Client Alert: Key Developments in the FY 2021 National Defense Authorization Act

Jenner & Block’s Government Contracts and Grants Practice is pleased to highlight key components of the William M. (Mac) Thornberry National Defense Authorization Act (NDAA) for Fiscal Year 2021 (FY 21). This annual legislation—filled with thousands of provisions—provides a roadmap of acquisition policies that will drive future regulatory changes for government contractors of all types, sizes, and customer bases. 

Perennial topics, including cybersecurity, foreign influence, domestic sourcing, data rights, Other Transaction Authority (OTA), commercial item contracting, ethics, and small business participation continue to dominate. Joining these subjects are newer topics, including expediting US Space Force acquisition.

We highlight some of the key developments and offer guidance on what contractors should anticipate in the coming months and years. We will be closely tracking the reports to Congress and anticipated regulatory changes. Should you have questions on these or any other NDAA developments, we welcome your outreach.

Cybersecurity / IT Development

Perhaps more than any other subject area, the NDAA contains a vast number of cybersecurity provisions. The legislation adopts numerous recommendations from the reauthorized Cyberspace Solarium Commission, which described the FY 21 NDAA as “the most comprehensive and forward-looking piece of national cybersecurity legislation in the nation’s history.” Key recommendations include developing cyber leadership roles reporting to the White House and better coordination of cybersecurity between federal, state, the private sector, and international stakeholders. Below we highlight other cyber provisions of interest.

Sec. 835: Balancing Security and Innovation in Software Development and Acquisition

  • Directs DoD to create a “software pathway” to allow software to be delivered in a timely and secure manner.

Sec. 837: Safeguarding Defense-Sensitive United States Intellectual Property, Technology, and Other Data and Information

  • Requires DoD to establish, enforce, and track actions to protect defense-sensitive US intellectual property, including hardware and software, from acquisition by China.
  • Requires DoD to generate a list of critical national security technology and provide for mechanisms to restrict employees or former employees of the defense industrial base from working directly for companies owned or directed by China.

Section 1712: Modification of Requirements Relating to the Strategic Cybersecurity Program and the Evaluation of Cyber Vulnerability of Major Weapons Systems of the Department of Defense (DoD)

  • Requires DoD to develop a plan for each major weapon system to undergo an annual cyber-vulnerabilities assessment and to share lessons learned and best practices from the annual assessment of cyber resiliency of nuclear command and control system.

Section 1716: Subpoena Authority

  • Authorizes DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to issue administrative subpoenas upon detection of security vulnerabilities and to notify public and private system owners.

Section 1722: Assessing Risk to National Security of Quantum Computing

  • Requires DoD to complete an assessment of the current and potential threats and risks posed by quantum computing technologies to critical national security systems, including an assessment of NIST standards.

Section 9005: Government Accountability Office (GAO) Study of Cybersecurity Insurance 

  • Requires GAO to study methods to improve the market for cybersecurity insurance.

Foreign Influence

Sec. 819: Modifications to Mitigating Risks Related to Foreign Ownership, Control, or Influence (FOCI) of Department of Defense Contractors and Subcontractors

  • Adjusts the analytical framework to mitigate FOCI by adding an additional proactive, government-driven assessment.
  • Requires reports and examinations on a “periodic basis” of covered contractors or subcontractors to assess compliance with FOCI reporting and mitigation obligations.

Domestic Sourcing of Strategic and Critical Materials

Sec. 848: Supply of Strategic and Critical Materials for the Department of Defense

  • Requires, to maximum extent practicable, acquisition of strategic and critical materials from US sources, then from sources within the national technology and industrial base, then other sources.

Sec. 849: Analyses of Certain Activities for Action to Address Sourcing and Industrial Capacity

  • Requires DoD to assess national security industry sectors, including microelectronics and pharmaceutical ingredients, to determine how to increase domestic industrial capacity.
  • Contractors can expect DoD to explore ways to entice critical technology industries to move production to the United States, with recommendations likely in future NDAAs.

