HR-7274-119
Ordered to be Reported (Amended) by the Yeas and Nays: 40 - 1.
Sponsored by William Timmons (R-SC)
What it does
This bill would restructure the Federal Acquisition Security Council (FASC), the interagency body that identifies and removes technology products from foreign adversaries in federal government systems. It would create two tiers of exclusion orders — "recommended orders" (discretionary) and "designated orders" (mandatory, triggered when Congress specifically labels a vendor a "covered source of concern") — and establish a dedicated Program Office within the Executive Office of the President to support the Council. Agencies would be required to comply with exclusion and removal orders within defined timelines, with limited waiver authority for national security purposes.
Who benefits
Federal agencies that gain clearer legal authority and faster timelines for removing risky technology. Domestic and allied-nation technology vendors who compete against foreign-adversary suppliers and would gain a more level playing field in federal contracting. Cybersecurity and national security professionals who would have a more structured process. Taxpayers and the general public who benefit from reduced risk of foreign espionage or sabotage in government systems. Congress, which gains mandatory reporting and annual briefings on security risks.
Who is hurt
Foreign technology vendors — particularly those from countries designated as foreign adversaries (China, Russia, Iran, North Korea, Cuba, Venezuela) — who would face mandatory exclusion from federal contracts. U.S. companies that use foreign-adversary components in their supply chains and contract with the federal government, who may face "second-order" exclusion orders. Small and mid-size contractors with complex global supply chains who may face compliance costs. Agencies that currently rely on affected products and would need to find and fund replacements. Companies subject to pre-order proceedings would have their information shielded from FOIA disclosure, limiting public transparency.
Supporters argue
Supporters argue that the existing FASC framework lacks the speed and mandatory force needed to address documented threats from foreign-adversary technology in federal systems — pointing to incidents like the SolarWinds breach and ongoing concerns about Chinese-manufactured networking equipment. They contend that creating a mandatory "designated order" track for congressionally identified vendors eliminates bureaucratic delays that have allowed risky products to remain in government systems for years, and that the new Program Office provides the dedicated analytical capacity the Council has lacked since its creation in 2018.
Opponents argue
Opponents argue that the bill's "covered source of concern" designation — which triggers mandatory exclusion orders — concentrates significant economic and contracting power in Congress and the Executive with limited judicial recourse, since the bill preserves language making certain Council determinations unreviewable. They contend that the 270-day mandatory order timeline and second-order supply chain exclusions could sweep in U.S. companies with incidental foreign-adversary component exposure, disrupting federal procurement and raising due process concerns under the Fifth Amendment for vendors who may not receive adequate notice or opportunity to respond before being barred from government contracts.
Constitutional context
The bill's exclusion orders affect federal contracting, which falls squarely within Congress's authority under the Commerce Clause and its power over federal spending. However, the bill's provision making certain Council determinations "sole and unreviewable" may face scrutiny under post-Loper Bright independent judicial review standards, and the mandatory exclusion of named vendors without individualized adjudication could raise Due Process Clause (5th Amendment) questions about whether affected companies receive adequate procedural protections before being barred from federal contracts.
Checks and balances
The Executive branch — specifically the FASC within the Executive Office of the President — gains expanded authority to issue binding exclusion orders; checks include mandatory congressional reporting, waiver notification requirements, judicial review procedures under 41 U.S.C. § 1327, and the requirement that Congress itself must designate "covered sources of concern" by statute before mandatory orders are triggered.
Historical precedent
The original FASC was established by the Federal Acquisition Supply Chain Security Act of 2018 (part of the FY2019 NDAA); separately, Section 889 of the FY2019 NDAA banned Huawei and ZTE equipment from federal procurement, providing a direct model for the "covered source of concern" designation mechanism this bill formalizes.