[Federal Register Volume 84, Number 226 (Friday, November 22, 2019)] [Rules and Regulations] [Pages 64680-64696] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: 2019-24960] ----------------------------------------------------------------------- DEPARTMENT OF DEFENSE GENERAL SERVICES ADMINISTRATION NATIONAL AERONAUTICS AND SPACE ADMINISTRATION 48 CFR Parts 1, 2, 7, 46, and 52 [FAC 2020-02, FAR Case 2013-002; Docket No. FAR-2013-0002, Sequence No. 1] RIN 9000-AM58 Federal Acquisition Regulation: Reporting of Nonconforming Items to the Government-Industry Data Exchange Program AGENCY: Department of Defense (DoD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA). ACTION: Final rule. ----------------------------------------------------------------------- SUMMARY: DoD, GSA, and NASA are issuing a final rule amending the Federal Acquisition Regulation (FAR) to require contractors and subcontractors to report to the Government-Industry Data Exchange Program certain counterfeit or suspect counterfeit parts and certain major or critical nonconformances. DATES: Effective: December 23, 2019. FOR FURTHER INFORMATION CONTACT: Ms. Marilyn E. Chambers, Procurement Analyst, at 202-285-7380, or by email at [email protected], for clarification of content. For information pertaining to status or publication schedules, contact the Regulatory Secretariat Division at 202-501-4755. [[Page 64681]] Please cite FAC 2020-02, FAR Case 2013-002. SUPPLEMENTARY INFORMATION: I. Background DoD, GSA, and NASA published a proposed rule at 79 FR 33164 on June 10, 2014, in the Federal Register, to implement sections 818(c)(4) and (c)(5) of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2012 (Pub. L. 112-81, 10 U.S.C. 2302 Note), which required DoD contractors and subcontractors to report counterfeit or suspect counterfeit electronic parts purchased by or for DoD to the Government- Industry Data Exchange Program (GIDEP). The Presidential Memorandum on Combating Trafficking in Counterfeit and Pirated Goods, issued April 3, 2019, states that ``[c]ounterfeit trafficking . . . may threaten national security and public safety through the introduction of counterfeit goods destined for the Department of Defense and other critical infrastructure supply chains.'' Accordingly, the Federal Government must improve coordinated efforts to protect national security from the dangers and negative effects of the introduction of counterfeit goods. This rule furthers that aim by requiring contractors to screen for and report critical nonconformances, including counterfeits and suspect counterfeits, which may impede the performance of mission critical systems, where high level quality standards are essential to protect the integrity of systems requirements, and are necessary for national defense or critical national infrastructure. The U.S. Intellectual Property Enforcement Coordinator's Annual Intellectual Property Report to Congress, dated February 2019, reiterated: ``Counterfeiting is a significant challenge that can impair supply chains for both the public and private sectors. In the context of the U.S. Government, acquiring products or services from sellers with inadequate integrity, security, resilience, and quality assurance controls create significant risks, from a national security and mission assurance perspective as well as from an economic standpoint (due to the increased costs to American taxpayers). Counterfeiting can have particularly significant consequences for the Department of Defense (DoD) supply chain, by negatively affecting missions, the reliability of weapon systems, the safety of the warfighter, and the integrity of sensitive data and secure networks.'' (Appendix, p.51.) This rule is likely to have a positive impact on national security and critical infrastructure where the Government procures elements of the infrastructure, for example, Federal Aviation Administration air traffic control systems, Department of Agriculture food safety equipment, all national defense programs, Department of Transportation monitoring of transportation systems, Department of Energy monitoring of power generation and distribution networks, etc. By reporting in GIDEP, contractors are able to share knowledge of counterfeits and critical nonconformances which reduces the risk of counterfeit and other nonconforming items entering the supply chain and being used in high value, mission critical defense, space, or critical infrastructure systems where system failure could threaten national security through the loss of satellite-based critical information, communication and navigation systems, or other systems resulting in the loss of the ability to control connected systems or secure information within those systems. Counterfeits are not produced to meet higher- level quality standards required in mission critical applications and are a significant risk in causing failures to systems vital to an agency's mission. For weapons, space flight, aviation, and satellite systems, these failures can result in the death, severe injuries, and millions of dollars in system damage or loss. For example, if counterfeits are installed in a missile's guidance system, such missile may not function at all, may not proceed to its intended target, or may strike a completely unintended location resulting in catastrophic losses. Critical nonconforming and counterfeits items may cause failures in navigation or steering control systems, planes and flight control. Counterfeits can create ``backdoors'' into supposedly secure programmable devices which could be exploited to insert circuit functions to steal information and relay it to third parties or command or prevent the device from operating as designed. Defense, space, and aviation systems in particular must meet rigorous component specifications; failure of even a single one can be catastrophic causing serious problems and placing personnel and the public in harm's way. GIDEP is a widely available Federal database. Timely GIDEP reporting and screening allows all contractors to promptly investigate and remove suspect parts from the supply chain and to ensure that suspect parts are not installed in the equipment which would result in experiencing high failure rates. With this knowledge, contractors can also avoid costs resulting from production stoppage, high failure rates, rework, or lost time due to maintenance turnaround to remove and replace failed parts. This effect is magnified by the fact GIDEP permits contractors to learn from the experiences of others across industry. This rule concentrates on complex items with critical applications where the failure of the item could injure personnel or jeopardize a vital agency mission. In accordance with the Office of Federal Procurement Policy (OFPP) Policy Letter 91-3, all Government agencies use GIDEP as the central data base for receiving and disseminating information about nonconforming products. Contractor participation has been largely voluntary. This rule requires contractors to screen and report major or critical nonconformances in order to reduce the risk of counterfeit and other nonconforming items entering the supply chain and impacting the performance of mission critical items where item failure could result in loss of high value items or loss of life. GIDEP is a cooperative activity between government and industry participants seeking to reduce and ultimately eliminate expenditures of resources by sharing technical information essential during research, design, development, production and operational phases of the life cycle of systems, facilities and equipment. Since GIDEP's inception, participants have reported over $2.1 billion in cost avoidance. That means without GIDEP, participants could have potentially realized additional expenses of over $2.1 billion. In many cases, these costs could have been passed on to the U.S. Government. In addition to reporting cost avoidance, participants also reported how the information helped keep production lines running, preserved readiness or avoided dangerous situations. This reporting by GIDEP participants is for the purpose of illustrating the value of sharing information when common items have issues that could impact safety, reliability, readiness and ownership costs. Proper utilization of GIDEP data can materially improve the total safety, quality and reliability of systems and components during the acquisition and logistics phases of the life cycle and reduce costs in the development and manufacture of complex systems and mission critical equipment. Examples of the value of this reporting include discovery of counterfeiting operations that supplied parts to many defense and other Government contractors and removal from the supply chain of-- [[Page 64682]]Faulty rivets that could have caused military aircraft failure in flight; Counterfeit electronic parts that would have caused a $100M failure of a satellite in orbit; Counterfeit bolts securing overhead gantry cranes in a Government industrial facility; Counterfeit raw stock materials (aluminum, steel, and titanium) supplied over a decade and used in structural applications across defense and civil systems and infrastructure; Counterfeit refrigerant with explosive properties that led to explosions and fire on several commercial ships; Uncertified electronic connectors that shut down large parts of the defense and space industrial base production for 6 months until solutions to certification could be devised. What all these examples have in common is that the items in question are largely commercially available common piece parts or small assemblies that are used throughout the industrial base and in most defense, space, and critical infrastructure programs and can easily enter any supply stream. In the proposed rule, the FAR Council extended coverage outside of DoD to other Government agencies, other types of parts, and other types of nonconformance. The FAR Council proposed this because the problem of counterfeit and nonconforming parts extends far beyond electronic parts and can impact the mission of all Government agencies, such as NASA and the Department of Energy, and mission critical systems such as avionics, satellites, space flight systems, and nuclear facilities. The final rule still applies across all agencies and to parts other than electronics, but there was some reassessment of costs and benefits, so that rather than applying to all supplies, in addition to the requirements for section 818(c)(4) with regard to electronic parts for DoD, the rule focuses on supplies that require higher-level quality standards or are determined to be critical items (definition added). This and other de-scoping efforts (see preamble sections II.A. and II.B.1.) reduced the estimated responses from 474,000 to 5,166 responses, and reduces the estimated burden hours from 1,422,000 hours to 30,986 hours, so that information is obtained where it is most critically needed. A public meeting was held June 16, 2014. Public comments were received from 14 respondents (including respondents who provided written statements at the public meeting). II. Discussion and Analysis The Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council (the Councils) reviewed the comments in the development of the final rule. A discussion of the comments and the changes made to the rule as a result of those comments are provided as follows. A. Summary of Significant Changes From the Proposed Rule 1. Applicability. The final rule is significantly descoped. It does not apply to contracts and subcontracts for the acquisition of commercial items, including commercially available off- the-shelf (COTS) items. Section 818(c)(4) of the NDAA for FY 2012 will not apply to contracts and subcontracts at or below the simplified acquisition threshold (SAT). Rather than applying to all supplies, in addition to the requirements for section 818(c)(4) with regard to electronic parts for DoD, the rule focuses on supplies that require higher-level quality standards or are determined to be critical items (definition added). The rule also exempts medical devices that are subject to the Food and Drug Administration reporting requirements at 21 CFR 803; foreign corporations or partnerships that do not have an office, place of business, or paying agent in the United States; counterfeit, suspect counterfeit, or nonconforming items that are the subject of an on-going criminal investigation, unless the report is approved by the cognizant law-enforcement agency; and nonconforming items (other than counterfeit or suspect counterfeit items) for which it can be confirmed that the organization where the defect was generated (e.g., original component manufacturer, original equipment manufacturer, aftermarket manufacturer, or distributor that alters item properties or configuration) has not released the item to more than one customer. Flowdown to subcontracts is similarly descoped. The contractor is prohibited from altering the clause other than to identify the appropriate parties. 2. Definitions. In FAR 46.101 and the FAR clause 52.246-26, Reporting Nonconforming Items, the definition of ``quality escape'' is deleted. A definition of ``critical item'' is added. 3. Prohibited disclosures. The FAR clause 52.246-26 states explicitly the GIDEP policy that GIDEP reports shall not include trade secrets or confidential commercial or financial information protected under the Trade Secrets Act, or any other information prohibited from disclosure by statute or regulation. 