[Federal Register Volume 81, Number 148 (Tuesday, August 2, 2016)]
[Rules and Regulations]
[Pages 50635-50650]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2016-17956]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Defense Acquisition Regulations System

48 CFR Parts 202, 212, 242, 246, and 252

[Docket DARS-2015-0038]
RIN 0750-AI58


Defense Federal Acquisition Regulation Supplement: Detection and 
Avoidance of Counterfeit Electronic Parts--Further Implementation 
(DFARS Case 2014-D005)

AGENCY: Defense Acquisition Regulations System, Department of Defense 
(DoD).

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: DoD is issuing a final rule amending the Defense Federal 
Acquisition Regulation Supplement (DFARS) to implement a requirement of 
the National Defense Authorization Act for Fiscal Year 2012, as 
modified by a section of the National Defense Authorization Act for 
Fiscal Year 2015, that addresses required sources of electronic parts 
for defense contractors and subcontractors.

DATES: Effective August 2, 2016.

FOR FURTHER INFORMATION CONTACT: Ms. Amy G. Williams, telephone 571-
372-6106.

SUPPLEMENTARY INFORMATION: 

I. Background

    DoD published a proposed rule in the Federal Register at 80 FR 
56939 on September 21, 2015, to further implement section 818 of the 
National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2012 
(Pub. L. 112-81), as modified by section 817 of the NDAA for FY 2015 
(Pub. L. 113-291).
    In accordance with section 818, this rule requires DoD contractors 
and subcontractors, except in limited circumstances, acquire electronic 
parts from trusted suppliers in order to further address the avoidance 
of counterfeit electronic parts. DoD contractors and subcontractors 
that are not the original component manufacturer are required by this 
rule to notify the contracting officer if it is not possible to obtain 
an electronic part from a trusted supplier. For those instances where 
the contractor obtains electronic parts from sources other than a 
trusted supplier, the contractor is responsible for inspection, test, 
and authentication in accordance with existing applicable industry 
standards.
    This rule enhances DoD's ability to strengthen the integrity of the 
process for acquisition of electronic parts and benefits both the 
Government and contractors. The careful selection of suppliers and the 
inspection, testing, and authentication of electronic parts that are 
not traceable to the original manufacturer are consistent with industry 
risk-based processes and are steps that a prudent contractor should 
take notwithstanding this rule. The avoidance of the proliferation of 
counterfeit electronic parts in the DoD supply chain reduces the risk 
of critical failure of fielded systems such as aircraft, ships, and 
other weapon systems, thus protecting troops' lives and safety.
    This rule is part of DoD's retrospective plan, completed in August 
2011, under Executive Order 13563, Improving Regulation and Regulatory 
Review. DoD's full plan and updates can be accessed at: http://www.regulations.gov/#!docketDetail;D=DOD-2011-OS-0036. Eighteen 
respondents submitted public comments in response to the proposed rule.

II. Discussion and Analysis

    DoD reviewed the public comments in the development of the final 
rule. A discussion of the comments and the changes made to the rule as 
a result of those comments is provided, as follows:

A. Summary of Significant Changes From the Proposed Rule

    1. Definitions
     Replaces the definition of ``authorized dealer'' with a 
definition of ``authorized supplier.''
     Replaces the definition of ``contract electronics 
manufacturer'' with a definition of ``contract manufacturer'' and a 
definition of ``authorized aftermarket manufacturer.'' This also 
results in a conforming change to the definition of ``original 
manufacturer.''
     Deletes the definition of ``trusted supplier'' and adds a 
definition of ``contractor-approved supplier.''
     Amends the definition of ``obsolete electronic part'' to 
utilize the newly defined term ``authorized aftermarket manufacturer.''
     Makes conforming changes throughout the rule in accordance 
with the added, revised, or deleted definitions.
    2. Amends the following paragraphs of DFARS clause 252.246-7008, 
Sources of Electronic Parts, with conforming changes to DFARS subpart 
246.8, as follows:
     (b)(1)--Clarifies ``in production'' and ``currently 
available in stock''.
     (b)(2) Introductory text--Clarifies ``not in production'' 
and ``not currently available in stock'' and changes ``or'' to ``and'' 
in the condition for use of contractor-approved suppliers, i.e., 
``Obtain electronic parts that are not in production by the original 
manufacturer or an authorized aftermarket manufacturer and not 
currently available in stock from a source listed in paragraph (b)(1) 
of this clause, from suppliers identified by the Contractor as 
contractor-approved suppliers . . . .''
     (b)(2)(i)--For electronic parts not in production and not 
currently available in stock, adds to the requirement for use of 
established counterfeit prevention industry standards and processes, 
the reference to the DoD-adopted standards at https://assist.dla.mil, 
but allows use of other appropriate standards. Use of DoD-adopted 
counterfeit prevention industry standards was previously required in 
the definition of ``trusted supplier.''
     (b)(2)(iii)--Specifies that the contracting officer is the 
appropriate DoD official to review and audit. This function is also 
added at DFARS 242.302 as a contract administration function that is 
delegable to the administrative contracting officer.
     (b)(3)--Moves former paragraph (d) to paragraph (b)(3), 
requiring prompt notification in writing, and adds the requirement that 
the contractor shall make documentation of the inspection, testing, and 
authentication of such electronic parts available to the contracting 
officer upon request if the contractor--
    [cir] Obtains an electronic part from a source other than any of 
the sources identified in paragraph (b)(1) or (b)(2) of the clause due 
to nonavailability from such sources, or a subcontractor (other than 
the original manufacturer) that refuses to accept flowdown of the 
clause; or
    [cir] Cannot confirm that an electronic part is new or that it has 
not been comingled in supplier new production or stock with used, 
refurbished, reclaimed, or returned parts.
     (c)(2)--Deletes contractor consideration of alternative 
parts if the contractor cannot establish traceability from the original 
manufacturer for a

[[Page 50636]]

specific electronic part, and makes the contractor responsible for 
inspection, testing, and authentication.
     (c)(3)--Requires the contractor to maintain documentation 
of traceability or the inspection, testing, and authentication, and 
adds the requirement to make such documentation available to the 
Government upon request.
     (d)--Adds a new paragraph (d) to address Government 
sources of electronic parts, to include purchases from the Federal 
Supply Schedule, purchases from suppliers accredited by the Defense 
Microelectronics Activity, or requisitioning from Government inventory/
stock. Contractors and subcontractors are still required to comply with 
the requirements of paragraphs (b) and (c) of the clause 252.246-7008, 
if purchasing electronic parts from the Federal Supply Schedule or from 
suppliers accredited by the Defense Microelectronics Activity. However, 
if the contractor or subcontractor requisitions electronic parts from 
Government inventory/stock, then the Government is responsible for the 
authenticity of the parts.
     (e) Does not require clause flowdown to the original 
manufacturer.

B. Analysis of Public Comments

1. General Support for the Rule
    Comment: Several respondents expressed support for many of the 
changes in the proposed rule, indicating that these are a significant 
step forward, are consistent with industry risk-based processes, and 
will help align DoD and defense contractor approaches to reduce the 
proliferation of counterfeit parts in the supply chain.
    Response: Noted.
2. Applicability of DFARS 252.246-70XX (now 252.246-7008) and 
Associated Policy at Subpart 246.8
a. Contractors Not Covered by Cost Accounting Standards
    Comment: Several respondents objected to the application of this 
rule to contractors not subject to the cost accounting standards (CAS), 
noting that it will apply to small businesses and acquisitions of 
commercial items. One respondent stated that section 818(c)(3) of the 
NDAA for FY 2012 does not add contractor responsibilities for avoiding 
counterfeit electronic parts to other than CAS-covered contractors and 
that DoD is overstepping Congressional intent when it applies this rule 
to small businesses and contracts for commercial items. The respondent 
states that section 818(c)(2) is only directed to contracts subject to 
CAS.
    Response: Section 818 defines ``covered contractors'' to mean the 
same as the definition of the term in section 893(f)(2) of the NDAA for 
FY 2011, i.e., a contractor that is subject to CAS under section 26 of 
the Office of Federal Procurement Policy Act (41 U.S.C. 422). Some 
portions of section 818 address covered contractors (e.g., paragraph 
(c)(2)), and therefore only apply to contractors subject to CAS. 
However, paragraph (c)(3) of section 818 does not use the term 
``covered contractor.'' It applies to all DoD contractors and 
subcontractors when obtaining electronic parts to be provided to DoD 
under a DoD contract. Section 818 is clear that DoD contractors and 
subcontractors at all tiers are responsible for detecting and avoiding 
counterfeit electronic parts. Thus, 252.246-7008 is consistent with the 
statute.
    Comment: Another respondent stated the opinion that small entities 
not subject to CAS comprise a large portion of the counterfeit parts 
that directly threaten the DoD supply chain. The respondent provided 
several examples of non-CAS covered entities that were found by the 
Government to have allowed counterfeit parts to enter the DoD supply 
chain.
    Response: Noted.
b. Small Entities
    Various respondents addressed application of the rule to small 
entities. For analysis of applicability to small entities see the 
regulatory flexibility analysis at section V of this preamble.
c. Commercial Items (Including Commercially Available Off-the-Shelf 
Items (COTS Items)
    Comment: Various respondents expressed concerns about the 
applicability of DFARS 252.246-7008 and associated policy to commercial 
item procurements, especially COTS items. One respondent expressed 
specific concern that the proposed expansion of coverage to commercial 
item contractors could result in reduced sources and increased costs 
for contractors. Another respondent stated that manufacturers of COTS 
items are independently motivated by the commercial market to assure 
that their products function as advertised.
    Response: The Director of Defense Procurement and Acquisition 
Policy has determined that it is not in the best interest of the 
Government to exempt commercial items from the applicability of this 
rule. See section III of this preamble.
    Comment: Several respondents expressed concerns that the proposed 
rule does not address the dilemma industry continually faces concerning 
the general lack of acceptance of counterfeit part prevention 
requirements flowdown by COTS electronic assembly producers and their 
authorized dealers. One respondent suggested providing relief from the 
obligation to flow down to COTS electronic assembly manufacturers.
    Response: DoD has modified paragraph (b)(3) of the clause 252.246-
7008 in the final rule to specify the required contractor actions if a 
subcontractor refuses to accept flowdown of the clause, to include 
notification to the contracting officer; contractor inspection, 
testing, and authentication of the part; and the requirement to make 
documentation of such inspection, testing, and authentication available 
to the Government upon request.
    Comment: Several respondents expressed concerns that mandatory 
subcontract flowdown in 252.246-7008(e) for commercial items is 
inconsistent with Federal Acquisition Streamlining Act and that 
commercial item subcontracts or supplier agreements should be exempted. 
Another respondent stated that application of unique defense rules to 
commercial items where not expressly directed in the statute are 
prohibited without a best interests determination per 10 U.S.C. 2377. 
According to the respondent, in lieu of such a determination, at 
several points in the supplementary information, it states that ``DoD 
intends to determine that it is in the best interests to apply the rule 
to . . . .'' The respondent finds it unclear what the Department means 
by using the word ``intends'' rather than making the required 
determination or putting the cost-benefit analysis right in the 
rulemaking for review by the public.
    Response: The provisions of the Federal Acquisition Streamlining 
Act (Pub. L. 103-355) with regard to applicability of laws to 
commercial items are now codified at 41 U.S.C. 1906 (commercial items 
other than COTS items) and 1907 (COTS items).
    Pursuant to 41 U.S.C. 1906, acquisitions of commercial items (other 
than acquisitions of COTS items, which are addressed in 41 U.S.C. 1907) 
are exempt from a provision of law unless the law (i) contains criminal 
or civil penalties; (ii) specifically refers to 41 U.S.C. 1906 and 
states that the law applies to acquisitions of commercial items; or 
(iii) the Federal Acquisition Regulatory Council (FAR Council) makes a 
written determination and finding that it would not be in the best 
interest of the Federal Government to

