Changeflow GovPing Trade Procurement Federal Acquisition Regulation: Prohibition on ...

Priority review Rule Added Draft

Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services

Federal Procurement Notices (Federal Register)

Published February 17th, 2026

Detected March 13th, 2026

Summary

The Federal Procurement Policy Office, Department of Defense, GSA, and NASA have issued a proposed rule to prohibit certain semiconductor products and services in federal acquisitions. This rule is open for public comment until April 20, 2026.

View original document View source feed page

What changed

This proposed rule from the Federal Procurement Policy Office, Department of Defense, General Services Administration, and National Aeronautics and Space Administration aims to prohibit the acquisition of specific semiconductor products and services. The document outlines the rationale for the prohibition, likely related to supply chain security and national security concerns, and details the types of products and services that would be restricted.

Regulated entities, particularly manufacturers and government contractors involved in federal acquisitions, should review the proposed restrictions to understand their impact on current and future contracts. The public comment period is open until April 20, 2026, providing an opportunity for stakeholders to submit feedback, concerns, or requests for clarification before the rule is finalized.

What to do next

Review the proposed prohibition on certain semiconductor products and services.
Submit public comments by April 20, 2026, if applicable.
Assess current and future supply chains for compliance with potential new restrictions.

Source document (simplified)

Legal Status This site displays a prototype of a “Web 2.0” version of the daily
Federal Register. It is not an official legal edition of the Federal
Register, and does not replace the official print version or the official
electronic version on GPO’s govinfo.gov.

The documents posted on this site are XML renditions of published Federal
Register documents. Each document posted on the site includes a link to the
corresponding official PDF file on govinfo.gov. This prototype edition of the
daily Federal Register on FederalRegister.gov will remain an unofficial
informational resource until the Administrative Committee of the Federal
Register (ACFR) issues a regulation granting it official legal status.
For complete information about, and access to, our official publications
and services, go to About the Federal Register on NARA's archives.gov.

The OFR/GPO partnership is committed to presenting accurate and reliable
regulatory information on FederalRegister.gov with the objective of
establishing the XML-based Federal Register as an ACFR-sanctioned
publication in the future. While every effort has been made to ensure that
the material on FederalRegister.gov is accurately displayed, consistent with
the official SGML-based PDF version on govinfo.gov, those relying on it for
legal research should verify their results against an official edition of
the Federal Register. Until the ACFR grants it official status, the XML
rendition of the daily Federal Register on FederalRegister.gov does not
provide legal notice to the public or judicial notice to the courts.

Legal Status

Proposed Rule

Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services

A Proposed Rule by the Federal Procurement Policy Office, the Defense Department, the General Services Administration, and the National Aeronautics and Space Administration on 02/17/2026

1.
This document has a comment period that ends in 38 days.
(04/20/2026) Submit a public comment

5 comments received. View posted comments Thank you for taking the time to create a comment. Your input is important.

Once you have filled in the required fields below you can preview and/or submit your comment to the Management and Budget Office for review. All comments are considered public and will be posted online once the Management and Budget Office has reviewed them.

You can view alternative ways to comment or you may also comment via Regulations.gov at https://www.regulations.gov/commenton/FAR-2023-0008-0023.

It appears that you have attempted to comment on this document before
so we've restored your progress.
Start over.
1.
2. Comment * What is your comment about? Upload File(s) Note: You can attach your comment as a file and/or attach supporting
documents to your comment. Attachment Requirements.

Email this will NOT be posted on regulations.gov

Opt to receive email confirmation of submission and tracking number? Tell us about yourself! I am... * An Individual An Organization Anonymous First Name * Last Name * City Region State Alabama Alaska American Samoa Arizona Arkansas California Colorado Connecticut Delaware District of Columbia Florida Georgia Guam Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Puerto Rico Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virgin Islands Virginia Washington West Virginia Wisconsin Wyoming Zip Country Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia, Plurinational State of Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Congo, the Democratic Republic of the Cook Islands Costa Rica Côte d'Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands (Malvinas) Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See (Vatican City State) Honduras Hong Kong Hungary Iceland India Indonesia Iran, Islamic Republic of Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati Korea, Democratic People's Republic of Korea, Republic of Kuwait Kyrgyzstan Lao People's Democratic Republic Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macao Macedonia, the Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia, Federated States of Moldova, Republic of Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestine, State of Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Barthélemy Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Martin (French part) Saint Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Sint Maarten (Dutch part) Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and the South Sandwich Islands South Sudan Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan, Province of China Tajikistan Tanzania, United Republic of Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates United Kingdom United States United States Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela, Bolivarian Republic of Viet Nam Virgin Islands, British Virgin Islands, U.S. Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Phone Organization Type * Company Organization Federal State Local Tribal Regional Foreign U.S. House of Representatives U.S. Senate Organization Name * You are filing a document into an official docket. Any personal
information included in your comment text and/or uploaded
attachment(s) may be publicly viewable on the web. I read and understand the statement above.

Preview Comment Please review the Regulations.gov privacy notice and user notice.
Document Details Published Content - Document Details Agencies Office of Management and Budget Office of Federal Procurement Policy Department of Defense General Services Administration National Aeronautics and Space Administration Agency/Docket Numbers FAR Case 2023-008 Docket No. FAR 2023-0008, Sequence No. 1 CFR 48 CFR 1 48 CFR 2 48 CFR 9 48 CFR 12 48 CFR 13 48 CFR 39 48 CFR 40 48 CFR 52 Document Citation 91 FR 7223 Document Number 2026-03065 Document Type Proposed Rule Pages 7223-7242 (20 pages) Publication Date 02/17/2026 RIN 9000-AO56 Published Content - Document Details

PDF Official Content
- View printed version (PDF) Official Content
Document Details Published Content - Document Details Agencies Office of Management and Budget Office of Federal Procurement Policy Department of Defense General Services Administration National Aeronautics and Space Administration Agency/Docket Numbers FAR Case 2023-008 Docket No. FAR 2023-0008, Sequence No. 1 CFR 48 CFR 1 48 CFR 2 48 CFR 9 48 CFR 12 48 CFR 13 48 CFR 39 48 CFR 40 48 CFR 52 Document Citation 91 FR 7223 Document Number 2026-03065 Document Type Proposed Rule Pages 7223-7242 (20 pages) Publication Date 02/17/2026 RIN 9000-AO56 Published Content - Document Details
Document Dates Published Content - Document Dates Comments Close 04/20/2026 Dates Text Interested parties should submit written comments to the Regulatory Secretariat Division at the address shown below on or before April 20, 2026, to be considered in the formation of the final rule. Published Content - Document Dates
Table of Contents Enhanced Content - Table of Contents This table of contents is a navigational tool, processed from the
headings within the legal text of Federal Register documents.
This repetition of headings to form internal navigation links
has no substantive legal effect.
Related Documents Enhanced Content - Related Documents FederalRegister.gov uses the agency dockets published with the document to display related documents.

| FAR Case 2023-008
(4 Documents) | | | |
| --- | | | |
| Date | | Action | Title |
| | 2026-02-17 | Proposed rule. | Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services |
| | 2024-06-26 | Advanced notice of proposed rulemaking; extension of comment period. | Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services |
| View More Docket Documents | | | |

Enhanced Content - Related Documents

Public Comments Enhanced Content - Public Comments Comments are being accepted - Submit a public comment.

5 comments have
been received at Regulations.gov.

Agencies review all submissions and may choose to redact, or withhold,
certain submissions (or portions thereof). Submitted comments may not be
available to be read until the agency has approved them.

| Docket Title | Document ID | Comments | |
| --- | --- | --- | --- |
| Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services (FAR Case 2023-008) | FAR-2023-0008-0023 | 5 | |
Enhanced Content - Public Comments
- Regulations.gov Data Enhanced Content - Regulations.gov Data

FederalRegister.gov retrieves relevant information about this document
from Regulations.gov to provide users with additional context. This
information is not part of the official Federal Register document.

Federal Acquisition Regulation: Prohibition on Certain Semiconductor Products and Services (FAR Case 2023-008)

Comment Due Date 04/20/2026 Docket ID FAR-2023-0008 Supporting Documents FAR Case 2023-008 (p) Prohibition on Certain Semiconductor Products and Services RIA Enhanced Content - Regulations.gov Data

- Sharing Enhanced Content - Sharing Shorter Document URL https://www.federalregister.gov/d/2026-03065 Email Email this document to a friend Enhanced Content - Sharing

Print Enhanced Content - Print
- Print this document Enhanced Content - Print
Document Statistics Enhanced Content - Document Statistics Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.

Page views 3,534
as of
03/13/2026 at 10:15 am EDT Enhanced Content - Document Statistics
- Other Formats Enhanced Content - Other Formats This document is also available in the following formats:

JSON Normalized attributes and metadata XML Original full text XML MODS Government Publishing Office metadata More information and documentation can be found in our developer tools pages.

Enhanced Content - Other Formats
- Public Inspection Public Inspection This PDF is FR Doc. 2026-03065 as it appeared on Public Inspection on
02/13/2026 at 8:45 am.

It was viewed
613
times while on Public Inspection.

If you are using public inspection listings for legal research, you
should verify the contents of the documents against a final, official
edition of the Federal Register. Only official editions of the
Federal Register provide legal notice of publication to the public and judicial notice
to the courts under 44 U.S.C. 1503 & 1507. Learn more here.

Public Inspection
Published Document: 2026-03065 (91 FR 7223) This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Document Headings Document headings vary by document type but may contain
the following:

the agency or agencies that issued and signed a document
the number of the CFR title and the number of each part the document amends, proposes to amend, or is directly related to
the agency docket number / agency internal file number
the RIN which identifies each regulatory action listed in the Unified Agenda of Federal Regulatory and Deregulatory Actions See the Document Drafting Handbook for more details.

Office of Management and Budget

Office of Federal Procurement Policy

Department of Defense

General Services Administration

National Aeronautics and Space Administration

48 CFR Parts 1, 2, 9, 12, 13, 39, 40, and 52
[FAR Case 2023-008; Docket No. FAR 2023-0008, Sequence No. 1]
RIN 9000-AO56 ( printed page 7223) # AGENCY:

Office of Federal Procurement Policy (OFPP), Office of Management and Budget (OMB); Department of Defense (DoD); General Services Administration (GSA); and National Aeronautics and Space Administration (NASA).

ACTION:

Proposed rule.

SUMMARY:

OFPP, DoD, GSA, and NASA (collectively referred to as the Federal Acquisition Regulatory Council, or FAR Council) are proposing to amend the Federal Acquisition Regulation (FAR) to partially implement a section of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 which prohibits executive agencies from procuring or obtaining certain products and services that include covered semiconductor products or services effective December 23, 2027.

DATES:

Interested parties should submit written comments to the Regulatory Secretariat Division at the address shown below on or before April 20, 2026, to be considered in the formation of the final rule.

ADDRESSES:

Submit comments in response to FAR Case 2023-008 to the Federal eRulemaking portal at https://www.regulations.gov by searching for “FAR Case 2023-008”. Select the link “Comment Now” that corresponds with “FAR Case 2023-008”. Follow the instructions provided on the “Comment Now” screen. Please include your name, company name (if any), and “FAR Case 2023-008” on your attached document. If your comment cannot be submitted using https://www.regulations.gov, call or email the points of contact in the FOR FURTHER INFORMATION CONTACT section of this document for alternate instructions.

Instructions: Please submit comments only and cite “FAR Case 2023-008” in all correspondence related to this case. Comments received generally will be posted without change to https://www.regulations.gov, including any personal and/or business confidential information provided. Public comments may be submitted as an individual, as an organization, or anonymously (see frequently asked questions at https://www.regulations.gov/faq). To confirm receipt of your comment(s), please check https://www.regulations.gov, approximately two to three days after submission to verify posting.

FOR FURTHER INFORMATION CONTACT:

For clarification of content, contact FAR Policy by email at FARpolicy@gsa.gov or call 202-969-4075. For information pertaining to status, publication schedules, or alternate instructions for submitting comments if https://www.regulations.gov cannot be used, contact the Regulatory Secretariat Division at 202-501-4755 or GSARegSec@gsa.gov. Please cite “FAR Case 2023-008.”

SUPPLEMENTARY INFORMATION:

I. Background

The FAR Council is proposing to revise the FAR to implement paragraphs (a), (b), (c), and (h) of section 5949 of the James M. Inhofe National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2023 (Pub. L. 117-263, 41 U.S.C. 4713 note). Section 5949 prohibits executive agencies from procuring or obtaining certain products and services that include covered semiconductor products or services effective December 23, 2027.

Semiconductors are tiny electronic devices that are essential to America's economic and national security. Semiconductors power our consumer electronics, automobiles, data centers, critical infrastructure, and virtually all military systems. These devices power tools as simple as a power adapter and as complex as a fighter jet or a smartphone. They are also essential building blocks of the technologies that will shape our future, including artificial intelligence, biotechnology, and clean energy. For additional information on semiconductors, visit https://www.nist.gov/semiconductors and https://www.nist.gov/chips.

The National Counterintelligence and Security Center, located in the U.S. Office of the Director of National Intelligence, has identified semiconductors as one of the technology sectors in which the stakes of disruption are potentially greatest for U.S. economic and national security. There are numerous opportunities for adversaries and other threat actors to introduce hardware backdoors, malicious firmware, and malicious software into a semiconductor during production. Since semiconductors are key components of U.S. critical infrastructure (e.g., information technology, communications) and have many military applications, it is vital that these threat vectors are addressed during the production process. Semiconductors are ultimately integrated into end products, and the difficulty in identifying and mitigating risks to semiconductor hardware, firmware, and software grows exponentially after integration.

