agency if the Director of National Intelligence determines
that the waiver is in the critical national security interests of the
United States.
Lastly, the Secretary of Commerce, Secretary of Homeland Security,
or Secretary of Energy, in consultation with the Director of National
Intelligence or the Secretary of Defense, may provide a waiver for any
executive agency if the Secretary determines that the waiver is in the
critical national security interests of the United States. While the
rule provides for exceptions and waivers, the overall goal of the
statute remains the exclusion of semiconductors from prohibited
entities to the greatest degree possible by December 23, 2027. As such,
exceptions and waivers are meant to act as a bridge to near-term
compliance with the rule, not an indefinite reprieve from it.

E. Other Updates

This proposed rule requires a new information collection. The OMB
control number assigned to the information collection will be added to
FAR 1.106.
Once finalized, the rule will move the definitions of ``national
security system'' and ``subsidiary'' from 39.002 and 9.108-1,
respectively, to FAR 2.101.
The proposed rule updates FAR 12.301 to include, for commercial
products and information technology services and telecommunication
services (i.e., services in Category D: Information Technology (IT) and
Telecommunications (Telecom) of the Federal Procurement Data System
Product and Service Codes (PSC) Manual), the proposed solicitation
provision at FAR 52.240-XX in the list of other required provisions and
clauses at paragraph (d).
The proposed rule updates FAR 13.201 to apply to micro-purchases,
adding the prohibition on procuring or obtaining electronic products or
electronic services that include covered semiconductor products or
services and the prohibition on procuring or obtaining electronic
products, for use in critical systems, that use electronic products
that incorporate covered semiconductor products or services.
The new section at FAR 40.20X provides definitions, policies,
exceptions, and procedures related to acquiring electronic products or
electronic services that contain covered semiconductor products and
services.
The clauses at FAR 52.212-5, Contract Terms and Conditions Required
to Implement Statutes or Executive Orders-Commercial Products and
Commercial Services; FAR 52.213-4, Terms and Conditions-Simplified
Acquisitions (Other Than Commercial Products and Commercial Services);
and FAR 52.244-6, Subcontracts for Commercial Products and Commercial
Services, are updated to add the requirements of the proposed clause at
FAR 52.240-YY, Prohibition on Certain Semiconductor Products and
Services.

III. Applicability to Contracts at or Below the Simplified Acquisition
Threshold (SAT) and for Commercial Products (Including Commercially
Available Off-the-Shelf (COTS) Items), or for Commercial Services

This rule proposes to add a new provision at FAR 52.240-XX,
Certification Regarding Certain Semiconductor Products and Services,
and a new clause at FAR 52.240-YY, Prohibition on Certain Semiconductor
Products and Services, to implement section 5949 of the James M. Inhofe
NDAA for FY 2023. The provision and clause are prescribed at FAR
40.20X-6(a) and 40.20X-6(b).

A. Applicability to Contracts at or Below the Simplified Acquisition
Threshold

41 U.S.C. 1905 governs the applicability of laws to acquisitions at
or below the SAT. Section 1905 generally limits the applicability of
new laws when agencies are making acquisitions at or below the SAT, but
provides that such acquisitions will not be exempt from a provision of
law under certain circumstances, including when the Federal Acquisition
Regulatory Council (FAR Council) makes a written determination and
finding that it would not be in the best interest of the Federal
Government to exempt contracts and subcontracts in amounts not greater
than the SAT from the provision of law. The FAR Council intends to make
a determination to apply this statute to acquisitions at or below the
SAT unless an exception applies. While the rule provides for exceptions
and waivers, the overall goal of the statute remains to prohibit
executive agencies from procuring or obtaining certain products and
services that include covered semiconductor products or services to the
greatest degree possible by December 23, 2027. As such, exceptions and
waivers are meant to act as a bridge to near-term compliance with the
rule not an indefinite reprieve from it.

B. Applicability to Contracts for the Acquisition of Commercial
Products, Including Commercially Available Off-the-Shelf (COTS) Items,
and Commercial Services

41 U.S.C. 1906 governs the applicability of laws to contracts for
the acquisition of commercial products and commercial services and is
intended to limit the applicability of laws to contracts for the
acquisition of commercial products and commercial services. Section
1906 provides that if the FAR Council makes a written determination
that it is not in the best interest of the Federal Government to exempt
commercial contracts, the provision of law will apply to contracts for
the acquisition of commercial products and commercial services. 41
U.S.C. 1907 states that acquisitions of COTS items will be exempt from
certain provisions of law unless the Administrator for Federal
Procurement Policy makes a written determination and finds that it
would not be in the best interest of the Federal Government to exempt
contracts for the procurement of COTS items.
The FAR Council intends to make a determination to apply section
5949 to acquisitions for commercial products, commercial IT services,
and commercial telecommunications services. The Administrator for
Federal Procurement Policy intends to make a determination to apply
this statute to acquisitions for COTS items.

C. Determinations

Section 5949 of the James M. Inhofe NDAA for FY 2023 prohibits the
head of an executive agency from procuring or obtaining, or extending
or renewing a contract to procure or obtain, any electronic parts,
products, or services that include covered semiconductor products or
services. In addition, section 5949 prohibits the head of an executive
agency from entering into a contract, or extending or renewing a
contract, with an entity to procure or obtain electronic parts or
products that use any electronic parts or products that include covered
semiconductor products or services. However, executive agencies are not
required to--
(1) Remove or replace any products or services resident in
equipment, systems, or services, prior to the effective date of the
prohibition.
(2) Prohibit or limit the utilization of covered semiconductor
products or services throughout the lifecycle (e.g., replacement
component, spare part,

[[Page 7228]]

support service) of existing equipment acquired prior to December 23,
2027.
The law is silent on the applicability of Section 5949 of the NDAA
for FY 2023 to acquisitions at or below the SAT. The law does not
include terms making express reference to 41 U.S.C. 1905 and its
applicability to acquisitions at or below the SAT, nor does the law
independently provide for criminal or civil penalties. Therefore, the
law does not apply to acquisitions at or below the SAT unless the FAR
Council makes a written determination as required by 41 U.S.C. 1905.
Application of the law to contracts at or below the SAT, will further
national security. Failure to apply Section 5949 of the NDAA for FY
2023 to contracts at or below the SAT would exclude a significant
number of contracts that may include the prohibited semiconductors. For
this reason, the FAR Council intends to determine that it is in the
best interest of the Federal Government to apply the requirements of
the rule to applicable contracts at or below the SAT.
With regards to subcontracts at or below the SAT, the FAR Council
intends to determine that it is in the best interest of the Federal
Government to apply section 5949 of the NDAA for FY 2023 to such
acquisitions unless an exception applies.
The law is silent on the applicability of these requirements to
acquisitions of commercial products and commercial services. The law
does not include terms making express reference to 41 U.S.C. 1906 and
its application to acquisitions of commercial products or commercial
services, nor does the law independently provide for criminal or civil
penalties. Therefore, this law does not apply to acquisitions of
commercial products and commercial services unless the FAR Council
makes a written determination as required by 41 U.S.C. 1906. The FAR
Council intends to determine that it would not be in the best interest
of the Federal Government to exempt acquisitions of commercial
products, and commercial IT services and telecommunication services
(i.e., services in Category D: Information Technology (IT) and
Telecommunications (Telecom) of the Federal Procurement Data System
Product and Service Codes (PSC) Manual) from the requirements of
Section 5949 of the NDAA for FY 2023. As such, this rule would apply to
acquisitions for commercial products and commercial IT services and
commercial telecommunication services. With regards to subcontracts for
commercial products and commercial services, the FAR Council intends to
determine that it would be in the best interest of the Federal
Government to apply section 5949 of the NDAA for FY 2023 to such
acquisitions unless an exception applies.
The law is silent on the applicability of this requirement to
acquisitions of COTS items. The law does not include terms making
express reference to 41 U.S.C. 1907 and its application to acquisitions
of COTS items, nor does the law independently provide for criminal or
civil penalties. Therefore, it does not apply to acquisitions of COTS
items unless the Administrator for Federal Procurement Policy makes a
written determination as provided at 41 U.S.C. 1907. Considering that
semiconductor products meet the definition of a COTS item, the
Administrator for Federal Procurement Policy intends to make a
determination to apply this rule to acquisitions of COTS items,
including subcontracts for COTS items.

IV. Severability

If any portion (e.g., section, clause, sentence) of this rule is
held to be invalid or unenforceable facially, or as applied to any
entity or circumstance, it shall be severable from the remainder of
this rule, and shall not affect the remainder thereof, or its
application to entities not similarly situated or to other dissimilar
circumstances. The various portions of this rule are independent and
serve distinct purposes. Even if one aspect were rendered invalid, the
other benefits of the rule would still be applicable.

V. Expected Impact of the Rule

The Government has conducted a regulatory impact analysis (RIA) for
the proposed rule, which is available in the docket for FAR Case 2023-
008 available at <a href="https://www.regulations.gov">https://www.regulations.gov</a>. The RIA includes a
discussion of the anticipated benefits of the rule, a description of
impacted entities, an estimate of the public and Government costs
associated with compliance, and the alternatives considered. Based on
the RIA, the total estimated public and Government costs associated
with this proposed rule in millions over a 10-year period:

----------------------------------------------------------------------------------------------------------------
3% Discount 7% Discount
Cost Undiscounted rate rate
----------------------------------------------------------------------------------------------------------------
Net Present Value............................................... $1,859 $1,631 $1,396
Annualized...................................................... 186 191 199
----------------------------------------------------------------------------------------------------------------

The following table presents the total estimated public and
Government costs in millions per year:

--------------------------------------------------------------------------------------------------------------------------------------------------------
Year 1 2 3 4 5 6 7 8 9 10
--------------------------------------------------------------------------------------------------------------------------------------------------------
Costs..................................... $530 $151 $151 $147 $147 $147 $147 $147 $147 $147
3%........................................ 514 142 138 130 127 123 119 116 113 109
7%........................................ 495 132 123 112 105 98 91 85 80 75
--------------------------------------------------------------------------------------------------------------------------------------------------------

The Government is seeking public comment on the RIA. The following
sections provide a summary of the benefits, compliance activities, and
the total annual costs. For more detailed information please access the
full RIA available at <a href="http://www.regulations.gov">http://www.regulations.gov</a> (search for ``FAR Case
2023-008,'' click ``Open Docket,'' and view ``Supporting Documents'').

A. Benefits

1. Increased National Security and Economic Protection
Resilient and secure supply chains with robust breadth and depth
are necessary to ensure national security and economic prosperity.