[[Page 50637]]

exempt contracts (or subcontracts under a contract) for the acquisition 
of commercial items from the provision of law.
    Pursuant to 41 U.S.C. 1907, acquisitions of COTS items are exempt 
from a provision of law unless the law (i) contains criminal or civil 
penalties; (ii) specifically refers to 41 U.S.C. 1907 and states that 
the law applies to acquisition of COTS items; (iii) concerns 
authorities or responsibilities under the Small Business Act (15 U.S.C. 
644) or bid protest procedures developed under the authority of 31 
U.S.C. 3551 et seq.; 10 U.S.C. 2305(e) and (f); or 41 U.S.C. 3706 and 
3707; or (iv) if the Administrator of the Office of Federal Procurement 
Policy makes a written determination that it would not be in the best 
interest of the Federal Government to exempt acquisitions of COTS items 
from the provision of law.
    The Director, Defense Procurement and Acquisition Policy, is the 
appropriate authority to make comparable determinations for regulations 
to be published in the DFARS, which is part of the Federal Acquisition 
Regulation (FAR) system of regulations. Therefore, it is not 
inconsistent with the Federal Acquisition Streamlining Act to apply 
this rule to the acquisition of commercial items (including COTS items) 
if the Director of Defense Procurement and Acquisition Policy has 
determined that it would not be in the best interest of the Government 
to exempt acquisitions of commercial items, including COTS items, from 
the provision of law relating to detection and avoidance of counterfeit 
parts. The Director of Defense Procurement and Acquisition Policy does 
not make this determination until the final rule stage, in order to 
allow for review and analysis of public comments received. The Director 
of Defense Procurement and Acquisition Policy has now made this 
determination (see section III of this preamble).
    Comment: One respondent expressed concerns that this proposed rule 
is in conflict with DFARS 252.244-7000, Subcontracts for Commercial 
Items.
    Response: The flowdown to subcontracts for commercial items is not 
in conflict with DFARS clause 252.244-7000, Subcontracts for Commercial 
Items. DFARS 252.244-7000 states that the contractor is not required to 
flow down the terms of any DFARS clause in a subcontract for commercial 
items unless so specified in the particular clause. The fact that the 
new clause in this rule (252.246-7008), as well as the preexisting 
clause 252.246-7007, specify such flowdown to subcontracts for 
commercial items that are for electronic parts or assemblies containing 
electronic parts is, therefore, in conformance with DFARS 252.244-7000.
d. Original Manufacturers
    Comment: Several respondents recommended revising the clause to 
make it clear that the flowdown does not apply to the original 
manufacturers. Several respondents asserted that the flowdown to 
original manufacturers would be costly to both the manufacturer and the 
end customer and unnecessary. One respondent stated that as an 
authorized dealer they would not be able to flow down the requirements 
to the original equipment manufacturers they represent; they have 
distribution agreements with them that dictate by contract what each 
parties' responsibilities are. Another respondent suggested it would 
also limit the genuine products available to the Government to 
purchase.
    Response: DoD has revised the flowdown requirement of the clause at 
252.246-7008 to exclude the requirement to flow the clause down to the 
original manufacturer of the electronic part.
e. Electronic Parts
    Comment: One respondent commented that electronic parts are not the 
only products, parts, or commodities within the DoD supply system that 
have counterfeit issues. The respondent also stated that certain parts 
and commodities require higher standards, such as medical products, 
food, munitions, and now certain electronic parts.
    Response: This case addresses only the electronic parts as defined 
by the NDAA for FY 2012. DoD is aware of the threat of counterfeit 
parts, other than electronic parts, and is taking action to mitigate 
the threat through policy and quality assurance requirements.
f. Medical Devices
    Comment: One respondent commented that the proposed rule would 
impose a substantial burden on manufacturers of COTS medical devices 
and is unnecessary to resolve concerns that may present a significant 
mission, security, or safety hazard. This is especially true for 
medical devices, which are heavily regulated by the Food and Drug 
Administration (FDA) and often contain one or more electronic parts. 
According to the respondent, DoD's application of the rule to all 
contractors would apply new requirements to a sizeable group of 
products that already have a highly effective means of addressing the 
concern of counterfeit electronic parts.
    Furthermore, the respondent commented that the FDA is the Federal 
agency tasked with protecting the public health by assuring the safety, 
effectiveness, quality and security of drugs, vaccines, and other 
biological product and medical devices. The respondent considered that 
this will not only unduly increase the burden on manufacturers; it has 
the capacity to cause confusion in the marketplace and result in 
potential adverse implications for public health. The FDA is in the 
best position to strike the proper balance of interests in the health 
care system when establishing requirements for assuring the quality of 
the products it regulates, assessing the burdens these requirements 
place on manufacturers, and considering their impact on healthcare 
costs and healthcare innovation. FDA already regulates purchasing 
controls for medical device manufacturing, requiring each manufacturer 
to ensure that all purchases or otherwise received product and services 
conform to the specified requirements. Medical device manufacturers are 
required to have robust processes in place to review, investigate, and 
evaluate external manufacturers and suppliers. The respondent 
recommended that any additional requirements for FDA-regulated products 
should be made through the current governing agency, the FDA.
    Response: This rule implements section 818 of the NDAA for FY 2012, 
as amended by section 817 of the NDAA for FY 2015, and prescribes the 
policy and procedures for preventing counterfeit electronic parts from 
entering the supply chain. This rule addresses concerns that DoD has 
encountered regarding the electronic parts, including those that are 
COTS items, and including medical devices. DoD recognizes the FDA's 
authority over drugs and medical devices. DoD recognizes that 
manufacturers are required to have processes in place to review, 
investigate, and evaluate external manufacturers and suppliers. 
However, DoD has a responsibility to protect the warfighter by ensuring 
that we are utilizing electronic products that are not counterfeit or 
contain counterfeit parts.
g. Raw Materials and Minerals
    Comment: Several respondents are concerned that the flowdown 
requirement is unclear as to whether the flowdown extends to suppliers 
of raw materials and minerals.

[[Page 50638]]

    Response: The clause only flows down to subcontracts that are for 
electronic parts or assemblies containing electronic parts. Raw 
materials and minerals are not electronic parts.
3. Definitions
a. ``Electronic Part''
    Comment: Various respondents commented favorably on the removal of 
references to ``embedded software'' and ``firmware'' from the 
definition of ``electronic part.'' One respondent stated that this 
revision aligns the term's definition with the underlying substance of 
the material covered by the regulations. The respondent also stated 
that it is difficult, if not impossible, to address such elements when 
an express standard or protocol has not yet been adopted. Another 
respondent recommended that the introduction of tainted software and 
firmware into integrated circuits is more appropriately addressed in a 
separate rulemaking process. Similarly, another respondent stated that 
the change to the definition will rightly focus contractor attention on 
identifying counterfeit electronic parts as the statute requires, 
rather than attempting to perform quality assurance on software and 
firmware without any DoD guidance on how to reliably perform that 
function.
    Response: Noted.
b. ``Trusted Supplier''/''Non-trusted Supplier''
    Many respondents commented on the definition of ``trusted 
supplier.''
    Comment: Various respondents stated that the term ``trusted 
supplier'' is already in use in DoD, and that duplication would lead to 
confusion within organizations that deal with both trusted supplier 
types. For reference, the other usage of trusted supplier is with the 
Trusted Access Program Office (TAPO), which accredits trusted foundries 
and suppliers through the Defense Microelectronics Activity. One 
respondent stated that the clause should not mention trusted suppliers 
at all, instead completely listing items (1) through (3) in the 
definition, whenever applicable.
    Response: The phrase ``trusted supplier'' has been mentioned as a 
source of confusion since it is was first used in the NDAA for FY 2012 
(section 818). The final rule published under DFARS Case 2012-D055, 
Detection and Avoidance of Counterfeit Parts, avoided use of the term 
``trusted supplier.'' The proposed rule under this case introduced the 
term because it is the term consistently used in section 818 of the 
NDAA for FY 2012, and subsequent amendments to that statute.
    However, in response to the public comments, DoD has reverted to an 
identification of the sources from which a contractor or subcontractor 
may acquire electronic parts, or items containing electronic parts, 
without introducing the term ``trusted supplier.'' In order to 
facilitate this identification of acceptable sources, DoD has 
introduced the definition of the term ``contractor-approved supplier'' 
to cover the fourth category of sources at DFARS 246.870-2(a)(1)(ii) 
and 252.246-7008(b)(2), which may be used only if the electronic parts 
are not in production and are not currently available in stock. This 
term reflects that this is a supplier that is not authorized to sell 
the manufacturer's product, but the contractor has assessed and 
approved this supplier.
    Comment: Several respondents commented on the meaning of the term 
``trusted supplier.'' One respondent agreed with the trusted supplier 
definition including contractor-vetted suppliers in addition to 
original manufacturers and authorized dealers. Several respondents 
disagreed with item (4) in the definition, which allows contractor-
approved unauthorized distributors to be a trusted supplier. One 
respondent went further by claiming that item (3), unauthorized 
distributors who bought exclusively from the original component 
manufacturer or an authorized distributor, also should not be included 
in the definition. One respondent stated that the definition should 
contain an ``or'' statement that requires purchase from (1) 
manufacturer or (2) authorized distributor supplier types before (3) 
and (4) unauthorized distributors of any sort could be used. Another 
respondent echoed this sentiment without specifically requesting the 
change in definition. One respondent stated that the definition should 
be clarified to be consistent throughout the clause.
    Response: As stated in the prior response, the term ``trusted 
supplier'' is no longer used or defined. However, the sources from 
which a contractor or subcontractor may obtain electronic parts under 
given circumstances are explicitly provided in section 818(c), as 
amended, and the statutory provisions are accurately implemented in 
this rule.
    Comment: One respondent stated that there should also be a ``non-
trusted supplier'' definition, while another respondent stated that a 
new definition should be developed for small and disadvantaged 
businesses that should not contain the word ``trust.''
    Response: The term ``non-trusted supplier'' is no longer used in 
the final rule.
c. ``Authorized Dealer''
    Comments: There were various respondents that were opposed to the 
use of the term ``authorized dealer'' and recommended using the term 
``authorized supplier'' instead. According to the respondents, the term 
``authorized supplier'' is used in all of the industry counterfeit 
electrical, electronic, and electromechanical parts standards, and is 
commonly used in the electronics industry and by DoD.
    One respondent pointed out that the term ``authorized dealer'' has 
different meanings in DFARS 246.870-1 and 252.246-7008, and recommended 
that they be coordinated with each other.
    Response: The term ``authorized dealer'' is not used in the 
electronics industry, nor is it used by DoD activities when referring 
to electronics sellers. In the final rule, DoD has replaced the term 
``authorized dealer'' with the electronics industry's term ``authorized 
supplier.'' All of the commercial standards allow the use of 
``authorized suppliers'' and define how they should be used.
d. Contract Electronics Manufacturer
    Comment: One respondent recommended amending the definition of 
``contract electronics manufacturer'' to be in line with industry use 
of the term. According to the respondent, industry understands a 
contract electronics manufacturer to be a company who builds boards or 
units for another company, whereas the fabrication of an electronic 
part ``under a contract with, or with express written authority of, the 
original manufacturer'' is the work of an authorized aftermarket 
manufacturer. According to the respondent, this definition aligns with 
the industry standards AS5553, AS6171, and AS6081.
    The respondent therefore recommended the following definition: 
``Contract electronics manufacturer'' means an organization that 
produces goods, using electronic parts, for other companies on a 
contract basis under the label or brand name of the other organization.
    In addition, the respondent recommended that the concept of 
``contract electronics manufacturer'' should be removed from the 
definition of ``original manufacturer.'' According to the respondent, 
the original manufacturer is regularly understood to be the original 
component manufacturer or the original equipment manufacturer.
    Response: DoD has revised the definition of ``contract electronics