Due to this significant national security risk, Congress included a prohibition for certain covered semiconductors in section 5949 of the James M. Inhofe NDAA for FY 2023. The statute prohibits the head of an executive agency from procuring or obtaining, or extending or renewing a contract to procure or obtain, any electronic parts, products, or services that include covered semiconductor products or services. In addition, section 5949 prohibits the head of an executive agency from entering into a contract, or extending or renewing a contract, with an entity to procure or obtain electronic parts or products that use any electronic parts or products that include covered semiconductor products or services. However, executive agencies are not required to—

(1) Remove or replace any products or services resident in equipment, systems, or services, prior to the effective date of the prohibition; or

(2) Prohibit or limit the utilization of covered semiconductor products or services throughout the lifecycle (e.g., replacement component, spare part, support service) of existing equipment acquired prior to December 23, 2027.

On May 3, 2024, the FAR Council published in the Federal Register an advanced notice of proposed rulemaking (ANPR) (see 89 FR 36738). The ANPR sought feedback from the public on the amendments to the FAR being considered to accomplish the stated objectives when implementing section 5949 of the James N. Imhofe NDAA for FY 2023. Eighteen respondents submitted comments in response to the notice. Many respondents offered feedback on the specific questions in the notice to include:

Recommendations on ways to further clarify the scope of the prohibition;
Recommendations for clarifying the proposed definitions; ( printed page 7224)
Input on the proposed solicitation provision and contract clause;
Input on the waiver authority;
Whether entities have sufficient visibility into their supply chain to understand if their supply chain uses covered semiconductor products or services;
Information that is normally requested from subcontractors and suppliers about semiconductor provenance;
The procedures to conduct reasonable inquiries;
The use of covered semiconductor products or services and the impact the prohibition will have on entities;
The categories of products or services currently being provided to the Government for which entities anticipate needing a waiver when the prohibition is effective;
The time entities anticipate it will take to find alternative semiconductors that are compliant;
The impact implementation of section 5949 will have on small entities;
The challenges entities anticipate facing in effectively complying with the prohibition; and
Methods for identifying the provenance of the supply chain for electronic products and electronic services. Some respondents emphasized the importance of aligning the rule with congressional intent and cautioned against broadening the scope beyond what is mandated. Some respondents discouraged taking the proposed actions given that the electronics supply chain is complex, and covered electronic parts can be incorporated into other parts at almost every phase of a manufacturing process. Respondents urged action to mitigate compliance costs and protect proprietary information. Some respondents suggested the contracting officers should have discretion as to when section 5949 requirements would apply rather than applying the requirements across-the-board to all solicitations, contracts, and purchases with the requirements.

II. Discussion and Analysis

After considering inputs on the ANPR and consulting with other agencies, the FAR Council is proposing to amend the FAR to implement subsections (a), (b), (c), and (h) of section 5949 of the NDAA for FY 2023. On or after December 23, 2027, Federal agencies will be prohibited from procuring or obtaining—

(1) Electronic products or services that include covered semiconductor products or services (section 5949(a)(1)(A)); and

(2) Electronic products, for use in critical systems, that use electronic products that include covered semiconductor products or services (section 5949(a)(1)(B)).

A. Overview of Rule

This proposed FAR rule implements the prohibition on certain semiconductor products and services.

B. Policy

The proposed rule provides a new section at FAR 40.20X, Prohibition on certain semiconductor products and services, with a new corresponding solicitation provision at FAR 52.240-XX, Certification Regarding Certain Semiconductor Products and Services, and a new corresponding contract clause at FAR 52.240-YY, Prohibition on Certain Semiconductor Products and Services.

This section will provide contracting officers with policies and procedures for acquiring electronic products or electronic services in accordance with the prohibition on covered semiconductor products and services.

Offerors and contractors will also play a key role in this process by adhering to the solicitation and contract when proposing to provide or when providing any electronic products or electronic services.

1. Offeror Reasonable Inquiry

Before submitting an offer in response to a Government solicitation, an entity would be required to conduct a reasonable inquiry to determine whether the electronic products or electronic services it provides to the Government include covered semiconductor products or services or use electronic products that include covered semiconductor products or services.

To conduct this inquiry, an entity will need to assess which electronic products or electronic services are included in its offerings to the Government and seek out information to identify the source of semiconductor products or services included in those offerings. In conducting this inquiry an entity may consult the Department of Commerce website, search supplier websites, search manufacturer websites, or use supply chain illumination or other due diligence tools. If an entity is unable to find information to confirm that an electronic product or electronic service does not use or include a covered semiconductor product or service, the entity would need to look to its suppliers to conduct reasonable inquiries and provide the required certification in the solicitation provision at FAR 52.240-XX. It is expected that most entities will conduct a full review of the electronic products and electronic services that they may offer to the Government, rather than assess on a solicitation-by-solicitation basis.

2. Offeror Certification

When an offeror submits an offer in response to a solicitation containing the new requirement, the offeror will certify, as required by the new provision at FAR 52.240-XX, that it has conducted a reasonable inquiry, and that the offeror does not propose to (1) provide to the Government any electronic products or electronic services that include covered semiconductor products or services; and (2) does not provide to the Government, for use in critical systems identified by the Government, electronic products that use electronic products that include covered semiconductor products or services. These measures are necessary to build security and resilience in Government supply chains. In accordance with FAR 1.107, the certification requirement is specifically imposed by the statute for contractors (see section 5949(h)(1)(A)) and subcontractors (see section 5949(h)(6)). Therefore, the Administrator for Federal Procurement Policy does not need to approve the inclusion of the certification requirement imposed by this proposed rule.

3. Offeror Disclosure

The proposed rule also requires an offeror to disclose if they are providing electronic products or electronic services that are not compliant with the prohibition. If, as a result of the initial reasonable inquiry, an offeror discovers that an electronic product or electronic service to be offered to the Government under the solicitation includes covered semiconductor products or services, the offeror will need to disclose with its offer any information about the covered semiconductor product or service that is known at the time of submission of its offer. This disclosure includes, for example, information about the manufacturer, the risks associated with including the covered semiconductor product or service, and whether there are any available alternatives to the semiconductor product or service. The purpose for this disclosure is so that the Government may decide whether an exception may apply or to pursue a waiver.

4. Disclosure Safe Harbor

Prior to award, an offeror or lower-tier supplier that provides a disclosure regarding covered semiconductor ( printed page 7225) products or services in electronic products that are manufactured or assembled by an entity other than the offeror or lower-tier supplier will not be subject to civil liability nor determined to be not presently responsible based on such notification (see section 5949(h)(7) of the NDAA for FY 2023). Additionally, an offeror or lower-tier supplier that provides a disclosure regarding covered semiconductor products or services in electronic products manufactured or assembled by such offeror or lower tier supplier will not be subject to civil liability nor determined to be not presently responsible based on such notification if the offeror or lower-tier supplier makes a comprehensive and documentable effort to identify and remove the covered semiconductor products or services(see section 5949(h)(8) of the NDAA for FY 2023).

5. Contractor Notification

On or after December 23, 2027, paragraph (f) of proposed contract clause FAR 52.240-YY requires contractors to report to the contracting officer if they identify, have reason to suspect, or are notified by a subcontractor at any tier or any other source that any covered semiconductor product or service purchased by the Federal Government, or purchased by a Federal contractor or subcontractor for delivery to the Federal Government during contract performance contains covered semiconductor products or services, regardless of whether an exception applies. Reports must be provided in writing within 72 hours of identification.

Reporting this information to the contracting officer will allow the Government to assess the risk and make a determination on how to proceed.

While subsection (h)(5) of section 5949 provides contractors up to 60 days to give notice to the Government that an electronic product for use in a critical system contains a covered semiconductor product or service, on or after December 23, 2027, the clause proposed at FAR 52.240-YY, requires reporting within 72 hours for any electronic product or electronic service that contains a covered semiconductor regardless of an exception in paragraph (c) of the clause. Reporting within this timeframe is necessary to protect the Government by ensuring the Government is aware of any covered semiconductor product or service soon after discovery by the contractor. Similar reporting requirements exist for related prohibitions and cybersecurity requirements required by the clause at FAR 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab Covered Entities(3 business days), the clause at FAR 52.204-25, Prohibition on Contracting for Certain Telecommunications and Video Surveillance Services or Equipment (1 business day), Cyber Incident Reporting for Critical Infrastructure Act of 2022, Division Y of Public Law 117-103 (72 hours), and Defense FAR Supplement (DFARS) 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting (72 hours). The FAR Council has proposed a 72-hour reporting deadline, similar to these related reporting requirements, because the Government's need to safeguard economic and national security against the potential risks of any covered semiconductor product or service is time sensitive. Prevention and mitigation opportunities substantially increase when the Government is quickly made aware of any covered semiconductor product or service. The FAR Council recognizes that contractors need sufficient time to report the occurrence upon discovery. While the statute authorizes the proposed rule to set a notification timeframe of up to 60 days, after considering the foregoing risks to economic and national security and comparing similar reporting requirements, the FAR Council has determined that a 72-hour reporting timeframe is the appropriate deadline because it falls well within the 60-day notification ceiling the statute sets on the regulation while affording contractors sufficient time to report the occurrence upon discovery. To prevent double reporting and any potential confusion, the FAR Council has proposed this timeframe to implement the regulatory notification deadline within the 60-day reporting ceiling required by subsection (h)(5) of section 5949. This proposed rule implements the statute's reporting requirement and sets the notification deadline at 72 hours to protect national security by ensuring appropriate awareness of covered semiconductor products and services within Federal information systems and networks.

6. Safe Harbor

After award, a contractor or subcontractor that provides a timely notification regarding electronic products or electronic services prohibited by paragraph (b) of the clause proposed at FAR 52.240-YY that are manufactured or assembled by an entity other than the contractor or subcontractor will not be subject to civil liability. In addition, such a contractor or subcontractor will not be determined to be not a presently responsible contractor based on such notification (see section 5949(h)(7) of the NDAA for FY 2023).

Additionally, a contractor or subcontractor that provides a notification to the Government, contractor, or subcontractor regarding covered semiconductor products or services in electronic products or services manufactured or assembled by such contractor or subcontractor shall not be subject to civil liability nor determined to be not a presently responsible contractor on the basis of such notification, if the contractor or subcontractor makes a comprehensive and documentable effort to identify and remove the covered semiconductor products or services (see section 5949(h)(8) of the NDAA for FY 2023).

7. Disclosure to Non-Federal Entities

The proposed clause which flows down to subcontractors, requires contractors and subcontractors that are semiconductor covered entities to disclose the inclusion of a covered semiconductor product or service in electronic products or electronic services to non-Federal customers outside of the Government. Neither the statute, nor the proposed rule, are prescriptive regarding the contents or method of disclosure. It is possible that a contractor or subcontractor may choose to include this information or disclaimer in its marketing material, on its website, and in any sales agreements to non-Federal customers.

8. Applicability to Subcontractors

Section 5949(c) mandates prime contractors to incorporate the substance of these prohibitions and applicable implementing contract clauses into contracts. This proposed rule requires that prime contractors insert FAR 52.240-YY into all subcontracts for the supply of any electronic products and services.

The Department of Commerce will host a website listing entities determined by the Secretary of Commerce or Secretary of Defense to be an entity owned or controlled by, or otherwise connected to, the government of a semiconductor foreign country of concern. This list will identify the effective date for the determination and can be used to determine whether a semiconductor, semiconductor product, or semiconductor services is a covered semiconductor product or service (see FAR 52.240-XX(d)(2)). The Department of Commerce is also considering hosting a website for the list of organizations where the organization has certified that electronic products or services ( printed page 7226) produced or provided by that organization do not contain any prohibited covered semiconductor products or services (see FAR 52.240-XX(d)(1)). A contractor would be able to reasonably rely on the certifications provided by the Department of Commerce website without the need for further inquiry unless the contractor discovers any discrepancies or has reason to doubt the accuracy of any certification made by any listed organization.

C. Prohibition

The proposed rule implements the prohibition required by section 5949(a)(1)(A) of the NDAA for FY 2023 and section 5949(a)(1)(B) of the NDAA for FY 2023 at FAR 40.20X-2. The prohibition will become effective on or after December 23, 2027, unless an exception applies. Section 5949(a)(1)(B) goes beyond the prohibition in section 5949(a)(1)(A) by prohibiting Federal agencies from acquiring electronic products, used within critical systems that use electronic products that incorporate covered semiconductor products or services. Examples of what section 5949(a)(1)(B) could restrict a Federal agency from acquiring include, but are not limited to, (1) a control panel within a critical system that enables an Internet of Things (IoT) device that includes a covered semiconductor product or service or (2) an unmanned aircraft ground control station that controls an unmanned aircraft that includes a covered semiconductor product or service.

The prohibitions are implemented through the proposed solicitation provision at FAR 52.240-XX, Certification Regarding Certain Semiconductor Products and Services, prescribed at FAR 40.20X-6(a), and the proposed contract clause at FAR 52.240-YY, Prohibition on Certain Semiconductor Products and Services, prescribed at FAR 40.20X-6(b).

The prohibitions impact any product or service that uses or provides electronic products or electronic services to the Government. Due to the prevalence of electronic products and electronic services, the FAR Council anticipates this would impact a significant number of contracts and orders.