[[Page 7229]]

Semiconductors and advanced packaging were identified in Executive
Order 14017 ``America's Supply Chains'' as one of four key supply
chains subject to a review within 100 days of the issuance of the
Executive Order. The 100-Day Supply Chain Review report emphasized the
complexity of the semiconductor global supply chain and identified
risks in the semiconductor supply chain, including malicious insertion.
Failure to address this semiconductor supply chain vulnerability would
have a substantial impact on national security and economic security,
as it would provide adversaries the opportunity to infiltrate the
semiconductor supply chain. During semiconductor production, there are
numerous opportunities for adversaries and other threat actors to
introduce hardware, backdoors, malicious firmware, and malicious
software into a semiconductor. The possibility of infiltration poses a
risk not only to the specific electronic product or service procured by
the Government, but also presents a cyber-attack risk to Government
systems. Since semiconductors are key components of U.S. critical
infrastructure (e.g., information technology and communication) and
have many military applications, it is vital that these threat vectors
are addressed during the production process. The proposed rule, if
finalized, would increase protection against potential semiconductor
supply chain infiltration by prohibiting agencies from procuring
covered semiconductors products or services and requiring that offerors
certify that they will not provide covered semiconductors after a
reasonable inquiry. The offeror's certification increases Government
awareness of the semiconductors included in their electronic products
and services. Limiting the Government's exposure to covered
semiconductors reduces the opportunity for adversaries to maliciously
infiltrate the Government's semiconductor supply chain and increases
its resilience and security.
The risks of supply chain infiltration noted above also extend to
all non-Federal customers of semiconductor covered entities, not just
the Government. The risks for these non-Federal customers include many
of the same risks as those posed to the Government (e.g., hacking,
cyber-attacks, counterfeits), and also includes distinct risks (e.g.,
intellectual property theft and business disruption). A survey of the
microelectronic industrial base by the Department of Commerce's Bureau
of Industry and Security's Assessment of the Status of the
Microelectronics Industrial Base in the United States indicated rising
concern related to information security, with increasing expectations
of challenges related to cybersecurity, intellectual property and
patent infringement, and foreign industrial espionage. The proposed
rule requires that semiconductor covered entities disclose to non-
Federal customers the inclusion of covered semiconductor products in
electronic products or electronic services. This disclosure increases
the protection for non-Federal customers by raising their awareness of
the inclusion of covered semiconductors in their products, which allows
them to make informed decisions and risk assessments. Non-Federal
customer awareness of the inclusion of covered semiconductors will
increase supply chain visibility, which should enhance the capability
for protection and risk mitigation.
2. Protection From Semiconductor Supply Chain Disruption
The risk of semiconductor supply chain disruption has been a focus
following the COVID-19-related semiconductor supply chain disruption.
The resulting global chip shortage resulted in supply chain challenges
and, according to a survey cited by the Department of Commerce and
Department of Homeland Security's Assessment of the Critical Supply
Chains Supporting the U.S. Information and Communication Technology,
increased the lead times for various products including components,
routers, switches, and servers. The 100-Day Supply Chain Review
indicated that the semiconductor supply chain is ``fragile'' due to the
immense number of inputs, energy demands, globalized and highly
specialized nature, and the economic benefits of geographic
manufacturing clusters, which raises the risk of unintentional supply
chain disruptions. The impact of unintentional disruptions to the
semiconductor supply chain demonstrates the vulnerability of the supply
chain that is furthered by the risk of malicious disruption to the
semiconductor supply chain. The 100-Day Supply Chain Review emphasized
how the nature of the semiconductor supply chain increases the risk for
malicious disruptions to semiconductors. The report on the Department
of Commerce's survey notes that the semiconductor industry has
increasingly been targeted by cyberattacks, and in 2022 alone, the
industry experienced eight major ransomware attacks that impacted
industry leaders. These cyber-attacks underscore the importance of
protecting the semiconductor supply chain from malicious disruptions.
Relying on semiconductors from adversaries increases the risk of
malicious disruptions to the semiconductor supply chain. The impact of
this supply chain disruption could affect national security and vast
sections of the economy. The proposed rule increases protection from
semiconductor supply chain disruption by prohibiting covered
semiconductors and providing transparency into where covered
semiconductors are utilized.
3. Supply Chain Transparency
The current lack of visibility into the semiconductor supply chain
reduces the ability of the Government to mitigate risk and address
supply chain disruptions and infiltrations. The Department of Defense,
in its 2023 National Defense Industry Strategy report, indicates that
the lack of visibility into our critical supply chains creates unique
challenges that need to be addressed in order to meet national security
objectives and that greater visibility increases the ability to
mitigate risks and to manage disruptions proactively, aggressively, and
systematically. Requiring that semiconductor covered entities disclose
to non-Federal customers the inclusion of a covered semiconductor
product or service in electronic parts, products, or services will also
improve visibility into the semiconductor supply chain by increasing
transparency of the entire U.S. semiconductor market. Furthermore, the
proposed rule's requirement that offerors conduct a reasonable inquiry
into their semiconductor supply chain promotes increased supply chain
visibility for offerors. This visibility will allow for better risk
assessments, risk mitigation, business decisions, and supply chain
determinations. The benefits of increasing visibility into the supply
chain also expands to all consumers of products containing
semiconductors. The increased transparency from the proposed rule will
also benefit the semiconductor manufacturing industry as increased
supply chain transparency will allow them to reduce the risk of
unintentional and malicious disruptions.

B. Public Impact

The following table illustrates the total estimated public cost
associated with this proposed rule in millions over a 10-year period:

[[Page 7230]]

----------------------------------------------------------------------------------------------------------------
3% Discount 7% Discount
Public cost Undiscounted rate rate
----------------------------------------------------------------------------------------------------------------
Net Present Value............................................... $1,798 $1,575 $1,344
Annualized...................................................... 180 185 191
----------------------------------------------------------------------------------------------------------------

The following table presents the total estimated public costs in
millions per year:

--------------------------------------------------------------------------------------------------------------------------------------------------------
Year 1 2 3 4 5 6 7 8 9 10
--------------------------------------------------------------------------------------------------------------------------------------------------------
Cost...................................... $489 $148 $148 $145 $145 $145 $145 $145 $145 $145
3%........................................ 475 139 135 129 125 121 118 114 111 108
7%........................................ 457 129 120 111 103 97 90 84 79 74
--------------------------------------------------------------------------------------------------------------------------------------------------------

A summary of the specific compliance activities and total estimated
annual costs associated with these activities are provided in the
sections that follow. For more detailed information on the public cost
estimates, please see section II.B. of the RIA available at <a href="http://www.regulations.gov">http://www.regulations.gov</a> (search for ``FAR Case 2023-008'' click ``Open
Docket,'' and view ``Supporting Documents'').
1. Regulatory Familiarization
Entities interested in doing business with the Government will need
to review the new solicitation provision and contract clause and
familiarize themselves with the prohibition, the authorized exceptions,
the minimum requirements for making a reasonable inquiry, the
certifications the entity will make by submitting an offer in response
to a Government solicitation, the disclosure requirements for covered
semiconductor products and services, and the potential liability for
failing to conduct a reasonable inquiry or to disclose known covered
semiconductor products or services being used in performance of a
Government contract. The total estimated cost for regulatory
familiarization in the initial year of the rule is $193,600,000. The
estimated cost for regulatory familiarization for new entrants in each
subsequent year is $7,392,000.
2. Reasonable Inquiry
Before submitting an offer in response to a Government solicitation
and providing the certifications required by the new provision at FAR
52.240-XX, an entity would be required to conduct a reasonable inquiry
to determine whether the electronic products or electronic services it
provides to the Government include covered semiconductor products or
services or use electronic products that include covered semiconductor
products or services. It is expected that most entities will conduct a
full review of the electronic products and electronic services that
they may offer to the Government, rather than assess on a solicitation-
by-solicitation basis.
To conduct this inquiry, an entity will need to assess the
electronic products or electronic services that are included in its
offerings to the Government and seek out information to identify the
source of semiconductor products or services included in those
offerings. In conducting this inquiry an entity may consult the
Department of Commerce website, search supplier websites, or use supply
chain illumination or other due diligence tools. If an entity is unable
to find information to confirm that an electronic product or service
does not use or include a covered semiconductor product or service, the
entity would need to look to its suppliers to conduct reasonable
inquiries and provide the required certification.
The Government estimates the total annual cost in the first year of
implementation to be $138,537,675, of which $51,327,675 is attributed
to entities who are prime contractors on Government contracts and
$87,210,000 is attributed to subcontractors and suppliers. For each
subsequent year, the Government estimates the total estimated annual
cost is $121,428,450, of which $34,218,450 is attributed to entities
who are prime contractors on Government contracts and $87,210,000 is
attributed to subcontractors and suppliers.
3. Government Disclosures
If, as a result of the initial reasonable inquiry, an offeror
discovers that an electronic product or electronic service to be
offered to the Government under the solicitation includes covered
semiconductor products or services, the offeror will need to disclose
with its offer any information about the covered semiconductor product
or service that is known at the time of submission of its offer. This
disclosure includes, for example, information about the manufacturer,
the risks associated with including the semiconductor product or
service, and whether there are any available alternatives to the
semiconductor product or service. The total estimated annual cost for
disclosures in the initial year of implementation is $3,962,318. Given
the expected updates to supply chains, the total estimated annual cost
in the first two years after initial implementation, is reduced to
$1,189,559. After the first three years of implementation, the total
estimated annual cost associated with pre-award disclosures is
$198,548.
4. Product and Supply Chain Updates
In order to avoid being ineligible for award of Government
contracts based on noncompliance with the Section 5949 prohibitions,
entities will need to remove electronic products and electronic
services that include or use covered semiconductor products and
services from the products and services they offer to the Government.
The level of effort associated with removing such products can vary
significantly from one entity to another. The impact depends on whether
an entity is reselling, manufacturing, or using an electronic product
or service that contains a covered semiconductor product or service.
Entities that use or resell an electronic product or service that
contains a covered semiconductor product or service will be focused on
communicating with their suppliers and customers and making other
operational adjustments. These entities will need to assess and
renegotiate their current supplier agreements, identify sources of
alternative products, manage their existing inventory, and update
internal systems, processes, and procedures. Removing covered
semiconductor products and services from products manufactured under
Government contracts will require the most