4. Timeframe for notification to the contracting officer. In paragraph (b)(2) of FAR 52.246-26, the timeframe for contractor notification to the contracting officer of a counterfeit or suspect counterfeit item is revised from 30 to 60 days, for consistency with the statute. B. Analysis of Public Comments 1. Scope/Applicability a. Limit Scope to Statutory Requirement, or at Least Exclude Nonconformances Comment: Sections 818(c)(4) and (c)(5) of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2012 apply to all defense contractors and subcontractors who become aware, or have reason to believe, that any item purchased by or for DoD may contain counterfeit or suspect counterfeit electronic parts. The proposed rule applied the reporting requirements Governmentwide to all supplies (not just electronic parts) and addressed all major or critical nonconformances as well as counterfeit or suspect counterfeit items. Multiple respondents recommended limiting scope of the mandatory reporting rule to the statutory requirement: Counterfeit electronic parts and suspect counterfeit electronic parts from defense suppliers. Some respondents thought the rule should only apply to contractors/subcontractors covered by the cost accounting standards (CAS). One respondent recommended that FAR Case 2013-002 be withdrawn and a DFARS case be proposed instead. Another respondent stated that significant research has identified the problems and risks of counterfeit electronic part infiltration into the defense supply chain, but is concerned whether the benefits of such broad expansion of the scope of the rule justify the additional burdens and costs it will impose, not just on industry, but on the Government as well. Several respondents questioned the statutory authority for extending requirements to contractors for items that are not counterfeit. These respondents indicated that GIDEP reporting should be strictly limited to counterfeit items. These respondents stated that counterfeiting and nonconformance are two distinct problems that require different solutions. Another respondent indicated that expanding GIDEP reporting to include quality issues could also reduce [[Page 64683]] the overall effectiveness of the GIDEP system for combating counterfeit-part proliferation and recommended ``deleting the requirement for contractor reporting of nonconformances into GIDEP and, instead, continuing the process of deferring to the contracting officer to make the determination regarding which nonconformances should be reported to GIDEP''. Response: As stated in the preamble to the proposed rule, the problem of counterfeit and other nonconforming parts extends far beyond electronic parts and can impact the mission of all Government agencies. The Councils note that, despite an erroneous statement in the preamble to the proposed rule, the statutory requirement for reporting to GIDEP is not limited to CAS-covered contractors and subcontractors but applies to all defense contractors and subcontractors. By requiring contractors to report to GIDEP counterfeit or suspect counterfeit items, as well as common items that have a major or critical nonconformance, the rule will reduce the risk of counterfeit items or items with major or critical nonconformance from entering the supply chain. Reducing the risk of potential damage to equipment, mission failure, and even injury or death of personnel is a matter of national security, particularly for DoD and NASA, improving operational readiness of personnel and systems. It supports the national security pillars of readiness, safety and reliability of systems and personnel. The FAR Council has the authority under 40 U.S.C. 101 and 121, and 41 U.S.C. 1303, to prescribe Governmentwide procurement policies in the FAR. However, in response to public comments, after weighing the risks of failure against the cost of compliance with this rule, the final rule has significantly descoped the applicability (see FAR 46.317) of FAR clause 52.246-26, so that it applies only to acquisition of-- Items that are subject to higher-level quality standards in accordance with the clause at FAR 52.246-11, Higher-Level Contract Quality Requirement; Items that the contracting officer, in consultation with the requiring activity, determines to be critical items (see FAR 46.101) for which use of the clause is appropriate; Electronic parts or end items, components, parts, or assemblies containing electronic parts, if this is an acquisition by, or for, the Department of Defense, as provided in paragraph (c)(4) of section 818 of the NDAA for FY 2012 (Pub. L. 112-81) that exceeds the SAT; or Services, if the contractor will furnish, as part of the service, any items that meet the above-specified criteria. The clause will not be required in contracts for the acquisition of commercial items (see paragraph II.B.1.b.) or the acquisition of medical devices that are subject to the Food and Drug Administration reporting requirements at 21 CFR 803 (see paragraph II.B.5.e.). Even if the clause is included in the contract, the contractor is not required to submit a report to GIDEP (see FAR 52.246-26(c)) if-- The Contractor is a foreign corporation or partnership that does not have an office, place of business, or fiscal paying agent in the United States (see paragraph II.B.3.b.); The contractor is aware that the counterfeit suspect counterfeit or nonconforming item is the subject of an on-going criminal investigation, unless the report is approved by the cognizant law-enforcement agency (see paragraph II.B.7.b.); or For nonconforming items (other than counterfeit or suspect counterfeit items), it can be confirmed that the organization where the defect was generated (e.g., original component manufacturer, original equipment manufacturer, aftermarket manufacturer, or distributor that alters item properties or configuration) has not released the item to more than one customer. b. Exclude Commercial Items, Including Commercially Available Off-the- Shelf (COTS) Items Comment: Multiple respondents commented that the proposed rule is overly burdensome for commercial item providers, both prime contractors and subcontractors. One respondent stated that application of the regulation to commercial-item contractors is inconsistent with the Federal Acquisition Streamlining Act of 1994 (FASA) and FAR part 12, because the regulation is not required by statute or Executive order and is not consistent with customary commercial practice. One respondent commented that the proposed rule appears intended to build on the contractor inspection systems already required by the FAR, but that this assumption may not be reasonable for commercial item contractors. Response: Based on public comments the clause is no longer prescribed for use in contracts for the acquisition of commercial items using FAR part 12 procedures. c. Extent of Flowdown Comment: Several respondents opposed the mandatory flowdown of the reporting requirement clause to all subcontractors and suppliers to all tiers within the supply chain. One respondent suggested that even the process of communicating its provisions to those required to comply will be significant. Another respondent stated that the rule should not flow down to providers of COTS items. Response: The flowdown in the final rule has been significantly reduced. Consistent with the criteria for application of the clause at the prime level, the clause only flows down to subcontracts for-- Items subject to higher-level quality standards in accordance with the clause at FAR 52.246-11, Higher-Level Contract Quality Requirement; Items that the contractor determines to be critical items for which use of the clause is appropriate; Electronic parts or end items, components, parts, or materials containing electronic parts if the subcontract is valued at more than the SAT, and if this is an acquisition by, or for, the Department of Defense, as provided in paragraph (c)(4) of section 818 of the NDAA for FY 2012 (Pub. L. 112-81); or The acquisition of services, if the subcontractor will furnish, as part of the service, any items that meet the above- specified criteria. The clause does not flow down to subcontracts for-- (i) Commercial items; or (ii) Medical devices that are subject to the Food and Drug Administration reporting requirements at 21 CFR 803. d. Exclude Acquisitions Below the Micro-Purchase Threshold Comment: One respondent suggested that the way the proposed rule was written, it is overly broad in its applicability. To mitigate this, the respondent suggested making the reporting requirements inapplicable to acquisitions for which the value of the acquired supplies is at or below the micro-purchase threshold. Response: The proposed rule was not applicable to supplies at or below the micro-purchase level. This continues to be the case in the final rule. e. Exclude ``Consumable'' Supplies Comment: One respondent was concerned that the proposed clause at FAR 52.246-26, Reporting Nonconforming Items, will be required in all contracts for supplies and services. Therefore, the respondent recommended adding the word ``non-consumable'' to the texts of FAR 7.105(b)(19), 12.208, 46.102(f), 46.202- [[Page 64684]] 1, and 46.317, hence reducing the scope and application of the rule. Response: In response to the widespread concern that the rule was too broad and burdensome, the application and scope of the final rule have been significantly reduced so that it is not applicable to all supplies and services. However, the requirements of section 818(c)(4) of the NDAA for FY 2012 require application to all electronic parts or end items, components or materials containing electronic parts in acquisitions by or for DoD, (except for acquisitions of commercial items or at or below the simplified acquisition threshold). Electronic parts are often consumable items. Therefore, ``consumables'' cannot be removed as a group from the final rule's reporting requirements. Class IX consumables encompass many electrical and electronic parts, components, and subassemblies used on today's military systems. f. Exclude ``Suspect Counterfeit'' Items Comment: One respondent requested elimination of the requirement to report ``suspect counterfeit'' items from the rule if COTS items were not excluded from the rule. Response: The Councils have excluded COTs items from the rule, but retained the requirement to report ``suspect counterfeit'' items within the scope and applicability of this rule. At the time of the initial report to GIDEP, most items are still in the category of suspect counterfeit items and the fact that an item is suspected of being counterfeit is useful information for the Government and industry to have because suspect counterfeits have the potential to impact safety, performance, and reliability and as such pose a risk. g. Exclude ``Major Nonconformance'' Comment: One respondent indicated concern that the definition of ``major nonconformance'' includes language that could be read to reach run-of-the-mill warranty issues. The respondent questioned what types of nonconformances are of such significant concern as to warrant imposition of the reporting requirement on every supplier at any tier in the supply chain. The respondent proposed that the reporting obligation be limited to critical nonconformances. Even if this limitation is adopted, the respondent is still concerned that a lower- tier supplier would not have sufficient information about the intended use of a part to be able to determine whether a nonconformance is ``critical.'' Response: The application of the final rule is not limited to critical nonconformances as requested by the respondents, but also includes major nonconformances because it is difficult to draw the distinction between a major nonconformance and a critical nonconformance. Whether a nonconformance is major or critical depends on the application. What constitutes only a major nonconformance for one application may constitute a critical nonconformance for another application. Therefore, it is important to also share the data on major nonconformances in GIDEP. Some of the respondent's concerns may be alleviated by the overall reduced scope of the rule, e.g., excluding commercial items, including commercially available off-the-shelf (COTS) items, and reducing flowdown to subcontracts (also see paragraphs II.B.2.a. thru c.) h. Report When Counterfeit Items Are Offered for Sale by Nonauthorized Distributors Comment: One respondent proposed that the GIDEP program be expanded to allow manufacturers the ability to report instances in which companies become aware that potentially counterfeit items are offered for sale by nonauthorized distributors. Response: The final rule has not been changed and the GIDEP program has not been expanded to allow manufacturers the ability to report instances in which they become aware that potentially counterfeit items are offered for sale by nonauthorized distributors. The fact that a part is provided by an unauthorized distributor may indicate that a part is ``potentially'' counterfeit, but credible evidence (including but not limited to visual inspection and testing) is required to determine that a part is ``suspect counterfeit.'' i. Embedded Products, Such as Binary Code or Downloaded Apps Comment: One respondent was concerned that DoD rules for counterfeit and suspect counterfeit electronic parts now include ``embedded software or firmware'' within their ambit. The respondent therefore requested clarification of the applicability of reporting on binary code or downloaded apps that are stored in a contractor's data system. This respondent suggested that the ability to discover flaws in embedded ``products'' was not part of section 818 and its inclusion in the detection and avoidance systems rules will cause gaps in the reporting process. Response: The concern of the respondent with regard to applicability to embedded software or firmware is no longer a problem because in response to comments at a public meeting held on June 16, 2014 (after the submission of this comment), the subsequent final DFARS rule published on August 2, 2016 (81 FR 50635), under DFARS Case 2014- D005 entitled ``Detection and Avoidance of Electronic Parts--Further Implementation,'' removed the statement about ``embedded software or firmware'' from the definition of ``electronic part.'' The FAR rule does not address embedded software or firmware in the definition of counterfeit or suspect counterfeit items. 