Additionally, section 5949 of the NDAA for FY 2023 does not exempt micro-purchases, as there would be national security risks associated with allowing purchases of covered semiconductors under the micro-purchase threshold. Many electronic products and electronic services that are critical to the mission of the Federal Government are procured under the current micro-purchase threshold, and it is important that this rule address such risks. Therefore, section 40.20X will apply to all acquisitions of products, non-commercial services, commercial information technology (IT) services, and commercial telecommunications services, including contracts at or below the micro-purchase threshold, for commercial products (including commercially available off-the-shelf items). Commercial products or commercial services for which there are no alternative sources available are excepted from the semiconductor prohibition until December 23, 2028. These procedures will assist the Federal Government in identifying and mitigating risks to semiconductor hardware, firmware, and software, in turn making the supply chain more resilient, while taking into consideration the availability of alternative sources, the impact on small entities, and the identification and processing of any waivers that may be necessary.

D. Exceptions and Waivers

1. Exceptions

Section 5949 of the NDAA for FY 2023 includes exceptions and waivers. As proposed at FAR 40.20X-3, agencies are not required to (1) Remove or replace any products or services resident in equipment, systems, or services, prior to December 23, 2027; or (2) Prohibit or limit the utilization of covered semiconductor products or services throughout the lifecycle (e.g., replacement component, spare part, support service) of existing equipment acquired prior to December 23, 2027.

Additionally, based on public comments received in response to the advance notice of proposed rulemaking and the expected impact to entities, commercial products or commercial services for which there are no alternative sources available are excepted from the semiconductor prohibition until December 23, 2028. This will allow entities additional time to find reasonable alternatives and limit the volume of waivers that would need to be processed by the Government.

Semiconductors, semiconductor products, and semiconductor services which are determined by Secretary of Commerce or Secretary of Defense to be a covered semiconductor product or service after contract award, are excepted from the prohibition unless the contract is modified to include such covered semiconductor product or service.

Section 5949 is silent on the applicability of these requirements to acquisitions of commercial products and commercial services. The law does not include terms making express reference to 41 U.S.C. 1906 and its application to acquisitions of commercial products or commercial services, nor does the law independently provide for criminal or civil penalties. Therefore, this law does not apply to acquisitions of commercial products and commercial services unless the FAR Council makes a written determination as required by 41 U.S.C. 1906. The FAR Council intends to make a determination to only apply section 5949 to acquisitions for commercial products, commercial IT services, and commercial telecommunications services. This determination is being implemented through an exception. Without this exception, this prohibition would impact many categories of commercial services (e.g., hotel accommodations) where the risk is very low to the Government and the Government is a very small share of the overall market. This targeted exception will allow the Government to focus this prohibition on all electronic products, non-commercial services, IT services, and telecommunication services where the risk is considered greatest. Therefore, the prohibition will not apply to commercial service procurements except for procurements for IT services and telecommunication services.

To align with the intent of the statute and avoid unintended consequences of regulating electronic services not directly related to the purpose of the procurement, electronic services that are incidental to the performance of the contract (e.g., contractor payroll) are also excepted.

2. Waivers

The proposed text at FAR 40.20X-5 provides the procedures for the head of an agency to waive, for a renewable period of not more than two years per waiver, the prohibitions at 40.X02 if the head of the agency-

(1) In consultation with the Secretary of Commerce, determines that no compliant product or service is available to be procured as, and when, needed at United States market prices or a price that is not considered prohibitively expensive (i.e., would impose significant difficulty or expense considering the agency resources available); and

(2) In consultation with the Secretary of Defense or the Director of National Intelligence, determines that such waiver could not reasonably be ( printed page 7227) expected to compromise the critical national security interests of the United States.

Additionally, the Secretary of Defense may provide a waiver for any executive agency if the Secretary of Defense determines that the waiver is in the critical national security interests of the United States. The Director of National Intelligence may provide a waiver for any executive agency if the Director of National Intelligence determines that the waiver is in the critical national security interests of the United States.

Lastly, the Secretary of Commerce, Secretary of Homeland Security, or Secretary of Energy, in consultation with the Director of National Intelligence or the Secretary of Defense, may provide a waiver for any executive agency if the Secretary determines that the waiver is in the critical national security interests of the United States. While the rule provides for exceptions and waivers, the overall goal of the statute remains the exclusion of semiconductors from prohibited entities to the greatest degree possible by December 23, 2027. As such, exceptions and waivers are meant to act as a bridge to near-term compliance with the rule, not an indefinite reprieve from it.

E. Other Updates

This proposed rule requires a new information collection. The OMB control number assigned to the information collection will be added to FAR 1.106.

Once finalized, the rule will move the definitions of “national security system” and “subsidiary” from 39.002 and 9.108-1, respectively, to FAR 2.101.

The proposed rule updates FAR 12.301 to include, for commercial products and information technology services and telecommunication services (i.e., services in Category D: Information Technology (IT) and Telecommunications (Telecom) of the Federal Procurement Data System Product and Service Codes (PSC) Manual), the proposed solicitation provision at FAR 52.240-XX in the list of other required provisions and clauses at paragraph (d).

The proposed rule updates FAR 13.201 to apply to micro-purchases, adding the prohibition on procuring or obtaining electronic products or electronic services that include covered semiconductor products or services and the prohibition on procuring or obtaining electronic products, for use in critical systems, that use electronic products that incorporate covered semiconductor products or services.

The new section at FAR 40.20X provides definitions, policies, exceptions, and procedures related to acquiring electronic products or electronic services that contain covered semiconductor products and services.

The clauses at FAR 52.212-5, Contract Terms and Conditions Required to Implement Statutes or Executive Orders-Commercial Products and Commercial Services; FAR 52.213-4, Terms and Conditions-Simplified Acquisitions (Other Than Commercial Products and Commercial Services); and FAR 52.244-6, Subcontracts for Commercial Products and Commercial Services, are updated to add the requirements of the proposed clause at FAR 52.240-YY, Prohibition on Certain Semiconductor Products and Services.

III. Applicability to Contracts at or Below the Simplified Acquisition Threshold (SAT) and for Commercial Products (Including Commercially Available Off-the-Shelf (COTS) Items), or for Commercial Services

This rule proposes to add a new provision at FAR 52.240-XX, Certification Regarding Certain Semiconductor Products and Services, and a new clause at FAR 52.240-YY, Prohibition on Certain Semiconductor Products and Services, to implement section 5949 of the James M. Inhofe NDAA for FY 2023. The provision and clause are prescribed at FAR 40.20X-6(a) and 40.20X-6(b).

A. Applicability to Contracts at or Below the Simplified Acquisition Threshold

41 U.S.C. 1905 governs the applicability of laws to acquisitions at or below the SAT. Section 1905 generally limits the applicability of new laws when agencies are making acquisitions at or below the SAT, but provides that such acquisitions will not be exempt from a provision of law under certain circumstances, including when the Federal Acquisition Regulatory Council (FAR Council) makes a written determination and finding that it would not be in the best interest of the Federal Government to exempt contracts and subcontracts in amounts not greater than the SAT from the provision of law. The FAR Council intends to make a determination to apply this statute to acquisitions at or below the SAT unless an exception applies. While the rule provides for exceptions and waivers, the overall goal of the statute remains to prohibit executive agencies from procuring or obtaining certain products and services that include covered semiconductor products or services to the greatest degree possible by December 23, 2027. As such, exceptions and waivers are meant to act as a bridge to near-term compliance with the rule not an indefinite reprieve from it.

B. Applicability to Contracts for the Acquisition of Commercial Products, Including Commercially Available Off-the-Shelf (COTS) Items, and Commercial Services

41 U.S.C. 1906 governs the applicability of laws to contracts for the acquisition of commercial products and commercial services and is intended to limit the applicability of laws to contracts for the acquisition of commercial products and commercial services. Section 1906 provides that if the FAR Council makes a written determination that it is not in the best interest of the Federal Government to exempt commercial contracts, the provision of law will apply to contracts for the acquisition of commercial products and commercial services. 41 U.S.C. 1907 states that acquisitions of COTS items will be exempt from certain provisions of law unless the Administrator for Federal Procurement Policy makes a written determination and finds that it would not be in the best interest of the Federal Government to exempt contracts for the procurement of COTS items.

The FAR Council intends to make a determination to apply section 5949 to acquisitions for commercial products, commercial IT services, and commercial telecommunications services. The Administrator for Federal Procurement Policy intends to make a determination to apply this statute to acquisitions for COTS items.

C. Determinations

Section 5949 of the James M. Inhofe NDAA for FY 2023 prohibits the head of an executive agency from procuring or obtaining, or extending or renewing a contract to procure or obtain, any electronic parts, products, or services that include covered semiconductor products or services. In addition, section 5949 prohibits the head of an executive agency from entering into a contract, or extending or renewing a contract, with an entity to procure or obtain electronic parts or products that use any electronic parts or products that include covered semiconductor products or services. However, executive agencies are not required to—

(1) Remove or replace any products or services resident in equipment, systems, or services, prior to the effective date of the prohibition.

(2) Prohibit or limit the utilization of covered semiconductor products or services throughout the lifecycle (e.g., replacement component, spare part, ( printed page 7228) support service) of existing equipment acquired prior to December 23, 2027.

The law is silent on the applicability of Section 5949 of the NDAA for FY 2023 to acquisitions at or below the SAT. The law does not include terms making express reference to 41 U.S.C. 1905 and its applicability to acquisitions at or below the SAT, nor does the law independently provide for criminal or civil penalties. Therefore, the law does not apply to acquisitions at or below the SAT unless the FAR Council makes a written determination as required by 41 U.S.C. 1905. Application of the law to contracts at or below the SAT, will further national security. Failure to apply Section 5949 of the NDAA for FY 2023 to contracts at or below the SAT would exclude a significant number of contracts that may include the prohibited semiconductors. For this reason, the FAR Council intends to determine that it is in the best interest of the Federal Government to apply the requirements of the rule to applicable contracts at or below the SAT.

With regards to subcontracts at or below the SAT, the FAR Council intends to determine that it is in the best interest of the Federal Government to apply section 5949 of the NDAA for FY 2023 to such acquisitions unless an exception applies.

The law is silent on the applicability of these requirements to acquisitions of commercial products and commercial services. The law does not include terms making express reference to 41 U.S.C. 1906 and its application to acquisitions of commercial products or commercial services, nor does the law independently provide for criminal or civil penalties. Therefore, this law does not apply to acquisitions of commercial products and commercial services unless the FAR Council makes a written determination as required by 41 U.S.C. 1906. The FAR Council intends to determine that it would not be in the best interest of the Federal Government to exempt acquisitions of commercial products, and commercial IT services and telecommunication services (i.e., services in Category D: Information Technology (IT) and Telecommunications (Telecom) of the Federal Procurement Data System Product and Service Codes (PSC) Manual) from the requirements of Section 5949 of the NDAA for FY 2023. As such, this rule would apply to acquisitions for commercial products and commercial IT services and commercial telecommunication services. With regards to subcontracts for commercial products and commercial services, the FAR Council intends to determine that it would be in the best interest of the Federal Government to apply section 5949 of the NDAA for FY 2023 to such acquisitions unless an exception applies.

The law is silent on the applicability of this requirement to acquisitions of COTS items. The law does not include terms making express reference to 41 U.S.C. 1907 and its application to acquisitions of COTS items, nor does the law independently provide for criminal or civil penalties. Therefore, it does not apply to acquisitions of COTS items unless the Administrator for Federal Procurement Policy makes a written determination as provided at 41 U.S.C. 1907. Considering that semiconductor products meet the definition of a COTS item, the Administrator for Federal Procurement Policy intends to make a determination to apply this rule to acquisitions of COTS items, including subcontracts for COTS items.

IV. Severability

If any portion (e.g., section, clause, sentence) of this rule is held to be invalid or unenforceable facially, or as applied to any entity or circumstance, it shall be severable from the remainder of this rule, and shall not affect the remainder thereof, or its application to entities not similarly situated or to other dissimilar circumstances. The various portions of this rule are independent and serve distinct purposes. Even if one aspect were rendered invalid, the other benefits of the rule would still be applicable.

V. Expected Impact of the Rule

The Government has conducted a regulatory impact analysis (RIA) for the proposed rule, which is available in the docket for FAR Case 2023-008 available at https://www.regulations.gov. The RIA includes a discussion of the anticipated benefits of the rule, a description of impacted entities, an estimate of the public and Government costs associated with compliance, and the alternatives considered. Based on the RIA, the total estimated public and Government costs associated with this proposed rule in millions over a 10-year period:

| Cost | Undiscounted | 3% Discount
rate | 7% Discount
rate |
| --- | --- | --- | --- |
| Net Present Value | $1,859 | $1,631 | $1,396 |
| Annualized | 186 | 191 | 199 |
The following table presents the total estimated public and Government costs in millions per year:

| Year | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| Costs | $530 | $151 | $151 | $147 | $147 | $147 | $147 | $147 | $147 | $147 |
| 3% | 514 | 142 | 138 | 130 | 127 | 123 | 119 | 116 | 113 | 109 |
| 7% | 495 | 132 | 123 | 112 | 105 | 98 | 91 | 85 | 80 | 75 |
The Government is seeking public comment on the RIA. The following sections provide a summary of the benefits, compliance activities, and the total annual costs. For more detailed information please access the full RIA available at http://www.regulations.gov (search for “FAR Case 2023-008,” click “Open Docket,” and view “Supporting Documents”).