Sec. 851: Report on Strategic and Critical Materials

  • Directs DoD to issue a report on supply chain vulnerabilities related to the acquisition of rare earth minerals and metals.

Sec. 852: Report on Aluminum Refining, Processing, and Manufacturing

  • Rejects a proposal for required domestic sourcing of aluminum.
  • Requires DoD to report to Congress on how to increase incentives for domestic aluminum production.

Data Rights 

Sec. 804: Implementation of Modular Open Systems Approaches

  • Increases emphasis on modular open systems for weapons systems, including for cybersecurity systems, to more easily enable competition for upgrades and sustainment.
  • Continues DoD’s interest in obtaining data rights that will facilitate the replacement, enhancement, and maintainence of parts over the life cycle of products and systems.

Space Force

Sec. 807: Space System Acquisition and the Adaptive Acquisition Framework

  • Describes, in detail, expedited acquisition processes and responsibilities affecting major defense acquisition programs for the United States Space Force.
  • Sets goal of quickly and effectively acquiring end-to-end space warfighting capabilities to address requirements of national defense strategy.

Other Transaction Authority

Sec. 831: Contract Authority for Development and Demonstration of Initial or Additional Prototype Units

  • Directs DoD to assess authorities designed to streamline the process for moving prototype technologies into production under the same contract as the technology is matured.
  • Requires DoD to issue a report on this topic by March 31, 2021, potentially enabling regulatory action later this year depending upon that report’s findings.

Sec. 833: Listing of Other Transaction Authority Consortia

  • Ensures greater scrutiny of OTAs issued by consortia.
  • Requires a report to Congress by December 1, 2021 that assesses:
    • The number and dollar value of other transaction awards through consortia;
    • The benefits and challenges of using consortia;
    • A comparison of DoD’s use of consortia compared to other Federal agencies; and
    • Any other matters the Comptroller General determines to be appropriate.

Contractor Business Systems 

Sec. 806: Definition of Material Weakness for Contractor Business Systems

  • Revises and defines terminology for the evaluation of contractor business systems to better align with generally accepted auditing standards.
  • “Significant deficiencies” will be deemed “material weaknesses,” and defined as one or more deficiencies that causes a reasonable possibility of material misstatement.
  • “Reasonable possibility” will mean “probable” or “more than remote but less than likely.”

Commercial Contracting

Sec. 816: Documentation Pertaining to Commercial Item Determinations

  • Ensures better documentation of prior commercial item determinations, which may be relied upon for future contracts.
  • Allows the contracting officer to request assistance in commercial determinations, including from DoD’s Commercial Items Group within DCMA, and requires the contracting officer to document determinations.

Ethics Provisions

Sec. 883: Prohibition on Awarding of Contracts to Contractors that Require Nondisclosure Agreements Relating to Waste, Fraud, or Abuse

  • Requires representations that nondisclosure agreements relating to fraud, waste, and abuse are not used.
  • Similar to FAR 52.203-19, prohibits award of contracts to contractors that require such agreements.

Sec. 885: Disclosure of Beneficial Owners in Database for Federal Agency Contract and Grant Officers

  • Requires disclosure of beneficial ownership of contractors and grant recipients.

Small Business 

Sec. 815: Prompt Payment of Contractors 

  • Strengthens DoD’s goal to pay small business contractors within 15 days of receipt of an invoice.
  • Intends to improve small businesses' ability to continue to do business in the federal marketplace, especially during economic downturns.

Sec. 862: Transfer of Verification of Small Business Concerns Owned and Controlled by Veterans or Service-Disabled Veterans to the Small Business Administration (SBA)

  • Transfers the function of certifying Service Disabled Veteran Owned Small Businesses (SDVOSBs) and Veteran Owned Small Businesses (VOSBs) from the Department of Veterans Affairs to the SBA.
  • Phases out self-certification of SDVOSBs.
  • Seeks to harmonize within 2 years the SDVOSB and VOSB contracting programs with other small business contracting programs administered by SBA.