2. Definitions a. ``Nonconformance'' Comment: Two respondents requested more clarity as to what constitutes nonconformance, especially in regard to electronic parts. One respondent opined that the rule must identify what types of ``nonconformances'' are of such significant concern as to warrant imposition of this reporting obligation on every supplier at any tier in the Government supply chain. Without sufficient clarity regarding what constitutes a ``major nonconformance,'' there is risk that suppliers will err on the side of over reporting. Response: The respondent's concern with regard to imposing the reporting obligation on every supplier at any tier is no longer valid because the rule no longer applies to all supplies. The clause prescription has been revised in the final rule so that the clause will not be included in a contract except as provided in the response in paragraph II.B.1.a. With regard to the meaning of the terms ``critical nonconformance'' and ``major nonconformance,'' these terms are not new to this rule, but have been used in the FAR for many years and are commonly understood in the quality assurance field. FAR 46.101, defines a ``critical nonconformance'' as a nonconformance that is likely to result in hazardous or unsafe conditions for individuals using, maintaining, or depending upon the supplies or services; or is likely to prevent performance of a vital agency mission. It defines a ``major nonconformance'' to mean a nonconformance, other than critical, that is likely to result in failure of the supplies or services, or to materially reduce the usability of the supplies or services for their intended purpose. As with other items, a nonconforming electronic part is one which does not meet the requirements for its intended use. Quality standards for electronic parts are widely understood in the industry. No further [[Page 64685]] explanation of the terms has been added to the final rule. Comment: According to one respondent, the final DFARS rule published on May 6, 2014, defines a ``counterfeit electronic part'' as a knowingly misrepresented part and defines a ``suspect counterfeit electronic part'' as an item that a (presumably) higher-tier supplier had credible evidence to believe was knowingly misrepresented by a lower-tier supplier or the counterfeit maker. The respondent believed that same standard, i.e., an intent to deceive, should be applied to reporting a nonconforming item because the qualifiers to the definitions add no substantive information to allow a supplier to adopt a useful model to identify when a nonconforming part must be reported. Response: The FAR definitions in the final rule were not changed in response to this comment because the intent to deceive only applies to counterfeit parts. The FAR proposed rule definitions of ``counterfeit item'' and ``suspect counterfeit item'' are similar to the DFARS definitions of ``counterfeit electronic part'' and ``suspect counterfeit electronic part.'' The definition of ``counterfeit item,'' where misrepresentation is an element, is distinct from the definitions of an item with a critical or major nonconformance, which do not address misrepresentation. The nonconformance definitions purposely do not include an ``intent to deceive'' and are based solely on whether there is a major or critical nonconformance. It does not matter what the contractor's intent was, but only what the quality of the item is. Comment: One respondent stated that the criticality of nonconformance is often application-specific and industry has no way to determine with certainty if another contractor is using a part in a manner that might cause a major or critical nonconformance. The respondent believes the rule mandates that Government contractors understand the design, relevance, and impact of nonconformance(s) on all other systems and Government contracts. Response: The contractor is not required to determine how a part might be used in another application by another contractor. The rule creates a contract clause, which will be included in appropriate contracts requiring contractors to report under specific conditions where the item is being used in a specific application being purchased under the contract. No change has been made in the final rule as a result of this comment. b. ``Common Item'' Comment: Several respondents opined that the definition of ``common item'' is overbroad, susceptible to many interpretations, and needs further clarification. One respondent noted the current definition stated that it is difficult to imagine any item (other than a one-of-a- kind part) that would not be a ``common item.'' Response: FAR 46.203(c)(1) currently notes that a ``common item'' has multiple applications whereas, in contrast, a peculiar item has only one application. In the proposed rule, the term was defined in the clause at 52.246-26 to make it more prominent and easier to find, with added examples. In the final rule, the Councils have retained the definition in the clause, but removed the examples from the definition of ``common item'' as they were not necessary and may have caused confusion. c. ``Quality Escape'' Comment: Two respondents stated that the term ``quality escape'' was broad and confusing, did not serve to clarify what would rise to the level of being a reportable event, and may result in duplicative reporting. Response: Based on the comments received, the Councils have removed the term ``quality escape'' from the rule. d. ``Substance of the Clause'' Comment: One respondent contended that the indefinite meaning of the phrase ``substance of this clause'' threatens to introduce enormous complexity into already difficult negotiations between higher-tier and lower-tier contractors regarding the scope of reporting obligations that such lower-tier subcontractors are required to assume. Higher-tier contractors could justifiably insist on imposing quality-control and reporting requirements that go well beyond those specified in the proposed clause to ensure that they fulfill their own obligations under the clause. Response: The Councils removed the phrase ``substance of the clause'' and added language at paragraph (g)(3) of the clause to state that the contractor shall not alter the clause other than to identify the appropriate parties. In addition, the Councils revised the flowdown language to add specificity on how the clause requirements are to be flowed down to applicable subcontracts and listed circumstances, such as for commercial items, where the clause would not flow down. e. ``Becomes Aware'' Comment: One respondent noted that there is no definition of the term ``becomes aware,'' so a standard needs to be established that recognizes that there are many touch points in a supply chain where a counterfeit or suspect counterfeit part could potentially be discovered and thus potentially many points where the reporting requirement might legitimately surface. Response: The Councils have revised paragraph (b)(2) of the clause to specify that written notification is required within 60 days of ``becoming aware or having reason to suspect through inspection, testing, record review, or notification from another source (e.g., seller, customer, third party)'' that an item is counterfeit or suspect counterfeit. A similar change was made in paragraph (b)(4), with regard to notification to GIDEP. 3. Government-Industry Data Exchange Program (GIDEP) a. Access for Contractors to Government-Only Reports Comments: Two respondents expressed concern regarding the Government's submission of GIDEP reports that are shared exclusively with other Government agencies and not with industry. They are requesting that these reports be shared with industry to improve industry's ability to avoid and detect counterfeits. Response: This comment did not result in a change to the final rule, because information considered sensitive by DoD concerning nonconforming or suspect counterfeit items may need to be temporarily withheld from the broader GIDEP industry membership and published in GIDEP with the distribution limited only to U.S. Government activities. However, to minimize the impact of restricting access to this information, DoD activities responsible for these reports are expected to release information when deemed appropriate. b. Access for Foreign Contractors Comments: Several respondents expressed concern regarding the current limits of GIDEP membership and the crucial need for their foreign suppliers to have access to GIDEP data. One respondent expressed concern that by not including foreign suppliers in GIDEP that this rule would create a barrier to trade since foreign suppliers could not comply with the GIDEP related requirements. Response: The Councils have determined that the inclusion of foreign contractors reporting into GIDEP would [[Page 64686]] be beyond the manageable scope of this rule. Therefore, the final rule states that foreign contractors and subcontractors are not required to submit or screen GIDEP reports. As a result, the applicability of the rule has been further reduced. However, it is possible for a foreign contractor or subcontractor to work through a U.S. contractor that is a member of GIDEP and can act as a liaison between the foreign contractor and GIDEP. c. Capacity Comments: One respondent questioned whether GIDEP is sufficiently resourced to meet the demands of the increased participation that this rule would require. Response: In anticipation of increased participation as a result of this rule, GIDEP has done an internal assessment of how it will handle this increase. For the near term, GIDEP will redirect current in-house resources and will reprioritize current workload to accommodate the estimated demand. For the long term, GIDEP is modernizing its policies, procedures, and information technology to increase capacity to meet this and future needs. In addition the rule has been descoped to reduce reporting requirements. d. Search Capability And Screening Comments: One respondent expressed concern with the GIDEP search capability to identify all suspect counterfeit reports in the GIDEP database based on a specific identifier. Request was made for GIDEP to provide a specific data field to be included in all suspect counterfeit reports that would serve as a unique identifier to facilitate the search process. One respondent opined that reviewing, or screening, of GIDEP reports for suspect counterfeit electronic parts by contractors and Government is often geared ``not to find'' affected parts, stating if only the exact part number and lot/date code is checked for impact, there is little chance of detecting all counterfeit parts. The respondent suggested the rule be revised to instruct contractors to screen for similar parts purchased or installed from the named supplier. Response: The search capability of GIDEP is outside the scope of this rule and no change to the rule has been made. It should be noted that GIDEP search capability, although dated, is very powerful and accesses a fully indexed database. GIDEP members are able to perform searches based on simple keywords, phrases, or on specific discrete fields such as manufacturer, part number, and supplier. GIDEP also provides a service for its members called Batch Match. A GIDEP member can provide a list of parts, which GIDEP will use to automatically search the database for an exact match to any reference that meets the provided criteria. If an applicable document is found, the member is provided with a list of document references. This matching can be performed one time or on an ongoing daily basis. e. Reporting i. Guidance To Limit Duplicative Reports, i.e., Who in the Supply Chain Reports Comments: Several respondents expressed concern that the proposed rule as written would require multiple parties in the same supply chain to create duplicate reports of the same counterfeit, suspect counterfeit or nonconforming part discovery. One respondent recommended that the reporting obligation be imposed upon only the organization that delivered the nonconforming item, not the entity or entities that received the nonconforming item. Another respondent recommended that the first point in time in the supply chain where ``actual knowledge'' can be established may be the proper point for disclosure and reporting to GIDEP. Response: The organization that becomes aware or has reason to suspect, such as through inspection, testing, record review, or notification from another source (e.g., seller, customer, third party), that an item purchased by the contractor for delivery to, or for, the Government is counterfeit or suspect counterfeit, or that a common item has a major or critical nonconformance, is responsible for ensuring a GIDEP report is prepared and submitted. Duplicative nonconformance or counterfeit reports in GIDEP are defined as events that have the same part number, manufacturer, or supplier, the same lot or date code, and same technical facts. To save resources