[[Page 50639]]

manufacturer'' consistent with the recommendation of the respondent and 
removed paragraph (2) from the proposed definition. The removed 
paragraph has been utilized as the basis for an added definition of 
``authorized aftermarket manufacturer.'' This also resulted in a 
conforming change to the definition of ``obsolete electronic part.''
    DoD also removed the term ``electronics'' from the defined term, 
because the other related terms of ``original manufacturer,'' original 
component manufacturer,'' and ``original equipment manufacturer'' are 
not limited to just electronic parts, even though this rule then 
applies those terms to the acquisition of electronic parts. Having 
removed the word ``electronics'' and the portion of the definition that 
applied to an authorized aftermarket manufacturer, DoD has retained the 
term ``contract manufacturer'' as part of the definition of ``original 
manufacturer.''
4. Supply Base Terminology
    Comment: One respondent recommended that DoD define the supply base 
in the same way as the commercial defense industry and regulate sources 
of supply accordingly. According to the respondent, DoD defines the 
supply base in terms of (1) original equipment manufacturer primes; (2) 
manufacturers; and (3) dealers, distributors, or others; while the 
commercial defense industry uses the terms (1) original equipment 
manufacturer primes; (2) approved manufacturers; (3) authorized 
dealers/distributors; (4) dealers/brokers/others; and (5) surplus 
dealers. The respondent asserts that without using the commercial 
defense industry terms, DoD could procure certain products from 
potentially unauthorized sources.
    Response: Since the scope of the case is limited to electronic 
parts, DoD has elected to define the supply base in terms commonly used 
by the electronics industry, rather than across the entire commercial 
defense industry, and has utilized the categories identified in the 
statute, although changing the term ``authorized dealer'' to 
``authorized supplier'' to be consistent with the electronic industry 
usage.
5. Sources of Electronic Parts
a. Tiered Approach
    The statute and this regulation provide for a tiered approach for 
sources of electronic parts.
     Category 1: Electronic parts that are in production or 
currently available in stock. The contractor shall obtain such parts 
from the original manufacturer, their authorized suppliers, or from 
suppliers that obtain such parts exclusively from the original 
manufacturers of the parts or their authorized dealers.
     Category 2: Electronic parts that are not in production 
and not currently available in stock. The contractor shall obtain such 
parts from suppliers identified by the contractor as contractor-
approved suppliers, subject to certain conditions.
     Category 3: Electronic parts that are not in production 
and not available from any of the above sources; electronic parts from 
a subcontractor (other than the original manufacturer) that refuses to 
accept flowdown of DFARS 252.246-7008; or electronic parts that the 
contractor or subcontractor cannot confirm are new or that the 
electronic parts have not been comingled in supplier new production or 
stock with used, refurbished, reclaimed, or returned parts. The 
contractor may buy such electronic parts subject to certain conditions.
    Comment: One respondent supported the requirement to obtain parts 
that are in production or currently available in stock from original 
manufacturers, authorized dealers, or suppliers that obtain such parts 
exclusively from the original manufacturers or authorized dealers.
    Response: Noted.
    Comment: One respondent recommended that contractors and 
subcontractors only be allowed to purchase from suppliers that obtain 
such parts exclusively from the original manufacturers of the parts or 
their authorized dealers only if not available from the original 
manufacturers or their authorized dealers. Another respondent stated 
that the most effective method for avoiding counterfeit electronic 
parts is to purchase these parts from the original manufacturer and 
their authorized distributors, and authorized aftermarket distributors 
and manufacturers (i.e., ``legally authorized sources''). According to 
the respondent, purchasing from any other source significantly 
increases the likelihood of acquiring counterfeit parts.
    Response: The statute unconditionally allows a contractor or 
subcontractor to purchase electronic parts from suppliers that obtain 
such parts exclusively from the original manufacturers of the parts or 
their authorized dealers.
    Comment: One respondent suggested adding ``authorized aftermarket 
manufacturer'' to ``authorized dealer.''
    Response: The concept of authorized aftermarket manufacturer was 
already included in the definition of ``authorized dealer'' (now 
``authorized supplier'' in the final rule).
b. Not in Production and Not Currently Available in Stock
    Comment: Several respondents requested that DoD clarify terms ``in 
stock'' and ``available in stock.'' One respondent noted that a part 
could be in production but not in stock, or not in production but 
available in stock. This respondent expressed concerns about the costly 
steps necessary to ensure compliance when a part is not acquired from a 
trusted supplier, so the initial analysis of the supply chain sources 
could be relevant to how a contractor acquires a specific part and have 
many assorted cost impacts. Another respondent had concerns with use of 
the phrase ``currently available in stock'' as it raises questions 
about parts that are in production but have lead times. ``Unless there 
is a demonstrated, immediate need for a part in production with a lead 
time, contractors should not have the option to seek the part from a 
source with a higher level of counterfeit risk.'' That respondent also 
had concerns with the use of the phrase ``parts that are not in 
production'' raising issues about obsolete parts that are not in 
production by the original manufacturer but may be produced on demand 
in a timely manner by authorized aftermarket manufacturers.
    One respondent recommended that DoD must require contractors to do 
a more exhaustive search of the authorized supply channel before 
utilizing other sources. This respondent also recommended that the rule 
should clarify that ``not currently available in stock'' means ``not 
currently available in stock from original manufacturer, authorized 
aftermarket manufacturers, or authorized dealers.''
    One respondent thought of numerous possibilities of the meaning of 
``unavailable'':
     Parts might be unavailable when they exceed a certain 
multiple of standard pricing.
     Parts might be unavailable if they cannot be received 
within an acceptable lead time.
     Parts might be unavailable and out of production if the 
original manufacturer and no other foundry make the part.
     Parts might be unavailable and out of production because 
the original component manufacturer is no longer producing an 
electronic part yet has the ability to restart production given 
appropriate lead time.
     Parts that seem unavailable because they are not in 
production could

[[Page 50640]]

conceivably be available from a trusted foundry.
    This respondent was concerned that parts also might change in 
availability and asked whether a contractor would be required to switch 
between sources of supply if a product later becomes available from the 
original manufacturer or an authorized dealer. This respondent 
recommended removing the triggering mechanism that use of an ``other'' 
trusted source requires that the parts be not in production or not 
currently available.
    Response: The statute requires that if parts are in production or 
currently available in stock, the contractor or subcontractor must use 
a Category 1 supplier. The electronic parts may be in production and 
currently available in stock, in production and not currently available 
in stock, or not in production but currently available in stock. 
Therefore, even if there is a demonstrated, immediate need for a part 
in production with a lead time, contractors do not have the option to 
seek the part from other than a Category 1 source. Some of the listed 
technicalities with regard to potential meanings of ``unavailable'' are 
irrelevant, because if the part is in production, it must be bought 
from a Category 1 supplier, whether or not it is currently available or 
unavailable in stock.
    DoD has modified the final rule to clarify that ``in production'' 
includes by the original manufacturer or by an authorized aftermarket 
manufacturer, and that ``currently available in stock'' means from one 
of the Category 1 sources.
    In addition, DoD changed ``or'' to ``and'' in DFARS 246.870-
2(a)(1)(ii) and at 252.246-7008(b)(2) because ``or'' includes 
circumstances that overlap with paragraphs (a)(1)(i) and (b)(1), 
respectively, and does not accurately reflect the statutory requirement 
to specify the sources in circumstances not covered in those 
paragraphs. The only remaining circumstance to be covered in paragraph 
(a)(1)(ii) and (b)(2) is ``not in production'' and ``not currently 
available in stock.''
    A contractor must make a good faith effort to determine whether an 
electronic part is available from Category 1 sources (DFARS 246.870-
2(a)(1)(i)). Any changes to a contractor's use of approved sources 
would require additional review by DoD. Due to the added costs that may 
be involved in obtaining a part from a contractor-approved supplier, a 
contractor is incentivized to locate a Category 1 source.
    This DFARS rule does not address obsolescence management and 
diminishing manufacturing sources as these areas are outside the scope 
of this case. DFARS Case 2016-D022 will implement section 803 of the 
NDAA for FY 2014 to address these issues. This rule takes a risk-based 
approach to counterfeit prevention. The rule allows contractors to make 
risk-based decisions (such as testing and inspection) based on supply 
chain assurance measures (such as the source of the electronic part), 
which is all subject to review and audit by the contracting officer. 
DoD uses the Department of Defense Risk, Issue, and Opportunity 
Management Guide for Defense Acquisition Programs.
6. Contractor Identification of Contractor-Approved Suppliers
a. Selection and Use of Standards
    Several respondents expressed concerns specific to the selection 
and use of DoD-adopted industry standards and requested that the agency 
identify application of standards by industry.
    Comment: One respondent commented that by acknowledging that 
contractors can identify other suppliers as ``trusted'' if they first 
qualify the supplier using industry standards and processes for 
counterfeit prevention, the proposed rule allows for electronic parts, 
particularly parts for mature platforms near the end of their 
lifecycles, to be procured after the original manufacturers and 
immediate authorized dealers and distributors have ceased to 
manufacture and supply the parts.
    Response: Noted.
    Comment: One respondent questioned the meaning of ``DoD-adopted'' 
standards, and recommended that industry standards be the default test 
for the conformance of contractor-vetted trusted suppliers vice DoD-
adopted standards. This respondent also mentioned an inconsistency 
between the requirements with regard to standards in the definition of 
``trusted supplier'' and the DFARS clause at 252.246-7008(b)(2). 
Another respondent requested clarification as to where DoD-adopted 
standards are to be used versus other industry standards.
    Response: A Web site was provided in the proposed rule in the 
definition of ``trusted supplier'' that specified DoD-adopted 
counterfeit prevention industry standards and processes. The following 
industry standards are currently DoD-adopted and could be used to 
satisfy contractual requirements: ISO 9001, AS9100, AS5553A, AS6462, 
AS6081, AS6174A, etc. The definition of ``trusted supplier'' has been 
deleted from the final rule. DFARS 246.870-2(a)(1)(ii)(A) and 252.246-
7008(b)(2)(i) have been amended to add ``such as the DoD-adopted 
standards at https://assist.dla.mil,'' but does not specifically 
require the use of DoD-adopted standards.
    Comment: One respondent suggested changing FAR 46.203, Criteria for 
Use of Contract Quality Requirements, to require certification to 
industry standards vice compliance with industry standards.
    Response: Changing the FAR is outside the scope of this case.
b. Redundant Validation
    Comment: Several respondents recommended that the proposed rule be 
revised to eliminate redundant validation of suppliers. The respondents 
assert that the rule as written would require contractors to validate 
U.S. Government sources such as the Defense Logistics Agency and the 
Federal Supply Schedule as trusted suppliers. Several respondents 
recommend specifying that these sources be considered trusted 
suppliers. Another respondent recommended presuming suppliers to be 
``trusted'' if the prime and subcontractors have approved processes in 
place to identify suppliers and provide proof that those processes have 
been followed. Alternately, this respondent suggested that the 
Government could work with industry to develop a third party 
accreditation program to verify that suppliers at all tiers are in 
compliance with established counterfeit detection and avoidance 
requirements and identify a pool of accredited suppliers.
    Response: Contractors or subcontractors who purchase directly from 
another vendor (such as the Federal Supply Schedule or from suppliers 
accredited by the Defense Microelectronics Activity), or requisition 
electronic parts from the Government inventory/stock under the 
authority of DFARS 252.251-7000, Ordering from Government Supply 
Sources, are still required to comply with the requirements of DFARS 
252.246-7008(b) and (c). However, the final rule has been revised at 
DFARS 246.870-2(a)(3)(iii)(B) and 252.246-7008(d)(3)(ii) to state that 
if the contractor or contractor requisitions electronic parts from the 
Government, the Government will be responsible for the authenticity of 
the parts. If any such part is subsequently found to be counterfeit or 
suspect counterfeit, the Government will promptly replace such part at 
no charge and will consider an adjustment in the contract schedule to