A. Benefits

1. Increased National Security and Economic Protection

Resilient and secure supply chains with robust breadth and depth are necessary to ensure national security and economic prosperity. ( printed page 7229) Semiconductors and advanced packaging were identified in Executive Order 14017 “America's Supply Chains” as one of four key supply chains subject to a review within 100 days of the issuance of the Executive Order. The 100-Day Supply Chain Review report emphasized the complexity of the semiconductor global supply chain and identified risks in the semiconductor supply chain, including malicious insertion. Failure to address this semiconductor supply chain vulnerability would have a substantial impact on national security and economic security, as it would provide adversaries the opportunity to infiltrate the semiconductor supply chain. During semiconductor production, there are numerous opportunities for adversaries and other threat actors to introduce hardware, backdoors, malicious firmware, and malicious software into a semiconductor. The possibility of infiltration poses a risk not only to the specific electronic product or service procured by the Government, but also presents a cyber-attack risk to Government systems. Since semiconductors are key components of U.S. critical infrastructure (e.g., information technology and communication) and have many military applications, it is vital that these threat vectors are addressed during the production process. The proposed rule, if finalized, would increase protection against potential semiconductor supply chain infiltration by prohibiting agencies from procuring covered semiconductors products or services and requiring that offerors certify that they will not provide covered semiconductors after a reasonable inquiry. The offeror's certification increases Government awareness of the semiconductors included in their electronic products and services. Limiting the Government's exposure to covered semiconductors reduces the opportunity for adversaries to maliciously infiltrate the Government's semiconductor supply chain and increases its resilience and security.

The risks of supply chain infiltration noted above also extend to all non-Federal customers of semiconductor covered entities, not just the Government. The risks for these non-Federal customers include many of the same risks as those posed to the Government (e.g., hacking, cyber-attacks, counterfeits), and also includes distinct risks (e.g., intellectual property theft and business disruption). A survey of the microelectronic industrial base by the Department of Commerce's Bureau of Industry and Security's Assessment of the Status of the Microelectronics Industrial Base in the United States indicated rising concern related to information security, with increasing expectations of challenges related to cybersecurity, intellectual property and patent infringement, and foreign industrial espionage. The proposed rule requires that semiconductor covered entities disclose to non-Federal customers the inclusion of covered semiconductor products in electronic products or electronic services. This disclosure increases the protection for non-Federal customers by raising their awareness of the inclusion of covered semiconductors in their products, which allows them to make informed decisions and risk assessments. Non-Federal customer awareness of the inclusion of covered semiconductors will increase supply chain visibility, which should enhance the capability for protection and risk mitigation.

2. Protection From Semiconductor Supply Chain Disruption

The risk of semiconductor supply chain disruption has been a focus following the COVID-19-related semiconductor supply chain disruption. The resulting global chip shortage resulted in supply chain challenges and, according to a survey cited by the Department of Commerce and Department of Homeland Security's Assessment of the Critical Supply Chains Supporting the U.S. Information and Communication Technology, increased the lead times for various products including components, routers, switches, and servers. The 100-Day Supply Chain Review indicated that the semiconductor supply chain is “fragile” due to the immense number of inputs, energy demands, globalized and highly specialized nature, and the economic benefits of geographic manufacturing clusters, which raises the risk of unintentional supply chain disruptions. The impact of unintentional disruptions to the semiconductor supply chain demonstrates the vulnerability of the supply chain that is furthered by the risk of malicious disruption to the semiconductor supply chain. The 100-Day Supply Chain Review emphasized how the nature of the semiconductor supply chain increases the risk for malicious disruptions to semiconductors. The report on the Department of Commerce's survey notes that the semiconductor industry has increasingly been targeted by cyberattacks, and in 2022 alone, the industry experienced eight major ransomware attacks that impacted industry leaders. These cyber-attacks underscore the importance of protecting the semiconductor supply chain from malicious disruptions. Relying on semiconductors from adversaries increases the risk of malicious disruptions to the semiconductor supply chain. The impact of this supply chain disruption could affect national security and vast sections of the economy. The proposed rule increases protection from semiconductor supply chain disruption by prohibiting covered semiconductors and providing transparency into where covered semiconductors are utilized.

3. Supply Chain Transparency

The current lack of visibility into the semiconductor supply chain reduces the ability of the Government to mitigate risk and address supply chain disruptions and infiltrations. The Department of Defense, in its 2023 National Defense Industry Strategy report, indicates that the lack of visibility into our critical supply chains creates unique challenges that need to be addressed in order to meet national security objectives and that greater visibility increases the ability to mitigate risks and to manage disruptions proactively, aggressively, and systematically. Requiring that semiconductor covered entities disclose to non-Federal customers the inclusion of a covered semiconductor product or service in electronic parts, products, or services will also improve visibility into the semiconductor supply chain by increasing transparency of the entire U.S. semiconductor market. Furthermore, the proposed rule's requirement that offerors conduct a reasonable inquiry into their semiconductor supply chain promotes increased supply chain visibility for offerors. This visibility will allow for better risk assessments, risk mitigation, business decisions, and supply chain determinations. The benefits of increasing visibility into the supply chain also expands to all consumers of products containing semiconductors. The increased transparency from the proposed rule will also benefit the semiconductor manufacturing industry as increased supply chain transparency will allow them to reduce the risk of unintentional and malicious disruptions.

B. Public Impact

The following table illustrates the total estimated public cost associated with this proposed rule in millions over a 10-year period: ( printed page 7230)

| Public cost | Undiscounted | 3% Discount
rate | 7% Discount
rate |
| --- | --- | --- | --- |
| Net Present Value | $1,798 | $1,575 | $1,344 |
| Annualized | 180 | 185 | 191 |
The following table presents the total estimated public costs in millions per year:

| Year | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| Cost | $489 | $148 | $148 | $145 | $145 | $145 | $145 | $145 | $145 | $145 |
| 3% | 475 | 139 | 135 | 129 | 125 | 121 | 118 | 114 | 111 | 108 |
| 7% | 457 | 129 | 120 | 111 | 103 | 97 | 90 | 84 | 79 | 74 |
A summary of the specific compliance activities and total estimated annual costs associated with these activities are provided in the sections that follow. For more detailed information on the public cost estimates, please see section II.B. of the RIA available at http://www.regulations.gov (search for “FAR Case 2023-008” click “Open Docket,” and view “Supporting Documents”).

1. Regulatory Familiarization

Entities interested in doing business with the Government will need to review the new solicitation provision and contract clause and familiarize themselves with the prohibition, the authorized exceptions, the minimum requirements for making a reasonable inquiry, the certifications the entity will make by submitting an offer in response to a Government solicitation, the disclosure requirements for covered semiconductor products and services, and the potential liability for failing to conduct a reasonable inquiry or to disclose known covered semiconductor products or services being used in performance of a Government contract. The total estimated cost for regulatory familiarization in the initial year of the rule is $193,600,000. The estimated cost for regulatory familiarization for new entrants in each subsequent year is $7,392,000.

2. Reasonable Inquiry

Before submitting an offer in response to a Government solicitation and providing the certifications required by the new provision at FAR 52.240-XX, an entity would be required to conduct a reasonable inquiry to determine whether the electronic products or electronic services it provides to the Government include covered semiconductor products or services or use electronic products that include covered semiconductor products or services. It is expected that most entities will conduct a full review of the electronic products and electronic services that they may offer to the Government, rather than assess on a solicitation-by-solicitation basis.

To conduct this inquiry, an entity will need to assess the electronic products or electronic services that are included in its offerings to the Government and seek out information to identify the source of semiconductor products or services included in those offerings. In conducting this inquiry an entity may consult the Department of Commerce website, search supplier websites, or use supply chain illumination or other due diligence tools. If an entity is unable to find information to confirm that an electronic product or service does not use or include a covered semiconductor product or service, the entity would need to look to its suppliers to conduct reasonable inquiries and provide the required certification.

The Government estimates the total annual cost in the first year of implementation to be $138,537,675, of which $51,327,675 is attributed to entities who are prime contractors on Government contracts and $87,210,000 is attributed to subcontractors and suppliers. For each subsequent year, the Government estimates the total estimated annual cost is $121,428,450, of which $34,218,450 is attributed to entities who are prime contractors on Government contracts and $87,210,000 is attributed to subcontractors and suppliers.

3. Government Disclosures

If, as a result of the initial reasonable inquiry, an offeror discovers that an electronic product or electronic service to be offered to the Government under the solicitation includes covered semiconductor products or services, the offeror will need to disclose with its offer any information about the covered semiconductor product or service that is known at the time of submission of its offer. This disclosure includes, for example, information about the manufacturer, the risks associated with including the semiconductor product or service, and whether there are any available alternatives to the semiconductor product or service. The total estimated annual cost for disclosures in the initial year of implementation is $3,962,318. Given the expected updates to supply chains, the total estimated annual cost in the first two years after initial implementation, is reduced to $1,189,559. After the first three years of implementation, the total estimated annual cost associated with pre-award disclosures is $198,548.

4. Product and Supply Chain Updates

In order to avoid being ineligible for award of Government contracts based on noncompliance with the Section 5949 prohibitions, entities will need to remove electronic products and electronic services that include or use covered semiconductor products and services from the products and services they offer to the Government. The level of effort associated with removing such products can vary significantly from one entity to another. The impact depends on whether an entity is reselling, manufacturing, or using an electronic product or service that contains a covered semiconductor product or service.

Entities that use or resell an electronic product or service that contains a covered semiconductor product or service will be focused on communicating with their suppliers and customers and making other operational adjustments. These entities will need to assess and renegotiate their current supplier agreements, identify sources of alternative products, manage their existing inventory, and update internal systems, processes, and procedures. Removing covered semiconductor products and services from products manufactured under Government contracts will require the most ( printed page 7231) significant level of effort. Manufacturers may also experience product redesign, testing, and prototyping costs.

The proposed rule does not require entities to remove or replace electronic products or electronic services resident in existing equipment, systems, or services, that were acquired by the contractor prior to December 23, 2027, and used as part of the performance of the contract, or to limit the utilization of a covered semiconductor product or service throughout the lifecycle (e.g., replacement component, spare part, support service) of existing equipment that was acquired by the contractor prior to December 23, 2027, and used as part of the performance of the contract, which will limit the impact of the prohibition on impacted entities. However, entities must adjust designs intended to be leveraged for future Government contracts to ensure compliance with the prohibition.

The Government has limited visibility into and information on how many electronic products or electronic services may need to be removed from the supply chain or adjusted to not use covered semiconductor products or services. For the purposes of this analysis, the Government estimates the total cost for entities to replace electronic products or electronic services they resell to the Government or use in the performance of Government contracts in the first year of implementation to be $114,750,000. The total estimated annual cost associated with adjusting products manufactured for the Government to remove covered semiconductor products or services in the first year of implementation is $152,125,000. The estimated annual cost in each subsequent year of implementation is $11,500,000 for replacements and $2,600,000 for adjustment of manufactured electronic products and electronic services.

5. Government Notification

On or after December 23, 2027, a contractor must notify the contracting officer within 72 hours of becoming aware that it provided a covered semiconductor product or service to the Federal Government or purchased for delivery to the Federal Government during performance of a contract, in order to be protected under the safe harbor provisions in paragraph (h) of the clause at FAR 52.240-YY.

The total estimated annual cost associated with making these post-award notifications in the initial year of implementation is $264,155. Given the expected updates to supply chains, the total estimated annual cost for such notifications in the first two years after initial implementation is $26,473. After the first three years of implementation, the total estimated annual cost is $13,237.

6. Non-Federal Customer Disclosures

The clause, which flows down to subcontractors, requires semiconductor covered entities to disclose the inclusion of a covered semiconductor product or service in electronic products or electronic services to non-Federal customers outside of the Government. Neither the statute nor the proposed rule is prescriptive regarding the contents or method of disclosure. It is possible that a contractor or subcontractor may choose to include this information or disclaimer in its marketing material, on its website, and in any sales agreements to non-Federal customers.

The total estimated annual cost associated with making these post-award notifications in the initial year of implementation is $4,312,305. Given the expected updates to supply chains, the total estimated annual cost for such notifications in the first two years after initial implementation is $2,157,092. After the first three years of implementation, the total estimated annual cost is $432,170.

C. Government Impact

The following table illustrates the total estimated Government cost associated with this proposed rule in millions over a 10-year period:

| Government cost | Undiscounted | 3% Discount
rate | 7% Discount
rate |
| --- | --- | --- | --- |
| Net Present Value | $60.6 | $56.4 | $51.9 |
| Annualized | 6.1 | 6.6 | 7.4 |
The following table presents the total estimated Government costs in millions per year:

| Year | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| Costs | $40.9 | $3.0 | $3.0 | $2.0 | $2.0 | $2.0 | $2.0 | $2.0 | $2.0 | $2.0 |
| 3% | 39.7 | 2.8 | 2.7 | 1.7 | 1.7 | 1.6 | 1.6 | 1.5 | 1.5 | 1.5 |
| 7% | 38.2 | 2.6 | 2.4 | 1.5 | 1.4 | 1.3 | 1.2 | 1.1 | 1.1 | 1.0 |
A summary of the specific compliance activities and total estimated annual costs associated with these activities are provided in the sections that follow. For more detailed information on the Government cost estimates, please see section II.C. of the RIA available at http://www.regulations.gov (search for “FAR Case 2023-008” click “Open Docket,” and view “Supporting Documents”).