in the dispositioning of duplicate reports any event deemed to be a duplicate of a previously reported incident will be referenced in the ``Comment'' area of the GIDEP report. Events involving the same part number and manufacturer that had previously been reported to GIDEP may be documented with a new GIDEP report having a reference to that earlier report so that GIDEP users may reevaluate the disposition previously taken. This type of documentation also provides opportunities for Federal agencies to better understand issues within their supply chains. No changes were made to the final rule as a result of this comment. ii. Inaccurate or False Reports Comments: Several respondents stated the need to ensure that any inaccurate or improper information is corrected or removed from the GIDEP reports. Response: The mechanics of how GIDEP corrects or removes inaccurate reports is outside the scope of this rule and no change to the rule has been made. Once a report is submitted to GIDEP and entered into the database so that it is visible to the GIDEP community it becomes a permanent record in the GIDEP information system. Once the record is visible to the community, users begin to make decisions and take action based on the report's content. In order to facilitate its use, the report becomes a historical record that can be referenced for as long and as frequently as needed. If an error or an inaccuracy is discovered the originator of the document can correct it through the use of an amendment record. The amendment is displayed with the original record and is made part of the document's history. This way, the most current and accurate information is made available and preserved for the GIDEP community's use. iii. Nonconformance Reports Comments: Two respondents expressed ``uncertainty about when the 60-day clock starts running'' for submitting GIDEP reports. The respondents questioned whether nonconforming items are to be reported immediately, or only after failure analysis is performed by the manufacturer. Another respondent recommended that the ``Government maintain current GIDEP reporting requirements for key information to include in nonconformance reports.'' Response: The final rule has modified the proposed rule to state that the contractor shall submit a report to GIDEP within 60 days of ``becoming aware or having reason to suspect, such as through inspection, testing, record review, or notification from another source (e.g., seller, customer, third party) that an item purchased by the contractor for delivery to, or for, the Government is ``counterfeit or suspect counterfeit item'' or ``a common item that has a major or critical nonconformance''. The 60-day period begins when the contractor first becomes aware or has reason to suspect that an item is a counterfeit or suspect counterfeit item or has a major or critical nonconformance. [[Page 64687]] iv. Reports to Contracting Officer Versus Reports to GIDEP Comments: Several respondents expressed concern about the creation of dual and duplicate reporting requirements, i.e., reporting counterfeit or suspect counterfeit parts to the contracting officer as well as to GIDEP. One respondent recommended that the rule only address GIDEP reporting. One respondent stated that the rule gives no guidance on what information is to be provided to the contracting officer. The respondent asked whether a copy of the GIDEP form would suffice. Another respondent requested further clarification on the rationale for the dual reporting with regard to counterfeit or suspect counterfeit parts. Response: In the proposed rule, paragraph (b)(2) of the clause at FAR 52.246-26 required the contractor to report counterfeit or suspect counterfeit items to the contracting officer. This requirement has been retained in the final rule because section 818(c)(4) requires contractors and subcontractors to report counterfeit or suspect counterfeit electronic parts to ``appropriate Government authorities and the Government-Industry Data Exchange Program.'' The contracting officer needs to be aware of issues that arise on the contract. With regard to content of the report, a copy of the GIDEP report would suffice. v. Automatic Bulletins Comments: One respondent recommended that ``GIDEP should be configured to automatically issue bulletins to industry when reports are input into the system in order to provide the maximum opportunity for contractors to reduce the real-time risk of counterfeit, suspect counterfeit or nonconforming items entering the supply chain.'' Response: This is outside the scope of this rule and no change to the rule has been made. However, GIDEP provides a number of ways to inform industry of recently published reports: A Batch Match service allows users to load their parts into GIDEP and to be informed via email whenever new published reports may impact their parts. Weekly report summaries and part numbers are pushed out to industry via email links. A daily XML feed of data tailored to meet industry's specific data requirements is also available. GIDEP training emphasizes the capabilities of the various notifications systems available to industry. vi. Instructions, Training, and Assistance Comment: One respondent requested clarification as to how GIDEP reporting for counterfeit and suspect counterfeit electronic parts will work. Several respondents expressed concern that many contractors do not currently use the GIDEP database and will not be familiar with how to report to GIDEP. Response: The operation of GIDEP is outside the scope of this rule and no change to the rule has been made. However, it should be noted, to better understand how GIDEP reporting works and become familiar with how to report to GIDEP, support is provided in a variety of ways to assist users. Instructions: To assist GIDEP users in submitting suspect counterfeit reports, Chapter 7 of the GIDEP Operations Manual ``Failure Experience Data'' provides detailed instructions on how to complete a suspect counterfeit report. Appendix E ``Instruction for Reporting Suspect Counterfeit Parts'' provides detailed instructions on completing each field of the GIDEP Forms 97-1 and 97-2. Chapter 7 is available for download from the GIDEP public website. Training: Various GIDEP instructional modules are provided as online web-based training. Training clinics are held where GIDEP members can attend to get personal hands-on training by GIDEP Operations Center personnel. Quarterly classroom training is held at the GIDEP Operations Center. Training is also available remotely through web- conferencing. Help Desk: For the day-to-day issues and questions that may come up, the GIDEP Operations Center has a Help Desk. f. Contractor Responses to Reports Comments: One respondent expressed the need for industry to be able to provide feedback to GIDEP Reports. Response: The operation of GIDEP is outside the scope of this rule and no change to the rule has been made. However, it is the standard GIDEP process for suppliers and/or manufacturers named in GIDEP reports to be given 15 working days to provide their response. Their response is then included in the release of the GIDEP report. If anyone should take issue with a report or believe they have additional information regarding a given report, they are free to discuss their information with the original submitter who, in turn, can amend their submitted report if they believe it is warranted. The GIDEP database also allows for the capture of individual GIDEP member comments in the comment field associated with each report. 4. Potential Adverse Impact a. Increased Costs May Outweigh Benefits Comment: Several respondents were concerned that the expansion of the statutorily mandated reporting and review requirements creates an unnecessary burden on industry that will result in increased costs to the Government with benefits unlikely to outweigh those increased costs. One respondent stated that the added compliance burdens will likely make future contracting opportunities cost-prohibitive for businesses of all sizes. Several respondents were concerned that the significant burden of the proposed rule may dissuade new companies (both prime and subcontractors) from entering the public sector market or cause companies to remove themselves from the Federal market place. Particularly commercial and COTS suppliers at the lower-tier may choose to exit the market. Response: The final rule has been significantly descoped, including removal of applicability of FAR 52.246-26 to commercial prime contracts and exclusion of flowdown to subcontracts for commercial items. In addition, the rule no longer applies to all supplies. (See response in paragraph II.B.1.a.). Furthermore, the information collected during normal quality assurance inspection, testing, record review, or notification from another source (e.g., seller, customer, third party) is the information that is needed for a GIDEP report. Therefore, no changes are required to existing quality-assurance systems. In fact, the information required is a subset of that collected for the quality assurance contract compliance efforts and so only excerpts from the Quality Assurance system report are needed in the GIDEP report. The benefits of sharing this information will be the reduction of risks presented by counterfeit and nonconforming items in the supply chain. In turn, this will protect mission critical items and avoid failures impacting national security. b. Expanded Acquisition Planning Requirements Comment: One respondent was concerned by the expanded acquisition planning requirements proposed at FAR 7.105(b)(19). According to the respondent, there are multiple quality standards in various sectors of the [[Page 64688]] marketplace and, in still others, there are no standards at all. If this rule were to apply only to major systems, it might be possible to identify the standards in the various industry sectors involved, but this would require a number of levels of expertise that individual acquisition shops may not possess. The respondents foresee that the Government will face challenges in implementation. Response: The final rule has amended the proposed text at FAR 7.105(b)(19), since the rule no longer applies to all supplies or service contracts that include supplies. The final rule requires that the acquisition plan address whether high-level quality standards are necessary in accordance with FAR 46.202, and whether the supplies to be acquired are critical items in accordance with FAR 46.101, rather than requiring that the acquisition plan address for all supplies ``the risk-based Government quality assurance measures in place to identify and control major and critical nonconformances''. c. Civil Liability Comment: Various respondents commented on the ``safe harbor'' from civil liability that may arise as a result of reporting to GIDEP, provided that the contractor made a reasonable effort to determine that the items contained counterfeit electronic parts or suspect counterfeit electronic parts. This safe harbor in the proposed rule is provided by section 818(c)(5) of the NDAA for FY 2012, applicable only to contracts awarded by or for the Department of Defense, and only applicable to reporting of counterfeit electronic parts or suspect counterfeit electronic parts. Several respondents supported the safe harbor provisions, but had some concern that it may encourage contractors to err on the side of reporting to GIDEP, rather than analyzing whether the nonconformance is a critical or major nonconformance, and whether the nonconformance is genuine. Some respondents, expressed concern that expanding the rule beyond the original Congressional intent leaves industry open to significant civil liability, which Congress could not have intended. According to two respondents, the rule should not be extended beyond the original statutory scope until Congress provides safe harbor for the expanded scope of the rule. Some respondents recommended that the rule should afford civil immunity to all contractors covered by the rule, or even legal indemnification. According to one respondent, lack of safe harbor may disincentivize contractors from reporting. Several other respondents were concerned that, absent safe harbor provisions for authorized supply chains, the Government may find its access to authorized sellers limited. Response: With regard to concern that contractors or subcontractors will be ``erring on the side of reporting to GIDEP'' because of protection against civil liability, the contractor or subcontractor is only exempted from civil liability provided that the contractor or subcontractor ``made a reasonable effort to determine that the report was factual.'' Section 818(c)(5) of the NDAA for FY 2012 is limited by its language to immunity from civil liability to defense contractors and subcontractors, only with regard to reporting of counterfeit or suspect counterfeit electronic parts. It does not provide a legal basis to hold civilian agency contractors immune from civil liability in accordance with the plain language of the statute. Immunity is an exemption from liability that is granted by law to a person or class of persons. There has to be a legal basis to release a contractor from liability either under the contract, pursuant to a statute, or in accordance with common law. Granting an immunity from liability is achieved by law--either by the legislature pursuant to statute, or by the courts under common law (e.g., a common law defense to a lawsuit that the contractor asserts before the courts), or in accordance with contract terms and conditions. The FAR Council is not authorized to expand the statutory liability provisions (in this case immunity from civil liability) beyond the statutory language, or to include indemnification. Therefore, there were no changes from the proposed rule as a result of these comments. d. De Facto Debarment or Suspension Comment: One respondent was concerned that reporting of contractors and subcontractors may include reporting of third-party items. The respondent is concerned that the entity whose item is reported to GIDEP is effectively debarred or suspended from Government contracting unless and until cleared. Response: The focus of suspension and debarment is on the responsibility of the contractor or subcontractor. The focus of GIDEP is on the conformance of a part, which may or may not reflect badly on the contractor or subcontractor. Before a report is submitted to GIDEP for publication, the manufacturer of the item or the supplier of the suspect counterfeit part is given the opportunity to provide their perspective on the issues presented in the report. Often, the information presented includes how the part manufacturer is being improved to resolve the concerns or how the supplier who provided the suspect counterfeit part is improving their quality assurance processes or procurement practices. Most GIDEP reports provide an opportunity for a positive perception of the entity. There were no changes from the proposed rule as a result of this comment. 