[[Page 50641]]

the extent that replacement of the counterfeit or suspect counterfeit 
electronic parts caused a delay in performance.
    A third party accreditation program is outside the scope of this 
rule, which is implementing the statutory requirement to allow 
contractors and subcontractors to identify trusted suppliers (now 
termed ``contractor-approved suppliers.''
c. Review and Audit by Government
    Comment: Several respondents addressed the requirement that the 
contractor's identification of trusted suppliers for parts not in 
production or not currently in stock is subject to review and audit by 
DoD.
    One respondent commented that section 818 of the NDAA for FY 2012 
only required that selection of ``trusted suppliers'' (as opposed to 
non-trusted suppliers) be subject to Government review and audit. One 
respondent questioned why contractor identified suppliers that also 
conform to industry standards (DoD-adopted or otherwise) are subject to 
review and audit by DoD officials. The respondent recommends that no 
additional review or audit be implemented where system oversight is 
compliant with DFARS part 246.
    One respondent was concerned that, absent a clear standard, the due 
diligence required to establish a trusted supplier will vary depending 
on the judgment of the DoD official conducting the review and audit. 
This respondent recommended that the Government should establish a 
presumption that suppliers are trusted if the prime contractor and 
subcontractors have approved processes in place to identify suppliers 
and provide proof that those processes have been followed.
    Response: Section 818 of the NDAA for FY 2012 (Pub. L. 112-81) 
requires, in paragraph (c)(3)(D)(iii), that the selection of additional 
trusted suppliers by DoD contractors is subject to review and audit by 
DoD officials.
    Furthermore, section 885 of the NDAA for FY 2016 amends paragraph 
(c)(3)(D)(iii) of section 818 to require review, audit, and approval by 
DoD officials. This amendment will be addressed under DFARS Case 2016-
D013, Amendments Related to Sources of Electronic Parts.
d. DoD Establishment of Qualification Requirements
    A number of respondents commented on the need for DoD to establish 
qualification requirements and expressed concern about the status of 
DFARS Case 2015-D020, DoD Use of Trusted Suppliers for Electronic 
Parts.
    Comment: One respondent said that the proposed rule appeared to 
shift the determination and risk of which suppliers to trust entirely 
to the contractor community, which the respondent believed is contrary 
to Congressional intent. The respondent asserted that the intent was 
for DoD and contractors to share the risk. The respondent further 
stated that the proposed rule does not provide detailed guidance to 
contractors on the factors to consider in identifying trusted 
suppliers.
    One respondent expressed concern that there is a potential loophole 
for a contractor to procure electronic parts from a high-risk supplier 
without Government notification. A contractor might locate an obsolete, 
high-risk part from a poor supplier, and quickly qualify that supplier 
as trusted, thereby avoiding the notification requirement.
    Another respondent mentioned that there is no current means to 
qualify a non-authorized electronic part as an original component 
manufacturer authorized part and purchases of electronic parts from 
nonauthorized sources threaten the safety and integrity of the DoD 
supply chain. The respondent recommended that DoD propose regulations 
that include DoD's use and qualification requirements for trusted 
suppliers, to ensure consistency with the proposed rule and the final 
rule in DFARS Case 2012-D055. The respondent stated that DoD should 
issue the rule to establish qualifications for DFARS Case 2015-D020 
simultaneously with this proposed rule to avoid confusion and ensure 
consistency of implementation. According to the respondent, DoD has not 
exercised its statutory authority to identify additional trusted 
suppliers for contracts and subcontracts to use. The respondent 
encouraged DoD to clarify that the qualification requirements to be 
established in DFARS Case 2015-D020 may be used by contractors when 
implementing their trusted-supplier program as required by the proposed 
clause DFARS 252.246-7008, Sources of Electronic Parts.
    According to one respondent DoD continues to delay regulations for 
use and qualification requirements of trusted suppliers. One respondent 
recommended that DoD accelerate resolution of DFARS Case 2015-D020 
because the proposed rule requires contractors to guarantee 
authenticity of electronic parts acquired from the Federal Supply 
Schedule. Another respondent recommended that DFARS Case 2015-D020 
should be aggressively developed.
    Another respondent recommended delaying the proposed rule until 
DFARS 2015-D020 has been released so they can understand how DoD will 
define criteria for Trusted and Non-Trusted Suppliers.
    Response: This rule implements section 818 of the NDAA for FY 2012, 
as amended, which provides in paragraph (c)(3)(D) that regulations to 
be issued by DoD shall authorize DoD contractors to identify and use 
``additional trusted suppliers'' subject to certain conditions (DFARS 
246.870-2(a)(1)(ii) and 252.246-7008(b)(2)). The contractor must use 
established counterfeit prevention industry standards, including 
testing, and must assume responsibility for the authenticity of the 
parts provided by such contractor-approved suppliers. Furthermore, DoD 
has the right to ``review and audit'' the contractor selection of 
``contractor-approved suppliers.'' In this final rule, DoD has added 
this review and audit of contractor identification of contractor-
approved suppliers at DFARS 242.302(S-76) as a contract administration 
function that is delegable to the administrative contracting officer.
    This authority to identify contractor-approved suppliers is 
independent of section 818(c)(3)(D), which is the subject of DFARS Case 
2015-D020. It would not be in the best interest of industry to delay 
this rule until publication of a final rule under DFARS Case 2015-D020, 
which has not yet been published as a proposed rule, because the ``safe 
harbor'' provisions of section 885(a) of the NDAA for FY 2016 are 
dependent upon publication of this final rule (see section II.B.9. of 
this preamble).
7. Traceability
    Many respondents commented on the requirements for traceability 
from the original manufacturer to product acceptance by the Government.
    Comment: Several respondents were concerned that traceability will 
be difficult to establish for parts used in defense systems. According 
to the respondents, it is likely that very large numbers of electronic 
parts cannot be traced back to the original manufacturer or authorized 
dealer.
    Response: The rule expects that traceability is not always possible 
and provides that the contractor is responsible for inspection, 
testing, and authentication, in accordance with existing industry 
standards, if the contractor cannot establish traceability from the 
original manufacturer for a specific part.

[[Page 50642]]

    Comment: Several respondents question the benefit of maintaining 
end-to-end traceability compared to the cost. One respondent opposes 
serialized end-to-end traceability throughout the supply chain because 
the costs of such traceability are prohibitively high as compared to 
the incremental benefit in increased quality assurance. According to 
one respondent, there will be increased costs associated with 
implementation and recordkeeping, which could be significant for 
smaller businesses. One respondent noted that traceability does not 
necessarily prove that an electronic component is genuine or that the 
component has been properly packaged, stored or handled in accordance 
with the original component manufacturer's specifications and that 
traceability documents and technologies are subject to counterfeiting.
    Response: DoD has accounted for the recordkeeping requirements 
related to traceability in the regulatory flexibility analysis and the 
Office of Management and Budget clearance of the information collection 
requirement. While DoD acknowledges the burden associated with this 
requirement and that establishing such traceability does not guarantee 
the authenticity of all parts, nevertheless DoD considers the costs 
associated with this burden to be justified in comparison to the harm 
that can result from introduction of counterfeit parts into the DoD 
supply chain.
    Comment: One respondent stated that the requirements of the 
proposed rule do not appear to be based upon risk. One respondent, 
however, agreed with the proposed rule allowing for risk-based 
processes including testing and inspections when buying parts from 
other than an original equipment manufacturer or original component 
manufacturer, their authorized dealers, or suppliers that purchase 
parts exclusively from the original equipment manufacturers, original 
component manufacturer, or their authorized dealers.
    Another respondent stated that the proposed rule adopts an approach 
recommended by industry subject matter experts. Where traceability to 
the original manufacturer cannot be established, the contractor or 
subcontractor must complete an evaluation that includes use of 
alternative parts, and apply its risk-based systems, including tests 
and inspections commensurate with risk.
    Response: First, the requirement in DFARS 252.246-7007, Contractor 
Counterfeit Electronic Part Detection and Avoidance System, states in 
paragraph (c)(4) that the system shall address risk-based processes 
that enable tracking of electronic parts from the original manufacturer 
to product acceptance by the Government. Then in paragraph (c) of DFARS 
252.246-7008, it again states that the contractor shall have risk-based 
processes (taking into consideration the consequences of failure of an 
electronic part) that enable tracking from the original manufacturer. 
The level of inspection, testing, and authentication that the 
contractor would perform if unable to track an electronic part from the 
original manufacturer would also be commensurate with the criticality 
of the part. The final rule removes the requirement for contractor 
consideration of alternative parts. That should be a Government 
decision.
    Comment: Several other respondents stated that industry does not 
ordinarily maintain this kind of serialized end-to-end traceability for 
electronic parts and recommended that the rule should conform to 
industry standards (such as SAE AS5533) for maintaining traceability of 
electronic parts.
    One respondent stated that many legacy systems now require 
electronic parts not available from trusted suppliers as defined here, 
and pursuant to the requirement of section 803 of the NDAA for FY 2014 
to issue guidance on sourcing for obsolete parts, the Department should 
provide instructions on how to make such determinations of risk and 
what criteria should reasonably support the contractor's determination. 
Another respondent requests more explanation as to the required 
``determination of risk'' assessments that contractors, and their 
supply chains, will need to undertake.
    Another respondent was appreciative that this rule allows the 
industry to enable the traceability without proscribing the method, so 
that the industry is able to use processes that maintain the 
traceability without the added expense and bureaucracy of specific 
documents and systems.
    Response: DoD is willing to bear the expense associated with 
maintaining traceability to the extent feasible in order to improve 
detection and avoidance of counterfeit parts in the DoD supply chain. 
The final rule provides a course of action for the contractor if 
traceability cannot be established, i.e., the contractor is responsible 
for inspection, testing, and authentication in accordance with existing 
applicable industry standards.
    Regulations to implement section 803 of the NDAA for FY 2014 are 
still pending (DFARS Case 2016-D022).
    Comment: One respondent asked whether traceability will be a 
contract deliverable to the Government.
    Response: In the final rule, the clause requires that the 
contractor and subcontractors maintain documentation regarding 
traceability and make such documentation available to the Government 
upon request.
8. Purchases From Other Suppliers
a. Notification
    Several respondents provided comments on the notification 
requirement of the proposed rule, which required the contractor to 
notify the contracting officer when buying from a Category 3 source 
(see DFARS 252.246-7008(b)(3)).
    Comment: Several respondents questioned what is meant by ``not 
possible to obtain an electronic part from a trusted supplier.'' 
According to one respondent, it was unclear on whether the term ``not 
possible'' intends to preclude contractors and subcontractors from 
taking price and schedule impact into account in evaluating the 
relative risks of purchasing a particular part from a trusted supplier 
versus an other than trusted supplier.
    Response: DoD has clarified the wording of DFARS 252.246-
7008(b)(3)(i)(A), replacing ``not possible to obtain'' with ``due to 
nonavailability,'' for increased consistency with the statute and DFARS 
246.870-2(a)(2)(i).
    Comment: One respondent questioned how, when, or to whom 
subcontractors are supposed to provide the required notification.
    Response: Since the clause flows down to all tiers, subcontractors 
will provide the required notification up the chain to the prime 
contractor.
    Comment: One respondent commented that the notification 
requirements would present a significant challenge in cases where a 
subcontractor would not accept counterfeit avoidance and detection 
requirements included in DFARS clause 252.246-7007, Contractor 
Counterfeit Electronic Part Detection and Avoidance System, 
particularly when dealing with COTS electronic assembly providers.
    Response: DoD has revised the rule to address the issues raised 
regarding flowdown clause acceptance of DFARS 252.246-7008, Sources of 
Electronic Parts, by the subcontractors (see section II.B.2.c. of this 
preamble), which should sufficiently resolve the concerns of the 
respondent.
    Comment: Several respondents requested clarification on what is 
required to be provided in the notice to the contracting officer, when 
such notice is to be issued, and where in the