[[Page 7231]]

significant level of effort. Manufacturers may also experience product
redesign, testing, and prototyping costs.
The proposed rule does not require entities to remove or replace
electronic products or electronic services resident in existing
equipment, systems, or services, that were acquired by the contractor
prior to December 23, 2027, and used as part of the performance of the
contract, or to limit the utilization of a covered semiconductor
product or service throughout the lifecycle (e.g., replacement
component, spare part, support service) of existing equipment that was
acquired by the contractor prior to December 23, 2027, and used as part
of the performance of the contract, which will limit the impact of the
prohibition on impacted entities. However, entities must adjust designs
intended to be leveraged for future Government contracts to ensure
compliance with the prohibition.
The Government has limited visibility into and information on how
many electronic products or electronic services may need to be removed
from the supply chain or adjusted to not use covered semiconductor
products or services. For the purposes of this analysis, the Government
estimates the total cost for entities to replace electronic products or
electronic services they resell to the Government or use in the
performance of Government contracts in the first year of implementation
to be $114,750,000. The total estimated annual cost associated with
adjusting products manufactured for the Government to remove covered
semiconductor products or services in the first year of implementation
is $152,125,000. The estimated annual cost in each subsequent year of
implementation is $11,500,000 for replacements and $2,600,000 for
adjustment of manufactured electronic products and electronic services.
5. Government Notification
On or after December 23, 2027, a contractor must notify the
contracting officer within 72 hours of becoming aware that it provided
a covered semiconductor product or service to the Federal Government or
purchased for delivery to the Federal Government during performance of
a contract, in order to be protected under the safe harbor provisions
in paragraph (h) of the clause at FAR 52.240-YY.
The total estimated annual cost associated with making these post-
award notifications in the initial year of implementation is $264,155.
Given the expected updates to supply chains, the total estimated annual
cost for such notifications in the first two years after initial
implementation is $26,473. After the first three years of
implementation, the total estimated annual cost is $13,237.
6. Non-Federal Customer Disclosures
The clause, which flows down to subcontractors, requires
semiconductor covered entities to disclose the inclusion of a covered
semiconductor product or service in electronic products or electronic
services to non-Federal customers outside of the Government. Neither
the statute nor the proposed rule is prescriptive regarding the
contents or method of disclosure. It is possible that a contractor or
subcontractor may choose to include this information or disclaimer in
its marketing material, on its website, and in any sales agreements to
non-Federal customers.
The total estimated annual cost associated with making these post-
award notifications in the initial year of implementation is
$4,312,305. Given the expected updates to supply chains, the total
estimated annual cost for such notifications in the first two years
after initial implementation is $2,157,092. After the first three years
of implementation, the total estimated annual cost is $432,170.

C. Government Impact

The following table illustrates the total estimated Government cost
associated with this proposed rule in millions over a 10-year period:

----------------------------------------------------------------------------------------------------------------
3% Discount 7% Discount
Government cost Undiscounted rate rate
----------------------------------------------------------------------------------------------------------------
Net Present Value............................................... $60.6 $56.4 $51.9
Annualized...................................................... 6.1 6.6 7.4
----------------------------------------------------------------------------------------------------------------

The following table presents the total estimated Government costs
in millions per year:

--------------------------------------------------------------------------------------------------------------------------------------------------------
Year 1 2 3 4 5 6 7 8 9 10
--------------------------------------------------------------------------------------------------------------------------------------------------------
Costs..................................... $40.9 $3.0 $3.0 $2.0 $2.0 $2.0 $2.0 $2.0 $2.0 $2.0
3%........................................ 39.7 2.8 2.7 1.7 1.7 1.6 1.6 1.5 1.5 1.5
7%........................................ 38.2 2.6 2.4 1.5 1.4 1.3 1.2 1.1 1.1 1.0
--------------------------------------------------------------------------------------------------------------------------------------------------------

[[Page 7232]]

appropriate personnel in the requiring activity who will review the
disclosure, consult with other offices as necessary, and advise the
contracting officer regarding whether the disclosure impacts the
contracting officer's ability to award to the offeror or if a waiver
should be pursued. The total cost for the Government to review
disclosures in the first year of implementation is $2,444,175. In the
first two years after initial implementation, the estimated annual cost
to the Government is $733,785. Annually thereafter, the estimated
annual cost to the Government is $122,475.
3. Review Notifications
If, during performance of a contract, the contracting officer
receives a notification from the contractor that it has provided to the
Government an electronic product or electronic service that includes or
uses covered semiconductor products or services, the contracting
officer will forward the notification to the appropriate personnel in
the requiring activity who will review the notification, consult with
other offices as necessary, and advise the contracting officer on how
the notification impacts contract administration and whether a post-
award waiver should be pursued. The total cost for the Government to
review the estimated disclosures in the first year of implementation is
$201,960. In the first two years after initial implementation, the
estimated annual cost to the Government is $20,240. Annually
thereafter, the estimated annual cost to the Government is $10,120.
4. Process Waivers
The Government may consider authorizing a waiver to allow the
inclusion or use of the covered semiconductor product or service. For
this effort, it is anticipated that the requiring activity and
technical experts will be responsible for drafting the basis for the
waiver. The program manager and an attorney will provide feedback on
the waiver and will meet with and seek approval of the waiver from a
senior executive. The contracting officer will communicate with the
contractor regarding the agency's decision. The total estimated annual
cost for the Government to consider waivers in the first year of
implementation is $2,726,460. The percent of notifications requiring a
waiver is expected go down after the initial year therefore, the
estimated annual cost to the Government in the first two years after
initial implementation is $470,745. Annually thereafter, the estimated
annual cost to the Government is $54,945.

D. Alternatives Considered

1. Commercial Products and Commercial Services
The Government considered applying this prohibition to all
commercial products and commercial services. However, this prohibition
would impact many categories of commercial services (e.g., hotel
accommodations) where the risk is very low to the Government and the
Government is a very small share of the overall market. Applying the
prohibition to commercial electronic products, IT services, and
telecommunication services will allow the Government to focus this
prohibition where the risk is greatest.
Public comments received in response to the advanced notice of
proposed rulemaking identified a need for an exemption or delay in
effective date for commercial products and commercial services.
However, a full exemption of the prohibition is not feasible given the
national security implications associated with this prohibition.
Because certain commercial electronic products and services will
require additional time to remove covered semiconductor products and
services, the Government is also proposing a one-year delay in the
effective date where no alternative is available. Including this one-
year exemption will reduce the number of contract-by-contract waivers
the Government will likely need to process in the first year of
implementation while industry updates their products and supply chains.
2. Requiring Artifacts for Validating Compliance
The Government considered including a requirement for contractors
to provide artifacts (e.g., hardware bill of materials) to validate
compliance with this prohibition beyond the certification requirement.
However, after considering the current level of use by the electronics
industry of such artifacts and the likely costs this would add to the
rule, the Government decided that these artifacts would not be required
at this time. The rule requires offerors and contractors to conduct a
reasonable inquiry into their supply chains to identify any prohibited
semiconductors and then certify whether their electronic products and
electronic services include such prohibited semiconductors. The
reasonable inquiry and certification will sufficiently mitigate the
risk of noncompliance at this time. Depending on industry adoption of
such artifacts in the future, future rulemaking could add a requirement
as needed.

VI. Executive Orders 12866 and 13563

Executive Orders (E.O.s) 12866 (as amended by E.O. 14094) and 13563
direct agencies to assess costs and benefits of available regulatory
alternatives and, if regulation is necessary, to select regulatory
approaches that maximize net benefits (including potential economic,
environmental, public health and safety effects, distributive impacts,
and equity). E.O. 13563 emphasizes the importance of quantifying both
costs and benefits, of reducing costs, of harmonizing rules, and of
promoting flexibility. This is a significant regulatory action under
section 3(f)(1) of E.O. 12866 and, therefore, was subject to review
under section 6(b) of E.O. 12866, Regulatory Planning and Review, dated
September 30, 1993.

VII. Executive Order 14192

This rule is exempt from (Unleashing Prosperity Through
Deregulation) as it is a regulation issued with respect to a national
security or homeland security function of the United States.

VIII. Regulatory Flexibility Act

The proposed rule, if finalized, may have a significant economic
impact on a substantial number of small entities within the meaning of
the Regulatory Flexibility Act 5 U.S.C. 601-612. The Initial Regulatory
Flexibility Analysis (IRFA) is as follows:

1. Reasons for the action.
The reason for this proposed rule is to revise the Federal
Acquisition Regulation (FAR) to implement paragraphs (a), (b), (c),
and (h) in section 5949 of the James M. Inhofe National Defense
Authorization Act for Fiscal Year 2023 (Pub. L. 117-263, 41 U.S.C.
4713 note). Section 5949 prohibits executive agencies from procuring
or obtaining certain products and services that include covered
semiconductor products or services effective December 23, 2027.
2. Objectives of, and legal basis for, the rule.
The objective of this rule is to mitigate a significant national
security risk given the numerous opportunities for adversaries and
other threat actors to introduce hardware backdoors, malicious
firmware, and malicious software into a semiconductor during
production. Since semiconductors are key components of U.S. critical
infrastructure (e.g., information technology, communications) and
have many military applications, it is vital that these threat
vectors are addressed during the production process. Semiconductors
are ultimately integrated into end products, so it can be difficult
to identify and mitigate risks to semiconductor hardware, firmware,
and software. This rule proposes to amend the FAR to implement
paragraphs (a), (b), (c),

[[Page 7233]]

and (h) in section 5949 of the NDAA for FY 2023. On or after
December 23, 2027, Federal agencies will be prohibited from
procuring or obtaining--(1) Electronic products or services that
include covered semiconductor products or services (section
5949(a)(1)(A)); and (2) Electronic products, for use in critical
systems, that use electronic products that include covered
semiconductor products or services (section 5949(a)(1)(B)).
Promulgation of the FAR is authorized by 40 U.S.C. 121(c); 10
U.S.C. chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10
U.S.C. 3016); and 51 U.S.C. 20113.
3. Description of and an estimate of the number of small
entities to which the rule will apply.
This proposed rule, if finalized, would impact small entities
that have an interest in doing business with the Federal Government,
regardless of their primary North American Industry Classification
System code (NAICS). Specifically, small entities that include or
use electronic products or electronic services in the products and
services they offer to the Government would be subject to certain
compliance requirements. The estimated number of small entities
impacted by each of these compliance requirements is as follows:

a. Regulatory Familiarization

As of October 2024, there are approximately 550,000 entities
registered in SAM, of which approximately 401,000 (72 percent) are
considered small for at least one NAICS code. On average there are
approximately 21,000 new active SAM registrants each year, of which
approximately 14,000 (~75 percent) are small entities. At minimum,
these small entities will need to become familiar with the
requirements of the rule.

b. Reasonable Inquiry

According to data available in the Federal Procurement Data
System for Government fiscal years 2021 through 2023, on average the
Government awards contracts for products, for information technology
or telecommunications services, and for other services procured
using other than FAR part 12 commercial procedures to approximately
54,000 unique entities each year, of which 36,000 (~67 percent) are
small entities. The Government estimates that approximately 45,900
(85 percent) of these entities, of which 30,600 (~67 percent) are
small entities, offer electronic products or electronic services to
the Government and would need to conduct a reasonable inquiry to
determine whether their products or services use or include covered
semiconductor products or services.
The Government does not have data on how many suppliers to prime
contractors may also be asked to conduct a reasonable inquiry. For
the purposes of this analysis, it is assumed the ratio of prime
contractors to subcontractors required to perform a reasonable
inquiry is 1:5 and that 80 percent of the subcontractors are small
entities. Therefore, the Government estimates that 229,500 suppliers
or subcontractors may be required to conduct reasonable inquiries,
of which 183,600 are estimated to be small entities.

