41 U.S.C. § 4713
41 U.S.C. § 4713
EDITORIAL NOTES
REFERENCES IN TEXTSection 3101(c)(1), referred to in subsec. (k)(7), probably means section 3101(c)(1) of this title, which excepts the Department of Defense, the Coast Guard, and the National Aeronautics and Space Administration from applicability of the Procurement procedures and regulations of the Administrator of General Services.
AMENDMENTS2022-Subsec. (j). Pub. L. 117-263 substituted "December 31, 2033" for "the date that is 5 years after the date of the enactment of the Federal Acquisition Supply Chain Security Act of 2018".
STATUTORY NOTES AND RELATED SUBSIDIARIES
CHANGE OF NAMECommittee on Oversight and Government Reform of House of Representatives changed to Committee on Oversight and Reform of House of Representatives by House Resolution No. 6, One Hundred Sixteenth Congress, Jan. 9, 2019. Committee on Oversight and Reform of House of Representatives changed to Committee on Oversight and Accountability of House of Representatives by House Resolution No. 5, One Hundred Eighteenth Congress, Jan. 9, 2023.
EFFECTIVE DATE Pub. L. 115-390, §203, 132 Stat. 5192, provided that: "The amendments made by this section [enacting this section] shall take effect on the date that is 90 days after the date of the enactment of this Act [Dec. 21, 2018] and shall apply to contracts that are awarded before, on, or after that date." Title II of Pub. L. 115-390 effective 90 days after Dec. 21, 2018, see section 205 of Pub. L. 115-390, set out as a note under section 1321 of this title.
PROHIBITION ON CERTAIN SEMICONDUCTOR PRODUCTS AND SERVICES Pub. L. 117-263, §5949, 136 Stat. 3485, provided that: "(a) PROHIBITION ON USE OR PROCUREMENT.-"(1) IN GENERAL.-The head of an executive agency may not-"(A) procure or obtain, or extend or renew a contract to procure or obtain, any electronic parts, products, or services that include covered semiconductor products or services; or"(B) enter into a contract (or extend or renew a contract) with an entity to procure or obtain electronic parts or products that use any electronic parts or products that include covered semiconductor products or services."(2) RULE OF CONSTRUCTION.-"(A) IN GENERAL.-Nothing in paragraph (1) shall be construed-"(i) to require any covered semiconductor products or services resident in equipment, systems, or services as of the day before the applicable effective date specified in subsection (c) to be removed or replaced;"(ii) to prohibit or limit the utilization of such covered semiconductor products or services throughout the lifecycle of such existing equipment;"(iii) to require the recipient of a Federal contract, grant, loan, or loan guarantee to replace covered semiconductor products or services resident in equipment, systems, or services before the effective date specified in subsection (c); or "(iv) to require the Federal Communications Commission to designate covered semiconductor products or services to its Covered Communications Equipment or Services List maintained under section 2 of the Secured and Trusted Communications Networks Act of 2019 (47 U.S.C. 1603) [probably should be "(47 U.S.C. 1601)"]."(B) CONTRACTING PROHIBITION.-Nothing in paragraph (1)(B) shall be construed to cover products or services that include covered semiconductor products or services in a system that is not a critical system."(b) WAIVER AUTHORITY.- "(1) SECRETARY OF DEFENSE.-The Secretary of Defense may provide a waiver on a date later than the effective date described in subsection (c) if the Secretary determines the waiver is in the critical national security interests of the United States."(2) DIRECTOR OF NATIONAL INTELLIGENCE.-The Director of National Intelligence may provide a waiver on a date later than the effective date described in subsection (c) if the Director determines the waiver is in the critical national security interests of the United States."(3) SECRETARY OF COMMERCE.-The Secretary of Commerce, in consultation with the Director of National Intelligence or the Secretary of Defense, may provide a waiver on a date later than the effective date described in subsection (c) if the Secretary determines the waiver is in the critical national security interests of the United States. "(4) SECRETARY OF HOMELAND SECURITY.-The Secretary of Homeland Security, in consultation with the Director of National Intelligence or the Secretary of Defense, may provide a waiver on a date later than the effective date described in subsection (c) if the Secretary determines the waiver is in the critical national security interests of the United States. "(5) SECRETARY OF ENERGY.-The Secretary of Energy, in consultation with the Director of National Intelligence or the Secretary of Defense, may provide a waiver on a date later than the effective date described in subsection (c) if the Secretary determines the waiver is in the critical national security interests of the United States."