[[Page 50643]]

chain of custody the notice is to originate.
    Response: The final rule has been amended at DFARS 252.246-
7008(b)(3)(ii)(A) to require prompt notification to the contracting 
officer in writing. There is no requirement for content of the notice 
beyond the common sense facts necessary to convey the circumstances to 
the contracting officer--what part is being bought, from whom, and why. 
The notice originates with whatever entity (prime contractor or 
subcontractor) is making the purchase, and is passed up to the 
contracting officer through the intervening subcontract tiers and the 
prime contractor. Documentation of inspection, testing, and 
authentication of such electronic parts is only required to be 
furnished to the Government upon request.
    Comment: One respondent referenced the outstanding ``Expanded 
Reporting'' FAR case that proposed addressing counterfeit electronic 
part reporting through the GIDEP mechanism but that case has been held 
in abeyance for reasons unknown to industry. The respondent requested 
that DOD ensure that any notice requirements in the new clause are 
distinguished from other requirements to report counterfeits to the 
GIDEP portal after discovery.
    Response: DoD has noted the comments regarding the FAR Case 2013-
002, Expanded Reporting Requirements. The notice in this case will not 
conflict with GIDEP reporting, because this notice is not a notice of a 
nonconforming part, but notice of contracting with a potentially 
higher-risk supplier.
b. Is DoD approval required?
    Comments: One respondent commented that the proposed notification 
requirement does not address whether the contractor or subcontractor is 
free to purchase the part from an other-than-trusted supplier once the 
required notification has been given to the contracting officer or 
whether they cannot proceed with the purchase until it has received 
some form of approval from the contracting officer. Confirmation of the 
intent was requested to be included in the rule.
    Response: The rule does not require approval for use of Category 3 
sources.
9. Safe Harbor
    Comment: Several respondents requested a safe harbor under various 
circumstances:
    One respondent recommended that the DFARS be amended to reflect the 
``safe harbor'' of buying from ``legally authorized sources'' (i.e., 
original manufacturer and their authorized distributors, and authorized 
aftermarket distributors and manufacturers) and that the processes/
procedures for detecting and avoiding counterfeit electronic parts only 
be used for acquisitions from unauthorized sources (i.e., sources other 
than ``legally authorized sources'').
    One respondent requested that the Defense Acquisition Regulation 
Council should address whether, and the extent to which, an agency's 
approval following a required notification would act as a safe harbor 
for any counterfeit problems that were subsequently encountered with 
the parts that had been approved.
    One respondent recommended that, because traceability is considered 
an element of the contractor process of acquiring parts where the prime 
is not a trusted supplier and also part of the detection and avoidance 
system requirements, DoD provide a safe harbor from liability or 
contract breach if the contractor acquires an electronic part to 
support a legacy system and has performed a good faith risk 
determination in lieu of end-to-end traceability, but the part is 
determined to be counterfeit at some point in the future after delivery 
to DoD.
    This respondent also noted that section 885(a) of the NDAA for FY 
2016 provides a ``conditional safe harbor from strict liability from 
damage caused by counterfeit electronic parts provided the contractor 
has a detection and avoidance system, provides timely notice of a 
counterfeit in the supply chain to DoD, and acquires the parts from a 
trusted supplier.'' This respondent also requested that DoD ensure that 
any rules be conformed with all legislative changes made to the law 
since enactment of the NDAA for FY 2012 and that allow for an 
understandable and cost efficient implementation.
    Response: The language of section 818 of the NDAA for FY 2012, as 
revised by section 885(a) of the NDAA for FY 2016, exclusively 
addresses allowable costs for counterfeit parts or suspect counterfeit 
parts and the cost of rework or corrective action that may be required 
to remedy the use or inclusion of such parts, and does not provide a 
safe harbor from liability or harm or damage that may result from the 
undetected use or inclusion of counterfeit parts. Section 885(a) is 
being implemented under DFARS Case 2016-D009.
    Contractor developed risk-based processes utilizing industry 
standards or their internal processes/controls, are the responsibility 
of the contractors' discretion. Any failure of the contractor 
counterfeit electronic part detection and avoidance system will require 
remedial action.
    DoD does not currently approve the acquisition of parts from any 
particular source.
10. Cost Allowability
    Comment: One respondent asked for clarification that the costs 
associated with any new supply chain security measures are allowable. 
According to the respondent, the rule is silent as to who will bear the 
added costs of implementing serialized traceability or of the non-
recurring engineering associated with utilizing alternate parts or of 
the testing necessary to establish authenticity. Any new costs 
associated with the final rule should be clearly stated as allowable.
    Response: The implementation costs associated with compliance with 
DFARS 252.246-7008 are not unlike any other costs anticipated to be 
incurred by the contractor or subcontractor to perform the requirements 
of a contract. Whether a cost is allowable and allocable is generally 
governed by FAR part 31. Unless a cost is explicitly unallowable, 
whether a cost is allowable depends on factors such as reasonableness, 
allocability, CAS standards (and approved disclosure statements), if 
applicable, otherwise, generally accepted accounting principles and 
practices appropriate to the particular circumstances, and the terms of 
the contract. It is unnecessary to address the allowability of costs 
incurred under every contract requirement. In accordance with FAR 
31.201-4, a cost is allocable if it is assignable or chargeable to one 
or more cost objectives on the basis of relative benefits received or 
other equitable relationship. Subject to these conditions a cost is 
allocable to a Government contract if it is (a) incurred specifically 
for the contract; (b) benefits both the contract and other work, and 
can be distributed to them in reasonable proportion to the benefits 
received; or (c) is necessary to the overall operation of the business, 
although a direct relationship to any particular cost objective cannot 
be shown.
11. Regulatory Flexibility Analysis
    See the comments and responses relating to impact on small business 
in the summary of the Final Regulatory Flexibility Analysis in section 
V of this preamble.
12. Information Collection Requirement
    Several respondents commented on the information collection 
requirement.
    Comment: One respondent expressed detailed concerns about the 
necessity

[[Page 50644]]

and practical utility of the proposed rule. The respondent was 
concerned about significantly expanding contractors' tracking, 
collection, and reporting obligations. Subcontractors may not have such 
information readily available and may be reluctant to share this 
information up the supply chain. The respondent also had serious 
concerns about security and protection of the information. The 
respondent encouraged DoD to consider whether it is necessary to 
collect all this data at all tiers and to pass the data up through the 
supply chain to the Government, before any reportable instance of 
counterfeit or suspect counterfeit electronic parts.
    The respondent also believed that DoD may already have access to a 
lot of this data, because DoD has access to databases of thousands of 
suppliers that provide parts to its acquisition system. The respondent 
considered that the handful of additional suppliers that may be 
identified will not provide much return on investment.
    Response: The only definite reporting requirement in the rule is to 
provide notification to the Government if using a Category 3 supplier. 
This notification is a statutory requirement. Documentation on 
traceability or inspection, testing, and validation need only be 
provided to the Government upon request. This approach is considered 
necessary by subject matter experts within DoD to implement the 
statutory requirement and to detect and avoid counterfeit parts within 
the supply chain.
    Comment: One respondent did not believe that the Government 
estimated collection time and costs capture all that contractors must 
do to comply.
     Hours per response (1 hour per response): Appears to 
assume that all information is already in a database or otherwise 
easily accessible and that a single person at a single facility will be 
able to generate such a report.
     Frequency of report (1 per year): The proposed rule 
requires that contractors must notify the contracting officer when they 
cannot obtain covered parts from a trusted supplier in each instance, 
or at least on a lot basis. This requirement is event-driven, 
potentially arising on multiple occasions during any given year.
     Number of respondents (1,000): In view of the statement in 
the Federal Register that the rule will cover 33,000 small entities in 
addition to the large CAS-covered businesses, the respondent considers 
the estimate of 1,000 respondents too low.
    Another respondent suggested that the information collection 
portion of the proposed rule be re-estimated to reflect the suggested 
flowdown requirements to create a more accurate assessment of the true 
costs of the rule.
    Response: The estimated information collection burden in the 
proposed rule related only to the required notification when using 
other than a ``trusted supplier.'' This should be quite rare, since it 
only occurs when an item is out of production, not currently available 
in stock, and not available from a contractor-approved supplier. 
However, the estimates have been adjusted to acknowledge that in many 
cases information for such notification may have to be provided by a 
lower tier subcontractor to the prime contractor.
    In addition, the final rule makes explicit the requirement to 
maintain documentation with regard to traceability or inspection, 
testing and authentication and make the documentation available upon 
request. This is not an added burden for contractors and 
subcontractors, but an acknowledgement of a burden that was implicit in 
the proposed rule. These requirements have been calculated for 
subcontractors, as well as prime contractors. The final information 
collection requirement estimates are summarized as follows:

----------------------------------------------------------------------------------------------------------------
                                                                             Total reporting    Annual reporting
             Requirement                 Respondents         Responses            hours            burden ($)
----------------------------------------------------------------------------------------------------------------
252.246-7008 (c)(3)(ii).............              5,049             50,490             41,310          1,900,260
252.246-7008 (b)(3)(ii).............              1,575              2,550              2,550            117,300
                                     ---------------------------------------------------------------------------
    Total Reporting Burden..........              6,624             53,040             43,860         $2,017,560
----------------------------------------------------------------------------------------------------------------


----------------------------------------------------------------------------------------------------------------
                                                                                                    Annual
                    Recordkeeping                        Recordkeepers       Recordkeeping       recordkeeping
                                                                                 hours              burden
----------------------------------------------------------------------------------------------------------------
252.246-7008........................................             78,773           2,363,190         $75,622,080
----------------------------------------------------------------------------------------------------------------

    Comment: The respondent urged reconsideration not only of the 
estimate of the burdens, but consideration of how the rule might be 
revised so as to reduce the burdens on industry and the Government.
    Response: DoD has not been able to identify a viable alternative 
that would meet the objectives of the rule and comply with the 
statutory requirements. The notification requirement is statutory. The 
data on traceability or inspection, testing, and validation need only 
be provided to the Government upon request.
    Comment: One respondent asked for the elimination of the 
requirement for information collection concerning detection and 
avoidance of counterfeit electronic parts for products regulated by the 
FDA.
    Response: See response in section II.B.2.f. of this preamble.

C. Other Changes

    1. Revised the definition of ``original component manufacturer'' to 
replace ``is pursuing, or has obtained the intellectual property 
rights'' with ``is entitled to any intellectual property rights.'' 
There may not be any intellectual property rights associated with an 
item or the manufacturer may have the rights on the basis of a trade 
secret without having filed for a patent.
    2. Moved DFARS 246.870-2(a)(1)(iii) to paragraph (a)(3), so that it 
is also applicable to (a)(2) of that section.
    3. Corrected the reference at DFARS 246.870-2(a)(2) from 
``paragraph (c)'' to ``paragraph (b)(3)(ii) through (b)(3)(iv)'' of the 
clause at 252.246-7008.
    4. Amended DFARS 246.870-2(b)(2)(v) to reference 246.870-2(a), 
rather than replicate the suppliers to be used under certain 
conditions. This is consistent with DFARS 252.246-7007(c)(5), as 
amended in this final rule.
    5. Amended DFARS 252.246-7007(b) to add notification to the 
contractor that an additional consequence of an unacceptable 
counterfeit electronic part detection and avoidance system may be a 
negative impact on the allowability of costs of counterfeit electronic 
parts or suspect counterfeit electronic parts and the cost of rework or 
corrective action

[[Page 50645]]

that may be required to remedy the use or inclusion of such parts, with 
a cross-reference to the cost principle at DFARS 231.205-71, while 
deleting the cross-reference to the cost principle at 252.246-
7008(b)(2)(ii). The cost principle addresses CAS-covered contractors, 
which makes a cross-reference to that principle more appropriate in 
252.246-7007, which applies only to CAS-covered contractors.
    Also amended paragraph (c)(4) to change ``Processes'' to ``Risk-
based processes,'' for consistency with DFARS 252.246-7008(c)(1) and 
referenced the clause at 252.246-7008(c) for details on the 
notification requirement (comparable to the cross-reference in the 
252.246-7007(5)).
    6. Moved paragraph (d) of DFARS 252.246-7008 to paragraph (b)(3) of 
the clause, restructured, and clarified the wording for increased 
consistency with the statute and DFARS 246.870-2(a)(2).