c. Government Disclosure (Pre-Award)

The Government estimates that five percent of the entities
required to conduct a reasonable inquiry (primes and subcontractors)
or 2,295 entities may need to disclose the use or inclusion of
covered semiconductor products and services with their offers, of
which 1,530 are estimated to be small entities. The Government
anticipates a reduction in the number of impacted entities after the
first year of implementation.

d. Product and Supply Chain Updates

The Government has limited visibility into or information on how
many electronic products or services may need to be removed from the
supply chain or adjusted to not use covered semiconductor products
or services. Some entities who contract with the Federal Government
may have none, while others may have a concentration of products or
services. For the purposes of this analysis, the Government assumes
that the 2,295 entities providing pre-award disclosures, of which
1,530 are small entities, may need to replace electronic products or
services they resell or use in the first year of implementation. It
is further estimated that 115 of these entities, of which 77 are
estimated to be small entities, may need to adjust products they
manufacture to remove covered semiconductor products or services in
the first year of implementation. The Government anticipates a
reduction in the number of impacted entities after the first year of
implementation.

e. Government Notification (Post-Award)

The Government estimates that one percent of entities required
to conduct a reasonable inquiry at the prime level (459 entities, of
which 306 are estimated to be small entities) may need to disclose
to the Government the use or inclusion of covered semiconductor
products and services during performance of a contract. The
Government anticipates a reduction in the number of impacted
entities after the first year of implementation.

f. Non-Federal Customer Notification

The Government estimates that one percent of entities required
to conduct a reasonable inquiry at the subcontractor level (2,295
entities, of which 1,530 are estimated to be small entities), may
need to disclose the inclusion of a covered semiconductor product or
service in electronic products or electronic services to non-Federal
customers outside of the Government. The Government anticipates a
reduction in the number of impacted entities after the first year of
implementation.
4. Description of projected reporting, recordkeeping, and other
compliance requirements of the rule.
The following is a summary of the projected compliance
requirements and the estimated costs per small entity and total
annual costs to small entities associated with those compliance
requirements. The total estimated annual cost to small entities in
the initial year of implementation is $352,355,968. The total
estimated annual cost to small entities in the first two years after
initial implementation is $110,006,039. In subsequent years, the
total estimated annual cost to small entities is $108,187,360.
Additional information on the basis for the cost estimates and a
summary of compliance costs by compliance requirement and business
size is available in the regulatory impact analysis available at
<a href="http://www.regulations.gov">http://www.regulations.gov</a> (search for ``FAR Case 2023-008,'' click
``Open Docket,'' and view ``Supporting Documents'').

a. Regulatory Familiarization

Entities interested in doing business with the Government will
need to review the new solicitation provision and contract clause
and familiarize themselves with the prohibition, the authorized
exceptions, the minimum requirements for making a reasonable
inquiry, the certifications the entity will make by submitting an
offer in response to a Government solicitation, the disclosure
requirements for covered semiconductor products and services, and
the potential liability for failing to conduct a reasonable inquiry
or to disclose known covered semiconductor products or services
being used in performance of a Government contract.
The Government estimates that it will take an entity, on
average, four hours to become familiar with the rule. Four hours is
the amount of time associated with reading and understanding the
rule. In general, this activity is expected to be performed by
management analysts. The estimated cost per entity for regulatory
familiarization is $352. Therefore, the estimated annual cost for
small entities in the first year of implementation is $141,152,000
(401,000 small entities * $352/business). The estimated annual cost
for small entities in subsequent years is $4,928,000 (14,000 small
entities * $352/entity).

b. Reasonable Inquiry

Before submitting an offer in response to a Government
solicitation, and providing the certifications required by the new
provision at FAR 52.240-XX, Certification Regarding Certain
Semiconductor Products and Services, an entity would be required to
conduct a reasonable inquiry to determine whether the electronic
products or electronic services it provides to the Government
include covered semiconductor products or services or use electronic
products that include covered semiconductor products or services. It
is expected that most entities will conduct a full review of the
electronic products and electronic services that they may offer to
the Government, rather than assess on a solicitation-by-solicitation
basis.
To conduct this inquiry, an entity will need to assess the
electronic products or electronic services are included in its
offerings to the Government and seek out information to identify the
source of semiconductor products or services included in those
offerings. In conducting this inquiry an entity may consult the
Department of Commerce website, search supplier websites, search
manufacturer websites, or use supply chain illumination or other due
diligence tools. If an entity is unable to find information to
confirm that an electronic product or electronic service does not
use or include a covered semiconductor product or service, the
entity would need to look to its

[[Page 7234]]

suppliers to conduct reasonable inquiries and provide the required
certification in the solicitation provision at 52.240-XX. for the
certification.
The level of effort required to conduct the initial reasonable
inquiry is dependent on a number of factors, including the number
and diversity of electronic products or electronic services an
entity offers to the Government and how far into its supply chain an
entity must go to validate that electronic products and electronic
services do not contain covered semiconductor products and services.
In general, this effort is expected to be performed by a purchasing
manager who is supported by management analysts. The results of the
inquiry are expected to be reviewed by an attorney and maintained by
a compliance officer. For this analysis, the Government estimates
that the average cost is $1,118.25 per entity conducting an inquiry
on multiple products and services at the prime level in the first
year of implementation and $745.50 per entity in subsequent years.
The Government further estimates a cost of $380 per supplier
conducting an inquiry on one product or service at the subcontractor
level. The Government recognizes that the actual level of effort may
vary substantially from one supplier to the next.
The total estimated annual cost for small entities performing at
the prime level to conduct initial reasonable inquiries in the
initial year of implementation is $34,218,450 (30,600 small entities
* $1,118.25/business). For small business suppliers, the total
estimated annual cost in the initial year is $69,768,000 (183,600
small entities * $380/business). After the first year of
implementation, the total estimated annual cost for small business
primes is $22,812,300 (30,600 small entities * $745.50/entity) and
$69,768,000 (183,600 small entities * $380) for small entity
subcontractors.

c. Government Disclosure (Pre-Award)

If, as a result of the initial reasonable inquiry, an offeror
discovers that an electronic product or electronic service to be
offered to the Government under the solicitation includes covered
semiconductor products or services, the offeror will need to
disclose with its offer any information about the covered
semiconductor product or service that is known at the time of
submission of its offer. This disclosure includes, for example,
information about the manufacturer, the place of manufacture, the
risks associated with including the semiconductor product or
service, and whether there are any available alternatives to the
semiconductor product or service.
This effort is expected to be performed by a management analyst
who gathers the required information about a covered semiconductor
product or service and drafts the disclosure to include in the
entity's offer. The draft disclosure is expected to be reviewed by
the purchasing manager and attorney prior to obtaining approval from
someone in an executive role. The estimated cost for each disclosure
is $575.50 per entity and the Government estimates that each entity
may make three disclosures per year. Therefore, the estimated annual
cost for small entities in the first year of implementation is
$2,641,545 (1,530 small entities * $575.50/business * 3 disclosures/
year). The estimated annual cost for small entities in the first two
years after initial implementation is $792,464 (459 small entities *
$575.50/business * 3 disclosures/year). In subsequent years the
estimated annual cost is $132,941 (77 small entities * $575.50/
business * 3 disclosures/year).

d. Product and Supply Chain Updates

In order to avoid being ineligible for award of Government
contracts based on noncompliance with the Section 5949 prohibitions,
entities will need to remove electronic products and electronic
services that include or use covered semiconductor products and
services from the products and services they offer to the
Government. The level of effort associated with removing such
products can vary significantly from one entity to another. The
impact is dependent on whether an entity is reselling or
manufacturing an electronic product or electronic service that
contains a covered semiconductor product or service.
Entities that use or resell an electronic product or electronic
service that contains a covered semiconductor product or service
will be focused on communicating with their suppliers and customers
and making other operational adjustments. These entities will need
to assess and renegotiate their current supplier agreements,
identify sources of alternative products, manage their existing
inventory, and update internal systems, processes, and procedures.
These activities may involve purchasing managers, management
analysts, attorneys, sales executives, marketing and sales managers,
and other employees. Given that the costs may vary significantly
from one entity to another, the Government estimates the cost
associated with supply chain updates for resellers or users to range
from $30,000 to $70,000 per entity (average $50,000 per electronic
product or service).
Removing covered semiconductor products and services from
products manufactured under Government contracts will require the
most significant level of effort. Manufacturers may also experience
product redesign, testing, and prototyping costs, activities that
are likely to involve engineers and other technical experts.
The proposed rule does not require entities to remove or replace
any products or services resident in existing equipment, systems, or
services, that were acquired prior to December 23, 2027, and used as
part of the performance of the contract or to limit the utilization
of a covered semiconductor product or service throughout the
lifecycle (e.g., replacement component, spare part, support service)
of existing equipment that was acquired prior to December 23, 2027,
and used as part of the performance of the contract which will limit
the impact of the prohibition on impacted entities. However,
entities must adjust designs intended to be leveraged for future
Government contracts to ensure compliance with the prohibition. The
Government estimates the cost associated with modifying electronic
products to remove covered semiconductors to range from $150,000 to
$500,000 (average $325,000/per electronic product or service).
The total estimated cost for small entities that may need to
replace electronic products or electronic services they resell or
use in the first year of implementation is $76,500,000 (1,530 *
$50,000/business). The estimated cost for small entities to make
adjustments to products they manufacture to remove covered
semiconductor products or services in the first year of
implementation is $25,025,000 (77 small entities * $325,000/
business). The estimated annual cost for small entities to replace
electronic products or services in each subsequent year of
implementation is $7,650,000 (153 small entities * $50,000/
business), and $2,600,000 (8 small entities * $325,000/business) for
small entities to adjust electronic products and services they
manufacture.

e. Government Notification (Post-Award)

A contractor must notify the contracting officer within 72 hours
of becoming aware of or suspecting a covered semiconductor product
or service was purchased by the Federal Government or purchased by a
Federal contractor or subcontractor for delivery to the Federal
Government during performance of a contract, in order to be
protected under the safe harbor provisions in paragraph (h) of the
clause at FAR 52.240-YY, Prohibition on Certain Semiconductor
Products and Services. The level of effort associated with this
activity is expected to be the same as the level of effort necessary
to provide the pre-award disclosure, or $566 per entity. Entities
are expected to make one notification per year.
Therefore, the estimated annual cost for small entities in the
first year of implementation is $176,103 (306 small entities *
$575.50/business). The estimated annual cost for small entities in
the first two years after initial implementation is $17,841 (31
small entities * $566/business). In subsequent years, the estimated
annual cost is $8,490 (15 small entities * $575.50/business).

