In May of 2023, Ms. Jamie Brabston, Director and Legal Counsel at Redstone GCI, wrote an article addressing the Federal Acquisition Regulations (FAR) requirements expected of contractors receiving contracts for supplies and services from the federal government. These requirements are implemented through FAR 52.203-13, Contractor Code of Business Ethics and Conduct, which is included in contracts and subcontracts expected to exceed $6M, and the period of performance is 120 days or longer.
What About Grants and Cooperative Agreements?
Grants and cooperative agreements have similar requirements, but not all are included in a single contract clause. Key requirements include:
- 2 CFR § 200.112 Conflict of interest, requires each federal agency to establish a conflict of interest policy for its federal awards (i.e., grants and cooperative agreements).
- 2 CFR § 200.113 Mandatory disclosures, requires all recipients and subrecipients of federal awards to promptly disclose whenever there is credible evidence of the commission of a violation of federal criminal law involving fraud, conflict of interest, bribery, or gratuity violations found in Title 18 of the United States Code or a violation of the civil False Claims Act.
- 2 CFR § 200.303 Internal controls, requires all recipients and subrecipients to establish, document, and maintain effective internal controls over their federal awards.
Additionally, each federal agency has its own requirements within Title 2 Subtitle B or on its agency website to implement a requirement for a Code of Business Ethics and Conduct. 2 CFR 200 does not set a threshold or value at which these requirements are required.
Whistleblower Protections Are Not Optional
Under both FAR-based contracts and grants and cooperative agreements, there is a requirement to notify and protect whistleblowers. 2 CFR 200.217 Whistleblower protections, addresses this requirement for grants and cooperative agreements, while the FAR covers this using FAR 52.203-17 Contractor Employee Whistleblower Rights. Read more in our article, “DPC Issues Guidance to DoD for Lack of Verifying Contractor Compliance with Whistleblower Protection Requirements.”
We believe following the requirements set forth in FAR 52.203-13 should address the expectations under both the FAR (i.e., contracts for supplies and services) and 2 CFR 200 (i.e., grants and cooperative agreements). Just remember that, under a grant or cooperative agreement, the requirement is in effect from the first award, regardless of the value or period of performance.
Why Is This Important Right Now?
Now that we have you convinced that you have a requirement, why are we bringing this up? Well, dare we say DOGE (i.e., Department of Government Efficiency), the nice (we understand everyone has their own opinion on this adjective in relation to DOGE) young people are looking to ferret out fraud, waste, and abuse. While the current focus is on federal agencies, all things roll downhill, and industry is likely at the bottom of the hill.
The DOJ Is Raising the Stakes
Yes, we saved the best for last. The Department of Justice (DOJ) is on a full-court press to address white-collar crime. In a May 12, 2025 speech, Mr. Matthew R. Galeotti, Head of the DOJ Criminal Division, stated:
“[T]he primary message I want you to take back to your companies about the new [Corporate Enforcement and Voluntary Self-Disclosure Policy] [is that] [s]elf-disclosure is key to receiving the most generous benefits the Criminal Division can offer. Why? Because coming forward and being transparent allows the Department to devote its resources to investigating and prosecuting individual wrongdoers and the most egregious criminal schemes. Companies can avoid what we have all seen in the past: burdensome, years-long investigations that inevitably end in a resolution process in which the company feels it must accept the fate the Department has ultimately decided.”
Now Is the Time to Assess Your Ethics Program
We recommend all contractors and organizations (i.e., for-profit and non-profit) have an assessment of their business ethics awareness and compliance program performed sooner rather than later. The assessment should address the following:
- Written code of business ethics and conduct;
- Employee awareness and understanding of the code;
- Due diligence to prevent and detect criminal conduct;
- Culture that encourages ethical conduct and a commitment to compliance (Tone from the Top);
- Disclosure policies and procedures, including documentation;
- Communication of your expectations, standards, and code (Training);
- Ensuring your internal controls are functioning;
- Internal reporting (Hotline);
- Investigation process;
- Actions taken when misconduct is found;
- Full cooperation with the government;
- Subcontractor risk; and
- Whistleblower protection and notification.
Support for Strengthening Your Ethics and Compliance Program
Redstone GCI’s team of experts work with government contractors to help them understand and meet government ethics and compliance requirements. Our team provides third-party assessments of business ethics awareness and compliance programs to identify gaps and support alignment with your contract or grant requirements and DOJ expectations. These reviews are led by our in-house Legal Counsel and supported by Directors with extensive DCAA and corporate compliance backgrounds. Whether you’re addressing new requirements, preparing for an audit, or simply looking to validate your current practices, we can help you take a proactive approach to reduce risk and support accountability across your organization.