III. Applicability to Contracts at or Below the Simplified Acquisition 
Threshold (SAT) and for Commercial Items, Including COTS Items

    This rule applies the requirements of section 818(c)(3) of the NDAA 
for FY 2012, as amended, to contracts at or below the SAT, and to 
contracts for the acquisition of commercial items, including COTS 
items.

A. Applicability to Contracts at or Below the Simplified Acquisition 
Threshold

    41 U.S.C. 1905 governs the applicability of laws to contracts or 
subcontracts in amounts not greater than the simplified acquisition 
threshold. It is intended to limit the applicability of laws to such 
contracts or subcontracts. 41 U.S.C. 1905 provides that if a provision 
of law contains criminal or civil penalties, or if the FAR Council 
makes a written determination that it is not in the best interest of 
the Federal Government to exempt contracts or subcontracts at or below 
the SAT, the law will apply to them. The Director, Defense Procurement 
and Acquisition Policy (DPAP), is the appropriate authority to make 
comparable determinations for regulations to be published in the DFARS, 
which is part of the FAR system of regulations.

B. Applicability to Contracts for the Acquisition of Commercial Items, 
Including COTS Items

    41 U.S.C. 1906 governs the applicability of laws to contracts for 
the acquisition of commercial items, and is intended to limit the 
applicability of laws to contracts for the acquisition of commercial 
items. 41 U.S.C. 1906 provides that if a provision of law contains 
criminal or civil penalties, or if the FAR Council makes a written 
determination that it is not in the best interest of the Federal 
Government to exempt commercial item contracts, the provision of law 
will apply to contracts for the acquisition of commercial items. 
Likewise, 41 U.S.C. 1907 governs the applicability of laws to COTS 
items, with the Administrator for the Office of Federal Procurement 
Policy the decision authority to determine that it is in the best 
interest of the Government to apply a provision of law to acquisitions 
of COTS items in the FAR. The Director, DPAP, is the appropriate 
authority to make comparable determinations for regulations to be 
published in the DFARS, which is part of the FAR system of regulations.

C. Determination

    The Director, DPAP, has determined that it is in the best interest 
of the Government to apply the requirements of section 818(c)(3) of the 
NDAA for FY 2012, as amended, to contracts at or below the SAT and to 
contracts for the acquisition of commercial items, including COTS 
items. Counterfeit electronic parts, regardless of dollar value, can 
seriously disrupt the DoD supply chain, harm weapon system integrity, 
and endanger troops' lives. Even low dollar value electronic parts can 
cause critical failure of fielded systems, such as aircraft, ships, and 
other weapon systems. Furthermore, studies have shown that a large 
proportion of proven counterfeit electronic parts were initially 
purchased as commercial items, including COTS items. Therefore, 
exempting contracts and subcontracts below the SAT or for acquisition 
of commercial (including COTS) items from application of the statute 
would severely decrease the intended effect of the statute and increase 
the risk of receiving counterfeit parts, which may present a 
significant mission, security, or safety hazard.

IV. Executive Orders 12866 and 13563

    Executive Orders (E.O.s) 12866 and 13563 direct agencies to assess 
all costs and benefits of available regulatory alternatives and, if 
regulation is necessary, to select regulatory approaches that maximize 
net benefits (including potential economic, environmental, public 
health and safety effects, distributive impacts, and equity). E.O. 
13563 emphasizes the importance of quantifying both costs and benefits, 
of reducing costs, of harmonizing rules, and of promoting flexibility. 
This is a significant regulatory action and, therefore, was subject to 
review under section 6(b) of E.O. 12866, Regulatory Planning and 
Review, dated September 30, 1993. This rule is not a major rule under 5 
U.S.C. 804.

V. Regulatory Flexibility Act

    A final regulatory flexibility analysis (FRFA) has been prepared 
consistent with the Regulatory Flexibility Act, 5 U.S.C. 601, et seq. 
The FRFA is summarized as follows:
    This final rule further implements section 817 of the National 
Defense Authorization Act (NDAA) for Fiscal Year (FY) 2014 (Pub. L. 
112-81), which amended section 818 of the NDAA for FY 2012. The 
objective of this rule is to avoid acquisition of counterfeit 
electronic parts by requiring DoD contractors and subcontractors, 
except in limited circumstances, to buy electronic parts from the 
original manufacturers, their authorized supplier, or suppliers that 
obtain such parts exclusively from the original manufacturer of the 
parts or their authorized suppliers, in accordance with section 
818(c)(3) of the National Defense Authorization Act for FY 2012.

A. Applicability to Small Business Entities

    Comment: Several respondents recommended that DoD should not apply 
this rule to small entities, citing the burdens imposed. However, other 
respondents were very supportive of DoD for establishing requirements 
on contracts at all tiers and applying to small entities, because 
counterfeit parts purchased within the supply chain from small entities 
comprise a large portion of the counterfeit parts that directly 
threaten the DoD supply chain.
    Response: The law does not exempt small businesses from the 
statutory requirements. (See response to in section II.B.2.a. of this 
preamble.)

B. Burden Imposed

    Comment: Several respondents, including the Office of Advocacy of 
the Small Business Administration, noted that the increased costs 
associated with implementation and recordkeeping could be significant 
for small businesses. Another respondent suggested that DoD weigh the 
cost and benefits of information collected from contractors when 
implementing these rules. Most small and some mid-sized companies would 
not have the resources, experience, and infrastructure necessary to 
keep up a database of information related to this rule.
    Response: The Government recognizes that the cost of compliance to

[[Page 50646]]

the DFARS requirement for obtaining electronic parts from trusted 
sources may deter some small businesses and even suppliers of 
commercial items and COTS (where the Government is not a major portion 
of sales). However, the receipt of counterfeit parts represents an 
unacceptable risk to the Government. The clause requires small 
businesses and commercial item suppliers to put in place risk-based 
processes that take into consideration the consequences of failure.
    Comment: The Office of Advocacy stated that the cost of compliance 
will serve to deter small businesses from participating as prime and 
subcontractors in the Federal Acquisition process. More specifically, 
the Office of Advocacy, found it unclear, for parts that are in 
production, who will absorb the higher costs of restrictions on sources 
of electronic parts. The Office of Advocacy stated that this was of 
concern to small businesses. For parts that are not in production, the 
Office of Advocacy found it unclear how the small business owner is to 
provide documentation to the prime contractor or the contracting 
officer whether the part is in production or not. The Office of 
Advocacy also cites lack of guidance on cost or process or acceptable 
procedures for the small business to follow.
    Response: The Government recognizes that the cost of compliance to 
the DFARS requirement for obtaining electronic parts from trusted 
sources may deter some small businesses and even suppliers of 
commercial items and COTS (where the Government is not a major portion 
of sales). However, the receipt of counterfeit parts represents an 
unacceptable risk to the Government. With regard to cost allowability, 
the implementation costs associated with compliance with DFARS 252.246-
7008 are not unlike any other costs anticipated to be incurred by the 
contractor or subcontractor to perform the requirements of a contract 
(see section II.B.10. of this preamble). With regard to the costs of 
counterfeit electronic parts and suspect counterfeit electronic parts, 
and the cost of rework or corrective action that may be required to 
remedy the use or inclusion of such parts, section 818(c)(2)(B), as 
amended by the section 885 of the NDAA for FY 2016, will make such 
costs allowable if the contractor obtains such parts in accordance with 
the regulations to be published under this case; discovers the 
counterfeit parts or suspect counterfeit parts; and provides timely 
notice to the Government (see DFARS Case 2016-D010).
    With regard to parts that are not in production, the final rule has 
added clarification about necessary recordkeeping and documentation 
that shall be provided upon request (by the next high tier for a 
subcontractor or by the Government for the prime contractor). There is 
no requirement to provide documentation of whether the part is in 
productions. If the part can be obtained from a contractor-approved 
supplier and the contractor can establish traceability to the original 
manufacturer, then there is only need to provide documentation of the 
traceability upon request. If traceability cannot be established, then 
the contractor is required to maintain documentation of the required 
inspection, testing, and authentication, and make such documentation 
available upon request (see DFARS 252.246-7008(b)(3)(ii) and (c)(3)).
    The responsibility of the contractor in paragraph (c)(2), if the 
contractor cannot establish traceability, has been simplified to be 
comparable to the requirement in paragraph (b)(3)(ii) (if the 
contractor buys for a source other than what the statute terms a 
``trusted supplier''), i.e., the contractor is responsible for 
inspection, testing, and authentication in accordance with existing 
applicable industry standards.

C. Estimates of Burden

    Comment: The Office of Advocacy recommended that DoD should provide 
more clarity in the Initial Regulatory Flexibility Analysis (IRFA) as 
to the actual numbers of small businesses affected by the rule and the 
cost of compliance for small entities as prime and as subcontractors. 
The Office of Advocacy questioned whether COTS small businesses were 
included in the estimates.
    The Office of Advocacy further stated that DoD should have more 
accurate data on subcontractors, citing the DoD Comprehensive 
Subcontracting Test Program.
    Response: DoD has revised the estimated number of small business 
entities affected by the rule from 33,000 to 52,168. The supporting 
statement for the information collection requirement in the proposed 
rule only addressed the burden associated with the notification if the 
contractor is using a source other than a ``trusted supplier.'' The 
final rule makes explicit the requirement to maintain documentation 
with regard to traceability or inspection, testing, and authentication 
and make it available upon request (see section II.B.12. of this 
preamble). This is not an added burden for contractors and 
subcontractors but an acknowledgement of a burden that was implicit in 
the proposed rule.
    DoD does not have access to subcontract the subcontract data 
necessary to provide an accurate assessment of the impact of this rule. 
There are only about ten entities enrolled in the DoD Comprehensive 
Subcontracting Data Test Program. DoD also considered the data in the 
Electronic Subcontracting Reporting System. This system accumulates 
data by prime contractor to assess whether the prime contractor is 
meeting its subcontracting goals--it does not provide data on whether 
the subcontracts being reported contain electronic parts.