f. Non-Federal Customer Notification

The clause, which flows down to subcontractors, requires
semiconductor covered entities to disclose the inclusion of a
covered semiconductor product or service in electronic products or
electronic services to non-Federal customers outside of the
Government. Neither the statute nor the proposed rule is
prescriptive regarding the contents or method of disclosure. It is
possible that a contractor or subcontractor may choose to include
this information or disclaimer in its marketing material, on its
website, and in any sales agreements to non-Federal customers.
The content of the disclosure to non-Federal customers is
expected to be produced by an attorney in coordination with sales
and marketing managers. Marketing specialists, business operations
specialists, and web developers may be used to update relevant
marketing materials, websites, and sales agreements, as necessary to
meet the disclosure requirement. The estimated cost associated with
preparing and making such a disclosure is $1,820 per disclosure.
Therefore, the total estimated annual cost for small entities to
make these disclosures to non-Federal customers in the initial year

[[Page 7235]]

of implementation is $2,874,870 (1,530 small entities * $1,879/small
business). The estimated annual cost for small entities in the first
two years after initial implementation is $1,437,435 (765 small
entities * $1,879/business). In subsequent years, the estimated
annual cost is $287,487 (153 small entities * $1,879/business).
5. Relevant Federal rules which may duplicate, overlap, or
conflict with the rule.
The rule does not duplicate, overlap, or conflict with any other
Federal rules.
6. Description of any significant alternatives to the rule which
accomplish the stated objectives of applicable statutes and which
minimize any significant economic impact of the rule on small
entities.
The FAR Council was unable to identify any alternatives that
would reduce the burden on small entities and still meet the
objectives of section 5949 of the NDAA for FY 2023.
Public comments received in response to the advanced notice of
proposed rulemaking identified a need for an exemption or delay in
effective date for commercial products and commercial services.
However, a full exemption of the prohibition is not feasible given
the national security implications associated with this prohibition.
Because certain commercial electronic products and electronic
services will require additional time to remove covered
semiconductor products and services, the Government is proposing a
one-year delay in the effective date where no alternative is
available. Including this one-year exemption will reduce the number
of contract-by-contract waivers the Government will likely need to
process in the first year of implementation while industry updates
their products and supply chains.
The Government considered including a requirement for
contractors to provide artifacts (e.g., hardware bill of materials)
to validate compliance with this prohibition beyond the
certification requirement. However, after considering the current
level of use by the electronics industry of such artifacts and the
likely costs this would add to the rule, the Government decided that
these artifacts would not be required at this time. The rule
requires offerors and contractors to conduct a reasonable inquiry
into their supply chain to identify any prohibited semiconductors
and then certify whether their electronic products and electronic
services include such prohibited semiconductors. The reasonable
inquiry and certification requirements are deemed to be sufficient
to validate compliance at this time. This is because the potential
consequences of failing to comply with these requirements serves as
a deterrent mitigating against the risk of non-compliance with the
prohibitions of this rule. Depending on industry adoption of such
artifacts in the future, future rulemaking could add a requirement
as needed.

The Regulatory Secretariat Division has submitted a copy of the
IRFA to the Chief Counsel for Advocacy of the Small Business
Administration. A copy of the IRFA may be obtained from the Regulatory
Secretariat Division. The FAR Council invites comments from small
business concerns and other interested parties on the expected impact
of this proposed rule on small entities.
The FAR Council will also consider comments from small entities
concerning the existing regulations in subparts affected by the rule in
accordance with 5 U.S.C. 610. Interested parties must submit such
comments separately and should cite 5 U.S.C. 610 (FAR Case 2023-008),
in correspondence.

IX. Paperwork Reduction Act

The Paperwork Reduction Act (44 U.S.C. 3501-3521) applies because
the proposed rule contains information collection requirements.
Accordingly, the Regulatory Secretariat Division has submitted a
request for approval of a new information collection requirement
concerning (FAR Case 2023-008, Prohibition on Certain Semiconductor
Products and Services) to the Office of Management and Budget (OMB).

A. Public Reporting Burden

Public reporting burden includes the time for reviewing
instructions, searching existing data sources, gathering and
maintaining the data needed, and completing and reviewing the
collection of information.
1. FAR 52.240-XX(e), Certification (Prime). The annual reporting burden
for entities at the prime level to conduct a reasonable inquiry on
multiple electronic products and electronic services and provide the
certification is as follows:
Respondents: 45,900.
Total Annual Responses: 45,900.
Total Burden Hours: 550,800.
2. FAR 52.240-XX(e), Certification (Sub). The annual reporting
burden for entities at the subcontractor level to conduct a reasonable
inquiry on one electronic product or electronic services and provide
the certification is as follows:
Respondents: 229,500.
Total Annual Responses: 229,500.
Total Burden Hours: 918,200.
3. FAR 52.240-XX(f), Disclosure (PreAward). The annual reporting
burden for entities to provide a preaward disclosure of covered
semiconductor products or services is as follows:
Respondents: 2,295.
Total Annual Responses: 6,885.
Total Burden Hours: 34,425.
4. FAR 52.240-YY(f), Notification (PostAward). The annual reporting
burden for entities to provide a postaward disclosure of covered
semiconductor products or services is as follows:
Respondents: 459.
Total Annual Responses: 459.
Total Burden Hours: 2,295.
5. FAR 52.240-YY(g), Non-Federal Customer Notification. The annual
reporting burden for semiconductor covered entities to notify non-
Federal customers of covered semiconductor products or services is as
follows:
Respondents: 2,295.
Total Annual Responses: 2,295.
Total Burden Hours: 45,900.

B. Request for Comments Regarding Paperwork Burden

Submit comments on this collection of information no later than
April 20, 2026 through <a href="https://www.regulations.gov">https://www.regulations.gov</a> and follow the
instructions on the site. All items submitted must cite OMB Control No.
9000-XXXX, Prohibition on Certain Semiconductor Products and Services.
Comments received generally will be posted without change to <a href="https://www.regulations.gov">https://www.regulations.gov</a>, including any personal and/or business
confidential information provided. To confirm receipt of your
comment(s), please check <a href="https://www.regulations.gov">https://www.regulations.gov</a>, approximately two
to three days after submission to verify posting. If there are
difficulties submitting comments, contact the GSA Regulatory
Secretariat Division at 202-501-4755 or <a href="/cdn-cgi/l/email-protection#ce899d8f9caba99dabad8ea9bdafe0a9a1b8"><span class="__cf_email__" data-cfemail="470014061522201422240720342669202831">[email&#160;protected]</span></a>.
Public comments are particularly invited on:
<bullet> The necessity of this collection of information for the
proper performance of the functions of Federal Government acquisitions,
including whether the information will have practical utility;
<bullet> The accuracy of the estimate of the burden of this
collection of information;
<bullet> Ways to enhance the quality, utility, and clarity of the
information to be collected; and
<bullet> Ways to minimize the burden of the collection of
information on respondents, including the use of automated collection
techniques or other forms of information technology.
Requesters may obtain a copy of the supporting statement from the
General Services Administration, Regulatory Secretariat Division by
calling 202-501-4755 or emailing <a href="/cdn-cgi/l/email-protection#fabda9bba89f9da99f99ba9d899bd49d958c"><span class="__cf_email__" data-cfemail="fdbaaebcaf989aae989ebd9a8e9cd39a928b">[email&#160;protected]</span></a>. Please cite OMB
Control Number 9000-XXXX, Prohibition on Certain Semiconductor Products
and Services.

[[Page 7236]]

List of Subjects in 48 CFR Parts 1, 2, 9, 12, 13, 39, 40, and 52

Government procurement.

William F. Clark,
Director, Office of Government-wide Acquisition Policy, Office of
Acquisition Policy, Office of Government-wide Policy.
Therefore, OFPP, DoD, GSA, and NASA propose amending 48 CFR parts
1, 2, 9, 12, 13, 39, 40, and 52 as set forth below:

0
1. The authority citation for 48 CFR parts 1, 2, 9, 12, and 13
continues to read as follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C.
chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C.
3016); and 51 U.S.C. 20113.

PART 1--FEDERAL ACQUISITION REGULATIONS SYSTEM

0
2. In section 1.106 amend the table by adding in numerical order
entries for ``40.XX'', ``52.240-XX,'' and ``52.240-YY'' to read as
follows:

1.106 OMB approval under the Paperwork Reduction Act.

* * * * *

------------------------------------------------------------------------
FAR segment OMB Control No.
------------------------------------------------------------------------

* * * * *
40.XX................................................ 9000-XXXX

* * * * *
52.240-XX............................................ 9000-XXXX
52.240-YY............................................ 9000-XXXX

* * * * *
------------------------------------------------------------------------

* * * * *

PART 2--DEFINITIONS OF WORDS AND TERMS

0
3. Amend section 2.101 by adding in alphabetical order the definitions
``National security system'' and ``Subsidiary'' to read as follows:

2.101 Definitions.

* * * * *
National security system--
(1) As defined in 40 U.S.C. 11103(a)(1), means a system, other than
those used for routine administrative and business applications, such
as payroll, finance, logistics, and personnel management applications,
and includes any telecommunications or information system operated by
the United States Government, the function, operation, or use of
which--
(i) Involves intelligence activities;
(ii) Involves cryptologic activities related to national security;
(iii) Involves command and control of military forces;
(iv) Involves equipment that is an integral part of a weapon or
weapons system; or
(v) Is critical to the direct fulfillment of military or
intelligence; or
(2) For use in--
(i) Subpart 4.23, see the definition at 4.2301;
(ii) The contract clause--
(A) 52.204-28, see the definition at 52.204-28(a); and
(B) 52.204-30, see the definition at 52.204-30(a).
* * * * *
Subsidiary means an entity in which more than 50 percent of the
entity is owned directly by a parent corporation or through another
subsidiary of a parent corporation.
* * * * *

PART 9--CONTRACTOR QUALIFICATIONS

0
4. Amend section 9.108-1 by removing the definition ``Subsidiary''.