1. Training & Familiarization

Government contracting officers, contract specialists, contracting officer representatives, and others involved in the acquisition process (such as those involved in the development of requirements documents), will be required to become familiar with the requirements of this rule and receive additional training in order to ensure they are not procuring electronic products or electronic services that contain covered semiconductor products or services. The estimated annual training cost is $35,500,000 in the first year of implementation and $1,775,000 in each subsequent year.

2. Review Disclosures

If, when reviewing proposals, the contracting officer finds that an offeror has disclosed electronic products or electronic services that include or use covered semiconductor products or services, the contracting officer will forward the disclosure to the ( printed page 7232) appropriate personnel in the requiring activity who will review the disclosure, consult with other offices as necessary, and advise the contracting officer regarding whether the disclosure impacts the contracting officer's ability to award to the offeror or if a waiver should be pursued. The total cost for the Government to review disclosures in the first year of implementation is $2,444,175. In the first two years after initial implementation, the estimated annual cost to the Government is $733,785. Annually thereafter, the estimated annual cost to the Government is $122,475.

3. Review Notifications

If, during performance of a contract, the contracting officer receives a notification from the contractor that it has provided to the Government an electronic product or electronic service that includes or uses covered semiconductor products or services, the contracting officer will forward the notification to the appropriate personnel in the requiring activity who will review the notification, consult with other offices as necessary, and advise the contracting officer on how the notification impacts contract administration and whether a post-award waiver should be pursued. The total cost for the Government to review the estimated disclosures in the first year of implementation is $201,960. In the first two years after initial implementation, the estimated annual cost to the Government is $20,240. Annually thereafter, the estimated annual cost to the Government is $10,120.

4. Process Waivers

The Government may consider authorizing a waiver to allow the inclusion or use of the covered semiconductor product or service. For this effort, it is anticipated that the requiring activity and technical experts will be responsible for drafting the basis for the waiver. The program manager and an attorney will provide feedback on the waiver and will meet with and seek approval of the waiver from a senior executive. The contracting officer will communicate with the contractor regarding the agency's decision. The total estimated annual cost for the Government to consider waivers in the first year of implementation is $2,726,460. The percent of notifications requiring a waiver is expected go down after the initial year therefore, the estimated annual cost to the Government in the first two years after initial implementation is $470,745. Annually thereafter, the estimated annual cost to the Government is $54,945.

D. Alternatives Considered

1. Commercial Products and Commercial Services

The Government considered applying this prohibition to all commercial products and commercial services. However, this prohibition would impact many categories of commercial services (e.g., hotel accommodations) where the risk is very low to the Government and the Government is a very small share of the overall market. Applying the prohibition to commercial electronic products, IT services, and telecommunication services will allow the Government to focus this prohibition where the risk is greatest.

Public comments received in response to the advanced notice of proposed rulemaking identified a need for an exemption or delay in effective date for commercial products and commercial services. However, a full exemption of the prohibition is not feasible given the national security implications associated with this prohibition. Because certain commercial electronic products and services will require additional time to remove covered semiconductor products and services, the Government is also proposing a one-year delay in the effective date where no alternative is available. Including this one-year exemption will reduce the number of contract-by-contract waivers the Government will likely need to process in the first year of implementation while industry updates their products and supply chains.

2. Requiring Artifacts for Validating Compliance

The Government considered including a requirement for contractors to provide artifacts (e.g., hardware bill of materials) to validate compliance with this prohibition beyond the certification requirement. However, after considering the current level of use by the electronics industry of such artifacts and the likely costs this would add to the rule, the Government decided that these artifacts would not be required at this time. The rule requires offerors and contractors to conduct a reasonable inquiry into their supply chains to identify any prohibited semiconductors and then certify whether their electronic products and electronic services include such prohibited semiconductors. The reasonable inquiry and certification will sufficiently mitigate the risk of noncompliance at this time. Depending on industry adoption of such artifacts in the future, future rulemaking could add a requirement as needed.

VI. Executive Orders 12866 and 13563

Executive Orders (E.O.s) 12866 (as amended by E.O. 14094) and 13563 direct agencies to assess costs and benefits of available regulatory alternatives and, if regulation is necessary, to select regulatory approaches that maximize net benefits (including potential economic, environmental, public health and safety effects, distributive impacts, and equity). E.O. 13563 emphasizes the importance of quantifying both costs and benefits, of reducing costs, of harmonizing rules, and of promoting flexibility. This is a significant regulatory action under section 3(f)(1) of E.O. 12866 and, therefore, was subject to review under section 6(b) of E.O. 12866, Regulatory Planning and Review, dated September 30, 1993.

VII. Executive Order 14192

This rule is exempt from (Unleashing Prosperity Through Deregulation) as it is a regulation issued with respect to a national security or homeland security function of the United States.

VIII. Regulatory Flexibility Act

The proposed rule, if finalized, may have a significant economic impact on a substantial number of small entities within the meaning of the Regulatory Flexibility Act 5 U.S.C. 601-612. The Initial Regulatory Flexibility Analysis (IRFA) is as follows:

1. Reasons for the action.

The reason for this proposed rule is to revise the Federal Acquisition Regulation (FAR) to implement paragraphs (a), (b), (c), and (h) in section 5949 of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (Pub. L. 117-263, 41 U.S.C. 4713 note). Section 5949 prohibits executive agencies from procuring or obtaining certain products and services that include covered semiconductor products or services effective December 23, 2027.

2. Objectives of, and legal basis for, the rule.

The objective of this rule is to mitigate a significant national security risk given the numerous opportunities for adversaries and other threat actors to introduce hardware backdoors, malicious firmware, and malicious software into a semiconductor during production. Since semiconductors are key components of U.S. critical infrastructure (e.g., information technology, communications) and have many military applications, it is vital that these threat vectors are addressed during the production process. Semiconductors are ultimately integrated into end products, so it can be difficult to identify and mitigate risks to semiconductor hardware, firmware, and software. This rule proposes to amend the FAR to implement paragraphs (a), (b), (c), ( printed page 7233) and (h) in section 5949 of the NDAA for FY 2023. On or after December 23, 2027, Federal agencies will be prohibited from procuring or obtaining—(1) Electronic products or services that include covered semiconductor products or services (section 5949(a)(1)(A)); and (2) Electronic products, for use in critical systems, that use electronic products that include covered semiconductor products or services (section 5949(a)(1)(B)).

Promulgation of the FAR is authorized by 40 U.S.C. 121(c); 10 U.S.C. chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C. 3016); and 51 U.S.C. 20113.

3. Description of and an estimate of the number of small entities to which the rule will apply.

This proposed rule, if finalized, would impact small entities that have an interest in doing business with the Federal Government, regardless of their primary North American Industry Classification System code (NAICS). Specifically, small entities that include or use electronic products or electronic services in the products and services they offer to the Government would be subject to certain compliance requirements. The estimated number of small entities impacted by each of these compliance requirements is as follows:

a. Regulatory Familiarization

As of October 2024, there are approximately 550,000 entities registered in SAM, of which approximately 401,000 (72 percent) are considered small for at least one NAICS code. On average there are approximately 21,000 new active SAM registrants each year, of which approximately 14,000 (~75 percent) are small entities. At minimum, these small entities will need to become familiar with the requirements of the rule.

b. Reasonable Inquiry

According to data available in the Federal Procurement Data System for Government fiscal years 2021 through 2023, on average the Government awards contracts for products, for information technology or telecommunications services, and for other services procured using other than FAR part 12 commercial procedures to approximately 54,000 unique entities each year, of which 36,000 (~67 percent) are small entities. The Government estimates that approximately 45,900 (85 percent) of these entities, of which 30,600 (~67 percent) are small entities, offer electronic products or electronic services to the Government and would need to conduct a reasonable inquiry to determine whether their products or services use or include covered semiconductor products or services.

The Government does not have data on how many suppliers to prime contractors may also be asked to conduct a reasonable inquiry. For the purposes of this analysis, it is assumed the ratio of prime contractors to subcontractors required to perform a reasonable inquiry is 1:5 and that 80 percent of the subcontractors are small entities. Therefore, the Government estimates that 229,500 suppliers or subcontractors may be required to conduct reasonable inquiries, of which 183,600 are estimated to be small entities.

c. Government Disclosure (Pre-Award)

The Government estimates that five percent of the entities required to conduct a reasonable inquiry (primes and subcontractors) or 2,295 entities may need to disclose the use or inclusion of covered semiconductor products and services with their offers, of which 1,530 are estimated to be small entities. The Government anticipates a reduction in the number of impacted entities after the first year of implementation.

d. Product and Supply Chain Updates

The Government has limited visibility into or information on how many electronic products or services may need to be removed from the supply chain or adjusted to not use covered semiconductor products or services. Some entities who contract with the Federal Government may have none, while others may have a concentration of products or services. For the purposes of this analysis, the Government assumes that the 2,295 entities providing pre-award disclosures, of which 1,530 are small entities, may need to replace electronic products or services they resell or use in the first year of implementation. It is further estimated that 115 of these entities, of which 77 are estimated to be small entities, may need to adjust products they manufacture to remove covered semiconductor products or services in the first year of implementation. The Government anticipates a reduction in the number of impacted entities after the first year of implementation.

e. Government Notification (Post-Award)

The Government estimates that one percent of entities required to conduct a reasonable inquiry at the prime level (459 entities, of which 306 are estimated to be small entities) may need to disclose to the Government the use or inclusion of covered semiconductor products and services during performance of a contract. The Government anticipates a reduction in the number of impacted entities after the first year of implementation.

f. Non-Federal Customer Notification

The Government estimates that one percent of entities required to conduct a reasonable inquiry at the subcontractor level (2,295 entities, of which 1,530 are estimated to be small entities), may need to disclose the inclusion of a covered semiconductor product or service in electronic products or electronic services to non-Federal customers outside of the Government. The Government anticipates a reduction in the number of impacted entities after the first year of implementation.

4. Description of projected reporting, recordkeeping, and other compliance requirements of the rule.

The following is a summary of the projected compliance requirements and the estimated costs per small entity and total annual costs to small entities associated with those compliance requirements. The total estimated annual cost to small entities in the initial year of implementation is $352,355,968. The total estimated annual cost to small entities in the first two years after initial implementation is $110,006,039. In subsequent years, the total estimated annual cost to small entities is $108,187,360. Additional information on the basis for the cost estimates and a summary of compliance costs by compliance requirement and business size is available in the regulatory impact analysis available at http://www.regulations.gov (search for “FAR Case 2023-008,” click “Open Docket,” and view “Supporting Documents”).

a. Regulatory Familiarization

The Government estimates that it will take an entity, on average, four hours to become familiar with the rule. Four hours is the amount of time associated with reading and understanding the rule. In general, this activity is expected to be performed by management analysts. The estimated cost per entity for regulatory familiarization is $352. Therefore, the estimated annual cost for small entities in the first year of implementation is $141,152,000 (401,000 small entities * $352/business). The estimated annual cost for small entities in subsequent years is $4,928,000 (14,000 small entities * $352/entity).

b. Reasonable Inquiry

Before submitting an offer in response to a Government solicitation, and providing the certifications required by the new provision at FAR 52.240-XX, Certification Regarding Certain Semiconductor Products and Services, an entity would be required to conduct a reasonable inquiry to determine whether the electronic products or electronic services it provides to the Government include covered semiconductor products or services or use electronic products that include covered semiconductor products or services. It is expected that most entities will conduct a full review of the electronic products and electronic services that they may offer to the Government, rather than assess on a solicitation-by-solicitation basis.

To conduct this inquiry, an entity will need to assess the electronic products or electronic services are included in its offerings to the Government and seek out information to identify the source of semiconductor products or services included in those offerings. In conducting this inquiry an entity may consult the Department of Commerce website, search supplier websites, search manufacturer websites, or use supply chain illumination or other due diligence tools. If an entity is unable to find information to confirm that an electronic product or electronic service does not use or include a covered semiconductor product or service, the entity would need to look to its ( printed page 7234) suppliers to conduct reasonable inquiries and provide the required certification in the solicitation provision at 52.240-XX. for the certification.

The level of effort required to conduct the initial reasonable inquiry is dependent on a number of factors, including the number and diversity of electronic products or electronic services an entity offers to the Government and how far into its supply chain an entity must go to validate that electronic products and electronic services do not contain covered semiconductor products and services. In general, this effort is expected to be performed by a purchasing manager who is supported by management analysts. The results of the inquiry are expected to be reviewed by an attorney and maintained by a compliance officer. For this analysis, the Government estimates that the average cost is $1,118.25 per entity conducting an inquiry on multiple products and services at the prime level in the first year of implementation and $745.50 per entity in subsequent years. The Government further estimates a cost of $380 per supplier conducting an inquiry on one product or service at the subcontractor level. The Government recognizes that the actual level of effort may vary substantially from one supplier to the next.