D. Alternatives

    Comment: According to the Office of Advocacy, DoD has not explored 
workable alternatives that will allow the Government to achieve its 
objectives. The Office of Advocacy suggested several alternatives for 
consideration:
     Support an Insurance Pool for small businesses, due to 
lack of clarity as to what constitutes a counterfeit part and who has 
ultimate liability.
     Use DoD testing resources to assist small firms in 
validating the authenticity of electronic parts or provide through the 
Mentor-Protege program a structure that would validate and test 
electronic parts for small subcontractors.
     Phase in compliance for COTS companies and small business 
subcontractors at certain dollar thresholds.
    Response: Supporting an insurance pool for small businesses is 
outside the scope of this rule.
    DoD does not have sufficient resources to take on the 
responsibility for validating the authenticity of electronic parts for 
small businesses. Furthermore, this would shift responsibility for 
compliance away from the prime contractor. 10 U.S.C. 2302 Note, which 
governs the DoD Mentor-Protege Pilot Program, addresses forms of 
assistance in paragraph (f) that a mentor firm may provide. This 
includes ``assistance, by using mentor firm personnel in engineering 
and technical matters such as production, inventory control, and 
quality assurance.'' It appears that this could cover a request by a 
small prot[eacute]g[eacute] firm for assistance by the mentor in 
compliance with this clause.
    The detection and avoidance of counterfeit parts is too important 
to delay implementation. A low dollar value undetected counterfeit part 
from a small business or a COTS item can have equally disastrous 
consequences as

[[Page 50647]]

higher dollar value part that is not a COTS item or provided by a small 
business. Not only is this a requirement of the law, but the 
criticality of levying this requirements on all vendors is to meet 
operational mission requirements and prevent loss of life. However, the 
final rule has been revised to provide a procedure for notification, 
inspection, testing, and authentication of an electronic part if a 
subcontractor refuses to accept flowdown of the clause at DFARS 
252.246-7008.
    Based on Federal Procurement Data System data for FY 2015, DoD 
estimates that this rule will apply to approximately 52,168 small 
entities that have DoD prime contracts or subcontracts for electronic 
parts, including end items, components, parts, or assemblies containing 
electronic parts; or services, if the contractor will supply electronic 
parts or components, parts, or assemblies containing electronic parts 
as part of the service.
    In addition to the requirements to acquire electronic components 
from trusted suppliers (in the rule: Original manufacturers, authorized 
suppliers, suppliers that obtain parts exclusively from original 
manufacturers or authorized suppliers, and contractor-approved 
suppliers), contractors and subcontractors that are not the original 
manufacturer or authorized supplier are required have a risk-based 
process to trace electronic parts from the original manufacturer to 
product acceptance by the Government. If that is not feasible, the 
Contractor shall have a process to complete an evaluation that includes 
consideration of alternative parts or utilization of tests and 
inspections commensurate with the risk. If it is not possible to obtain 
an electronic part from a trusted supplier, the contractor is required 
to notify the contracting officer. The contractor is responsible for 
inspection, testing, and authentication, in accordance with existing 
applicable industry standards, of electronic parts obtained from 
sources other than a trusted supplier. Notifying the contracting 
officer if it is not possible to obtain an electronic part from a 
trusted supplier, or responding to requests for documentation on 
traceability or inspection, testing, and validation of electronic parts 
would probably involve a mid-level of executive involvement. 
Recordkeeping is estimated to be function performed by personnel 
approximately equivalent to a Government GS-9 step 5 level.
    DoD was unable to identify any significant alternatives that would 
reduce the economic impact on small entities and still fulfill the 
requirements of the statute and the objectives of the rule to detect 
and avoid counterfeit parts in the DoD supply chain. It is not possible 
to exempt small entities or acquisition of commercial items (including 
COTS items) from application of this rule or phase in the applicability 
to such entities, without an unacceptable increase in the risk to of 
counterfeit parts in the supply chain. (See response to the Office of 
Advocacy of the Small Business Administration comments on alternatives 
in this FRFA.) DoD also considered (with the addition of this DFARS 
clause 252.246-7008, which is applicable to all subcontractors that 
provide electronic parts, including small businesses) whether the 
requirements of DFARS 252.247-7007 for a formal system to detect and 
avoid counterfeit parts could be made inapplicable to small businesses 
that are subcontractors to a CAS-covered prime contractor. This 
alternative was not acceptable to DoD policy experts.

VI. Paperwork Reduction Act

    This rule contains information collection requirements under the 
Paperwork Reduction Act (44 U.S.C. chapter 35). The Office of 
Management and Budget (OMB) has assigned OMB Control Number 0704-0541, 
entitled ``Detection and Avoidance of Counterfeit Parts--Further 
Implementation.''

List of Subjects in 48 CFR Parts 202, 212, 242, 246, and 252

    Government procurement.

Jennifer L. Hawes,
Editor, Defense Acquisition Regulations System.

    Therefore, 48 CFR parts 202, 212, 242, 246, and 252 are amended as 
follows:

0
1. The authority citation for parts 202, 212, 242, 246, and 252 
continues to read as follows:

     Authority:  41 U.S.C. 1303 and 48 CFR chapter 1.

PART 202--DEFINITIONS OF WORDS AND TERMS

0
2. Amend section 202.101 by--
0
a. Adding, in alphabetical order, the definitions for ``authorized 
aftermarket manufacturer,'' ``contract manufacturer,'' ``contractor-
approved supplier,'' ``original component manufacturer,'' ``original 
equipment manufacturer,'' and ``original manufacturer'';
0
b. Amending the definition of ``electronic part'' by removing the 
second sentence; and
0
c. Revising the definition of ``obsolete electronic part''.
    The additions and revision read as follows:


202.101   Definitions.

    Authorized aftermarket manufacturer means an organization that 
fabricates an electronic part under a contract with, or with the 
express written authority of, the original component manufacturer based 
on the original component manufacturer's designs, formulas, and/or 
specifications.
* * * * *
    Contract manufacturer means a company that produces goods under 
contract for another company under the label or brand name of that 
company.
* * * * *
    Contractor-approved supplier means a supplier that does not have a 
contractual agreement with the original component manufacturer for a 
transaction, but has been identified as trustworthy by a contractor or 
subcontractor.
* * * * *
    Obsolete electronic part means an electronic part that is no longer 
available from the original manufacturer or an authorized aftermarket 
manufacturer.
    Original component manufacturer means an organization that designs 
and/or engineers a part and is entitled to any intellectual property 
rights to that part.
    Original equipment manufacturer means a company that manufactures 
products that it has designed from purchased components and sells those 
products under the company's brand name.
    Original manufacturer means the original component manufacturer, 
the original equipment manufacturer, or the contract manufacturer.
* * * * *

PART 212--ACQUISITION OF COMMERCIAL ITEMS

0
3. Amend section 212.301 by adding new paragraph (f)(xix)(C) to read as 
follows:


212.301  Solicitation provisions and contract clauses for the 
acquisition of commercial items.

* * * * *
    (f) * * *
    (xix) * * *
    (C) Use the clause at 252.246-7008, Sources of Electronic Parts, as 
prescribed in 246.870-3(b), to comply with section 818(c)(3) of Public 
Law 112-81, as amended by section 817 of the National Defense 
Authorization Act for Fiscal Year 2015 (Pub. L. 113-291).

[[Page 50648]]

PART 242--CONTRACT ADMINISTRATION AND AUDIT SERVICES

0
4. Amend section 242.302(a) by adding a new paragraph (S-76) to read as 
follows:


242.302   Contract administration functions.

    (a) * * *
    (S-76) Review and audit contractor identification of contractor-
approved suppliers for the acquisition of electronic parts, as 
identified in the clause at 252.246-7008, Sources of Electronic Parts.
* * * * *

PART 246--QUALITY ASSURANCE

0
5. Revise section 246.870 heading to read as follows:


246.870   Contractor counterfeit electronic part detection and 
avoidance.


246.870-1   [Redesignated as 246.870-0]

0
6. Redesignate section 246.870-1 as 246.870-0.

0
7. In newly redesignated section 246.870-0, revise paragraph (a) to 
read as follows:


246.870-0   Scope.

* * * * *
    (a) Partially implements section 818(c) and (e) of the National 
Defense Authorization Act for Fiscal Year 2012 (Pub. L. 112-81), as 
amended by section 817 of the National Defense Authorization Act for 
Fiscal Year 2015 (Pub. L. 113-291); and
* * * * *

0
8. Add section 246.870-1 to read as follows:


246.870-1   Definition.

    Authorized supplier, as used in this subpart, means a supplier, 
distributor, or an aftermarket manufacturer with a contractual 
arrangement with, or the express written authority of, the original 
manufacturer or current design activity to buy, stock, repackage, sell, 
or distribute the part.

0
9. Revise section 246.870-2 to read as follows:


246.870-2   Policy.

    (a) Sources of electronic parts. (1) Except as provided in 
paragraph (a)(2) of this section, the Government requires contractors 
and subcontractors at all tiers, to--
    (i) Obtain electronic parts that are in production by the original 
manufacturer or an authorized aftermarket manufacturer or currently 
available in stock from--
    (A) The original manufacturers of the parts;
    (B) Their authorized suppliers; or
    (C) Suppliers that obtain such parts exclusively from the original 
manufacturers of the parts or their authorized suppliers; and
    (ii) Obtain electronic parts that are not in production by the 
original manufacturer or an authorized aftermarket manufacturer, and 
that are not currently available in stock from a source listed in 
paragraph (a)(1)(i) of this section, from suppliers identified by the 
Contractor as contractor-approved suppliers, provided that--
    (A) For identifying and approving such contractor-approved 
suppliers, the contractor uses established counterfeit prevention 
industry standards and processes (including inspection, testing, and 
authentication), such as the DoD-adopted standards at https://assist.dla.mil;
    (B) The contractor assumes responsibility for the authenticity of 
parts provided by such contractor-approved suppliers (see 231.205-71); 
and
    (C) The selection of such contractor-approved suppliers is subject 
to review and audit by the contracting officer.
    (2) The Government requires contractors and subcontractors to 
comply with the notification, inspection, testing, and authentication 
requirements of paragraph (b)(3)(ii) through (b)(3)(iv) of the clause 
at 252.246-7008, Sources of Electronic Parts, if the contractor--
    (i) Obtains an electronic part from--
    (A) A source other than any of the sources identified in paragraph 
(a)(1) of this section, due to nonavailability from such sources; or
    (B) A subcontractor (other than the original manufacturer) that 
refuses to accept flowdown of this clause; or
    (ii) Cannot confirm that an electronic part is new or not 
previously used and that it has not been comingled in supplier new 
production or stock with used, refurbished, reclaimed, or returned 
parts.
    (3) Contractors and subcontractors are still required to comply 
with the requirements of paragraphs (a)(1) or (2) of this section, as 
applicable, if--
    (i) Authorized to purchase electronic parts from the Federal Supply 
Schedule;
    (ii) Purchasing electronic parts from suppliers accredited by the 
Defense Microelectronics Activity; or
    (iii) Requisitioning electronic parts from Government inventory/
stock under the authority of the clause at 252.251-7000, Ordering from 
Government Supply Sources.
    (A) The cost of any required inspection, testing, and 
authentication of such parts may be charged as a direct cost.
    (B) The Government is responsible for the authenticity of the 
requisitioned electronic parts. If any such part is subsequently found 
to be counterfeit or suspect counterfeit, the Government will--
    (1) Promptly replace such part at no charge; and
    (2) Consider an adjustment in the contract schedule to the extent 
that replacement of the counterfeit or suspect counterfeit electronic 
parts caused a delay in performance.
    (b) Contractor counterfeit electronic part detection and avoidance 
system. (1) Contractors that are subject to the cost accounting 
standards and that supply electronic parts or products that include 
electronic parts, and their subcontractors that supply electronic parts 
or products that include electronic parts, are required to establish 
and maintain an acceptable counterfeit electronic part detection and 
avoidance system. Failure to do so may result in disapproval of the 
purchasing system by the contracting officer and/or withholding of 
payments (see 252.244-7001, Contractor Purchasing System 
Administration).
    (2) System criteria. A counterfeit electronic part detection and 
avoidance system shall include risk-based policies and procedures that 
address, at a minimum,the following areas (see the clause at 252.246-
7007, Contractor Counterfeit Electronic Part Detection and Avoidance 
System):
    (i) The training of personnel.
    (ii) The inspection and testing of electronic parts, including 
criteria for acceptance and rejection.
    (iii) Processes to abolish counterfeit parts proliferation.
    (iv) Processes for maintaining electronic part traceability.
    (v) Use of suppliers in accordance with paragraph (a) of this 
section.
    (vi) The reporting and quarantining of counterfeit electronic parts 
and suspect counterfeit electronic parts.
    (vii) Methodologies to identify suspect counterfeit electronic 
parts and to rapidly determine if a suspect counterfeit electronic part 
is, in fact, counterfeit.
    (viii) Design, operation, and maintenance of systems to detect and 
avoid counterfeit electronic parts and suspect counterfeit electronic 
parts.
    (ix) Flow down of counterfeit detection and avoidance requirements.
    (x) Process for keeping continually informed of current 
counterfeiting information and trends.
    (xi) Process for screening the Government-Industry Data Exchange

[[Page 50649]]

Program (GIDEP) reports and other credible sources of counterfeiting 
information.
    (xii) Control of obsolete electronic parts.