5. Conflicts or Redundancies a. Mandatory Disclosure Requirements at FAR 52.203-13 Comment: Several respondents were concerned about differentiation between expanded GIDEP reporting and mandatory disclosure under FAR clause 52.203-13. One respondent stated that it is their understanding that the DoD Inspector General (DoDIG) Office of Contract Disclosure has taken the position that contractors are obliged to report ``any discovery of counterfeit electronic parts and non-conforming parts.'' This respondent noted that if the FAR clause is in the contract and if they find credible evidence of fraud committed somewhere in the supply chain, they would report it to the DoDIG via the contract disclosure process. However, it is not clear to the respondent that when these conditions are not present, that they must still report to the DoDIG. One respondent asked for clarification of the obligation of contractors under the contemplated expanded reporting requirement and the requirement at FAR 52.203-13. Another respondent requested that the FAR Council ``expressly state that any reporting required under the rule does not implicate or trigger any requirements to notify the IG under . . . FAR part 3.10.'' Two respondents cited to the DoD statement in the preamble to the final DFARS rule for DFARS case 2012-D055 that the mandatory disclosure process suggests that the contractor has committed an ethical code of conduct violation, whereas the GIDEP reporting is not meant to imply a violation of this nature. Response: Counterfeit or suspect counterfeit parts, by definition, probably involve fraud at some tier of the supply chain. The evidence that led to the conclusion that the part was counterfeit or suspect counterfeit should provide the credible evidence required by FAR 52.203-13 that would require disclosure to the IG. Nonconforming parts, on the other hand, do not necessarily involve the fraud or other criminal violations or [[Page 64689]] civil false claims violations listed at FAR 52.203-13, and therefore may, but do not necessarily, trigger the disclosure requirement under FAR 52.203-13. The fact that the clause is not in the contract may relieve the contractor from the specific requirement to report the credible evidence of fraud to the IG. However, although the clause at FAR 52.203-13 is only included in contracts in accordance with the clause prescription at FAR 3.1004, the requirements at FAR 3.1003(a)(2) state that, whether or not the clause is applicable, a contractor may be suspended and/or debarred for knowing failure to timely disclose to the Government, in connection with the award, performance, or closeout of a Government contract performed by the contractor or a subcontract award thereunder, credible evidence of a violation of Federal criminal law involving fraud or a violation of the Civil False Claims Act. Although the mandatory disclosure under FAR 52.203-13 indicates an ethical code of conduct violation at some tier by some entity, that does not equate to an ethical violation by the contractor that is reporting the violation. Therefore, there was no change from the proposed rule as a result of these public comments. b. FAR Part 46 Quality Assurance Conflicts or Redundancies Comment: Two respondents expressed concerns that the additional reporting is redundant and extending reporting to other areas duplicates controls already in place. One respondent stated that contractors are already required to report uncorrected nonconformances. Response: While quality management systems standards require reporting of nonconformances in some instances, GIDEP reporting is not redundant because the GIDEP reporting is to the larger acquisition community thereby providing other acquisition activities an opportunity to mitigate disruptions caused by suspect and known counterfeit items. FAR part 46 and the Quality Management Systems Standards require reporting to the customer only. Therefore, there was no change from the proposed rule as a result of these public comments. c. DI-MISC-81832, Data Item Description: Counterfeit Prevention Plan (21 Jan 2011) Issued by National Reconnaissance Office (NRO) Comment: One respondent stated that the proposed rule is in conflict with Data Item Description, DI-MISC-81832 COUNTERFEIT PREVENTION PLAN (21 JAN 2011). The contractor is not required by the DID to notify the suppliers that the items are suspect counterfeit. Response: The clause does not require the contractor to notify the suppliers. It requires reporting to the contracting officer and GIDEP. Therefore, there was no change from the proposed rule as a result of these public comments. d. GIDEP Failure Experience Data (FED) Operations Manual i. Notifying More Than One Customer on Single-Use Item Comment: One respondent noted that the proposed rule is in conflict with the GIDEP Operating Manual. The respondent stated that the GIDEP Operating Manual does not require reporting of items ``acquired for a specific application or use, and known not to be used by anyone else,'' whereas the rule conflicts with this. Response: The GIDEP Operations Manual does not conflict with either the proposed or the final rule. The rule requires reporting of major or critical nonconformances to GIDEP only for ``common items,'' which term is defined at FAR 46.101 to mean an item that has multiple applications versus a single or peculiar application. The Operations Manual states ``Items and services uniquely acquired for a specific application or use, and known not to be used by anyone else, will not be reported through GIDEP. If you are unsure whether the item may be similar to one used for another application modified only by the color or slight change of form or fit, you should report the nonconforming item or service using the applicable form.'' If parts are procured from sources open to or available to the broader industrial base, then it is likely others have procured the same part and it should be reported. ii. GIDEP Community Collaboration Comment: Two respondents stated that the GIDEP manual already contains a reporting process that many involved with Federal contracting already use. One respondent does not support changes to the reporting process documented in the manual. According to the respondent: ``All enhancements and changes to reporting requirements should be implemented through the GIDEP membership community where Government and industry advisory groups collaborate, pilot, and execute reporting requirement changes.'' Response: This FAR rule is not changing the GIDEP process. In some instances the rule now requires mandatory reporting, rather than voluntary reporting, but does not change how to report. No change from the proposed rule is required as a result of these comments. e. Food and Drug Administration MedWatch Database Comment: One respondent stated that the intent of the rule is for information to be exchanged among agencies about nonconformance. This goal is served by the Food and Drug Administration MedWatch database for products regulated by the Food and Drug Administration that present a risk to health. Response: The final rule no longer applies to acquisition of items reported in the Food and Drug Administration's MedWatch database due to the change to the clause prescription at 46.317(b)(2) and the change to the clause flowdown at 52.246-26(g)(2)(ii). 6. Safeguards a. Proprietary Data Under Trade Secrets Act Comments: One respondent expressed concern whether adequate measures and processes are in place to ensure that proprietary data or information protected under the Trade Secrets Act shall not be reported. Response: It is GIDEP policy that submitted reports should not contain proprietary data. To make this prohibition explicit, the final rule adds a new paragraph (d) to the clause at FAR 52.246-26, which states that submitted reports are not to include ``trade secrets or confidential commercial or financial information protected under the Trade Secrets Act.'' It is the practice of GIDEP that all GIDEP reports are screened upon receipt for information labelled as proprietary data or information protected under the Trade Secrets Act. If this data is found, it is brought to the attention of the submitter. If the submitter of the report is insistent upon including the proprietary data, a written release is obtained. b. Impact on Ongoing Criminal Investigation Comments: One respondent recommended that the proposed rule should provide ``clear guidance as to when a report should not be made if a criminal investigation is in-process and reporting could impact such investigation.'' Response: The final rule has been modified at FAR 52.246-26(c)(2) to add the statement that a GIDEP report should not be submitted when the contractor is aware that the issue it is reporting is being investigated unless [[Page 64690]] the report has been approved by the cognizant law enforcement agency. c. Export-Controlled Data Comments: One respondent expressed concern whether adequate measures and processes are in place to ensure that ``export controlled data is not inadvertently released to unauthorized parties.'' Response: The final rule revised the clause at 52.246-26(b)(1) and (c)(1) to clarify that the GIDEP reporting and screening requirement does not apply if the contractor is a foreign corporation or partnership that does not have an office, place of business, or fiscal paying agent in the United States. Since foreign corporations will not be allowed to screen or submit GIDEP reports, export-controlled data will not be inadvertently released to unauthorized parties as a result of this rule. Further, when applying for access to GIDEP, all applicants are required to agree to the GIDEP Operations Manual, Chapter 2, Appendix A, ``GIDEP Terms and Conditions'' that include the following--``Safeguard GIDEP data in accordance with the Security and Technology Transfer regulations of the U.S. and Canadian Governments. The U.S. regulations are located at 15 CFR chapter VII, subchapter C ``Export Administration Regulations''. For example, these regulations include rules covering access by and disclosure to foreign nationals employed at the businesses within the United States or Canada. 7. Additional Guidance a. Disposition of Counterfeit Parts Comments: One respondent recommended that the Government establish and communicate-- (1) An official position about what a recipient of suspect/actual counterfeit parts should do with the material when it discovers/ determines that it may be counterfeit; (2) Procedures the Government would prefer industry follow in securing suspect counterfeit electronic parts and preserve the chain of custody; and (3) Guidance addressing how long after a company notifies the Government of its conclusion that industry should retain suspect counterfeit electronic parts. Response: FAR 46.407(h) provides that the contracting officer shall provide disposition instructions for counterfeit or suspect counterfeit items in accordance with agency policy. Agency policy may require the contracting officer to direct the contractor to retain such items for investigative or evidentiary purposes. Also, FAR 52.246-26(b)(3) directs the contractor to retain counterfeit or suspect counterfeit items in its possession at the time of discovery until disposition instructions have been provided by the contracting officer. Therefore, no changes from the proposed rule are required. b. Law Enforcement Lead Comments: One respondent noted that industry would prefer a single Federal law enforcement agency as a point of contact for questions, understanding best practices, referrals, etc. Industry would look to this agency for purposes of reporting and investigation of events such as discovery of counterfeit electronic parts and recommended that GIDEP be the mechanism by which notification to such law enforcement is conducted. Response: This recommendation is outside the scope of this case and no change is made to the final rule. c. Cooperation Between Original Component Manufacturers (OCMs) and Contractors Comments: One respondent addressed difficulties with obtaining sufficient information from the OCM to suspect an item is counterfeit. The respondent indicated that industry benefits, under certain circumstances, from