[Congressional Record Volume 168, Number 158 (Thursday, September 29, 2022)]
[Senate]
[Page S5745]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]

  SA 6221. Mr. MANCHIN submitted an amendment intended to be proposed 
to amendment SA 5499 submitted by Mr. Reed (for himself and Mr. Inhofe) 
and intended to be proposed to the bill H.R. 7900, to authorize 
appropriations for fiscal year 2023 for military activities of the 
Department of Defense, for military construction, and for defense 
activities of the Department of Energy, to prescribe military personnel 
strengths for such fiscal year, and for other purposes; which was 
ordered to lie on the table; as follows:

       At the appropriate place in title X, insert the following:

     SEC. ___. PROHIBITION ON CONTRACTING WITH COMPANIES THAT 
                   PURCHASE ITEMS AND SERVICES DETERMINED TO POSE 
                   A NATIONAL SECURITY RISK.

       (a) Prohibition.--The Secretary of Defense, in consultation 
     with the heads of such other Federal agencies as the 
     Secretary determines appropriate, shall not contract for, 
     whether directly or through work with or on behalf of another 
     department, agency, organization, or element of the Federal 
     Government, any hardware, software, or services developed or 
     provided, in whole or in part, by--
       (1) any entity on the Entity List maintained by the Bureau 
     of Industry and Security of the Department of Commerce and 
     set forth in Supplement No. 4 to part 744 of title 15, Code 
     of Federal Regulations;
       (2) covered telecommunications equipment or services (as 
     defined in section 52.204-25 of title 48, Code of Federal 
     Regulations, or successor regulations); or
       (3) any service included in the list published pursuant to 
     section 2(a) of the Secure and Trusted Communications 
     Networks Act of 2019 (47 U.S.C. 1601(a)).
       (b) Effective Date.--Subsection (a) shall take effect on 
     October 1, 2023.
       (c) Review and Report.--
       (1) Review.--The Secretary of Defense shall, in 
     consultation with the Secretary of Energy, the Secretary of 
     Homeland Security, the Attorney General, the Administrator of 
     the General Services Administration, the Secretary of the 
     Treasury, and the Director of National Intelligence, conduct 
     a review of the procedures for removing suspect products, 
     services, or entities from contracts as required under 
     subsection (a).
       (2) Report.--
       (A) In general.--Not later than 180 days after the date of 
     the enactment of this Act, the Secretary of Defense shall 
     submit to the congressional defense committees a report on 
     the review conducted under paragraph (1).
       (B) Elements.--The report submitted under subparagraph (A) 
     shall include the following:
       (i) A description of the authorities of the Department of 
     Defense that may be used to prohibit, exclude, or prevent the 
     use of suspect products, services, or entities by contractors 
     of the Department, including--

       (I) the discretionary authorities of the Department to 
     prohibit, exclude, or prevent the use of such products, 
     services, or entities;
       (II) the authorities of a suspension and debarment official 
     to prohibit, exclude, or prevent the use of such products, 
     services, or entities;
       (III) authorities relating to supply chain risk management;
       (IV) authorities that provide for the continuous monitoring 
     of information technology networks to identify suspect 
     products, services, or entities; and
       (V) the authorities provided under the Federal Information 
     Security Management Act of 2002 (Public Law 107-296).

       (ii) An assessment of any gaps in the authorities described 
     in clause (i), including any gaps in the enforcement of 
     decisions made under such authorities.
       (iii) An explanation of the capabilities and methodologies 
     used to periodically assess and monitor the information 
     technology networks of contractors of the Department of 
     Defense for prohibited products, services, or entities.
       (iv) An assessment of the ability of the Department of 
     Defense to periodically conduct training and exercises in the 
     use of the authorities described in clause (i)--

       (I) to identify recommendations for streamlining process; 
     and
       (II) to identify recommendations for education and training 
     curricula, to be integrated into existing training or 
     certification courses.

       (v) A description of information sharing mechanisms that 
     may be used to share information about suspect products, 
     services, or entities, including mechanisms for the sharing 
     of such information among the Federal Government, industry, 
     the public, and international partners.
       (vi) Identification of existing tools for business 
     intelligence, application management, and commerce due-
     diligence that are either in use by elements of the Federal 
     Government, or that are available commercially, and may be 
     used to monitor the supply chains of contractors of the 
     Department of Defense.
       (vii) Recommendations for improving the authorities, 
     processes, resourcing, and capabilities of the Federal 
     Government for the purpose of improving the procedures for 
     identifying and removing prohibited products or services from 
     the supply chain of contractors of the Department of Defense.
       (viii) Such other matters as the Secretary considers 
     appropriate.
       (C) Form.--The report under subparagraph (A) shall be 
     submitted in unclassified form, but may include a classified 
     annex.
                                 ______