PART 12--ACQUISITION OF COMMERCIAL PRODUCTS AND COMMERCIAL SERVICES

0
5. Amend section 12.301 by adding paragraph (d)(15) to read as follows:

12.301 Solicitation provisions and contract clauses for the
acquisition of commercial products and commercial services.

* * * * *
(d) * * *
(15) Insert the provision at 52.240-XX, Certification Regarding
Certain Semiconductor Products and Services, as prescribed in 40.20X-6.
* * * * *

PART 13--SIMPLIFIED ACQUISITION PROCEDURES

0
6. Amend section 13.201 by adding paragraph (n) to read as follows:

13.201 General.

* * * * *
(n)(1) Semiconductor prohibition. In accordance with subpart
40.20X, on or after December 23, 2027, agencies are prohibited from
procuring or obtaining--
(i) Electronic products or electronic services that include covered
semiconductor products or services.
(ii) Electronic products, for use in critical systems, that use
electronic products that incorporate covered semiconductor products or
services.
(2) Exceptions.
(i) Agencies are not required to--
(A) Remove or replace any products or services resident in
equipment, systems, or services, prior to December 23, 2027.
(B) Prohibit or limit the utilization of covered semiconductor
products or services throughout the lifecycle (e.g., replacement
component, spare part, support service) of existing equipment acquired
prior to December 23, 2027.
(ii) Commercial products and commercial services where there are no
alternative sources available are excepted from the semiconductor
prohibition until December 23, 2028.
(iii) The prohibition does not apply to commercial service
procurements except for procurements for Information Technology and
Telecommunications (i.e., Category D: Information Technology (IT) and
Telecommunications (Telecom) of the Federal Procurement Data System
Product and Service Codes (PSC) Manual).
(iv) The prohibition does not apply to procurements for electronic
services that are incidental to the performance of the contract (e.g.,
contractor payroll services).

PART 39--ACQUISITION OF INFORMATION TECHNOLOGY

0
7. The authority citation for 48 CFR part 39 is revised to read as
follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C.
chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C.
3016); and 51 U.S.C. 20113.
0
8. Revise the heading and text of section 39.002 to read as follows:

39.002 Definition.

Modular contracting, as used in this part, means use of one or more
contracts to acquire information technology systems in successive,
interoperable increments.

PART 40--INFORMATION SECURITY AND SUPPLY CHAIN SECURITY

0
9. The authority citation for 48 CFR part 40 is revised to read as
follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C.
chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C.
3016); and 51 U.S.C. 20113.

0
10. Amend section 40.200 by adding paragraph (b)(2) to read as follows:

40.200 Scope of subpart.

* * * * *
(b) * * *
(2) Paragraphs (a), (b), (c), and (h) in section 5949 of the James
M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (Pub.
L. 117-263, 41 U.S.C. 4713 note), which provides policies and
procedures for acquiring any electronic products or services that

[[Page 7237]]

contain covered semiconductor products or services.
* * * * *
0
11. Amend section 40.201 by adding in alphabetical order the
definitions ``Covered semiconductor product or service'', ``Critical
national security interests'', ``Critical system'', ``Electronic
product'', ``Electronic service'', ``Semiconductor'', ``Semiconductor
covered nation'', and ``Semiconductor foreign country of concern'' to
read as follows:

40.201 Definitions.

* * * * *
Covered semiconductor product or service (section 5949(j)(3) of
Public Law 117-263, 41 U.S.C. 4713 note) means--
(1) A semiconductor, a semiconductor product, a product that
incorporates a semiconductor product, or a service that utilizes such a
product, that is designed, produced, or provided by Semiconductor
Manufacturing International Corporation (SMIC) (or any subsidiary,
affiliate, or successor of such entity);
(2) A semiconductor, a semiconductor product, a product that
incorporates a semiconductor product, or a service that utilizes such a
product, that is designed, produced, or provided by ChangXin Memory
Technologies (CXMT) or Yangtze Memory Technologies Corp (YMTC) (or any
subsidiary, affiliate, or successor of such entities); or
(3) A semiconductor, semiconductor product, or semiconductor
service produced or provided by an entity that the Secretary of Defense
or the Secretary of Commerce, in consultation with the Director of the
National Intelligence or the Director of the Federal Bureau of
Investigation, determines to be an entity owned or controlled by, or
otherwise connected to, the government of a semiconductor foreign
country of concern, provided that the determination with respect to
such entity is published in the Federal Register (see the Department of
Commerce website at [TBD] for a list of entities determined by the
Secretary of Commerce or the Secretary of Defense to be an entity owned
or controlled by, or otherwise connected to, the government of a
semiconductor foreign country of concern).
Critical national security interests means any interests having a
critical impact on the national defense, critical infrastructure,
foreign intelligence and counterintelligence, international and
internal security, or foreign relations of the United States.
Critical system (section 5949(j)(4) of Public Law 117-263, 41
U.S.C. 4713 note) means a national security system (40 U.S.C.
11103(a)(1)) or additional systems identified by the Federal
Acquisition Security Council or for DoD, systems identified consistent
with section 224 of the National Defense Authorization Act for Fiscal
Year 2020 (Pub. L. 116-92). The term does not include systems used for
routine administrative and business applications (including payroll,
finance, logistics, and personnel management applications).
Electronic product (15 U.S.C. 7006) means products that include
parts or components that have electrical, digital, magnetic, wireless,
optical, electromagnetic, or similar capabilities.
Electronic service means any service that uses electronic products.
* * * * *
Semiconductor means an enclosed integrated electronic device or set
of components that control the flow of electrons most commonly
manufactured using materials including, but not limited to, silicon,
silicon carbide, or III-V compounds, and processes including, but not
limited to, lithography, deposition, and etching. Such devices and
systems include, but are not limited to, integrated circuits, diodes,
and micro-electromechanical systems.
Semiconductor covered nation (10 U.S.C. 4872(d)(2)) means--
(1) The Democratic People's Republic of Korea (North Korea);
(2) The People's Republic of China;
(3) The Russian Federation; and
(4) The Islamic Republic of Iran.
Semiconductor foreign country of concern (15 U.S.C. 4651) means--
(1) A country that is a semiconductor covered nation; and
(2) Any country that the Secretary of Commerce, in consultation
with the Secretary of Defense, the Secretary of State, and the Director
of National Intelligence, determines to be engaged in conduct that is
detrimental to the national security or foreign policy of the United
States.
* * * * *
0
12. Add section 40.20X to read as follows:

40.20X Prohibition on certain semiconductor products and services.

40.20X-1 Applicability.

Section 40.20X-1 through 40.20X-6 applies to all acquisitions of
products and services including contracts at or below the micro-
purchase threshold and to contracts for commercial products and
commercial IT services and commercial telecommunication services.

40.20X-2 Semiconductor prohibition.

Unless an exception applies, on or after December 23, 2027,
agencies are prohibited from procuring or obtaining--
(a) Electronic products or electronic services that include covered
semiconductor products or services; and
(b) Electronic products, for use in critical systems, that use
electronic products that include covered semiconductor products or
services.

40.20X-3 Exceptions.

The following exceptions will be determined by the Government and
can be based on any applicable disclosures by offerors or reporting by
contractors:
(a) Agencies are not required to--
(1) Remove or replace covered semiconductor products or services
resident in equipment, systems, or services prior to December 23, 2027.
(2) Prohibit or limit the utilization of covered semiconductor
products or services throughout the lifecycle (e.g., replacement
component, spare part, support service) of existing equipment, systems,
and services provided to the Government prior to December 23, 2027.
(b) Commercial products or commercial services where there are no
alternative sources available are excepted from the semiconductor
prohibition at 40.20X-2 until December 23, 2028.
(c) Semiconductors, semiconductor products, and semiconductor
services determined by Secretary of Commerce or Secretary of Defense to
be a covered semiconductor product or service with an effective date
after contract award are excepted from prohibition unless the contract
is modified to include such covered semiconductor product or service.
(d) The prohibition does not apply to commercial service
procurements except for procurements for Information Technology and
Telecommunications (i.e., Category D: Information Technology (IT) and
Telecommunications (Telecom) of the Federal Procurement Data System
Product and Service Codes (PSC) Manual).
(e) Electronic services that are incidental to the performance of
the contract (e.g., contractor payroll) are excepted.

40.20X-4 Procedures.

(a) Identification of critical systems. When the program office or
requiring activity identifies requirements associated with critical
systems, the contracting officer shall include that information in the
solicitation.
(b) Disclosures.

[[Page 7238]]

(1) If an offeror provides a disclosure pursuant to paragraph (f)
of 52.240-XX, Certification Regarding Certain Semiconductor Products
and Services, the contracting officer shall submit the disclosure to
the program office or requiring activity, in accordance with agency
procedures, to determine whether--
(i) An exception applies (see 40.20X-3);
(ii) The agency will pursue a waiver (see 40.20X-5); or
(iii) The agency should award to another offeror.
(2) When an agency pursues a waiver, the contracting officer shall
obtain the approved waiver from the program office or requiring
activity prior to award.
(c) Reporting.
(1) If a contractor provides a report pursuant to paragraph (f) of
52.240-YY, Prohibition on Certain Semiconductor Products and Services,
the contracting officer shall submit the report to the program office
or requiring activity for processing, in accordance with agency
procedures.
(2) If a contractor reports that they are providing to the
Government an electronic product or electronic service that contains a
covered semiconductor product or service that has been determined by
the Secretary of Commerce or the Secretary of Defense to be a covered
semiconductor product or service with an effective date after contract
award, the contracting officer shall submit the report to the program
office or the requiring activity to determine appropriate action.

40.20X-5 Waivers.

(a) Agency waivers. The head of an agency may waive, for a
renewable period of not more than two years per waiver, the
prohibitions at 40.20X-2 if--
(1) The head of the agency, in consultation with the Secretary of
Commerce, determines that no compliant product or service is available
to be procured as and when needed at U.S. market prices or a price that
is not considered prohibitively expensive (i.e., would impose
significant difficulty or expense considering the agency resources
available); and
(2) The head of the agency, in consultation with the Secretary of
Defense or the Director of National Intelligence, determines that such
waiver could not reasonably be expected to compromise the critical
national security interests of the United States.
(b) Secretary of Defense waivers. The Secretary of Defense may
provide a waiver for any executive agency if the Secretary of Defense
determines that the waiver is in the critical national security
interests of the United States.
(c) Director of National Intelligence waivers. The Director of
National Intelligence may provide a waiver for any executive agency if
the Director of National Intelligence determines that the waiver is in
the critical national security interests of the United States.
(d) Secretary of Commerce waivers. The Secretary of Commerce, in
consultation with the Director of National Intelligence or the
Secretary of Defense, may provide a waiver for any executive agency if
the Secretary of Commerce determines that the waiver is in the critical
national security interests of the United States.
(e) Secretary of Homeland Security waivers. The Secretary of
Homeland Security, in consultation with the Director of National
Intelligence or the Secretary of Defense, may provide a waiver for any
executive agency if the Secretary of Homeland Security determines the
waiver is in the critical national security interests of the United
States.
(f) Secretary of Energy waivers. The Secretary of Energy, in
consultation with the Director of National Intelligence or the
Secretary of Defense, may provide a waiver for any executive agency if
the Secretary of Energy determines that the waiver is in the critical
national security interests of the United States.

40.20X-6 Solicitation provision and contract clause.