attempting to authenticate electronic parts procured from other than ``trusted suppliers'' when the OCM cooperates. Such circumstances include-- (1) The parts in question are electronic components for items contained in fielded systems previously sold to the Government years earlier and are now needed to support replacement or additional requirements for those same systems; (2) The OCM no longer manufactures the part in question; (3) Neither the OCM nor its authorized distributors have the part in stock; and (4) There is not enough time or inventory to engage authorized aftermarket manufacturers. According to the respondent, OCMs occasionally refuse to verify such information as lot number, date code, and trademark of suspect counterfeit parts citing that (1) the reporting company did not purchase the part in question from the OCM; (2) taking time to assess the part costs the OCM money; and (3) the risk to the OCM involved in terms of liability to the seller of the part if the OCM's input to the reporting company is incorrect. The respondent recommended that the Government allow industry to bring its requests for such information from OCMs to Federal law enforcement to obtain the information from the OCM or encourage OCMs to cooperate with industry in the collective public good. Response: It is outside the scope of this case and the authority of the Councils to require OCMs to provide information to another entity with regard to suspect counterfeit parts; therefore, no change is made to the final rule. 8. Technical Corrections/Comments Comment: According to one respondent, the FAR text should reference 12.301(d)(5) rather than 12.301(d)(4) for the requirement to include the clause FAR 52.246-26, Reporting Nonconforming Items. Response: The respondent is correct. However, this issue is no longer relevant, as this clause is no longer required for acquisitions of commercial items. Comment: One respondent commented that if the proposed rule is intended to require flowing down FAR 52.246-26 to commercial-item subcontracts awarded under commercial-item prime contracts, then the FAR Council should propose corresponding amendments to FAR 52.212-5(e). Response: The respondent is technically correct. However, the final rule no longer applies to contracts for the acquisition of commercial items using FAR part 12 procedures, nor does the rule flow down to subcontracts for commercial items. Comment: One respondent stated that the proposed rule and clause use the term ``contractor'' at some points and ``Contractor'' at other points. Response: In accordance with FAR drafting conventions, the term ``contractor'' is not capitalized in the FAR text, but in a clause it is capitalized to indicate the prime contractor. 9. Phased Implementation a. Adequate Time To Develop Practices, Processes, and Tools Comment: One respondent proposed a phased implementation approach to allow adequate time for the supply base to develop practices, processes, and tools to comply with the requirements. This would allow for system access and training needs of companies newly reporting in GIDEP and for existing participants' to establish internal protocols to ensure accurate, timely and complete GIDEP reporting. Response: The Councils do not agree that a phased implementation approach is necessary and no change is made to the final rule. The GIDEP system is well [[Page 64691]] established and support is provided in a variety of ways to assist users. Instructions are provided in the GIDEP Operations Manual found on the GIDEP website, along with information on instructional modules and web-based training. Additionally, the GIDEP Operations Center has a Help Desk to assist users. These tools will assist with compliance and reduce the need to develop extensive practices, processes, and internal protocols. b. Limit Reporting Requirement Comment: Two respondents proposed a phased-in approach initially limited to reporting counterfeit and suspected counterfeit parts and only later expanded once the processes for implementing such systems are established and functioning. Response: Because the final rule has been significantly descoped there is no need for a phased-in approach and no change was made to the rule concerning a phased-in approach. c. Expanded Access to GIDEP Comment: One respondent proposed the FAR Council delay implementation of the rule or make GIDEP participation voluntary until access to GIDEP is more broadly available, specifically to non-U.S. and non-Canadian companies who do not presently have access to the system. Response: The final rule does not extend access to foreign contractors. It has been determined that the inclusion of foreign contractors would be beyond the manageable scope of this rule. Therefore, the final rule adds the statement in paragraphs (b)(1) and (c)(1) of the clause at 52.246-26 that foreign contractors are not required to submit or screen GIDEP reports. d. Commercial Item Contractors' Exemption Comment: One respondent proposes to exempt commercial item contractors, their subcontractors and suppliers from the initial applicability of the rule. Response: The final rule was revised to no longer apply to acquisition of commercial items and does not require flowdown to subcontracts for the acquisition of commercial items. 10. ``Major Rule'' Under 5 U.S.C. 804 Comment: One respondent disagreed with the statement in the preamble to the proposed that this is not a major rule under 5 U.S.C. 804. The respondent cites the value of current industry investments to secure supply chains and ensure product integrity, increased costs to the Government customer for compliance, and the additional liability costs imposed on the Government industrial base and information and communication technology sectors. Response: It is not the decision of the FAR Council whether a rule is a major rule, but it is, by the definition at 5 U.S.C. 804, the decision of the Office of Information and Regulatory Affairs (OIRA). OIRA determined that the proposed rule was not a major rule. This final rule has significantly less effect than the proposed rule (e.g., estimated burden hours reduced from 1,422,000 to 30,966 hours), so is even less likely to be considered a major rule. As defined in 5 U.S.C. 804, ``major rule'' means any rule that the Administrator of the Office of Information and Regulatory Affairs of the Office of Management and Budget finds has resulted in or is likely to result in-- (A) An annual effect on the economy of $100,000,000 or more; (B) A major increase in costs or prices for consumers, individual industries, Federal, State, or local government agencies, or geographic regions; or (C) Significant adverse effects on competition, employment, investment, productivity, innovation, or on the ability of United States-based enterprises to compete with foreign-based enterprises in domestic and export markets. Quality assurance systems already have methods of analyzing and dealing with nonconformances; therefore, the bulk of the process in gathering information on nonconforming parts is already happening (e.g., FAR 52.246-2, Inspection of Supplies--Fixed Price; or 52.246-3, Inspection of Supplies--Cost-Reimbursement). 11. Small Business Impact Comment: One respondent asserted the analysis of the costs and impacts of the proposed rule are greatly underestimated and that small businesses most assuredly will be impacted as the proposed rule requires a system for ongoing review of GIDEP, audit, investigation, and reporting; and investigation and reporting to GIDEP and the contracting officer. The respondent pointed out that small businesses have limited resources--both in terms of personnel and financial resources--to establish systems necessary to engage in these kinds of continuous monitoring, auditing, investigating, and reporting activities. Another respondent stated that, although the proposed rule addresses an important objective--to mitigate the threat that counterfeit items pose when used in systems vital to an agency's mission--the rule imposes significant new monitoring and reporting requirements that will pose particular challenges for small businesses. The respondent stated that the proposed rule was likely to increase costs for smaller businesses. The respondent cited examples, such as by requiring them to significantly increase quality assurance and compliance investments in order to remain at some tier in the Government supply chain, increasing liability costs associated with compliance failures, and increasing costs associated with the heightened risk of application of the exclusionary authority. This respondent also opined that in the section 818 regulatory process, the rulemakings have had the net effect of higher-tiered Federal contractors trimming their supply chains to eliminate companies unable or unwilling to implement flowdown policies or that cannot immediately demonstrate well in advance of entering supplier agreements that they have the capabilities demanded by the various section 818 rules. Ultimately, the by-product of this and other section 818 rulemakings is that they disproportionately and negatively impact small businesses through reduced participation in the Federal market and reduced Federal funding. Response: The significant descoping of the applicability of this rule both at the prime and subcontract level, including removal of the applicability of the clause to commercial prime contracts, and removal of the flowdown requirements to subcontracts for commercial items (see paragraphs II.B.1.a. through II.B.1.c.) will greatly reduce the impact on small businesses. Additionally, the rule does not require application of section 818(c)(4) to DoD contracts and subcontracts that do not exceed the SAT. Furthermore, while this rule may require small businesses to implement new business practices, these practices will have the beneficial effect of making the business more competitive as potential prime contractors and business partners see the firm has instituted practices to avoid passing on counterfeits and items with major or critical nonconformances. The Councils have revised the rule to lessen burden and reduced reporting requirements to the maximum extent while still getting information necessary to protect items that require higher-level quality standards, critical items, and electronic parts for DOD from counterfeit parts and major or critical nonconformances. Changes to the rule include: Focusing on supplies that require higher-level quality standards or are determined to be critical items, excluding foreign contractors and commercial items. Commercial items [[Page 64692]] include COTS items. This and other descoping efforts (see preamble sections II.A. and II.B.1.) reduced the estimated responses from 474,000 to 5,166 responses, and reduces the estimated burden hours from 1,422,000 hours to 30,986 hours, so that information is obtained where it is most critically needed. Comment: One respondent was concerned that adding negotiations over quality assurance may further distort the playing field to hurt small businesses attempting to retain a degree of control in their operations when negotiating with prime contractors. Conversely, lower-tier subcontractors, particularly commercial item contractors and small business entities, may assert that they do not have (and cannot afford to have) the sophisticated internal control systems necessary to detect and categorize the types of nonconforming conditions that require reporting to GIDEP. Neither the proposed clause nor the proposed regulation offers any guidance for resolving such conflicts. Response: Part of the concern of the respondent was that higher- tier contractors could insist on imposing quality control and reporting requirements that go well beyond those specified in the proposed clause to ensure that they fulfill their own obligation under the clause. In the final rule, paragraph (g)(3) of the clause at 52.246-26 revises the flowdown language to restrict changes to the clause (see paragraph II.B.2.d.). 12. Information Collection Requirements Comment: Various respondents commented on the estimate of the information collection requirement in the preamble to the proposed rule. Several respondents stated that the burden is currently underestimated. According to a respondent, the estimate of 474,000 reports underestimates the potential burden of the expanded reporting requirements because it failed to account for the growth in GIDEP reporting entities and relies on the number of companies currently participating in GIDEP. Various respondents commented that 3 hours per report was substantially underestimated. One respondent noted that any incident must be identified, investigated, and reported. Procedures need to be followed, individuals with expertise need to be consulted, tests need to be performed and reports to memorialize findings of the review need to be prepared and filed. Another respondent noted that a single report can take up to 100 hours to complete, including significant legal review. Another respondent commented that the ``very low estimate'' seems to ignore the significant time and costs associated with training, implementation, and the risks of liability. Response: DoD, GSA, and NASA have completely revised the estimated number of reports per year because the rule has been significantly descoped and data was also reviewed regarding the current number of participating contractors and the current number of reports submitted, resulting in an estimate of 51,657 participating contractors submitting 5,166 reports per year. Industry already has all the information necessary to prepare a GIDEP report, based on existing quality assurance systems and procedures. However, in response to the industry comments and after discussions with subject matter experts, DoD, GSA, and NASA have reconsidered the number of estimated hours to prepare, review, and submit the report at an average of 6 hours per report (see section VII of this preamble). III. Applicability to Contracts at or Below the Simplified Acquisition Threshold (SAT) and for Commercial Items, Including Commercially Available Off-the-Shelf (COTS) Items A. Applicability to Contracts at or Below the SAT 41 U.S.C. 1905 governs the applicability of laws to contracts or subcontracts in amounts not greater than the SAT. It is intended to limit the applicability of laws to such contracts or subcontracts. 