(6) EXECUTIVE AGENCIES.-The head of an executive agency may waive, for a renewable period of not more than two years per waiver, the prohibitions under subsection (a) if-"(A) the head of the agency, in consultation with the Secretary of Commerce, determines that no compliant product or service is available to be procured as, and when, needed at United States market prices or a price that is not considered prohibitively expensive; and "(B) the head of the agency, in consultation with the Secretary of Defense or the Director of National Intelligence, determines that such waiver could not reasonably be expected to compromise the critical national security interests of the United States."(7) REPORT TO CONGRESS.-Not later than 30 days after granting a waiver under this subsection, the head of the executive agency granting such waiver shall submit to the appropriate committees of Congress and leadership a report with a notification of such waiver, including a justification for the waiver."(c) EFFECTIVE DATES AND REGULATIONS.-"(1) EFFECTIVE DATE.-The prohibitions under subsection (a) shall take effect five years after the date of the enactment of this Act [Dec. 23, 2022]."(2) REGULATIONS.-Not later than three years after the date of the enactment of this Act, the Federal Acquisition Regulatory Council shall prescribe regulations implementing the prohibitions under subsection (a), including a requirement for prime contractors to incorporate the substance of such prohibitions and applicable implementing contract clauses into contracts for the supply of electronic parts or products."(d) OFFICE OF MANAGEMENT AND BUDGET REPORT AND BRIEFING.-Not later than 270 days after the effective date described in subsection (c)(1), the Director of the Office of Management and Budget, in coordination with the Director of National Intelligence and the National Cyber Director, shall provide to the appropriate committees of Congress and leadership a report and briefing on-"(1) the implementation of the prohibitions under subsection (a), including any challenges in the implementation; and"(2) the effectiveness and utility of the waiver authority under subsection (b). "(e) ANALYSIS, ASSESSMENT, AND STRATEGY.-Not later than 180 days after the date of the enactment of this Act, the Secretary of Commerce, in coordination with the Secretary of Defense, the Secretary of Homeland Security, the Director of National Intelligence, and the Secretary of Energy and, to the greatest extent practicable, leveraging relevant previous analyses and assessments, shall-"(1) conduct an analysis of semiconductor design and production capacity domestically and by allied or partner countries required to meet the needs of the Federal Government, including analyses regarding-"(A) semiconductors critical to national security, as determined by the Secretary of Commerce, in consultation with the Secretary of Defense and the Director of National Intelligence, in accordance with section 9902(a)(6)(A)(i) of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (Public Law 116-283) [15 U.S.C. 4652(a)(6)(A)(i)] ; and"(B) semiconductors classified as legacy semiconductors pursuant to section 9902(a)(6)(A)(i) of William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (Public Law 116-283);"(2) assess the risk posed by the presence of covered semiconductor products or services in Federal systems; "(3) assess the risk posed by the presence of covered semiconductor products or services in the supply chains of Federal contractors and subcontractors, including for non-Federal systems;"(4) develop a strategy to-"(A) improve the availability of domestic semiconductor design and production capacity required to meet the requirements of the Federal Government;"(B) support semiconductor product and service suppliers seeking to contract with domestic, allied, or partner semiconductor producers and to improve supply chain traceability, including to meet the prohibitions under subsection (a); and"(C) either certify the feasibility of implementing such prohibitions or exercising waiver authorities under subsection (b), to ensure uninterrupted Federal Government access to required semiconductor products and services; and"(5) provide the results of the analysis, assessment, and strategy developed under paragraphs (1) through (4) to the Federal Acquisition Security Council."(f) GOVERNMENTWIDE TRACEABILITY AND DIVERSIFICATION INITIATIVE.-"(1) IN GENERAL.