(a) Insert the provision at 52.240-XX, Certification Regarding
Certain Semiconductor Products and Services, in solicitations for--
(1) Products;
(2) Non-commercial services; and
(3) Commercial information technology services and
telecommunication services (i.e., services in Category D: Information
Technology (IT) and Telecommunications (Telecom) of the Federal
Procurement Data System Product and Service Codes (PSC) Manual).
(b) Insert the clause at 52.240-YY, Prohibition on Certain
Semiconductor Products and Services, in solicitations and contracts
for--
(1) Products;
(2) Non-commercial services; and
(3) Commercial information technology services and
telecommunication services (i.e., services in Category D: Information
Technology (IT) and Telecommunications (Telecom) of the Federal
Procurement Data System Product and Service Codes (PSC) Manual).

PART 52--SOLICITATION PROVISIONS AND CONTRACT CLAUSES

0
13. The authority citation for 48 CFR part 52 continues to read as
follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C.
chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C.
3016); and 51 U.S.C. 20113.

0
14. Amend section 52.212-5 by--
0
a. Revising the date of the clause;
0
b. Adding paragraph (a)(8);
0
c. Redesignating paragraph (e)(1)(xxvii) as paragraph (e)(1)(xxviii)
and adding a new paragraph (e)(1)(xxvii);
0
d. In Alternate II:
0
i. Revising the date of the alternate; and
0
ii. Redesignating paragraph (e)(1)(ii)(Z) as paragraph (e)(1)(ii)(AA)
and adding a new paragraph (Z).
The revisions and additions read as follows:

52.212-5 Contract Terms and Conditions Required To Implement Statutes
or Executive Orders--Commercial Products and Commercial Services.

* * * * *

Contract Terms and Conditions Required To Implement Statutes or
Executive Orders--Commercial Products and Commercial Services (DATE)

(a) * * *
(8) 52.240-YY, Prohibition on Certain Semiconductor Products and
Services (DATE).
* * * * *
(e)(1) * * *
(xxvii) 52.240-YY, Prohibition on Certain Semiconductor Products
and Services (DATE).
* * * * *
Alternate II. (DATE) * * *
(e)(1) * * *
(ii) * * *
(Z) 52.240-YY, Prohibition on Certain Semiconductor Products and
Services (DATE).
* * * * *
0
15. Amend section 52.213-4 by--
0
a. Revising the date of the clause;
0
b. Adding paragraph (a)(1)(xiii); and
0
c. Removing from paragraph (a)(2)(vii) ``OCT 2025'' and adding
``(DATE)'' in its place.
The revision and addition read as follows:

[[Page 7239]]

52.213-4 Terms and Conditions--Simplified Acquisitions (Other Than
Commercial Products and Commercial Services).

* * * * *

Terms and Conditions--Simplified Acquisitions (Other Than Commercial
Products and Commercial Services) (DATE)

(a) * * *
(1) * * *
(xiii) 52.240-YY, Prohibition on Certain Semiconductor Products and
Services (DATE).
* * * * *
0
16. Add sections 52.240-XX and 52.240-YY to read as follows:

52.240-XX Certification Regarding Certain Semiconductor Products and
Services.

As prescribed in 40.20X-6(a), insert the following provision:

Certification Regarding Certain Semiconductor Products and Services
(DATE)

(a) Definitions. As used in this provision, ``covered semiconductor
product or service'', ``critical system'', ``electronic product'',
``electronic service'', ``reasonable inquiry'', ``semiconductor'', and
``semiconductor foreign country of concern'' have the meaning provided
in the clause 52.240-YY, Prohibition on Certain Semiconductor Products
and Services.
(b) Prohibition. Unless a waiver or exception applies, Offerors are
prohibited, on or after December 23, 2027, from providing--
(1) Any electronic parts, products, or services that include
covered semiconductor products or services; and
(2) Any electronic products, for use in critical systems identified
by the Government, that use any electronic products that include
covered semiconductor products or services.
(c) Exceptions. The following exceptions will be determined by the
Government based on disclosure by the offeror in paragraph (f).
(1) Offerors are not required to remove or replace any products or
services resident in existing equipment, systems, or services, that
were acquired by the offeror prior to December 23, 2027, and proposed
as part of the performance of the contract.
(2) Offerors are not required to prohibit or limit the utilization
of covered semiconductor products or services throughout the lifecycle
(e.g., replacement component, spare part, support service) of existing
equipment that was acquired by the offeror prior to December 23, 2027,
and proposed as part of the performance of the contract.
(3) Commercial products or commercial services where there are no
alternative sources available are excepted from the semiconductor
prohibition until December 23, 2028.
(4) Semiconductors, semiconductor products, and semiconductor
services determined by Secretary of Commerce or Secretary of Defense to
be a covered semiconductor product or service with an effective date
after contract award are excepted from the semiconductor prohibition
unless the contract is modified to include such covered semiconductor
product or service.
(5) The prohibition does not apply to commercial service
procurements except for procurements for Information Technology and
Telecommunications (i.e., Category D: Information Technology (IT) and
Telecommunications (Telecom) of the Federal Procurement Data System
Product and Service Codes (PSC) Manual).
(6) Electronic services that are incidental to the performance of
the contract (e.g., contractor payroll) are excepted.
(d) Government semiconductor supply chain tools.
(1) The Offeror may search the Department of Commerce website at
[TBD] for the list of organizations where the organization has
certified that electronic products or services produced or provided by
that organization do not contain any covered semiconductor products or
services as prohibited in paragraph (b) of this provision.
(2) The Offeror may search the Department of Commerce website at
[TBD] for a list of entities determined by Secretary of Commerce or
Secretary of Defense to be an entity owned or controlled by, or
otherwise connected to, the government of a semiconductor foreign
country of concern. This list will identify the effective date for the
determination and may be used to determine whether a semiconductor,
semiconductor product, or semiconductor service is a covered
semiconductor product or service.
(3) The offeror may reasonably rely on the certifications provided
within the Department of Commerce website at [TBD] without the need for
further inquiry unless the offeror discovers any discrepancies or has
reason to doubt the accuracy of the certifications.
(e)(1) Certifications. By submission of this offer, the Offeror
certifies that it has conducted a reasonable inquiry, and that the
Offeror--
(i) Will not provide in response to this solicitation, any
electronic products or electronic services that include covered
semiconductor products or services to the Government in accordance with
paragraph (b)(1) of this provision in the performance of any
contractual instrument resulting from this solicitation, except as
waived by the solicitation, or as disclosed in paragraph (f); and
(ii) Will not provide for use in critical systems identified by the
Government, electronic products that use electronic products that
include covered semiconductor products or services to the Government in
accordance with paragraph (b)(2) of this provision in the performance
of any contractual instrument resulting from this solicitation, except
as waived by the solicitation, or as disclosed in paragraph (f) of this
provision.
(2) Reasonable inquiry. (i) When the entity does not have
information in their possession regarding whether the semiconductors
included in the electronic product or electronic service are compliant
with this prohibition, entities shall require suppliers at the next
lower tier of the supply chain to conduct a reasonable inquiry and then
certify whether their electronic products and electronic services are
compliant.
(ii) A reasonable inquiry is not required to include independent
third-party audits or other formal reviews.
(iii) Entities, acting in good faith, may reasonably rely on a
certification provided by a lower tier subcontractor without the need
for further inquiry unless the entity discovers any discrepancies or
has reason to doubt the accuracy of the certification.
(f) Disclosures. If the Offeror is providing to the Government
electronic products or electronic services that are not compliant with
the prohibition in paragraph (b) of this provision, then the Offeror
shall provide the following information, if known, as part of their
offer:
(1) A description of the electronic products or electronic services
proposed to the Federal Government that the Offeror identifies or has
reason to suspect contains covered semiconductor products or services
(include brand; model number, such as OEM number, manufacturer part
number, or wholesaler number; and item description, as applicable);
(2) The entity that produced the covered semiconductor products or
services (include entity name, unique entity identifier, Commercial and
Government Entity (CAGE) code, facilities responsible for design,
fabrication, assembly, packaging, and test of the product, and whether
the entity was the original equipment manufacturer (OEM) or a
distributor

[[Page 7240]]

(provide manufacturer codes and distributor codes used for the
product);
(3) A description of the functionality of the covered semiconductor
products or services and how that functionality impacts the risk to the
electronic product or electronic service;
(4) An explanation of any factors relevant to determining if the
covered semiconductor products or services would be permissible under
any exceptions in paragraph (c) of this provision;
(5) Whether alternative products or services are available that
would be compliant with the prohibition;
(6) If the electronic product or electronic service is related to
item maintenance, include the following information on the item being
maintained:
(i) Brand;
(ii) Model number, OEM number, manufacturer part number, or
wholesaler number; and
(iii) Item description, as applicable.
(g) Disclosure safe harbor.
(1) An offeror that provides a disclosure regarding electronic
products as prohibited by paragraph (b) of this provision that are
manufactured or assembled by an entity other than the offeror or lower
tier supplier shall not be subject to civil liability nor determined to
be not presently responsible on the basis of such notification (see
section 5949(h)(7) of Public Law 117-263, 41 U.S.C. 4713 note); and
(2) An offeror that provides a disclosure regarding covered
semiconductor products or services in electronic products or electronic
services manufactured or assembled by such offeror or lower tier
supplier shall not be subject to civil liability nor determined to be
not presently responsible on the basis of such notification if the
offeror or lower tier supplier makes a comprehensive and documentable
effort to identify and remove the covered semiconductor products or
services. (See section 5949(h)(8) of Public Law 117-263, 41 U.S.C. 4713
note).

(End of provision)

52.240-YY Prohibition on Certain Semiconductor Products and Services.