The total estimated annual cost for small entities performing at the prime level to conduct initial reasonable inquiries in the initial year of implementation is $34,218,450 (30,600 small entities * $1,118.25/business). For small business suppliers, the total estimated annual cost in the initial year is $69,768,000 (183,600 small entities * $380/business). After the first year of implementation, the total estimated annual cost for small business primes is $22,812,300 (30,600 small entities * $745.50/entity) and $69,768,000 (183,600 small entities * $380) for small entity subcontractors.

c. Government Disclosure (Pre-Award)

This effort is expected to be performed by a management analyst who gathers the required information about a covered semiconductor product or service and drafts the disclosure to include in the entity's offer. The draft disclosure is expected to be reviewed by the purchasing manager and attorney prior to obtaining approval from someone in an executive role. The estimated cost for each disclosure is $575.50 per entity and the Government estimates that each entity may make three disclosures per year. Therefore, the estimated annual cost for small entities in the first year of implementation is $2,641,545 (1,530 small entities * $575.50/business * 3 disclosures/year). The estimated annual cost for small entities in the first two years after initial implementation is $792,464 (459 small entities * $575.50/business * 3 disclosures/year). In subsequent years the estimated annual cost is $132,941 (77 small entities * $575.50/business * 3 disclosures/year).

d. Product and Supply Chain Updates

In order to avoid being ineligible for award of Government contracts based on noncompliance with the Section 5949 prohibitions, entities will need to remove electronic products and electronic services that include or use covered semiconductor products and services from the products and services they offer to the Government. The level of effort associated with removing such products can vary significantly from one entity to another. The impact is dependent on whether an entity is reselling or manufacturing an electronic product or electronic service that contains a covered semiconductor product or service.

Entities that use or resell an electronic product or electronic service that contains a covered semiconductor product or service will be focused on communicating with their suppliers and customers and making other operational adjustments. These entities will need to assess and renegotiate their current supplier agreements, identify sources of alternative products, manage their existing inventory, and update internal systems, processes, and procedures. These activities may involve purchasing managers, management analysts, attorneys, sales executives, marketing and sales managers, and other employees. Given that the costs may vary significantly from one entity to another, the Government estimates the cost associated with supply chain updates for resellers or users to range from $30,000 to $70,000 per entity (average $50,000 per electronic product or service).

Removing covered semiconductor products and services from products manufactured under Government contracts will require the most significant level of effort. Manufacturers may also experience product redesign, testing, and prototyping costs, activities that are likely to involve engineers and other technical experts.

The proposed rule does not require entities to remove or replace any products or services resident in existing equipment, systems, or services, that were acquired prior to December 23, 2027, and used as part of the performance of the contract or to limit the utilization of a covered semiconductor product or service throughout the lifecycle (e.g., replacement component, spare part, support service) of existing equipment that was acquired prior to December 23, 2027, and used as part of the performance of the contract which will limit the impact of the prohibition on impacted entities. However, entities must adjust designs intended to be leveraged for future Government contracts to ensure compliance with the prohibition. The Government estimates the cost associated with modifying electronic products to remove covered semiconductors to range from $150,000 to $500,000 (average $325,000/per electronic product or service).

The total estimated cost for small entities that may need to replace electronic products or electronic services they resell or use in the first year of implementation is $76,500,000 (1,530 * $50,000/business). The estimated cost for small entities to make adjustments to products they manufacture to remove covered semiconductor products or services in the first year of implementation is $25,025,000 (77 small entities * $325,000/business). The estimated annual cost for small entities to replace electronic products or services in each subsequent year of implementation is $7,650,000 (153 small entities * $50,000/business), and $2,600,000 (8 small entities * $325,000/business) for small entities to adjust electronic products and services they manufacture.

e. Government Notification (Post-Award)

A contractor must notify the contracting officer within 72 hours of becoming aware of or suspecting a covered semiconductor product or service was purchased by the Federal Government or purchased by a Federal contractor or subcontractor for delivery to the Federal Government during performance of a contract, in order to be protected under the safe harbor provisions in paragraph (h) of the clause at FAR 52.240-YY, Prohibition on Certain Semiconductor Products and Services. The level of effort associated with this activity is expected to be the same as the level of effort necessary to provide the pre-award disclosure, or $566 per entity. Entities are expected to make one notification per year.

Therefore, the estimated annual cost for small entities in the first year of implementation is $176,103 (306 small entities * $575.50/business). The estimated annual cost for small entities in the first two years after initial implementation is $17,841 (31 small entities * $566/business). In subsequent years, the estimated annual cost is $8,490 (15 small entities * $575.50/business).

f. Non-Federal Customer Notification

The content of the disclosure to non-Federal customers is expected to be produced by an attorney in coordination with sales and marketing managers. Marketing specialists, business operations specialists, and web developers may be used to update relevant marketing materials, websites, and sales agreements, as necessary to meet the disclosure requirement. The estimated cost associated with preparing and making such a disclosure is $1,820 per disclosure.

Therefore, the total estimated annual cost for small entities to make these disclosures to non-Federal customers in the initial year ( printed page 7235) of implementation is $2,874,870 (1,530 small entities * $1,879/small business). The estimated annual cost for small entities in the first two years after initial implementation is $1,437,435 (765 small entities * $1,879/business). In subsequent years, the estimated annual cost is $287,487 (153 small entities * $1,879/business).

5. Relevant Federal rules which may duplicate, overlap, or conflict with the rule.

The rule does not duplicate, overlap, or conflict with any other Federal rules.

6. Description of any significant alternatives to the rule which accomplish the stated objectives of applicable statutes and which minimize any significant economic impact of the rule on small entities.

The FAR Council was unable to identify any alternatives that would reduce the burden on small entities and still meet the objectives of section 5949 of the NDAA for FY 2023.

Public comments received in response to the advanced notice of proposed rulemaking identified a need for an exemption or delay in effective date for commercial products and commercial services. However, a full exemption of the prohibition is not feasible given the national security implications associated with this prohibition. Because certain commercial electronic products and electronic services will require additional time to remove covered semiconductor products and services, the Government is proposing a one-year delay in the effective date where no alternative is available. Including this one-year exemption will reduce the number of contract-by-contract waivers the Government will likely need to process in the first year of implementation while industry updates their products and supply chains.

The Government considered including a requirement for contractors to provide artifacts (e.g., hardware bill of materials) to validate compliance with this prohibition beyond the certification requirement. However, after considering the current level of use by the electronics industry of such artifacts and the likely costs this would add to the rule, the Government decided that these artifacts would not be required at this time. The rule requires offerors and contractors to conduct a reasonable inquiry into their supply chain to identify any prohibited semiconductors and then certify whether their electronic products and electronic services include such prohibited semiconductors. The reasonable inquiry and certification requirements are deemed to be sufficient to validate compliance at this time. This is because the potential consequences of failing to comply with these requirements serves as a deterrent mitigating against the risk of non-compliance with the prohibitions of this rule. Depending on industry adoption of such artifacts in the future, future rulemaking could add a requirement as needed.

The Regulatory Secretariat Division has submitted a copy of the IRFA to the Chief Counsel for Advocacy of the Small Business Administration. A copy of the IRFA may be obtained from the Regulatory Secretariat Division. The FAR Council invites comments from small business concerns and other interested parties on the expected impact of this proposed rule on small entities.

The FAR Council will also consider comments from small entities concerning the existing regulations in subparts affected by the rule in accordance with 5 U.S.C. 610. Interested parties must submit such comments separately and should cite 5 U.S.C. 610 (FAR Case 2023-008), in correspondence.

IX. Paperwork Reduction Act

The Paperwork Reduction Act (44 U.S.C. 3501-3521) applies because the proposed rule contains information collection requirements. Accordingly, the Regulatory Secretariat Division has submitted a request for approval of a new information collection requirement concerning (FAR Case 2023-008, Prohibition on Certain Semiconductor Products and Services) to the Office of Management and Budget (OMB).

A. Public Reporting Burden

Public reporting burden includes the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information.

1. FAR 52.240-XX(e), Certification (Prime). The annual reporting burden for entities at the prime level to conduct a reasonable inquiry on multiple electronic products and electronic services and provide the certification is as follows:

Respondents: 45,900.

Total Annual Responses: 45,900.

Total Burden Hours: 550,800.

FAR 52.240-XX(e), Certification (Sub). The annual reporting burden for entities at the subcontractor level to conduct a reasonable inquiry on one electronic product or electronic services and provide the certification is as follows:

Respondents: 229,500.

Total Annual Responses: 229,500.

Total Burden Hours: 918,200.

FAR 52.240-XX(f), Disclosure (PreAward). The annual reporting burden for entities to provide a preaward disclosure of covered semiconductor products or services is as follows:

Respondents: 2,295.

Total Annual Responses: 6,885.

Total Burden Hours: 34,425.

FAR 52.240-YY(f), Notification (PostAward). The annual reporting burden for entities to provide a postaward disclosure of covered semiconductor products or services is as follows:

Respondents: 459.

Total Annual Responses: 459.

Total Burden Hours: 2,295.

FAR 52.240-YY(g), Non-Federal Customer Notification. The annual reporting burden for semiconductor covered entities to notify non-Federal customers of covered semiconductor products or services is as follows:

Respondents: 2,295.

Total Annual Responses: 2,295.

Total Burden Hours: 45,900.

B. Request for Comments Regarding Paperwork Burden

Submit comments on this collection of information no later than April 20, 2026 through https://www.regulations.gov and follow the instructions on the site. All items submitted must cite OMB Control No. 9000-XXXX, Prohibition on Certain Semiconductor Products and Services. Comments received generally will be posted without change to https://www.regulations.gov, including any personal and/or business confidential information provided. To confirm receipt of your comment(s), please check https://www.regulations.gov, approximately two to three days after submission to verify posting. If there are difficulties submitting comments, contact the GSA Regulatory Secretariat Division at 202-501-4755 or GSARegSec@gsa.gov.

Public comments are particularly invited on:

The necessity of this collection of information for the proper performance of the functions of Federal Government acquisitions, including whether the information will have practical utility;
The accuracy of the estimate of the burden of this collection of information;
Ways to enhance the quality, utility, and clarity of the information to be collected; and
Ways to minimize the burden of the collection of information on respondents, including the use of automated collection techniques or other forms of information technology. Requesters may obtain a copy of the supporting statement from the General Services Administration, Regulatory Secretariat Division by calling 202-501-4755 or emailing GSARegSec@gsa.gov. Please cite OMB Control Number 9000-XXXX, Prohibition on Certain Semiconductor Products and Services.

( printed page 7236)

List of Subjects in 48 CFR Parts 1, 2, 9, 12, 13, 39, 40, and 52

Government procurement William F. Clark,

Director, Office of Government-wide Acquisition Policy, Office of Acquisition Policy, Office of Government-wide Policy.

Therefore, OFPP, DoD, GSA, and NASA propose amending 48 CFR parts 1, 2, 9, 12, 13, 39, 40, and 52 as set forth below:

The authority citation for 48 CFR parts 1, 2, 9, 12, and 13 continues to read as follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C. chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C. 3016); and 51 U.S.C. 20113.

PART 1—FEDERAL ACQUISITION REGULATIONS SYSTEM

In section 1.106 amend the table by adding in numerical order entries for “40.XX”, “52.240-XX,” and “52.240-YY” to read as follows:

1.106 OMB approval under the Paperwork Reduction Act. * * * * *
| FAR segment | OMB Control No. |
| --- | --- |
| | |
| * | |
| 40.XX | 9000-XXXX |
| | |
| * | |
| 52.240-XX | 9000-XXXX |
| 52.240-YY | 9000-XXXX |
| | |
| * | |

PART 2—DEFINITIONS OF WORDS AND TERMS

Amend section 2.101 by adding in alphabetical order the definitions “National security system” and “Subsidiary” to read as follows:

2.101 Definitions. * * * * * National security system—

(1) As defined in 40 U.S.C. 11103(a)(1), means a system, other than those used for routine administrative and business applications, such as payroll, finance, logistics, and personnel management applications, and includes any telecommunications or information system operated by the United States Government, the function, operation, or use of which—

(i) Involves intelligence activities;

(ii) Involves cryptologic activities related to national security;

(iii) Involves command and control of military forces;

(iv) Involves equipment that is an integral part of a weapon or weapons system; or

(v) Is critical to the direct fulfillment of military or intelligence; or

(2) For use in—

(i) Subpart 4.23, see the definition at 4.2301;

(ii) The contract clause—

(A) 52.204-28, see the definition at 52.204-28(a); and

(B) 52.204-30, see the definition at 52.204-30(a).

* * * * Subsidiary means an entity in which more than 50 percent of the entity is owned directly by a parent corporation or through another subsidiary of a parent corporation.

PART 9—CONTRACTOR QUALIFICATIONS

Amend section 9.108-1 by removing the definition “Subsidiary”.

PART 12—ACQUISITION OF COMMERCIAL PRODUCTS AND COMMERCIAL SERVICES

Amend section 12.301 by adding paragraph (d)(15) to read as follows:

12.301 Solicitation provisions and contract clauses for the acquisition of commercial products and commercial services. * * * * * (d) * * *

(15) Insert the provision at 52.240-XX, Certification Regarding Certain Semiconductor Products and Services, as prescribed in 40.20X-6.

PART 13—SIMPLIFIED ACQUISITION PROCEDURES

Amend section 13.201 by adding paragraph (n) to read as follows:

13.201 General. * * * * * (n)(1) Semiconductor prohibition. In accordance with subpart 40.20X, on or after December 23, 2027, agencies are prohibited from procuring or obtaining—

(i) Electronic products or electronic services that include covered semiconductor products or services.

(ii) Electronic products, for use in critical systems, that use electronic products that incorporate covered semiconductor products or services.

(2) Exceptions.

(i) Agencies are not required to—

(A) Remove or replace any products or services resident in equipment, systems, or services, prior to December 23, 2027.

(B) Prohibit or limit the utilization of covered semiconductor products or services throughout the lifecycle (e.g., replacement component, spare part, support service) of existing equipment acquired prior to December 23, 2027.

(ii) Commercial products and commercial services where there are no alternative sources available are excepted from the semiconductor prohibition until December 23, 2028.

