Dear Members & Colleagues:

Data sharing. It's a key element behind what we do at ERAI. ERAI relies on information provided by Members and non-Members alike and, in turn, it is our duty to share not just data, but lessons learned, best practices and strategies in our quest to control the flow of counterfeit products and illicit business practices throughout the electronics supply chain.

This quarter we would like to introduce our first guest contributor, Robert Metzger, Managing Partner of the D.C. office of Rogers Joseph O'Donnell, PC, a boutique law firm that has specialized in government contracting for 33 years. Bob's article discusses the shortfalls contained in the new DFARS regulation and provides examples of further clarifications that need to be made in order to provide more effective requirements and guidelines for government suppliers.

I would also like to thank you for all of the positive feedback we received on our first issue. We continuously seek to engage industry colleagues to share their expertise and experiences. Contributions from Members and non-Members alike that address topics relevant to any organization involved in the purchase, sale, inspection or use of electronic parts are welcome. Each edition of our newsletter will align with ERAI's core mission which is to provide tools and information that can be used to reduce risk and help our Members make the most informed business decisions possible. We request that you refrain from submitting promotional materials or marketing pieces that are better suited for other publications.

Industry-wide cooperation is key to stemming the flow of counterfeit parts.

If you are interested in submitting content to INSIGHT, please email me at anne@erai.com with a brief outline or summary of your article. If the article is determined to be appropriate content, you will be asked to submit a draft of the article by a specific deadline.


Anne-Liese Heinichen

Prosecuting Peter Picone – What Resellers NEED to know
Kristal Snider & Mary Dunham, ERAI

On April 24, 2012 federal agents searched the office of Epic International Electronics, Inc., a home based business owned and operated by Peter and Lisa Picone. At the time the U.S. Department of Defense Criminal Investigative Services (DCIS) would only confirm the search was the result of an "active investigation". Fourteen months later, on June 25, 2013, Peter Picone was formally charged in an eightcount indictment with conspiring to traffic in counterfeit goods, conspiring to traffic in counterfeit military goods, trafficking in counterfeit goods, conspiring to commit wire fraud, wire fraud and conspiring to commit money laundering. All charges were the direct result of importing counterfeit semiconductors from China for resale in the United States while doing business as Epic International and previously as Tytronix, Inc. On June 3, 2014 Picone pled guilty to a single count of conspiracy to traffic in counterfeit military goods. He will be sentenced to a federal penitentiary in August. This is only the second prosecution on the relatively new charge of trafficking in counterfeit military goods, a federal crime enacted as part of the National Defense Authorization Act of 2011.

Integrated circuits (ICs) intended for use in a radio-transmitting test set and an alarm panel of an active-duty nuclear submarine were supplied by Picone after an employee of Epic assured its customer, "we take the best steps possible to avoid junk getting into the market, especially military." Virtually all of the parts being purchased by Picone originated from unauthorized Chinese sources.

Picone is part of a growing list of distributors being successfully prosecuted for sourcing ICs in China's dangerous, counterfeit filled open market. These suppliers all have one thing in common: they misrepresented and/or concealed the origin and true condition of the goods they were selling. "Many of Picone's customers specified in their orders that they would not accept anything but new (integrated circuits) that were not from China, but Picone told them that the ICs were new and manufactured in Europe," according to a case summary prepared by U.S. prosecutors.

In addition to familiarizing your organization with Title 18, United States Code, Section 2320 (trafficking in counterfeit goods or services), resellers should also look closely at the False Statements Accountability Act of 1996.

False Statements Accountability Act of 1996

There is no such thing as a "little white lie" when it comes to today's high stakes supply chain. If the parts are being sourced in China, disclose it. If the parts are coming from the open market, disclose it. If the parts' supply chain traceability has been broken and thus risk is introduced, disclose it. Failure to do so could result in serious legal repercussions.
"Counterfeit semiconductors pose a serious health and safety risk to consumers and end-users, and an even greater threat to the safety of the men and women of our armed services when they are sold for use in the military," said Acting U.S. Attorney Daly. "We will prosecute these types of cases to the fullest extent of the law."

Acting U.S. Attorney for the District of Connecticut Deirdre M. Daly

"Picone went to great lengths to conceal the true origin of counterfeit semiconductors in order to sell the devices as seemingly legitimate and reliable components for use in nuclear submarines and other complex machinery."