Section 863: Employment Size Standard Requirements for Small Business Concerns

  • Extends from 12 months to 24 months the time period to which an agency must refer when categorizing a manufacturer as a small business based on its average employment.

Section 868: Past Performance Ratings of Certain Small Business Concerns

  • Requires contracting officers to consider a small business concern’s past performance in a joint venture or as a first-tier subcontractor when evaluating the small business concern’s offer for a prime contract.
  • Once implemented, a prime contractor will be required to provide a small business first tier subcontractor a “record of past performance” upon request by the small business.

Section 869: Extension of Participation in 8(a) Program

  • Allows small businesses participating in the section 8(a) business development program (on or before September 9, 2020) to extend their participation in the 8(a) program for an additional year.

Bid Protests

Section 886: Repeal of Pilot Program on Payment of Costs for Denied Government Accountability Office Bid Protests

  • Repeals the pilot program established in the FY 2018 NDAA that explored the effectiveness of requiring contractors with revenues in excess of $250 million to reimburse DoD for costs incurred in defending against bid protests denied by GAO.

Contract Types / Other Matters

Sec. 888: Revision to Requirement to Use Firm Fixed-Price Contracts for Foreign Military Sales (FMS)

  • Repeals default requirement for firm fixed-price contracts for FMS sales established by FY 2017 NDAA.

Sec. 890: Identification of Certain Contracts Relating to Construction or Maintenance of a Border Wall

  • Requires disclosure of any contracts (including task orders) more than $7 million relating to construction or maintenance of the US / Mexico border wall.

Section 891: Waivers of Certain Conditions for Progress Payments Under Certain Contracts During the COVID-19 National Emergency

  • To support increased cash flow, DoD may temporarily increase the progress payment rate for undefinitized contract actions during the COVID-19 national emergency.
  • Institutes conditions to the waiver pertaining to companies’ receipt of progress payments under contracts.
  • Directs a report by September 30, 2021 on how increasing rate of progress payments from 80 percent to 95 percent has benefitted subcontractors and suppliers.

Related Locations

© 2026 Jenner & Block LLP. Attorney Advertising. Jenner & Block LLP is an Illinois Limited Liability Partnership including professional corporations. This publication, presentation, or event is not intended to provide legal advice but to provide information on legal matters and/or firm news of interest to our clients and colleagues. Readers or attendees should seek specific legal advice before taking any action with respect to matters mentioned in this publication or at this event. The attorney responsible for this communication is Brent E. Kidwell, Jenner & Block LLP, 353 N. Clark Street, Chicago, IL 60654-3456. Prior results do not guarantee a similar outcome. Jenner & Block London LLP, an affiliate of Jenner & Block LLP, is a limited liability partnership established under the laws of the State of Delaware, USA and is authorised and regulated by the Solicitors Regulation Authority with SRA number 615729. Information regarding the data we collect and the rights you have over your data can be found in our Privacy Notice. For further inquiries, please contact dataprotection@jenner.com.

Client Alert: Key Developments in the FY 2021 National Defense Authorization Act

Jenner & Block’s Government Contracts and Grants Practice is pleased to highlight key components of the William M. (Mac) Thornberry National Defense Authorization Act (NDAA) for Fiscal Year 2021 (FY 21). This annual legislation—filled with thousands of provisions—provides a roadmap of acquisition policies that will drive future regulatory changes for government contractors of all types, sizes, and customer bases. 

Perennial topics, including cybersecurity, foreign influence, domestic sourcing, data rights, Other Transaction Authority (OTA), commercial item contracting, ethics, and small business participation continue to dominate. Joining these subjects are newer topics, including expediting US Space Force acquisition.

We highlight some of the key developments and offer guidance on what contractors should anticipate in the coming months and years. We will be closely tracking the reports to Congress and anticipated regulatory changes. Should you have questions on these or any other NDAA developments, we welcome your outreach.