As prescribed in 40.20X-6(b), insert the following clause:

Prohibition on Certain Semiconductor Products and Services (DATE)

(a) Definitions. As used in this clause--
Covered semiconductor product or service (section 5949(j)(3) of
Public Law 117-263, 41 U.S.C. 4713 note) means--
(1) A semiconductor, a semiconductor product, a product that
incorporates a semiconductor product, or a service that utilizes such a
product, that is designed, produced, or provided by Semiconductor
Manufacturing International Corporation (SMIC) (or any subsidiary,
affiliate, or successor of such entity);
(2) A semiconductor, a semiconductor product, a product that
incorporates a semiconductor product, or a service that utilizes such a
product, that is designed, produced, or provided by ChangXin Memory
Technologies (CXMT) or Yangtze Memory Technologies Corp (YMTC) (or any
subsidiary, affiliate, or successor of such entities); or
(3) A semiconductor, semiconductor product, or semiconductor
service produced or provided by an entity that the Secretary of Defense
or the Secretary of Commerce, in consultation with the Director of the
National Intelligence or the Director of the Federal Bureau of
Investigation, determines to be an entity owned or controlled by, or
otherwise connected to, the government of a semiconductor foreign
country of concern, provided that the determination with respect to
such entity is published in the Federal Register (see the Department of
Commerce website at [TBD] for a list of entities determined by the
Secretary of Commerce or the Secretary of Defense to be an entity owned
or controlled by, or otherwise connected to, the government of a
semiconductor foreign country of concern).
Critical system (section 5949(j)(4) of Public Law 117-263, 41
U.S.C. 4713 note) means a national security system (40 U.S.C.
11103(a)(1)) or additional systems identified by the Federal
Acquisition Security Council or for DoD, systems identified consistent
with section 224 of the National Defense Authorization Act for Fiscal
Year 2020 (Pub. L. 116-92). The term does not include systems used for
routine administrative and business applications (including payroll,
finance, logistics, and personnel management applications).
Electronic product means products that include parts or components
that have electrical, digital, magnetic, wireless, optical,
electromagnetic, or similar capabilities. See 15 U.S.C. 7006.
Electronic service means any service that uses electronic products.
Reasonable inquiry means--
(1) An inquiry intended to uncover any information in the entity's
possession, including any information acquired from external sources,
about whether any electronic products or electronic services that are
provided to the Government--
(i) Include covered semiconductor products or services; or
(ii) Use electronic products that include covered semiconductor
products or services.
Routine administrative and business applications means applications
for payroll, finance, logistics, and personnel management applications
primarily used for standard commercial practices and functions.
Semiconductor means an enclosed integrated electronic device or set
of components that control the flow of electrons most commonly
manufactured using materials including, but not limited to, silicon,
silicon carbide, or III-V compounds, and processes including, but not
limited to, lithography, deposition, and etching. Such devices and
systems include, but are not limited to, integrated circuits, diodes,
and micro-electromechanical systems.
Semiconductor covered entity (section 5949(j)(2) of Pub. L. 117-
263, 41 U.S.C. 4713 note) means an entity that--
(1) Develops, domestically or abroad, a design of a semiconductor
that is the direct product of United States origin technology or
software; and
(2) Purchases covered semiconductor products or services from an
entity described in the first or third paragraph of the definition of
covered semiconductor product or service.
Semiconductor covered nation (10 U.S.C. 4872(d)(2)) means--
(1) The Democratic People's Republic of Korea (North Korea);
(2) The People's Republic of China;
(3) The Russian Federation; and
(4) The Islamic Republic of Iran.
Semiconductor foreign country of concern (15 U.S.C. 4651) means--
(1) A country that is a semiconductor covered nation; and
(2) Any country that the Secretary of Commerce, in consultation
with the Secretary of Defense, the Secretary of State, and the Director
of National Intelligence, determines to be engaged in conduct that is
detrimental to the national security or foreign policy of the United
States.
Subsidiary means an entity in which more than 50 percent of the
entity is owned directly by a parent corporation or through another
subsidiary of a parent corporation.
(b) Prohibition. Unless a waiver or exception applies, contractors
are prohibited, on or after December 23, 2027, from providing--
(1) Any electronic parts, products, or services that include
covered semiconductor products or services; and

[[Page 7241]]

(2) Any electronic products, for use in critical systems identified
by the Government, that use any electronic products that include
covered semiconductor products or services.
(c) Exceptions. The following exceptions will be determined by the
Government based on notification and reporting by the contractor in
paragraph (e).
(1) Contractors are not required to remove or replace any products
or services resident in existing equipment, systems, or services, that
were acquired by the contractor prior to December 23, 2027, and used as
part of the performance of the contract.
(2) Contractors are not required to prohibit or limit the
utilization of covered semiconductor products or services throughout
the lifecycle (e.g., replacement component, spare part, support
service) of existing equipment that was acquired by the contractor
prior to December 23, 2027, and used as part of the performance of the
contract.
(3) Commercial products or commercial services where there are no
alternative sources available are excepted from the semiconductor
prohibition until December 23, 2028.
(4) Semiconductors, semiconductor products, and semiconductor
services determined by Secretary of Commerce or Secretary of Defense to
be a covered semiconductor product or service with an effective date
after contract award are excepted from prohibition unless the contract
is modified to include such covered semiconductor product or service.
(5) The prohibition does not apply to commercial service
procurements except for procurements for Information Technology and
Telecommunications (i.e., Category D: Information Technology (IT) and
Telecommunications (Telecom) of the Federal Procurement Data System
Product and Service Codes (PSC) Manual).
(6) Electronic services that are incidental to the performance of
the contract (e.g., contractor payroll) are excepted.
(d) Government semiconductor supply chain tools.
(1) The Contractor may search the Department of Commerce website at
[TBD] for the list of organizations where the organization has
certified that electronic products or services produced or provided by
that organization do not contain any covered semiconductor products or
services as prohibited in paragraph (b) of this provision.
(2) The Contractor may search the Department of Commerce website at
[TBD] for a list of entities determined by Secretary of Commerce or
Secretary of Defense to be an entity owned or controlled by, or
otherwise connected to, the government of a semiconductor foreign
country of concern. This list will identify the effective date for the
determination and may be used to determine whether a semiconductor,
semiconductor product, or semiconductor service is a covered
semiconductor product or service.
(3) Entities, acting in good faith, may reasonably rely on the
Department of Commerce website at [TBD] for such purposes unless they
discover any discrepancies or have reason to doubt the accuracy of the
certifications.
(e) Reasonable inquiry. (1) When the entity does not have
information in their possession regarding whether the semiconductors
included in the electronic product or electronic service are compliant
with this prohibition, entities shall require suppliers at the next
lower tier of the supply chain to conduct a reasonable inquiry and then
certify whether their electronic products and electronic services are
compliant.
(2) A reasonable inquiry is not required to include independent
third-party audits or other formal reviews.
(3) Entities, acting in good faith, may reasonably rely on a
certification provided by a lower tier subcontractor without the need
for further inquiry unless the entity discovers any discrepancies or
has reason to doubt the accuracy of the certification.
(f) Notifications and reporting to the Government. The notice in
this paragraph (f) does not apply to electronic products and electronic
services which were delivered to the Government before December 23,
2027. If the Contractor identifies or is notified by any source
(including a subcontractor at any tier) or has reason to suspect that
any electronic product or electronic service provided during contract
performance contains covered semiconductor products or services and was
not previously disclosed in accordance with 52.240-XX(f), then the
Contractor shall report the following information or as much
information as known to the Contracting Officer in writing within 72
hours, regardless of whether an exception in paragraph (c) of this
clause may apply:
(1) A description of the electronic products or services provided
to the Federal Government that the Contractor identifies or has reason
to suspect contains covered semiconductor products or services (include
brand; model number, such as OEM number, manufacturer part number, or
wholesaler number; and item description, as applicable);
(2) The entity that produced the covered semiconductor products or
services (include entity name, unique entity identifier, Contractor and
Government Entity (CAGE) code, facilities responsible for design,
fabrication, assembly, packaging, and test of the product, and whether
the entity was the original equipment manufacturer (OEM) or a
distributor (provide manufacturer codes and distributor codes used for
the product);
(3) Description of the functionality of the covered semiconductor
products or services and how that functionality impacts the risk to the
electronic product or electronic service;
(4) An explanation of any factors relevant to determining if the
covered semiconductor products or services would be permissible under
any exceptions in paragraph (c) of this clause;
(5) Whether alternative products or services are available that
would be compliant with prohibition;
(6) If the electronic product or electronic service is related to
item maintenance, include the following information on the item being
maintained:
(i) Brand;
(ii) Model number, OEM number, manufacturer part number, or
wholesaler number; and
(iii) Item description, as applicable.
(g) Disclosure to non-Federal customers. On or after December 23,
2027, contractors and subcontractors that are semiconductor covered
entities shall disclose to non-Federal customers the inclusion of a
covered semiconductor product or service in electronic products or
electronic services subject to the prohibition in paragraph (b) of this
clause which are sold to non-Federal customers outside of the
Government (see section 5949(h)(2) of Public Law 117-263, 41 U.S.C.
4713 note).
(h) Notification safe harbor.
(1) A contractor or subcontractor that timely provides a disclosure
to the Government, contractor, or subcontractor in accordance with
paragraph (f) of this clause regarding covered semiconductor products
or services in electronic products that are manufactured or assembled
by an entity other than the contractor or subcontractor shall not be
subject to civil liability nor determined to not be a presently
responsible contractor on the basis of such notification (see section
5949(h)(7) of Public Law 117-263, 41 U.S.C. 4713 note);

[[Page 7242]]

(2) A contractor or subcontractor that provides a disclosure to the
Government, contractor, or subcontractor in accordance with paragraph
(f) of this clause regarding covered semiconductor products or services
in electronic products manufactured or assembled by such contractor or
subcontractor shall not be subject to civil liability nor determined to
not be a presently responsible contractor on the basis of such
disclosure if the contractor or subcontractor makes a comprehensive and
documentable effort to identify and remove the covered semiconductor
products or services (see section 5949(h)(8) of Public Law 117-263, 41
U.S.C. 4713 note).
(i) Rework or corrective action. On or after December 23, 2027, a
contractor which is a semiconductor covered entity--
(1) Shall be responsible for any rework or corrective action that
may be required to remedy the use or inclusion of such covered
semiconductor product or service if the semiconductor covered entity
fails to provide the disclosure in paragraph (f) of this clause (see
section 5949(h)(3) of Public Law 117-263, 41 U.S.C. 4713 note); and
(2) Will not be able to claim any rework or corrective action
required under paragraph (i) (1) of this clause as an allowable cost
(see section 5949(h)(3) of Public Law 117-263, 41 U.S.C. 4713 note).
(j) Subcontracts. The Contractor shall insert the substance of this
clause, including this paragraph (j), in all subcontracts and other
contractual instruments, including subcontracts for the acquisition of
commercial products or commercial services.

(End of clause)
0
17. Amend section 52.244-6 by--
0
a. Revising the date of the clause; and
0
b. Redesignating paragraph (c)(1)(xxiv) as paragraph (c)(1)(xxv) and
adding a new paragraph (c)(1)(xxiv).
The revision and addition read as follows:

52.244-6 Subcontracts for Commercial Products and Commercial Services.

* * * * *

Subcontracts for Commercial Products and Commercial Services (DATE)

* * * * *
(c)(1) * * *
(xxiv) 52.240-YY, Prohibition on Certain Semiconductor Products and
Services (DATE).
* * * * *
[FR Doc. 2026-03065 Filed 2-13-26; 8:45 am]
BILLING CODE 6820-EP-P

</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>

View on FederalRegister.gov →Plain-text source

Indexed from Federal Register on February 17, 2026.

This is legal information, not legal advice. Laws vary by jurisdiction and change frequently. Always verify current law with official sources and consult a licensed attorney in your jurisdiction for advice on your specific situation.