-Not later than two years after the date of the enactment of this Act [Dec. 23, 2022], the Secretary of Commerce, in coordination with the Secretary of Homeland Security, the Secretary of Defense, the Director of National Intelligence, the Director of the Office of Management and Budget, and the Director of the Office of Science and Technology Policy, and in consultation with industry, shall establish a microelectronics traceability and diversification initiative to coordinate analysis of and response to the Federal Government microelectronics supply chain vulnerabilities. "(2) ELEMENTS.-The initiative established under paragraph (1) shall include the following elements:"(A) Sharing best practices, refining microelectronics standards, such as those established pursuant to section 224 of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116-92) [10 U.S.C. 4501 note prec.], and developing recommendations to identify and mitigate, through diversification efforts, microelectronics supply chain concerns."(B) Developing an assessment framework to inform Federal decisions on sourcing microelectronics, considering-"(i) chain of custody and traceability, including origin and location of design, manufacturing, distribution, shipping, and quantities;"(ii) confidentiality, including protection, verification, and validation of intellectual property included in microelectronics;"(iii) integrity, including- "(I) security weaknesses and vulnerabilities that include potential supply chain attacks; "(II) risk analysis and consequence to system; "(III) risk of intentional or unintentional modification or tampering; and "(IV) risk of insider threats, including integrity of people and processes involved in the design and manufacturing of microelectronics; and"(iv) availability, including- "(I) potential supply chain disruptions, including due to natural disasters or geopolitical events; "(II) prioritization of parts designed and manufactured in the United States and in allied or partner countries to support and sustain the defense and technology industrial base; "(III) risk associated with sourcing parts from suppliers outside of the United States and allied and partner countries, including long-term impacts on availability of microelectronics produced domestically or in allied or partner countries; and "(IV) obsolescence management and counterfeit avoidance and detection."(C) Developing a process for provenance and traceability from design to disposal of microelectronics components and intellectual property contained therein implementable across the Federal acquisition system to improve reporting, data analysis, and tracking."(D) Developing and implementing policies and plans to support the following:"(i) Development of domestic design and manufacturing capabilities to replace covered semiconductor products or services."(ii) Utilization of the assessment framework developed under subparagraph (B)."(iii) Implementation of the strategy required under subsection (e)(4) as applicable."(iv) Identification of and integration with existing information reporting and data visualization systems in the Federal Government, including modification to such systems to track the information."(v) A requirement to document microelectronics used in systems and subsystems, including origin and location of design and manufacturing, technologies used, and quantities procured. "(vi) Elimination from Federal Government supply chains of microelectronics from entities included on the Consolidated Screening List maintained by the International Trade Administration of the Department of Commerce."(3) COORDINATION REQUIRED.-In carrying out this subsection, the Secretary of Commerce shall coordinate, as necessary, with the following entities:"(A) The National Science and Technology Council Subcommittee on Microelectronics Leadership."(B) The Department of Commerce semiconductor industrial advisory committee established under subsection 9906(b) of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (Public Law 116-283) [15 U.S.C. 4656(b)] ."(C) The White House Coordinator for CHIPS Implementation."(D) The Federal Acquisition Security Council (FASC)."(E) The Government-Industry Working Group on Microelectronics."(F) The Joint Defense Manufacturing Technology Panel (JDMTP)."(G) Standards development organizations."(g) FEDERAL ACQUISITION SECURITY COUNCIL.