Cybersecurity / IT Development

Perhaps more than any other subject area, the NDAA contains a vast number of cybersecurity provisions. The legislation adopts numerous recommendations from the reauthorized Cyberspace Solarium Commission, which described the FY 21 NDAA as “the most comprehensive and forward-looking piece of national cybersecurity legislation in the nation’s history.” Key recommendations include developing cyber leadership roles reporting to the White House and better coordination of cybersecurity between federal, state, the private sector, and international stakeholders. Below we highlight other cyber provisions of interest.

Sec. 835: Balancing Security and Innovation in Software Development and Acquisition

  • Directs DoD to create a “software pathway” to allow software to be delivered in a timely and secure manner.

Sec. 837: Safeguarding Defense-Sensitive United States Intellectual Property, Technology, and Other Data and Information

  • Requires DoD to establish, enforce, and track actions to protect defense-sensitive US intellectual property, including hardware and software, from acquisition by China.
  • Requires DoD to generate a list of critical national security technology and provide for mechanisms to restrict employees or former employees of the defense industrial base from working directly for companies owned or directed by China.

Section 1712: Modification of Requirements Relating to the Strategic Cybersecurity Program and the Evaluation of Cyber Vulnerability of Major Weapons Systems of the Department of Defense (DoD)

  • Requires DoD to develop a plan for each major weapon system to undergo an annual cyber-vulnerabilities assessment and to share lessons learned and best practices from the annual assessment of cyber resiliency of nuclear command and control system.

Section 1716: Subpoena Authority

  • Authorizes DHS’s Cybersecurity and Infrastructure Security Agency (CISA) to issue administrative subpoenas upon detection of security vulnerabilities and to notify public and private system owners.

Section 1722: Assessing Risk to National Security of Quantum Computing

  • Requires DoD to complete an assessment of the current and potential threats and risks posed by quantum computing technologies to critical national security systems, including an assessment of NIST standards.

Section 9005: Government Accountability Office (GAO) Study of Cybersecurity Insurance 

  • Requires GAO to study methods to improve the market for cybersecurity insurance.

Foreign Influence

Sec. 819: Modifications to Mitigating Risks Related to Foreign Ownership, Control, or Influence (FOCI) of Department of Defense Contractors and Subcontractors

  • Adjusts the analytical framework to mitigate FOCI by adding an additional proactive, government-driven assessment.
  • Requires reports and examinations on a “periodic basis” of covered contractors or subcontractors to assess compliance with FOCI reporting and mitigation obligations.

Domestic Sourcing of Strategic and Critical Materials

Sec. 848: Supply of Strategic and Critical Materials for the Department of Defense

  • Requires, to maximum extent practicable, acquisition of strategic and critical materials from US sources, then from sources within the national technology and industrial base, then other sources.

Sec. 849: Analyses of Certain Activities for Action to Address Sourcing and Industrial Capacity

  • Requires DoD to assess national security industry sectors, including microelectronics and pharmaceutical ingredients, to determine how to increase domestic industrial capacity.
  • Contractors can expect DoD to explore ways to entice critical technology industries to move production to the United States, with recommendations likely in future NDAAs.

Sec. 851: Report on Strategic and Critical Materials

  • Directs DoD to issue a report on supply chain vulnerabilities related to the acquisition of rare earth minerals and metals.

Sec. 852: Report on Aluminum Refining, Processing, and Manufacturing

  • Rejects a proposal for required domestic sourcing of aluminum.
  • Requires DoD to report to Congress on how to increase incentives for domestic aluminum production.

Data Rights 

Sec. 804: Implementation of Modular Open Systems Approaches

  • Increases emphasis on modular open systems for weapons systems, including for cybersecurity systems, to more easily enable competition for upgrades and sustainment.
  • Continues DoD’s interest in obtaining data rights that will facilitate the replacement, enhancement, and maintainence of parts over the life cycle of products and systems.