(iii) The prohibition does not apply to commercial service procurements except for procurements for Information Technology and Telecommunications (i.e., Category D: Information Technology (IT) and Telecommunications (Telecom) of the Federal Procurement Data System Product and Service Codes (PSC) Manual).

(iv) The prohibition does not apply to procurements for electronic services that are incidental to the performance of the contract (e.g., contractor payroll services).

PART 39—ACQUISITION OF INFORMATION TECHNOLOGY

The authority citation for 48 CFR part 39 is revised to read as follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C. chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C. 3016); and 51 U.S.C. 20113.

Revise the heading and text of section 39.002 to read as follows:

39.002 Definition. Modular contracting, as used in this part, means use of one or more contracts to acquire information technology systems in successive, interoperable increments.

PART 40—INFORMATION SECURITY AND SUPPLY CHAIN SECURITY

The authority citation for 48 CFR part 40 is revised to read as follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C. chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C. 3016); and 51 U.S.C. 20113.

Amend section 40.200 by adding paragraph (b)(2) to read as follows:

40.200 Scope of subpart. * * * * * (b) * * *

(2) Paragraphs (a), (b), (c), and (h) in section 5949 of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (Pub. L. 117-263, 41 U.S.C. 4713 note), which provides policies and procedures for acquiring any electronic products or services that ( printed page 7237) contain covered semiconductor products or services.

* * * * 11. Amend section 40.201 by adding in alphabetical order the definitions “Covered semiconductor product or service”, “Critical national security interests”, “Critical system”, “Electronic product”, “Electronic service”, “Semiconductor”, “Semiconductor covered nation”, and “Semiconductor foreign country of concern” to read as follows:

40.201 Definitions. * * * * * Covered semiconductor product or service (section 5949(j)(3) of Public Law 117-263, 41 U.S.C. 4713 note) means—

(1) A semiconductor, a semiconductor product, a product that incorporates a semiconductor product, or a service that utilizes such a product, that is designed, produced, or provided by Semiconductor Manufacturing International Corporation (SMIC) (or any subsidiary, affiliate, or successor of such entity);

(2) A semiconductor, a semiconductor product, a product that incorporates a semiconductor product, or a service that utilizes such a product, that is designed, produced, or provided by ChangXin Memory Technologies (CXMT) or Yangtze Memory Technologies Corp (YMTC) (or any subsidiary, affiliate, or successor of such entities); or

(3) A semiconductor, semiconductor product, or semiconductor service produced or provided by an entity that the Secretary of Defense or the Secretary of Commerce, in consultation with the Director of the National Intelligence or the Director of the Federal Bureau of Investigation, determines to be an entity owned or controlled by, or otherwise connected to, the government of a semiconductor foreign country of concern, provided that the determination with respect to such entity is published in the Federal Register (see the Department of Commerce website at [TBD] for a list of entities determined by the Secretary of Commerce or the Secretary of Defense to be an entity owned or controlled by, or otherwise connected to, the government of a semiconductor foreign country of concern).

Critical national security interests means any interests having a critical impact on the national defense, critical infrastructure, foreign intelligence and counterintelligence, international and internal security, or foreign relations of the United States.

Critical system (section 5949(j)(4) of Public Law 117-263, 41 U.S.C. 4713 note) means a national security system (40 U.S.C. 11103(a)(1)) or additional systems identified by the Federal Acquisition Security Council or for DoD, systems identified consistent with section 224 of the National Defense Authorization Act for Fiscal Year 2020 (Pub. L. 116-92). The term does not include systems used for routine administrative and business applications (including payroll, finance, logistics, and personnel management applications).

Electronic product (15 U.S.C. 7006) means products that include parts or components that have electrical, digital, magnetic, wireless, optical, electromagnetic, or similar capabilities.

Electronic service means any service that uses electronic products.

* * * * Semiconductor means an enclosed integrated electronic device or set of components that control the flow of electrons most commonly manufactured using materials including, but not limited to, silicon, silicon carbide, or III-V compounds, and processes including, but not limited to, lithography, deposition, and etching. Such devices and systems include, but are not limited to, integrated circuits, diodes, and micro-electromechanical systems.

Semiconductor covered nation (10 U.S.C. 4872(d)(2)) means—

(1) The Democratic People's Republic of Korea (North Korea);

(2) The People's Republic of China;

(3) The Russian Federation; and

(4) The Islamic Republic of Iran.

Semiconductor foreign country of concern (15 U.S.C. 4651) means—

(1) A country that is a semiconductor covered nation; and

(2) Any country that the Secretary of Commerce, in consultation with the Secretary of Defense, the Secretary of State, and the Director of National Intelligence, determines to be engaged in conduct that is detrimental to the national security or foreign policy of the United States.

* * * * 12. Add section 40.20X to read as follows:

40.20X Prohibition on certain semiconductor products and services. 40.20X-1 Applicability. Section 40.20X-1 through 40.20X-6 applies to all acquisitions of products and services including contracts at or below the micro-purchase threshold and to contracts for commercial products and commercial IT services and commercial telecommunication services.

40.20X-2 Semiconductor prohibition. Unless an exception applies, on or after December 23, 2027, agencies are prohibited from procuring or obtaining—

(a) Electronic products or electronic services that include covered semiconductor products or services; and

(b) Electronic products, for use in critical systems, that use electronic products that include covered semiconductor products or services.

40.20X-3 Exceptions. The following exceptions will be determined by the Government and can be based on any applicable disclosures by offerors or reporting by contractors:

(a) Agencies are not required to—

(1) Remove or replace covered semiconductor products or services resident in equipment, systems, or services prior to December 23, 2027.

(b) Commercial products or commercial services where there are no alternative sources available are excepted from the semiconductor prohibition at 40.20X-2 until December 23, 2028.

(c) Semiconductors, semiconductor products, and semiconductor services determined by Secretary of Commerce or Secretary of Defense to be a covered semiconductor product or service with an effective date after contract award are excepted from prohibition unless the contract is modified to include such covered semiconductor product or service.

(d) The prohibition does not apply to commercial service procurements except for procurements for Information Technology and Telecommunications (i.e., Category D: Information Technology (IT) and Telecommunications (Telecom) of the Federal Procurement Data System Product and Service Codes (PSC) Manual).

(e) Electronic services that are incidental to the performance of the contract (e.g., contractor payroll) are excepted.

40.20X-4 Procedures. (a) Identification of critical systems. When the program office or requiring activity identifies requirements associated with critical systems, the contracting officer shall include that information in the solicitation.

(b) Disclosures. ( printed page 7238)

(1) If an offeror provides a disclosure pursuant to paragraph (f) of 52.240-XX, Certification Regarding Certain Semiconductor Products and Services, the contracting officer shall submit the disclosure to the program office or requiring activity, in accordance with agency procedures, to determine whether—

(i) An exception applies (see 40.20X-3);

(ii) The agency will pursue a waiver (see 40.20X-5); or

(iii) The agency should award to another offeror.

(2) When an agency pursues a waiver, the contracting officer shall obtain the approved waiver from the program office or requiring activity prior to award.

(1) If a contractor provides a report pursuant to paragraph (f) of 52.240-YY, Prohibition on Certain Semiconductor Products and Services, the contracting officer shall submit the report to the program office or requiring activity for processing, in accordance with agency procedures.

(2) If a contractor reports that they are providing to the Government an electronic product or electronic service that contains a covered semiconductor product or service that has been determined by the Secretary of Commerce or the Secretary of Defense to be a covered semiconductor product or service with an effective date after contract award, the contracting officer shall submit the report to the program office or the requiring activity to determine appropriate action.

40.20X-5 Waivers. (a) Agency waivers. The head of an agency may waive, for a renewable period of not more than two years per waiver, the prohibitions at 40.20X-2 if—

(1) The head of the agency, in consultation with the Secretary of Commerce, determines that no compliant product or service is available to be procured as and when needed at U.S. market prices or a price that is not considered prohibitively expensive (i.e., would impose significant difficulty or expense considering the agency resources available); and

(2) The head of the agency, in consultation with the Secretary of Defense or the Director of National Intelligence, determines that such waiver could not reasonably be expected to compromise the critical national security interests of the United States.

(b) Secretary of Defense waivers. The Secretary of Defense may provide a waiver for any executive agency if the Secretary of Defense determines that the waiver is in the critical national security interests of the United States.

(c) Director of National Intelligence waivers. The Director of National Intelligence may provide a waiver for any executive agency if the Director of National Intelligence determines that the waiver is in the critical national security interests of the United States.

(d) Secretary of Commerce waivers. The Secretary of Commerce, in consultation with the Director of National Intelligence or the Secretary of Defense, may provide a waiver for any executive agency if the Secretary of Commerce determines that the waiver is in the critical national security interests of the United States.

(e) Secretary of Homeland Security waivers. The Secretary of Homeland Security, in consultation with the Director of National Intelligence or the Secretary of Defense, may provide a waiver for any executive agency if the Secretary of Homeland Security determines the waiver is in the critical national security interests of the United States.

(f) Secretary of Energy waivers. The Secretary of Energy, in consultation with the Director of National Intelligence or the Secretary of Defense, may provide a waiver for any executive agency if the Secretary of Energy determines that the waiver is in the critical national security interests of the United States.

40.20X-6 Solicitation provision and contract clause. (a) Insert the provision at 52.240-XX, Certification Regarding Certain Semiconductor Products and Services, in solicitations for—

(1) Products;

(2) Non-commercial services; and

(3) Commercial information technology services and telecommunication services (i.e., services in Category D: Information Technology (IT) and Telecommunications (Telecom) of the Federal Procurement Data System Product and Service Codes (PSC) Manual).

(b) Insert the clause at 52.240-YY, Prohibition on Certain Semiconductor Products and Services, in solicitations and contracts for—

(1) Products;

(2) Non-commercial services; and

PART 52—SOLICITATION PROVISIONS AND CONTRACT CLAUSES

The authority citation for 48 CFR part 52 continues to read as follows:

Authority: 41 U.S.C. 1121(b); 40 U.S.C. 121(c); 10 U.S.C. chapter 4 and 10 U.S.C. chapter 137 legacy provisions (see 10 U.S.C. 3016); and 51 U.S.C. 20113.

Amend section 52.212-5 by—

a. Revising the date of the clause;

b. Adding paragraph (a)(8);

c. Redesignating paragraph (e)(1)(xxvii) as paragraph (e)(1)(xxviii) and adding a new paragraph (e)(1)(xxvii);

d. In Alternate II:

i. Revising the date of the alternate; and

ii. Redesignating paragraph (e)(1)(ii)(Z) as paragraph (e)(1)(ii)(AA) and adding a new paragraph (Z).

The revisions and additions read as follows:

52.212-5 Contract Terms and Conditions Required To Implement Statutes or Executive Orders—Commercial Products and Commercial Services. * * * * *

Contract Terms and Conditions Required To Implement Statutes or Executive Orders—Commercial Products and Commercial Services (DATE)

(a) * * *

(8) 52.240-YY, Prohibition on Certain Semiconductor Products and Services (DATE).

* * * * (e)(1) * * *

(xxvii) 52.240-YY, Prohibition on Certain Semiconductor Products and Services (DATE).

* * * * Alternate II. (DATE) * * *

(e)(1) * * *

(ii) * * *

(Z) 52.240-YY, Prohibition on Certain Semiconductor Products and Services (DATE).

* * * * 15. Amend section 52.213-4 by—

a. Revising the date of the clause;

b. Adding paragraph (a)(1)(xiii); and

c. Removing from paragraph (a)(2)(vii) “OCT 2025” and adding “(DATE)” in its place.

The revision and addition read as follows:

( printed page 7239) 52.213-4 Terms and Conditions—Simplified Acquisitions (Other Than Commercial Products and Commercial Services). * * * * *

Terms and Conditions—Simplified Acquisitions (Other Than Commercial Products and Commercial Services) (DATE)

(a) * * *

(1) * * *

(xiii) 52.240-YY, Prohibition on Certain Semiconductor Products and Services (DATE).

* * * * 16. Add sections 52.240-XX and 52.240-YY to read as follows:

52.240-XX Certification Regarding Certain Semiconductor Products and Services. As prescribed in 40.20X-6(a), insert the following provision:

Certification Regarding Certain Semiconductor Products and Services (DATE)

(a) Definitions. As used in this provision, “covered semiconductor product or service”, “critical system”, “electronic product”, “electronic service”, “reasonable inquiry”, “semiconductor”, and “semiconductor foreign country of concern” have the meaning provided in the clause 52.240-YY, Prohibition on Certain Semiconductor Products and Services.

(b) Prohibition. Unless a waiver or exception applies, Offerors are prohibited, on or after December 23, 2027, from providing—

(1) Any electronic parts, products, or services that include covered semiconductor products or services; and

(2) Any electronic products, for use in critical systems identified by the Government, that use any electronic products that include covered semiconductor products or services.

(c) Exceptions. The following exceptions will be determined by the Government based on disclosure by the offeror in paragraph (f).

(1) Offerors are not required to remove or replace any products or services resident in existing equipment, systems, or services, that were acquired by the offeror prior to December 23, 2027, and proposed as part of the performance of the contract.

(2) Offerors are not required to prohibit or limit the utilization of covered semiconductor products or services throughout the lifecycle (e.g., replacement component, spare part, support service) of existing equipment that was acquired by the offeror prior to December 23, 2027, and proposed as part of the performance of the contract.

