The much ballyhooed National Defense Authorization Act (NDAA), which tackles the issue of counterfeit components in the Department of Defense supply chain, has left many in the electronics industry scratching their heads. Although it is not unusual for the language of a rule to be either too vague or too restrictive, the Federal Acquisition Regulation (FAR) Case 2013-002 treats “nonconforming” and “counterfeit” components as the same thing. This has far-reaching implications for the supply chain.
FAR and the Defense Federal Acquisition Regulation (DFAR) are the bodies that issue the final rules for government procurement practices. The comment period for the FAR proposal has just been extended, according to SecuringIndustry.com, possibly because of the implications of "noncomforming" products. Industry association ECIA has outlined some of the difficulties the supply chain may face if the rule is adopted as is. "Counterfeiting and nonconformance issues are two distinct problems that require different solutions," the association said in its comments to FAR. "The reporting of nonconformance issues could result in a substantial increase in the number of reports and impose an administrative burden on the electronic component supply chain."
There are any number of reasons a part may be deemed "nonconforming," ECIA explains, that doesn't render them counterfeit:
One distributor member of the association noted that the company typically processes 25 to 30 failure analysis request per week for non-conforming parts, of which 90 percent to 95 percent are shown to be “no defect found,” “electrical or mechanical overstress,” and/or “customer induced damage.” Another distributor reported receiving hundreds of receiving rejections per month and would be unable to process that volume of GIDEP reports, most of which were due to manufacturers sending the wrong part.
A second concern is the requirement that government contractors and subcontractors report a counterfeit or nonconforming part to GIDEP, the Government-Industry Data Exchange Program. So far, GIDEP reporting has been voluntary.
ECIA is concerned about the proposed nonconformance reporting requirements. More clarity is needed as to what constitutes nonconformance, particularly with regard to electronic components. This expansion could result in a flood of nonconformance reports, given that contractors are more likely to err on the side of reporting (particularly with regard to the apparent civil liability “safe harbor” contained in 52.246-xx).
GIDEP has become a sticking point in the industry since the adoption of the NDAA. Inclusion of ‘”nonconforming” parts widely increases GIDEP’s margin for error. “GIDEP is the only [reporting] vehicle available and FAR requires contractors not just to report suspect parts – they have to check GIDEP before making a purchase,” explained Robin Gray, ECIA’s chief operating officer and general counsel, in an interview. “Let’s say someone checks GIDEP and a TI part is there. The issue then becomes what does a company do? Do they stop buying from TI?”
GIDEP also makes companies nervous. A GIDEP report identifies all parties involved in a transaction that may or may not involve a counterfeit. As a result, many companies don’t report suspected counterfeits to GIDEP because of the implication their supply chain is flawed. Companies also fear the possibility of civil liability should a counterfeit come to light.
ECIA GIDEP Recommendations
ECIA recommends that GIDEP reporting be strictly limited to counterfeit items for the following reasons:
- Counterfeiting and nonconformance issues are two distinct problems that require different solutions.
- The reporting of nonconformance issues could result in a substantial increase in the number of reports and impose an administrative burden on the electronic component supply chain.
- The value of such reports could be both minimal and significant. Minimal value in the sense that contractors will still buy from reputable “brand” names regardless of GIDEP reports. GIDEP reports could also have significant, negative impact because contractors might use such reports to avoid buying from reputable sources in order to satisfy the “due diligence” screening requirement.
- Rather than risk a GIDEP report, some manufacturers may restrict sales of their products to the government.
FAR 2013-002 does have a safe harbor provision, but ECIA believes it doesn’t go far enough:
The proposed amendment to Section 52.246-xx suggests that contractors (and subcontractors) would have a “safe harbor” from civil liability if the specified conditions are met. While ECIA supports this provision, it encourages contractors to err on the side of submitting GIDEP reports. It is far more cost effective to report a nonconformance than to conduct an investigation or failure analysis to determine: if it is a critical or major nonconformance, if the item supports a government contract; or if the nonconformance is genuine.
Absent safe harbor provisions for authorized supply chains, the government may find its access to authorized sellers limited. ECIA has received reports that electronic component manufacturers are considering the addition of language in their distribution agreements that restrict the sale of their products if the distributor knows that the items will be used in the performance of a United States government contract or subcontract which incorporates federal regulations expressly or by reference, including without limitation the Federal Acquisition Regulation (FAR), Defense Acquisition Regulation (DAR), Armed Services Procurement Regulations (ASPR), and Cost Accounting Standards (CAS).
The authorized distribution channel has been fighting counterfeiting since the industry's inception. In June, catalog distributor Mouser Electronics launched an anti-counterfeiting site. According to Chuck Amsden, Mouser director of quality, nonconformance is a significant issue. Part of the problem is the DoD's move from mil-spec products to commercial devices. Some commercial devices are not rugged enough for military applications and therefore could be deemed nonconforming.
"Since the first publishing of AS5553, customers have pressured authorized distribution to provide Manufacturer Certificates of Conformance on Commercial of the Shelf (COTS) parts," Amsden said via e-mail. "To me this appears to be an attempt by the DoD to make COTS into military parts. The current DFARS and FARS are too much in flux to have an effect on Mouser yet," he added.
Authorized distribution takes counterfeiting very seriously and distributors already have internal processes to deal with suspect parts. "When we are made aware of a counterfeit claim by a customer against Mouser all the information is forwarded to me," Amsden said. "I will gather all pertinent purchasing and sales information. I will work with the customer to get more information. I will ask the customer about other purchases of the part and whether they comingle stock. If necessary, I will obtain a sample from the customer. Using the sample I will work with the manufacturer to validate the counterfeit claim. If validated we would work with the customer on reporting to GIDEP. So far we have not had to report to GIDEP."
So now what?
Government rulemaking authorities may or may not change a proposal as a result of industry feedback. “The agency has somewhat of an obligation to address comments,” Gray said. But the comments may be dealt with in an introductory section to the final rule. “It’s possible they will say ‘we heard your concerns and here’s how we addressed them,'” Gray said. Rarely, Gray added, do agencies change rules as a result of industry feedback.
The FAR rule aims to apply aspects of Defense Federal Acquisition Regulations (DFAR) to all government procurement. DFAR rules specifically apply to the Department of Defense and NASA.
There’s no timeline for issuing a rule, Gray added, and the rule still has to go through several other government agencies. “There’s no way to anticipate how long it will take,” he concluded.
The FAR Council will now accept comments up until September 10.