Space Force

Sec. 807: Space System Acquisition and the Adaptive Acquisition Framework

  • Describes, in detail, expedited acquisition processes and responsibilities affecting major defense acquisition programs for the United States Space Force.
  • Sets goal of quickly and effectively acquiring end-to-end space warfighting capabilities to address requirements of national defense strategy.

Other Transaction Authority

Sec. 831: Contract Authority for Development and Demonstration of Initial or Additional Prototype Units

  • Directs DoD to assess authorities designed to streamline the process for moving prototype technologies into production under the same contract as the technology is matured.
  • Requires DoD to issue a report on this topic by March 31, 2021, potentially enabling regulatory action later this year depending upon that report’s findings.

Sec. 833: Listing of Other Transaction Authority Consortia

  • Ensures greater scrutiny of OTAs issued by consortia.
  • Requires a report to Congress by December 1, 2021 that assesses:
    • The number and dollar value of other transaction awards through consortia;
    • The benefits and challenges of using consortia;
    • A comparison of DoD’s use of consortia compared to other Federal agencies; and
    • Any other matters the Comptroller General determines to be appropriate.

Contractor Business Systems 

Sec. 806: Definition of Material Weakness for Contractor Business Systems

  • Revises and defines terminology for the evaluation of contractor business systems to better align with generally accepted auditing standards.
  • “Significant deficiencies” will be deemed “material weaknesses,” and defined as one or more deficiencies that causes a reasonable possibility of material misstatement.
  • “Reasonable possibility” will mean “probable” or “more than remote but less than likely.”

Commercial Contracting

Sec. 816: Documentation Pertaining to Commercial Item Determinations

  • Ensures better documentation of prior commercial item determinations, which may be relied upon for future contracts.
  • Allows the contracting officer to request assistance in commercial determinations, including from DoD’s Commercial Items Group within DCMA, and requires the contracting officer to document determinations.

Ethics Provisions

Sec. 883: Prohibition on Awarding of Contracts to Contractors that Require Nondisclosure Agreements Relating to Waste, Fraud, or Abuse

  • Requires representations that nondisclosure agreements relating to fraud, waste, and abuse are not used.
  • Similar to FAR 52.203-19, prohibits award of contracts to contractors that require such agreements.

Sec. 885: Disclosure of Beneficial Owners in Database for Federal Agency Contract and Grant Officers

  • Requires disclosure of beneficial ownership of contractors and grant recipients.

Small Business 

Sec. 815: Prompt Payment of Contractors 

  • Strengthens DoD’s goal to pay small business contractors within 15 days of receipt of an invoice.
  • Intends to improve small businesses' ability to continue to do business in the federal marketplace, especially during economic downturns.

Sec. 862: Transfer of Verification of Small Business Concerns Owned and Controlled by Veterans or Service-Disabled Veterans to the Small Business Administration (SBA)

  • Transfers the function of certifying Service Disabled Veteran Owned Small Businesses (SDVOSBs) and Veteran Owned Small Businesses (VOSBs) from the Department of Veterans Affairs to the SBA.
  • Phases out self-certification of SDVOSBs.
  • Seeks to harmonize within 2 years the SDVOSB and VOSB contracting programs with other small business contracting programs administered by SBA.

Section 863: Employment Size Standard Requirements for Small Business Concerns

  • Extends from 12 months to 24 months the time period to which an agency must refer when categorizing a manufacturer as a small business based on its average employment.

Section 868: Past Performance Ratings of Certain Small Business Concerns

  • Requires contracting officers to consider a small business concern’s past performance in a joint venture or as a first-tier subcontractor when evaluating the small business concern’s offer for a prime contract.
  • Once implemented, a prime contractor will be required to provide a small business first tier subcontractor a “record of past performance” upon request by the small business.

Section 869: Extension of Participation in 8(a) Program

  • Allows small businesses participating in the section 8(a) business development program (on or before September 9, 2020) to extend their participation in the 8(a) program for an additional year.