-Not later than two years after the date of the enactment of this Act [Dec. 23, 2022], the Federal Acquisition Security Council, in consultation with the Secretary of Commerce, the Secretary of Defense, the Secretary of Homeland Security, the Director of National Intelligence, and the Secretary of Energy, and after engagement with the private sector and other nongovernmental stakeholders in accordance with section 1323 of title 41, United States Code, shall-"(1) issue recommendations to mitigate supply chain risks relevant to Federal Government acquisition of semiconductor products and services, considering-"(A) the analysis, assessment, and strategy developed under subsection (e) and any related updates; "(B) the standards provided under section 224 of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116-92) [10 U.S.C. 4501 note prec.], including any tiers of trust, levels of security, or risk-based approaches established under such section;"(C) the extent to which such recommendations would enhance the security of critical systems;"(D) the extent to which such recommendations would impact Federal access to commercial technologies; and"(E) any risks to the Federal Government from contracting with microelectronics suppliers that include covered semiconductor products or services in non-Federal supply chains; and"(2) make recommendations to the Federal Acquisition Regulatory Council and the heads of executive agencies for any needed regulations to mitigate supply chain risks. "(h) APPLICABILITY AND RESPONSIBILITIES OF COVERED ENTITIES AND CONTRACTORS.-The regulations prescribed pursuant to subsection (c)(2) shall-"(1) provide that contractors who supply a Federal agency with electronic parts or products are responsible for- "(A) certifying to the non-use of covered semiconductor products or services in such parts or products;"(B) detecting and avoiding the use or inclusion of such covered semiconductor products or services in such parts or products; and"(C) any rework or corrective action that may be required to remedy the use or inclusion of such covered semiconductor products or services in such parts or products; "(2) require covered entities to disclose to direct customers the inclusion of a covered semiconductor product or service in electronic parts, products, or services included in electronic parts, products, or services subject to the contracting prohibition under subsection (a) as to whether such supplied parts, products, or services include covered semiconductors products or services;"(3) provide that a covered entity that fails to disclose the inclusion to direct customers of a covered semiconductor product or service in electronic parts, products, or services procured or obtained by an executive agency in contravention of subsection (a) shall be responsible for any rework or corrective action that may be required to remedy the use or inclusion of such covered semiconductor product or service; "(4) provide that the costs of covered semiconductor products or services, suspect semiconductor products, and any rework or corrective action that may be required to remedy the use or inclusion of such products are not allowable costs for Federal contracts;"(5) provide that-"(A) any covered entity or Federal contractor or subcontractor who becomes aware, or has reason to suspect, that any end item, component, or part of a critical system purchased by the Federal Government, or purchased by a Federal contractor or subcontractor for delivery to the Federal Government for any critical system, that contains covered semiconductor products or services shall notify appropriate Federal authorities in writing within 60 days; and"(B) the Federal authorities shall report such information to the appropriate committees of Congress and leadership within 120 days;"(6) provide that Federal bidders and contractors-"(A) may reasonably rely on the certifications of compliance from covered entities and subcontractors who supply electronic parts, products, or services when providing proposals to the Federal Government; and"(B) are not required to conduct independent third party audits or other formal reviews related to such certifications;"(7) provide that a Federal contractor or subcontractor that provides a notification under paragraph (5) that does not regard electronic parts or products manufactured or assembled by such Federal contractor or subcontractor shall not be subject to civil liability nor determined to not be a presently responsible contractor on the basis of such notification; and"(8) provide that a Federal contractor or subcontractor that provides a notification under paragraph (5) that regards electronic parts or products manufactured or assembled by such Federal contractor or subcontractor shall not be subject to civil liability nor determined to not be a presently responsible contractor on the basis of such notification if the Federal contractor or subcontractor makes a comprehensive and documentable effort to identify and remove covered semiconductor products or services from the Federal supply."(i) REPORTS.- "(1) SECRETARY OF COMMERCE.-Not later than 60 days after completing the assessment required under subsection (e), the Secretary of Commerce shall submit to the appropriate committees of Congress and leadership- "(A) a report of the findings and recommendations of the analyses, assessment, and strategy developed under such subsection; and "(B) a report on development of the microelectronics traceability and diversification initiative under subsection (f)(1)."