(3) Commercial products or commercial services where there are no alternative sources available are excepted from the semiconductor prohibition until December 23, 2028.

(4) Semiconductors, semiconductor products, and semiconductor services determined by Secretary of Commerce or Secretary of Defense to be a covered semiconductor product or service with an effective date after contract award are excepted from the semiconductor prohibition unless the contract is modified to include such covered semiconductor product or service.

(5) The prohibition does not apply to commercial service procurements except for procurements for Information Technology and Telecommunications (i.e., Category D: Information Technology (IT) and Telecommunications (Telecom) of the Federal Procurement Data System Product and Service Codes (PSC) Manual).

(6) Electronic services that are incidental to the performance of the contract (e.g., contractor payroll) are excepted.

(d) Government semiconductor supply chain tools.

(1) The Offeror may search the Department of Commerce website at [TBD] for the list of organizations where the organization has certified that electronic products or services produced or provided by that organization do not contain any covered semiconductor products or services as prohibited in paragraph (b) of this provision.

(2) The Offeror may search the Department of Commerce website at [TBD] for a list of entities determined by Secretary of Commerce or Secretary of Defense to be an entity owned or controlled by, or otherwise connected to, the government of a semiconductor foreign country of concern. This list will identify the effective date for the determination and may be used to determine whether a semiconductor, semiconductor product, or semiconductor service is a covered semiconductor product or service.

(3) The offeror may reasonably rely on the certifications provided within the Department of Commerce website at [TBD] without the need for further inquiry unless the offeror discovers any discrepancies or has reason to doubt the accuracy of the certifications.

(e)(1) Certifications. By submission of this offer, the Offeror certifies that it has conducted a reasonable inquiry, and that the Offeror—

(i) Will not provide in response to this solicitation, any electronic products or electronic services that include covered semiconductor products or services to the Government in accordance with paragraph (b)(1) of this provision in the performance of any contractual instrument resulting from this solicitation, except as waived by the solicitation, or as disclosed in paragraph (f); and

(ii) Will not provide for use in critical systems identified by the Government, electronic products that use electronic products that include covered semiconductor products or services to the Government in accordance with paragraph (b)(2) of this provision in the performance of any contractual instrument resulting from this solicitation, except as waived by the solicitation, or as disclosed in paragraph (f) of this provision.

(2) Reasonable inquiry. (i) When the entity does not have information in their possession regarding whether the semiconductors included in the electronic product or electronic service are compliant with this prohibition, entities shall require suppliers at the next lower tier of the supply chain to conduct a reasonable inquiry and then certify whether their electronic products and electronic services are compliant.

(ii) A reasonable inquiry is not required to include independent third-party audits or other formal reviews.

(iii) Entities, acting in good faith, may reasonably rely on a certification provided by a lower tier subcontractor without the need for further inquiry unless the entity discovers any discrepancies or has reason to doubt the accuracy of the certification.

(f) Disclosures. If the Offeror is providing to the Government electronic products or electronic services that are not compliant with the prohibition in paragraph (b) of this provision, then the Offeror shall provide the following information, if known, as part of their offer:

(1) A description of the electronic products or electronic services proposed to the Federal Government that the Offeror identifies or has reason to suspect contains covered semiconductor products or services (include brand; model number, such as OEM number, manufacturer part number, or wholesaler number; and item description, as applicable);

(2) The entity that produced the covered semiconductor products or services (include entity name, unique entity identifier, Commercial and Government Entity (CAGE) code, facilities responsible for design, fabrication, assembly, packaging, and test of the product, and whether the entity was the original equipment manufacturer (OEM) or a distributor ( printed page 7240) (provide manufacturer codes and distributor codes used for the product);

(3) A description of the functionality of the covered semiconductor products or services and how that functionality impacts the risk to the electronic product or electronic service;

(4) An explanation of any factors relevant to determining if the covered semiconductor products or services would be permissible under any exceptions in paragraph (c) of this provision;

(5) Whether alternative products or services are available that would be compliant with the prohibition;

(6) If the electronic product or electronic service is related to item maintenance, include the following information on the item being maintained:

(i) Brand;

(ii) Model number, OEM number, manufacturer part number, or wholesaler number; and

(iii) Item description, as applicable.

(g) Disclosure safe harbor.

(1) An offeror that provides a disclosure regarding electronic products as prohibited by paragraph (b) of this provision that are manufactured or assembled by an entity other than the offeror or lower tier supplier shall not be subject to civil liability nor determined to be not presently responsible on the basis of such notification (see section 5949(h)(7) of Public Law 117-263, 41 U.S.C. 4713 note); and

(2) An offeror that provides a disclosure regarding covered semiconductor products or services in electronic products or electronic services manufactured or assembled by such offeror or lower tier supplier shall not be subject to civil liability nor determined to be not presently responsible on the basis of such notification if the offeror or lower tier supplier makes a comprehensive and documentable effort to identify and remove the covered semiconductor products or services. (See section 5949(h)(8) of Public Law 117-263, 41 U.S.C. 4713 note).

(End of provision)

52.240-YY Prohibition on Certain Semiconductor Products and Services. As prescribed in 40.20X-6(b), insert the following clause:

Prohibition on Certain Semiconductor Products and Services (DATE)

(a) Definitions. As used in this clause—

Covered semiconductor product or service (section 5949(j)(3) of Public Law 117-263, 41 U.S.C. 4713 note) means—

Electronic product means products that include parts or components that have electrical, digital, magnetic, wireless, optical, electromagnetic, or similar capabilities. See 15 U.S.C. 7006.

Electronic service means any service that uses electronic products.

Reasonable inquiry means—

(1) An inquiry intended to uncover any information in the entity's possession, including any information acquired from external sources, about whether any electronic products or electronic services that are provided to the Government—

(i) Include covered semiconductor products or services; or

(ii) Use electronic products that include covered semiconductor products or services.

Routine administrative and business applications means applications for payroll, finance, logistics, and personnel management applications primarily used for standard commercial practices and functions.

Semiconductor means an enclosed integrated electronic device or set of components that control the flow of electrons most commonly manufactured using materials including, but not limited to, silicon, silicon carbide, or III-V compounds, and processes including, but not limited to, lithography, deposition, and etching. Such devices and systems include, but are not limited to, integrated circuits, diodes, and micro-electromechanical systems.

Semiconductor covered entity (section 5949(j)(2) of Pub. L. 117-263, 41 U.S.C. 4713 note) means an entity that—

(1) Develops, domestically or abroad, a design of a semiconductor that is the direct product of United States origin technology or software; and

(2) Purchases covered semiconductor products or services from an entity described in the first or third paragraph of the definition of covered semiconductor product or service.

Semiconductor covered nation (10 U.S.C. 4872(d)(2)) means—

(1) The Democratic People's Republic of Korea (North Korea);

(2) The People's Republic of China;

(3) The Russian Federation; and

(4) The Islamic Republic of Iran.

Semiconductor foreign country of concern (15 U.S.C. 4651) means—

(1) A country that is a semiconductor covered nation; and

Subsidiary means an entity in which more than 50 percent of the entity is owned directly by a parent corporation or through another subsidiary of a parent corporation.

(b) Prohibition. Unless a waiver or exception applies, contractors are prohibited, on or after December 23, 2027, from providing—

(1) Any electronic parts, products, or services that include covered semiconductor products or services; and ( printed page 7241)

(2) Any electronic products, for use in critical systems identified by the Government, that use any electronic products that include covered semiconductor products or services.

(c) Exceptions. The following exceptions will be determined by the Government based on notification and reporting by the contractor in paragraph (e).

(1) Contractors are not required to remove or replace any products or services resident in existing equipment, systems, or services, that were acquired by the contractor prior to December 23, 2027, and used as part of the performance of the contract.

(2) Contractors are not required to prohibit or limit the utilization of covered semiconductor products or services throughout the lifecycle (e.g., replacement component, spare part, support service) of existing equipment that was acquired by the contractor prior to December 23, 2027, and used as part of the performance of the contract.

(3) Commercial products or commercial services where there are no alternative sources available are excepted from the semiconductor prohibition until December 23, 2028.

(4) Semiconductors, semiconductor products, and semiconductor services determined by Secretary of Commerce or Secretary of Defense to be a covered semiconductor product or service with an effective date after contract award are excepted from prohibition unless the contract is modified to include such covered semiconductor product or service.

(6) Electronic services that are incidental to the performance of the contract (e.g., contractor payroll) are excepted.

(d) Government semiconductor supply chain tools.

(1) The Contractor may search the Department of Commerce website at [TBD] for the list of organizations where the organization has certified that electronic products or services produced or provided by that organization do not contain any covered semiconductor products or services as prohibited in paragraph (b) of this provision.

(2) The Contractor may search the Department of Commerce website at [TBD] for a list of entities determined by Secretary of Commerce or Secretary of Defense to be an entity owned or controlled by, or otherwise connected to, the government of a semiconductor foreign country of concern. This list will identify the effective date for the determination and may be used to determine whether a semiconductor, semiconductor product, or semiconductor service is a covered semiconductor product or service.

(3) Entities, acting in good faith, may reasonably rely on the Department of Commerce website at [TBD] for such purposes unless they discover any discrepancies or have reason to doubt the accuracy of the certifications.

(e) Reasonable inquiry. (1) When the entity does not have information in their possession regarding whether the semiconductors included in the electronic product or electronic service are compliant with this prohibition, entities shall require suppliers at the next lower tier of the supply chain to conduct a reasonable inquiry and then certify whether their electronic products and electronic services are compliant.

(2) A reasonable inquiry is not required to include independent third-party audits or other formal reviews.

(3) Entities, acting in good faith, may reasonably rely on a certification provided by a lower tier subcontractor without the need for further inquiry unless the entity discovers any discrepancies or has reason to doubt the accuracy of the certification.

(f) Notifications and reporting to the Government. The notice in this paragraph (f) does not apply to electronic products and electronic services which were delivered to the Government before December 23, 2027. If the Contractor identifies or is notified by any source (including a subcontractor at any tier) or has reason to suspect that any electronic product or electronic service provided during contract performance contains covered semiconductor products or services and was not previously disclosed in accordance with 52.240-XX(f), then the Contractor shall report the following information or as much information as known to the Contracting Officer in writing within 72 hours, regardless of whether an exception in paragraph (c) of this clause may apply:

(1) A description of the electronic products or services provided to the Federal Government that the Contractor identifies or has reason to suspect contains covered semiconductor products or services (include brand; model number, such as OEM number, manufacturer part number, or wholesaler number; and item description, as applicable);

(2) The entity that produced the covered semiconductor products or services (include entity name, unique entity identifier, Contractor and Government Entity (CAGE) code, facilities responsible for design, fabrication, assembly, packaging, and test of the product, and whether the entity was the original equipment manufacturer (OEM) or a distributor (provide manufacturer codes and distributor codes used for the product);

(3) Description of the functionality of the covered semiconductor products or services and how that functionality impacts the risk to the electronic product or electronic service;

(4) An explanation of any factors relevant to determining if the covered semiconductor products or services would be permissible under any exceptions in paragraph (c) of this clause;

(5) Whether alternative products or services are available that would be compliant with prohibition;

(6) If the electronic product or electronic service is related to item maintenance, include the following information on the item being maintained:

(i) Brand;

(ii) Model number, OEM number, manufacturer part number, or wholesaler number; and

(iii) Item description, as applicable.

(g) Disclosure to non-Federal customers. On or after December 23, 2027, contractors and subcontractors that are semiconductor covered entities shall disclose to non-Federal customers the inclusion of a covered semiconductor product or service in electronic products or electronic services subject to the prohibition in paragraph (b) of this clause which are sold to non-Federal customers outside of the Government (see section 5949(h)(2) of Public Law 117-263, 41 U.S.C. 4713 note).

(h) Notification safe harbor.

(1) A contractor or subcontractor that timely provides a disclosure to the Government, contractor, or subcontractor in accordance with paragraph (f) of this clause regarding covered semiconductor products or services in electronic products that are manufactured or assembled by an entity other than the contractor or subcontractor shall not be subject to civil liability nor determined to not be a presently responsible contractor on the basis of such notification (see section 5949(h)(7) of Public Law 117-263, 41 U.S.C. 4713 note); ( printed page 7242)

(2) A contractor or subcontractor that provides a disclosure to the Government, contractor, or subcontractor in accordance with paragraph (f) of this clause regarding covered semiconductor products or services in electronic products manufactured or assembled by such contractor or subcontractor shall not be subject to civil liability nor determined to not be a presently responsible contractor on the basis of such disclosure if the contractor or subcontractor makes a comprehensive and documentable effort to identify and remove the covered semiconductor products or services (see section 5949(h)(8) of Public Law 117-263, 41 U.S.C. 4713 note).

(i) Rework or corrective action. On or after December 23, 2027, a contractor which is a semiconductor covered entity—

(1) Shall be responsible for any rework or corrective action that may be required to remedy the use or inclusion of such covered semiconductor product or service if the semiconductor covered entity fails to provide the disclosure in paragraph (f) of this clause (see section 5949(h)(3) of Public Law 117-263, 41 U.S.C. 4713 note); and

(2) Will not be able to claim any rework or corrective action required under paragraph (i) (1) of this clause as an allowable cost (see section 5949(h)(3) of Public Law 117-263, 41 U.S.C. 4713 note).

(j) Subcontracts. The Contractor shall insert the substance of this clause, including this paragraph (j), in all subcontracts and other contractual instruments, including subcontracts for the acquisition of commercial products or commercial services.

(End of clause)