Loading...
The FAR Council is proposing amendments to prohibit federal agencies from procuring products or services containing covered semiconductor products or services, effective December 23, 2027. This implements Section 5949 of the FY2023 NDAA and will fundamentally reshape supply chain compliance requirem

Breaking analysis of what happened and who is affected.
The FAR Council is proposing amendments to prohibit federal agencies from procuring products or services containing covered semiconductor products or services, effective December 23, 2027. This implements Section 5949 of the FY2023 NDAA and will fundamentally reshape supply chain compliance requirem
Read full report →Segment ImpactDeep dive into how this impacts each market segment.
OFPP, DoD, GSA, and NASA (collectively referred to as the Federal Acquisition Regulatory Council, or FAR Council) are proposing to amend the Federal Acquisition Regulation (FAR) to partially implement a section of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 which proh
Read full report →Action KitActionable checklists and implementation guidance.
OFPP, DoD, GSA, and NASA (collectively referred to as the Federal Acquisition Regulatory Council, or FAR Council) are proposing to amend the Federal Acquisition Regulation (FAR) to partially implement a section of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 which proh
Read full report →Event Type: FAR Update
Severity: HIGH
Date Issued: 2025-01-23
Effective Date: December 23, 2027
---
The FAR Council is proposing amendments to prohibit federal agencies from procuring products or services containing covered semiconductor products or services, effective December 23, 2027. This implements Section 5949 of the FY2023 NDAA (National Defense Authorization Act) and will fundamentally reshape supply chain compliance requirements across the entire federal contracting base. Contractors must immediately audit their semiconductor supply chains, identify covered products, and prepare mitigation strategies before the 2027 deadline. This is not optional—non-compliance will result in contract ineligibility across all executive agencies.
---
---
All Federal Contractors — This is a government-wide prohibition affecting every executive agency. No contract vehicle, agency, or NAICS code is exempt.
All executive agencies, with highest exposure at:
Critical: This applies to prime contractors AND subcontractors. Flow-down clauses will be mandatory.
---
The proposed rule defines covered semiconductors as those designed, fabricated, packaged, tested, or assembled in countries of concern (primarily China and Russia, though the final rule will specify). This includes integrated circuits, microprocessors, memory chips, and system-on-chip (SoC) components. The prohibition extends to services that rely on covered semiconductors, meaning cloud services, managed IT services, or SaaS platforms running on infrastructure with covered chips may also fall under scope. Contractors must trace semiconductor provenance through their entire supply chain, including third-party components and COTS products.
The proposed rule indicates the prohibition applies to new procurements made on or after December 23, 2027. However, contractors should anticipate that contract modifications, option exercises, and task order competitions under existing vehicles may trigger the new requirements. Agencies will likely issue class deviations or vehicle-specific guidance 12-24 months before the deadline. Prudent contractors should assume any contract action after December 2027 will require certification of semiconductor compliance, regardless of the base contract award date.
The FAR Council is expected to require contractor representations and certifications (reps & certs) at the time of offer and potentially ongoing compliance attestations during performance. Contractors will need to establish supply chain traceability systems that document semiconductor country-of-origin for every component. This means obtaining supplier declarations, conducting audits of subcontractors and COTS vendors, and maintaining audit-ready documentation. The compliance burden mirrors DFARS (Defense Federal Acquisition Regulation Supplement) 252.204-7012 (cybersecurity) and CMMC (Cybersecurity Maturity Model Certification) requirements—expect similar rigor. Reference the Secure Operations Guide (/insights/secure-operations-guide) for frameworks on building audit-ready compliance systems.
Non-compliance means contract ineligibility. Agencies will not be permitted to award contracts to vendors who cannot certify their products/services are free of covered semiconductors. For contractors heavily reliant on Chinese-manufactured chips (common in commercial electronics), this requires immediate supply chain diversification. Options include: (1) re-sourcing to U.S., EU, Japan, South Korea, or Taiwan fabrication; (2) redesigning products to use compliant components; (3) obtaining waivers (if the final rule includes a waiver process, which is uncertain); or (4) exiting federal markets that cannot be served with compliant products. This is an existential issue for some contractors.
The proposed rule does not currently specify a waiver mechanism, though public comments will likely advocate for one. Contractors should not assume waivers will be available or easy to obtain. Even if included in the final rule, waivers will likely require demonstrating: (1) no alternative suppliers exist, (2) the product/service is critical to national security, and (3) a concrete plan to transition to compliant sources. Waiver reliance is a high-risk strategy.
---
---
Cabrillo Signals War Room detected this proposed FAR amendment within minutes of Federal Register publication and automatically escalated it to HIGH severity based on government-wide scope and hard compliance deadline. The War Room continuously monitors FAR cases, agency-specific supplements, NDAA implementation timelines, and related supply chain security rulemakings to ensure no regulatory shift goes undetected.
Immediate Platform Actions:
1. Cabrillo Signals Match Engine — Automatically rescored all active opportunities and pipeline pursuits to flag those involving semiconductor-dependent products or services. Contractors should review rescored opportunities within 24 hours to identify at-risk pursuits and adjust bid/no-bid decisions. The Match Engine will continue monitoring for follow-on guidance, agency-specific implementations, and solicitations that reference the new FAR clause.
2. Cabrillo Signals Intelligence Hub — Activated tracking on all affected NAICS codes (334xxx series, 336xxx, 541512, 541519) and flagged contract vehicles with high semiconductor exposure (GSA MAS, SEWP, OASIS+). Set up saved searches to alert when agencies issue class deviations, solicitation amendments, or pre-solicitation notices requiring semiconductor compliance certifications. The Intelligence Hub will monitor SAM.gov (System for Award Management) for early adopters implementing the rule before the 2027 deadline.
3. Proposal Studio (Proposal OS) — Updated compliance matrices to include semiconductor supply chain traceability as a new evaluation criterion. Contractors should immediately add this to their win theme library and begin developing boilerplate compliance narratives. The bid/no-bid decision engine now flags opportunities where semiconductor compliance cannot be certified, preventing pursuit of unwinnable contracts.
4. Proposal Studio Workflow Tracker — Added a new gate in the 9-gate capture process: "Semiconductor Supply Chain Audit Complete" must be checked before Gate 4 (Proposal Development). This ensures compliance verification occurs before resource investment in proposal writing.
Hour 0-4 (Immediate Response):
Hour 4-12 (Assessment Phase):
Hour 12-24 (Strategic Planning):
Hour 24-48 (Operationalization):
Critical: Treat this as a compliance transformation program, not a one-time policy response. The December 2027 deadline is firm, and agencies will not grant extensions. Contractors who delay action until 2026 will face supply chain bottlenecks as the entire federal contracting base simultaneously seeks compliant components.
Related Compliance Frameworks: This semiconductor prohibition parallels existing supply chain security requirements. Contractors should integrate semiconductor traceability into existing compliance programs documented in the CMMC Compliance Guide (/insights/cmmc-compliance-guide) and CUI (Controlled Unclassified Information)-Safe CRM Guide (/insights/cui-safe-crm-guide). The same audit-ready documentation standards apply.
---