(2) FEDERAL ACQUISITION SECURITY COUNCIL.-Not later than one year after the date of the enactment of this Act [Dec. 23, 2022], and annually thereafter for ten years, the Federal Acquisition Security Council shall include in the annual report submitted under section 1325 of title 41, United States Code, a description of-"(A) the development of recommendations under subsection (g), including the considerations described in paragraph (1) of such subsection; and"(B) as applicable, the impact of any recommendations or regulations implemented."(j) DEFINITIONS.-In this section:"(1) APPROPRIATE COMMITTEES OF CONGRESS AND LEADERSHIP.-The term 'appropriate committees of Congress and leadership' means-"(A) the Committee on Armed Services, the Committee on Commerce, Science, and Transportation, the Committee on Homeland Security and Governmental Affairs, the Committee on Energy and Natural Resources, the Committee on Foreign Relations, the Committee on Banking, Housing, and Urban Affairs, the Select Committee on Intelligence, and the majority and minority leaders of the Senate; and"(B) the Committee on Armed Services, the Committee on Energy and Commerce, the Committee on Science, Space, and Technology, the Committee on Oversight and Reform [now Committee on Oversight and Accountability], the Committee on Foreign Affairs, the Committee on Homeland Security, the Permanent Select Committee on Intelligence, and the Speaker, the majority leader, and the minority leader of the of the House of Representatives."(2) COVERED ENTITY.-The term 'covered entity' means an entity that- "(A) develops, domestically or abroad, a design of a semiconductor that is the direct product of United States origin technology or software; and"(B) purchases covered semiconductor products or services from an entity described in subparagraph (A) or (C) of paragraph (3). "(3) COVERED SEMICONDUCTOR PRODUCT OR SERVICES.-The term 'covered semiconductor product or services' means any of the following: "(A) A semiconductor, a semiconductor product, a product that incorporates a semiconductor product, or a service that utilizes such a product, that is designed, produced or provided by, Semiconductor Manufacturing International Corporation (SMIC) (or any subsidiary, affiliate, or successor of such entity)."(B) A semiconductor, a semiconductor product, a product that incorporates a semiconductor product, or a service that utilizes such a product, that is designed, produced, or provided by ChangXin Memory Technologies (CXMT) or Yangtze Memory Technologies Corp (YMTC) (or any subsidiary, affiliate, or successor of such entities)."(C) A semiconductor, semiconductor product, or semiconductor service produced or provided by an entity that the Secretary of Defense or the Secretary of Commerce, in consultation with the Director of the National Intelligence or the Director of the Federal Bureau of Investigation, determines to be an entity owned or controlled by, or otherwise connected to, the government of a foreign country of concern, provided that the determination with respect to such entity is published in the Federal Register."(4) CRITICAL SYSTEM.-The term 'critical system'-"(A) has the meaning given the term 'national security system' in section 11103(a)(1) of title 40, United States Code;"(B) shall include additional systems identified by the Federal Acquisition Security Council;"(C) shall include additional systems identified by the Department of Defense, consistent with guidance provided under section 224 of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116-92) [10 U.S.C. 4501 note prec.]; and"(D) shall not include a system to be used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications)."(5) FOREIGN COUNTRY OF CONCERN.-The term 'foreign country of concern' has the meaning given the term in paragraph (7) of section 9901 of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (15 U.S.C. 4651), as added by section 103(a)(4) of the CHIPS Act of 2022 ( division A of Public Law 117-167)."(k) EXTENSION OF FEDERAL ACQUISITION SECURITY SUPPLY CHAIN ACT OF 2018.-"(1) SUBCHAPTER III OF CHAPTER 13 OF TITLE 41, UNITED STATES CODE.-[Amended section 1328 of this title.]"(2)-[Amended this section.]"(l) AUTHORIZATION OF APPROPRIATIONS FOR FEDERAL ACQUISITION SECURITY COUNCIL.-"(1) IN GENERAL.-There is authorized to be appropriated $3,000,000 for each of fiscal years 2023 through 2033 for the Office of Management and Budget to support the activities of the Federal Acquisition Security Council."(2) TRANSFER AUTHORITY.-The Director of the Office of Management and Budget may transfer funds authorized to be appropriated under paragraph (1) to other Federal agencies for the performance of work for which the funds were authorized."