Bid Protests

Section 886: Repeal of Pilot Program on Payment of Costs for Denied Government Accountability Office Bid Protests

  • Repeals the pilot program established in the FY 2018 NDAA that explored the effectiveness of requiring contractors with revenues in excess of $250 million to reimburse DoD for costs incurred in defending against bid protests denied by GAO.

Contract Types / Other Matters

Sec. 888: Revision to Requirement to Use Firm Fixed-Price Contracts for Foreign Military Sales (FMS)

  • Repeals default requirement for firm fixed-price contracts for FMS sales established by FY 2017 NDAA.

Sec. 890: Identification of Certain Contracts Relating to Construction or Maintenance of a Border Wall

  • Requires disclosure of any contracts (including task orders) more than $7 million relating to construction or maintenance of the US / Mexico border wall.

Section 891: Waivers of Certain Conditions for Progress Payments Under Certain Contracts During the COVID-19 National Emergency

  • To support increased cash flow, DoD may temporarily increase the progress payment rate for undefinitized contract actions during the COVID-19 national emergency.
  • Institutes conditions to the waiver pertaining to companies’ receipt of progress payments under contracts.
  • Directs a report by September 30, 2021 on how increasing rate of progress payments from 80 percent to 95 percent has benefitted subcontractors and suppliers.

Related Locations

© 2026 Jenner & Block LLP. Attorney Advertising. Jenner & Block LLP is an Illinois Limited Liability Partnership including professional corporations. This publication, presentation, or event is not intended to provide legal advice but to provide information on legal matters and/or firm news of interest to our clients and colleagues. Readers or attendees should seek specific legal advice before taking any action with respect to matters mentioned in this publication or at this event. The attorney responsible for this communication is Brent E. Kidwell, Jenner & Block LLP, 353 N. Clark Street, Chicago, IL 60654-3456. Prior results do not guarantee a similar outcome. Jenner & Block London LLP, an affiliate of Jenner & Block LLP, is a limited liability partnership established under the laws of the State of Delaware, USA and is authorised and regulated by the Solicitors Regulation Authority with SRA number 615729. Information regarding the data we collect and the rights you have over your data can be found in our Privacy Notice. For further inquiries, please contact dataprotection@jenner.com.

News and Insights

Podcasts

Partner Laurel Loomis Rimon Discusses Fintech Enforcement, Debanking, and Regulatory Risk on Fintech Layer Cake Podcast

Partner Laurel Loomis Rimon was featured on the Fintech Layer Cake podcast, where she discussed how fintech enforcement and prosecution actually work in practice, and what exposes fintechs and banks to regulatory risk.

July 15, 2026

Publications

Supreme Court Clarifies Scope of Private Rights of Action Under the Investment Company Act, Private Equity Law Report

Partners Charles Riely, Todd C. Toral, and Martin Glass authored a guest article for Private Equity Law Report examining the US Supreme Court's June 11, 2026, ruling on the scope of private rights of action under the Investment Company Act of 1940.

July 14, 2026

Publications

Emily Loeb Discusses Congressional Oversight Preparedness in Bloomberg Law

Partner Emily Loeb, co-chair of Jenner & Block's Congressional Investigations Practice, spoke with Bloomberg Law article about how companies can prepare for potential oversight exposure ahead of this fall's midterm elections.

July 7, 2026

Publications

In New York Law Journal, The True Lender Doctrine and the OppFi Decision

Partners Jeremy Creelan, Michael Ross, Megan Poetzel, and Laurel Loomis Rimon, and Associate Molly Oberstein-Allen authored an article for the New York Law Journal examining the "True Lender" doctrine in light of a May 2026 California decision that provides the most detailed judicial framework to date for evaluating bank-nonbank lending partnerships.

July 1, 2026

Event

Partner Michael Vernick to Speak at NACUA's 2026 Annual Conference

On July 1, Partner Michael Vernick will speak on a panel at the National Association of College and University Attorneys (NACUA) 2026 Annual Conference in Nashville.

July 1, 2026