41 U.S.C. 1905 provides that if a provision of law contains criminal or civil penalties, or if the FAR Council, which includes DoD, makes a written determination that it is not in the best interest of the Federal Government to exempt contracts or subcontracts at or below the SAT, the law will apply to them. The FAR Council has not made this determination. Therefore, section 818(c)(4) of Public Law 112-81 will not be applied below the SAT at either the prime or subcontract level. However, the Governmentwide policy, which is not required by statute, with regard to items that require higher level quality standards and critical items (including electronic parts), will be applied below the SAT, because for such parts, counterfeit or nonconforming parts of any dollar value can still cause hazardous or unsafe conditions for individual using the equipment and can lead to mission failure. B. Applicability to Contracts for the Acquisition of Commercial Items, Including COTS Items 41 U.S.C. 1906 governs the applicability of laws to contracts and subcontracts for the acquisition of commercial items, and is intended to limit the applicability of laws to contracts and subcontracts for the acquisition of commercial items. 41 U.S.C. 1906 provides that if a provision of law contains criminal or civil penalties, or if the FAR Council makes a written determination that it is not in the best interest of the Federal Government to exempt commercial item contracts, the provision of law will apply to contracts for the acquisition of commercial items. Likewise, 41 U.S.C. 1907 governs the applicability of laws to the acquisition of COTS items, with the Administrator for Federal Procurement Policy serving as the decision authority in determining whether it is not in the best interest of the Government to exempt contracts for COTS items from a provision of law. The FAR Council and the Administrator for Federal Procurement Policy have not made these determinations with regard to application of section 818(c)(4) of Public Law 112-81 to contracts and subcontracts for the acquisition of commercial items and COTS items, respectively. This final rule will not apply the requirements of section 818(c)(4) of Public Law 112-81 or the Governmentwide policy to prime contracts for the acquisition of commercial items using FAR part 12 procedures and will not flow the clause FAR 52.246-26 down to subcontracts for the acquisition of commercial items. IV. Expected Costs DoD, GSA, and NASA have performed a regulatory cost analysis on this rule. The following is a summary of the estimated public and Government costs. Currently, there is no FAR requirement for contractors to exchange information about counterfeit, suspect counterfeit or major or critical nonconforming items in a Governmentwide database. This final rule establishes the requirement for contractors to search for and share information on such items in GIDEP. Specifically, the rule adds a new FAR clause at 52.246-26, Reporting Nonconforming Items, that includes a requirement for contractors to: (1) Screen GIDEP for items which may have critical or major nonconformances or items that are counterfeits or suspect counterfeits; and (2) report to GIDEP and the contracting officer within 60 days of becoming aware or having [[Page 64693]] reason to suspect--such as through inspection, testing, record review, or notification from another source (e.g., seller, customer, third party)--that an end item purchased by the contractor for delivery to, or for, the Government is counterfeit or suspect counterfeit. These screening and reporting requirements apply to contracts that are: (1) Subject to higher-level quality standards in accordance with the clause at FAR 52.246-11, Higher-Level Contract Quality Requirement; (2) for critical items; or (3) for acquisitions over the simplified acquisition threshold of electronic parts or end items, components, parts, or assemblies containing electronic parts, by, or for the Department of Defense. By sharing this information in GIDEP, both the Government and contractors will benefit from knowing about and avoiding items with critical or major nonconformances, or items that are counterfeits or suspect counterfeits. Sharing this information in GIDEP will reduce the risk of having such items in the supply chain for mission critical items where failure would endanger an agency mission, cause catastrophic failures, or endanger human health and the environment. Although unable to quantify the benefits of this rule, the Government expects reduction in the high costs of potential damage to equipment, mission failure, and even injury and death of personnel. The following is a summary of the estimated public and Government cost savings calculated in perpetuity in 2016 dollars at a 7-percent discount rate: ---------------------------------------------------------------------------------------------------------------- Summary Public Government Total ---------------------------------------------------------------------------------------------------------------- Present Value.......................................... $209,045,344.99 $4,007,342.86 $213,052,687.85 Annualized Costs....................................... 14,633,174.15 280,514.00 14,913,688.15 Annualized Value Costs (as of 2016 if Year 1 is 2019).. 11,945,028.99 228,982.98 12,174,011.97 ---------------------------------------------------------------------------------------------------------------- To access the full regulatory cost analysis for this rule, go to the Federal eRulemaking Portal at https://www.regulations.gov, search for ``FAR Case 2013-002,'' click ``Open Docket,'' and view ``Supporting Documents.'' V. Executive Orders 12866 and 13563 Executive Orders (E.O.s) 12866 and 13563 direct agencies to assess all costs and benefits of available regulatory alternatives and, if regulation is necessary, to select regulatory approaches that maximize net benefits (including potential economic, environmental, public health and safety effects, distributive impacts, and equity). E.O. 13563 emphasizes the importance of quantifying both costs and benefits, of reducing costs, of harmonizing rules, and of promoting flexibility. This is a significant regulatory action and, therefore, was subject to review under section 6(b) of E.O. 12866, Regulatory Planning and Review, dated September 30, 1993. This rule is not a major rule under 5 U.S.C. 804. VI. Executive Order 13771 This rule is an E.O. 13771 regulatory action. The total annualized value of the cost is $14,913,688.15. Details on the estimated costs can be found in section IV. of this preamble. VII. Regulatory Flexibility Act DoD, GSA, and NASA have prepared a Final Regulatory Flexibility Analysis (FRFA) consistent with the Regulatory Flexibility Act, 5 U.S.C. 601, et seq. The FRFA is summarized as follows: This rule partially implements section 818 of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2012 (Pub. L. 112-81, 10 U.S.C. 2302 Note), requiring regulations regarding the definition, prevention, detection and reporting of actual or suspected counterfeit electronic parts in the Government-Industry Data Exchange Program (GIDEP) system. Section 818(c)(4) was directed specifically at the reporting of counterfeit or suspect counterfeit electronic parts by Department of Defense (DoD) contractors and subcontractors; however, the Civilian Agency Acquisition Council and the Defense Acquisition Regulations Counsel (the Councils) consider the problem of nonconforming and counterfeit parts to be significant across the Federal Government and, therefore this rule applies to all applicable Federal contracts. Respondents expressed concern about the scope of the proposed rule and the potential difficulty of tracking and reporting, especially for small businesses. One respondent asserted that the analysis of the costs and impacts of the proposed rule were greatly underestimated and that small business most assuredly will be impacted as the proposed rule requires a system for ongoing review of GIDEP, audit, investigation, and reporting to GIDEP and the contracting officer. The respondent pointed out that small businesses have limited resources--both in terms of personnel and financial resources--to establish systems necessary to engage in these kinds of continuous monitoring, auditing, investigating, and reporting activities. Another respondent stated that the proposed rule was likely to increase cost for smaller businesses. The respondent cited examples, such as by requiring them to significantly increase quality assurance and compliance investments in order to remain at some tier in the Government supply chain, increasing liability costs associated with compliance failures, and increasing costs associated with the heightened risk of application of the exclusionary authority. In response to these concerns, the Councils significantly descoped the rule, both at the prime and the subcontract level. The final rule no longer applies to contracts or subcontracts for the acquisition of commercial items. Additionally, the rule does not require application of section 818(c)(4) to DoD contracts and subcontracts that do not exceed the simplified acquisition threshold (see FAR 46.317(a) and 52.246-26(g)(1)). The removal of the flowdown requirements will greatly reduce the impact on small businesses. While this rule may require small businesses to implement new business practices involving screening GIDEP reports or reporting in GIDEP if a mission critical nonconforming item is discovered, we do not expect the incident of finding mission critical nonconformances to be frequent. These practices will have the beneficial effect of making the business more competitive as potential prime contractors and business partners see that the firm has instituted practices to avoid passing on counterfeit parts and items with critical nonconformances. One respondent was concerned that adding negotiations over quality assurance may further distort the playing field to hurt small businesses attempting to retain a degree of control in their operations when negotiating with prime contractors. Conversely, lower-tier subcontractors, particularly commercial-item contractors and small-business entities, may assert that they do not have (and cannot afford to have) the sophisticated internal control systems necessary to detect and categorize the types of nonconforming conditions that require reporting to GIDEP. Neither the proposed clause nor the proposed regulation offers any guidance for resolving such conflicts. Part of the concern of the respondent was that higher-tier contractors could insist on imposing quality control and reporting requirements that go well beyond those specified in the proposed clause to ensure that they fulfill their own obligation under the clause. This issue has been resolved through amendment of the flowdown language to restrict changes to the clause. The rule applies to contracts that have higher-level quality assurance requirements (FAR 52.246-11), contracts for critical items, and DoD contracts for electronic parts that exceed the simplified acquisition threshold (other than commercial items). The total number of contractors and subcontractors to which the rule will apply is estimated to be [[Page 64694]] 51,657. Of this number, it is estimated 42,153 or 82 percent will be small businesses, of which approximately 10 percent may be required to submit a GIDEP report in a given year. This rule requires screening of GIDEP reports; written notice to the contracting officer within 60 days of becoming aware through inspection or testing of counterfeit or suspect counterfeit parts for delivery to, or for, the Government; and reporting of counterfeit and suspect counterfeit items and common items that have a critical or major nonconformance into GIDEP. The Government vitally needs a program to protect its critical assets from the threat of loss and especially where failure of the item could injure personnel or jeopardize a vital agency mission. The Councils carefully weighed the stated concerns of businesses against the serious impact parts with major or critical nonconformances may have on critical items. As described above, the Councils minimized the economic impact on small entities consistent with the stated objects of the rule by descoping the rule significantly to the maximum extent possible while maintaining the ability to track and avoid counterfeit, suspect counterfeit items and common items that have a critical or major nonconformance. Interested parties may obtain a copy of the FRFA from the Regulatory Secretariat Division. The Regulatory Secretariat Division has submitted a copy of the FRFA to the Chief Counsel for Advocacy of the Small Business Administration. VIII. Paperwork Reduction Act The Paperwork Reduction Act (44 U.S.C. chapter 35) applies. The rule contains information collection