0
10. Amend section 246.870-3 by--
0
a. Revising the section heading;
0
b. Redesignating paragraphs (a)(1) through (3) as paragraph (a)(1)(i) 
through (iii), respectively;
0
c. Redesignating paragraph (a) as paragraph (a)(1);
0
d. In newly redesignated paragraph (a)(1), removing ``paragraph (b)'' 
and adding ``paragraph (a)(2)'' in its place;
0
e. In newly redesignated paragraph (a)(1)(iii), removing ``Services 
where'' and adding ``Services, if'' in its place;
0
f. Resdesignating paragraph (b) as paragraph (a)(2);
0
g. In newly redesignated paragraph (a)(2), removing ``set-aside'' and 
adding ``set aside'' in its place; and
0
h. Adding new paragraph (b).
    The addition reads as follows:


246.870-3   Contract clauses.

* * * * *
    (b) Use the clause at 252.246-7008, Sources of Electronic Parts, in 
solicitations and contracts, including solicitations and contracts 
using FAR part 12 procedures for the acquisition of commercial items, 
when procuring--
    (1) Electronic parts;
    (2) End items, components, parts, or assemblies containing 
electronic parts; or
    (3) Services, if the contractor will supply electronic parts or 
components, parts, or assemblies containing electronic parts as part of 
the service.

PART 252--SOLICITATION PROVISIONS AND CONTRACT CLAUSES

0
11. Amend section 252.246-7007 by--
0
a. In the introductory text, removing ``246.870-3'' and adding 
``246.870-3(a)'' in its place;
0
b. Removing the clause date ``(MAY 2014)'' and adding ``(AUG 2016)'' in 
its place;
0
c. In paragraph (a)--
0
i. Adding in alphabetical order the definitions of ``authorized 
aftermarket manufacturer,'' ``authorized supplier,'' ``contract 
manufacturer,'' ``contractor-approved supplier,'' ``original component 
manufacturer,'' ``original equipment manufacturer,'' and ``original 
manufacturer''; and
0
ii. Amending the definition of ``electronic part'' by removing the 
second sentence; and
0
iii. Revising the definition of ``obsolete electronic part'' and
0
d. Revising paragraph (b);
0
e. Revising paragraphs (c)(4) and (5); and
0
f. Revising paragraph (e).
    The additions and revisions read as follows:


252.246-7007   Contractor Counterfeit Electronic Part Detection and 
Avoidance System.

* * * * *
    (a) * * *
    Authorized aftermarket manufacturer means an organization that 
fabricates a part under a contract with, or with the express written 
authority of, the original component manufacturer based on the original 
component manufacturer's designs, formulas, and/or specifications.
    Authorized supplier means a supplier, distributor, or an 
aftermarket manufacturer with a contractual arrangement with, or the 
express written authority of, the original manufacturer or current 
design activity to buy, stock, repackage, sell, or distribute the part.
    Contract manufacturer means a company that produces goods under 
contract for another company under the label or brand name of that 
company.
    Contractor-approved supplier means a supplier that does not have a 
contractual agreement with the original component manufacturer for a 
transaction, but has been identified as trustworthy by a contractor or 
subcontractor.
* * * * *
    Obsolete electronic part means an electronic part that is no longer 
available from the original manufacturer or an authorized aftermarket 
manufacturer.
    Original component manufacturer means an organization that designs 
and/or engineers a part and is entitled to any intellectual property 
rights to that part.
    Original equipment manufacturer means a company that manufactures 
products that it has designed from purchased components and sells those 
products under the company's brand name.
    Original manufacturer means the original component manufacturer, 
the original equipment manufacturer, or the contract manufacturer.
* * * * *
    (b) Acceptable counterfeit electronic part detection and avoidance 
system. The Contractor shall establish and maintain an acceptable 
counterfeit electronic part detection and avoidance system. Failure to 
maintain an acceptable counterfeit electronic part detection and 
avoidance system, as defined in this clause, may result in disapproval 
of the purchasing system by the Contracting Officer and/or withholding 
of payments and affect the allowability of costs of counterfeit 
electronic parts or suspect counterfeit electronic parts and the cost 
of rework or corrective action that may be required to remedy the use 
or inclusion of such parts (see DFARS 231.205-71).
    (c) * * *
    (4) Risk-based processes that enable tracking of electronic parts 
from the original manufacturer to product acceptance by the Government, 
whether the electronic parts are supplied as discrete electronic parts 
or are contained in assemblies, in accordance with paragraph (c) of the 
clause at 252.246-7008, Sources of Electronic Parts (also see paragraph 
(c)(2) of this clause).
    (5) Use of suppliers in accordance with the clause at 252.246-7008.
* * * * *
    (e) The Contractor shall include the substance of this clause, 
excluding the introductory text and including only paragraphs (a) 
through (e), in subcontracts, including subcontracts for commercial 
items, for electronic parts or assemblies containing electronic parts.
* * * * *

0
12. Add section 252.246-7008 to read as follows:


252.246-7008   Sources of Electronic Parts.

    As prescribed in 246.870-3(b), use the following clause:

SOURCES OF ELECTRONIC PARTS (AUG 2016)

    (a) Definitions. As used in this clause--
    Authorized aftermarket manufacturer means an organization that 
fabricates a part under a contract with, or with the express written 
authority of, the original component manufacturer based on the 
original component manufacturer's designs, formulas, and/or 
specifications.
    Authorized supplier means a supplier, distributor, or an 
aftermarket manufacturer with a contractual arrangement with, or the 
express written authority of, the original manufacturer or current 
design activity to buy, stock, repackage, sell, or distribute the 
part.
    Contract manufacturer means a company that produces goods under 
contract for another company under the label or brand name of that 
company.
    Contractor-approved supplier means a supplier that does not have 
a contractual agreement with the original component manufacturer for 
a transaction, but has been identified as trustworthy by a 
contractor or subcontractor.
    Electronic part means an integrated circuit, a discrete 
electronic component (including, but not limited to, a transistor, 
capacitor, resistor, or diode), or a circuit assembly (section 
818(f)(2) of Pub. L. 112-81).
    Original component manufacturer means an organization that 
designs and/or engineers a part and is entitled to any intellectual 
property rights to that part.

[[Page 50650]]

    Original equipment manufacturer means a company that 
manufactures products that it has designed from purchased components 
and sells those products under the company's brand name.
    Original manufacturer means the original component manufacturer, 
the original equipment manufacturer, or the contract manufacturer.
    (b) Selecting suppliers. In accordance with section 818(c)(3) of 
the National Defense Authorization Act for Fiscal Year 2012 (Pub. L. 
112-81), as amended by section 817 of the National Defense 
Authorization Act for Fiscal Year 2015 (Pub. L. 113-291), the 
Contractor shall--
    (1) First obtain electronic parts that are in production by the 
original manufacturer or an authorized aftermarket manufacturer or 
currently available in stock from--
    (i) The original manufacturers of the parts;
    (ii) Their authorized suppliers; or
    (iii) Suppliers that obtain such parts exclusively from the 
original manufacturers of the parts or their authorized suppliers;
    (2) If electronic parts are not available as provided in 
paragraph (b)(1) of this clause, obtain electronic parts that are 
not in production by the original manufacturer or an authorized 
aftermarket manufacturer, and that are not currently available in 
stock from a source listed in paragraph (b)(1) of this clause, from 
suppliers identified by the Contractor as contractor-approved 
suppliers, provided that--
    (i) For identifying and approving such contractor-approved 
suppliers, the Contractor uses established counterfeit prevention 
industry standards and processes (including inspection, testing, and 
authentication), such as the DoD-adopted standards at https://assist.dla.mil;
    (ii) The Contractor assumes responsibility for the authenticity 
of parts provided by such contractor-approved suppliers; and
    (iii) The Contractor's selection of such contractor-approved 
suppliers is subject to review and audit by the contracting officer; 
or
    (3)(i) Take the actions in paragraphs (b)(3)(ii) through 
(b)(3)(iv) of this clause if the Contractor--
    (A) Obtains an electronic part from--
    (1) A source other than any of the sources identified in 
paragraph (b)(1) or (b)(2) of this clause, due to nonavailability 
from such sources; or
    (2) A subcontractor (other than the original manufacturer) that 
refuses to accept flowdown of this clause; or
    (B) Cannot confirm that an electronic part is new or previously 
unused and that it has not been comingled in supplier new production 
or stock with used, refurbished, reclaimed, or returned parts.
    (ii) If the contractor obtains an electronic part or cannot 
confirm an electronic part pursuant to paragraph (b)(3)(i) of this 
clause--
    (A) Promptly notify the Contracting Officer in writing. If such 
notification is required for an electronic part to be used in a 
designated lot of assemblies to be acquired under a single contract, 
the Contractor may submit one notification for the lot, providing 
identification of the assemblies containing the parts (e.g., serial 
numbers);
    (B) Be responsible for inspection, testing, and authentication, 
in accordance with existing applicable industry standards; and
    (C) Make documentation of inspection, testing, and 
authentication of such electronic parts available to the Government 
upon request.
    (c) Traceability. If the Contractor is not the original 
manufacturer of, or authorized supplier for, an electronic part, the 
Contractor shall--
    (1) Have risk-based processes (taking into consideration the 
consequences of failure of an electronic part) that enable tracking 
of electronic parts from the original manufacturer to product 
acceptance by the Government, whether the electronic part is 
supplied as a discrete electronic part or is contained in an 
assembly;
    (2) If the Contractor cannot establish this traceability from 
the original manufacturer for a specific electronic part, be 
responsible for inspection, testing, and authentication, in 
accordance with existing applicable industry standards; and
    (3)(i) Maintain documentation of traceability (paragraph (c)(1) 
of this clause) or the inspection, testing, and authentication 
required when traceability cannot be established (paragraph (c)(2) 
of this clause) in accordance with FAR subpart 4.7; and
    (ii) Make such documentation available to the Government upon 
request.
    (d) Government sources. Contractors and subcontractors are still 
required to comply with the requirements of paragraphs (b) and (c) 
of this clause, as applicable, if--
    (1) Authorized to purchase electronic parts from the Federal 
Supply Schedule;
    (2) Purchasing electronic parts from suppliers accredited by the 
Defense Microelectronics Activity; or
    (3) Requisitioning electronic parts from Government inventory/
stock under the authority of 252.251-7000, Ordering from Government 
Supply Sources.
    (i) The cost of any required inspection, testing, and 
authentication of such parts may be charged as a direct cost.
    (ii) The Government is responsible for the authenticity of the 
requisitioned parts. If any such part is subsequently found to be 
counterfeit or suspect counterfeit, the Government will--
    (A) Promptly replace such part at no charge; and
    (B) Consider an adjustment in the contract schedule to the 
extent that replacement of the counterfeit or suspect counterfeit 
electronic parts caused a delay in performance.
    (e) Subcontracts. The Contractor shall include the substance of 
this clause, including this paragraph (e), in subcontracts, 
including subcontracts for commercial items that are for electronic 
parts or assemblies containing electronic parts, unless the 
subcontractor is the original manufacturer.


(End of clause)

[FR Doc. 2016-17956 Filed 8-1-16; 8:45 am]
 BILLING CODE 5001-06-P