requirements. OMB has cleared this information collection requirement under OMB Control Number 9000-0187, titled: ``Reporting of Nonconforming Items to the Government-Industry Data Exchange Program.'' Due to the major descoping of the final rule, the approved estimated number of responses is substantially less than the estimated responses in the preamble to the proposed rule. However, the number of hours per response has been increased to 6 hours. Respondents: 5,166. Responses per respondent: 1. Total annual responses: 5,166. Preparation hours per response: 6. Total response burden hours: 30,996. List of Subjects in 48 CFR Parts 1, 2, 7, 46, and 52 Government procurement. William F. Clark, Director, Office of Government-wide Acquisition Policy, Office of Acquisition Policy, Office of Government-wide Policy. Therefore, DoD, GSA and NASA are issuing a final rule amending 48 CFR parts 1, 2, 7, 46, and 52 as set forth below: 0 1. The authority citation for parts 1, 2, 7, 46, and 52 continues to read as follows: Authority: 40 U.S.C. 121(c); 10 U.S.C. chapter 137; and 51 U.S.C. 20113. PART 1--FEDERAL ACQUISITION REGULATIONS SYSTEM 0 2. In section 1.106 amend the table by adding in numerical sequence, the entry for ``52.246-26'' to read as follows: 1.106 OMB approval under the Paperwork Reduction Act. * * * * * ------------------------------------------------------------------------ FAR segment OMB control No. ------------------------------------------------------------------------ * * * * * 52.246-26 9000-0187 * * * * * ------------------------------------------------------------------------ PART 2--DEFINITIONS OF WORDS AND TERMS 0 3. Amend section 2.101 in paragraph (b) by revising the definition ``Common item'' to read as follows: 2.101 Definitions. * * * * * (b) * * * Common item means material that is common to the applicable Government contract and the contractor's other work, except that for use in the clause at 52.246-26, see the definition in paragraph (a) of that clause. * * * * * PART 7--ACQUISITION PLANNING 0 4. Amend section 7.105, in paragraph (b)(19) by adding a new sentence to the end of the paragraph to read as follows: 7.105 Contents of written acquisition plans. * * * * * (b) * * * (19) * * * In contracts for supplies or service contracts that include supplies, address whether higher-level quality standards are necessary (46.202) and whether the supplies to be acquired are critical items (46.101). * * * * * PART 46--QUALITY ASSURANCE 0 5. Amend section 46.101 by adding, in alphabetical order, the definitions ``Counterfeit item'', ``Critical item'', ``Design activity'', and ``Suspect counterfeit item'' to read as follows: 46.101 Definitions. * * * * * Counterfeit item means an unlawful or unauthorized reproduction, substitution, or alteration that has been knowingly mismarked, misidentified, or otherwise misrepresented to be an authentic, unmodified item from the original manufacturer, or a source with the express written authority of the original manufacturer or current design activity, including an authorized aftermarket manufacturer. Unlawful or unauthorized substitution includes used items represented as new, or the false identification of grade, serial number, lot number, date code, or performance characteristics. Critical item means an item, the failure of which is likely to result in hazardous or unsafe conditions for individuals using, maintaining, or depending upon the item; or is likely to prevent performance of a vital agency mission. * * * * * Design activity means an organization, Government or contractor, that has responsibility for the design and configuration of an item, including the preparation or maintenance of design documents. Design activity could be the original organization, or an organization to which design responsibility has been transferred. * * * * * Suspect counterfeit item means an item for which credible evidence (including but not limited to, visual inspection or testing) provides reasonable doubt that the item is authentic. * * * * * 0 6. Add section 46.317 to read as follows: 46.317 Reporting Nonconforming Items. (a) Except as provided in paragraph (b) of this section, the contracting officer shall insert the clause at 52.246-26, Reporting Nonconforming Items, in solicitations and contracts--as follows: (1) For an acquisition by any agency, including the Department of Defense, of-- (i) Any items that are subject to higher-level quality standards in accordance with the clause at 52.246-11, Higher-Level Contract Quality Requirement; (ii) Any items that the contracting officer, in consultation with the requiring activity determines to be critical items for which use of the clause is appropriate; (2) In addition (as required by paragraph (c)(4) of section 818 of the National Defense Authorization Act for [[Page 64695]] Fiscal Year 2012 (Pub. L. 112-81)), for an acquisition that exceeds the simplified acquisition threshold and is by, or for, the Department of Defense of electronic parts or end items, components, parts, or materials containing electronic parts, whether or not covered in paragraph (a)(1) of this section; or (3) For the acquisition of services, if the contractor will furnish, as part of the service, any items that meet the criteria specified in paragraphs (a)(1) through (a)(2) of this section. (b) The contracting officer shall not insert the clause at 52.246- 26, Reporting Nonconforming Items, in solicitations and contracts when acquiring-- (1) Commercial items using part 12 procedures; or (2) Medical devices that are subject to the Food and Drug Administration reporting requirements at 21 CFR 803. (c) If required by agency policy, the contracting officer may modify paragraph (b)(4) of the clause at 52.246-26, but only to change the responsibility for the contractor to submit reports to the agency rather than to Government-Industry Data Exchange Program (GIDEP), so that the agency instead of the contractor submits reports to GIDEP within the mandatory 60 days. 0 7. Amend section 46.407 by adding paragraph (h) to read as follows: 46.407 Nonconforming supplies or services. * * * * * (h) The contracting officer shall provide disposition instructions for counterfeit or suspect counterfeit items in accordance with agency policy. Agency policy may require the contracting officer to direct the contractor to retain such items for investigative or evidentiary purposes. PART 52--SOLICITATION PROVISIONS AND CONTRACT CLAUSES 0 8. Add section 52.246-26 to read as follows: 52.246-26 Reporting Nonconforming Items. As prescribed in 46.317, insert the following clause: Reporting Nonconforming Items (Dec 2019) (a) Definitions. As used in this clause-- Common item means an item that has multiple applications versus a single or peculiar application. Counterfeit item means an unlawful or unauthorized reproduction, substitution, or alteration that has been knowingly mismarked, misidentified, or otherwise misrepresented to be an authentic, unmodified item from the original manufacturer, or a source with the express written authority of the original manufacturer or current design activity, including an authorized aftermarket manufacturer. Unlawful or unauthorized substitution includes used items represented as new, or the false identification of grade, serial number, lot number, date code, or performance characteristics. Critical item means an item, the failure of which is likely to result in hazardous or unsafe conditions for individuals using, maintaining, or depending upon the item; or is likely to prevent performance of a vital agency mission. Critical nonconformance means a nonconformance that is likely to result in hazardous or unsafe conditions for individuals using, maintaining, or depending upon the supplies or services; or is likely to prevent performance of a vital agency mission. Design activity means an organization, Government or contractor, that has responsibility for the design and configuration of an item, including the preparation or maintenance of design documents. Design activity could be the original organization, or an organization to which design responsibility has been transferred. Major nonconformance means a nonconformance, other than critical, that is likely to result in failure of the supplies or services, or to materially reduce the usability of the supplies or services for their intended purpose. Suspect counterfeit item means an item for which credible evidence (including but not limited to, visual inspection or testing) provides reasonable doubt that the item is authentic. (b) The Contractor shall-- (1) Screen Government-Industry Data Exchange Program (GIDEP) reports, available at www.gidep.org, as a part of the Contractor's inspection system or program for the control of quality, to avoid the use and delivery of counterfeit or suspect counterfeit items or delivery of items that contain a major or critical nonconformance. This requirement does not apply if the Contractor is a foreign corporation or partnership that does not have an office, place of business, or fiscal paying agent in the United States; (2) Provide written notification to the Contracting Officer within 60 days of becoming aware or having reason to suspect, such as through inspection, testing, record review, or notification from another source (e.g., seller, customer, third party) that any end item, component, subassembly, part, or material contained in supplies purchased by the Contractor for delivery to, or for, the Government is counterfeit or suspect counterfeit; (3) Retain counterfeit or suspect counterfeit items in its possession at the time of discovery until disposition instructions have been provided by the Contracting Officer; and (4) Except as provided in paragraph (c) of this clause, submit a report to GIDEP at www.gidep.org within 60 days of becoming aware or having reason to suspect, such as through inspection, testing, record review, or notification from another source (e.g., seller, customer, third party) that an item purchased by the Contractor for delivery to, or for, the Government is-- (i) A counterfeit or suspect counterfeit item; or (ii) A common item that has a major or critical nonconformance. (c) The Contractor shall not submit a report as required by paragraph (b)(4) of this clause, if-- (1) The Contractor is a foreign corporation or partnership that does not have an office, place of business, or fiscal paying agent in the United States; (2) The Contractor is aware that the counterfeit, suspect counterfeit, or nonconforming item is the subject of an on-going criminal investigation, unless the report is approved by the cognizant law-enforcement agency; or (3) For nonconforming items other than counterfeit or suspect counterfeit items, it can be confirmed that the organization where the defect was generated (e.g., original component manufacturer, original equipment manufacturer, aftermarket manufacturer, or distributor that alters item properties or configuration) has not released the item to more than one customer. (d) Reports submitted in accordance with paragraph (b)(4) of this clause shall not include-- (1) Trade secrets or confidential commercial or financial information protected under the Trade Secrets Act (18 U.S.C. 1905); or (2) Any other information prohibited from disclosure by statute or regulation. (e) Additional guidance on the use of GIDEP is provided at http://www.gidep.org/about/opmanual/opmanual.htm. (f) If this is a contract with the Department of Defense, as provided in paragraph (c)(5) of section 818 of the National Defense Authorization Act for Fiscal Year 2012 (Pub. L. 112-81), the Contractor or subcontractor that provides a written report or notification under this clause that the end item, component, part, or material contained electronic parts (i.e., an integrated circuit, a discrete electronic component (including, but not limited to, a transistor, capacitor, resistor, or diode), or a circuit assembly)) that are counterfeit electronic parts or suspect counterfeit electronic parts shall not be subject to civil liability on the basis of such reporting, provided that the Contractor or any subcontractor made a reasonable effort to determine that the report was factual. (g) Subcontracts. (1) Except as provided in paragraph (g)(2) of this clause, the Contractor shall insert this clause, including this paragraph (g), in subcontracts that are for-- (i) Items subject to higher-level quality standards in accordance with the clause at FAR 52.246-11, Higher-Level Contract Quality Requirement; (ii) Items that the Contractor determines to be critical items for which use of the clause is appropriate; (iii) Electronic parts or end items, components, parts, or materials containing electronic parts, whether or not covered in paragraph (g)(1)(i) or (ii) of this clause, if the subcontract exceeds the simplified [[Page 64696]] acquisition threshold and this contract is by, or for, the Department of Defense (as required by paragraph (c)(4) of section 818 of the National Defense Authorization Act for Fiscal Year 2012 (Pub. L. 112-81)); or (iv) For the acquisition of services, if the subcontractor will furnish, as part of the service, any items that meet the criteria specified in paragraphs (g)(1)(i) through (g)(1)(iii) of this clause. (2) The Contractor shall not insert the clause in subcontracts for-- (i) Commercial items; or (ii) Medical devices that are subject to the Food and Drug Administration reporting requirements at 21 CFR 803. (3) The Contractor shall not alter the clause other than to identify the appropriate parties. (End of clause) [FR Doc. 2019-24960 Filed 11-21-19; 8:45 am] BILLING CODE 6820-EP-P