Acting Assistant Attorney General Mythili Raman

The False Statements Accountability Act of 1996 states:
  1. Except as otherwise provided in this section, whoever, in any matter within the jurisdiction of the executive, legislative, or judicial branch of the Government of the United States, knowingly and willfully
    1. falsifies, conceals, or covers up by any trick, scheme, or device a material fact;
    2. makes any materially false, fictitious, or fraudulent statement or representation; or
    3. makes or uses any false writing or document knowing the same to contain any materially false, fictitious, or fraudulent statement or entry; shall be fined under this title or imprisoned not more than 5 years, or both.
Historically speaking, this statute has been used in cases involving perjury, false declarations, obstruction of justice and government fraud cases. Recently, however, it is being used when prosecuting trafficking in counterfeit goods cases, particularly if the origin of goods has been misrepresented.

A sales person falsely representing goods as OEM excess or erroneously claiming full supply chain traceability can be supplied upon request are examples that may fall under this Act. According to Keith Gregory, partner with Snell & Wilmer, "the word ‘whoever' in the statute permits the Federal Government to prosecute not only the salesperson who made the false representation, but also the principals of the company for whom the salesperson is employed pursuant to a criminal count alleging conspiracy."

In order for an action to be deemed criminal under 18 USC § 1001, it must be shown that the act or statement was material, was within the jurisdiction of a department or agency of the United States and was done knowingly and willfully.

"By allegedly purchasing and reselling counterfeit semiconductors for military applications, Peter Picone put personal gain above the safety and well-being of dedicated U.S. servicemen and women,"

Acting Assistant Attorney General Mythili Raman
When establishing whether the false statement is material, it is only necessary to prove that the statement has the capacity to influence a decision. One test that is commonly used can be found in United States v. Weistock, 231 F.2d 699, 701 (D.C. Cir. 1956):

"Material" when used in respect to evidence is often confused with "relevant", but the two terms have wholly different means. To be "relevant" means to relate to the issue. To be "material" means to have probative weight, i.e., reasonably likely to influence the tribunal in making a determination required to be made. A statement may be relevant but not material.

Many times a defense is raised that the alleged act or activity has no relation to the federal government so there is no federal jurisdiction. Be aware that the courts have construed this portion of the statute very broadly. The false statement does not have to be made to the government or a government representative as long as it is "within the jurisdiction" of the government. Counterfeiting falls within this jurisdiction.

Under 18 USC § 1001, the false statement, concealment or cover up must be "knowingly and willfully" done. The courts defined this concept in United States v. Lichenstein, 6510 F.2d. 1272, 1272-77 (5th Cir.):
"The failure of a single electronic component could leave our military vulnerable."

Craig Rupert, Special Agent in Charge of the Northeast Field Office of the Defense Criminal Investigative Service

"The statement must have been made with an intent to deceive, a design to induce belief in the falsity or to mislead, but § 1001 does not require an intent to defraud – that is, the intent to deprive someone of something by means of deceit."

The courts have held that if a defendant can learn whether their statement is true or not, lack of knowledge is not a viable defense. According to the courts, "willfully" means that the act was done deliberately and with knowledge. No evil intent needs to be proven.

It is important to note that false statements that can be prosecuted under this statute may be made directly to a federal agency, to a private person or institution which implements federal programs and in business records that may be subject to federal government inspection. All that is necessary to establish jurisdiction is that the false statement touch on a federal interest.

To avoid any chance of being subjected to the False Statements Accountability Act, when quoting your customers, keep it simple and honest and do not make claims that cannot be substantiated.


Indictment: 6-25-2013 – United States v. Peter Picone
Press Release: 7-15-2013 – Department of Justice Press Release - "Massachusetts Man Charged with Selling Counterfeit Semiconductors Intended for Use on Nuclear Submarines"
Plea Agreement: 6-3-2014 – United States v. Peter Picone
Title 18 – § 2320. Trafficking in counterfeit goods or services:

Conspiracy to Traffic in Counterfeit Military Goods
COUNT TWO (Conspiracy to Traffic in Counterfeit Military Goods)

"From in or about January 2012 through in or about April 2012, in the District of Connecticut and elsewhere, defendant PETER PICONE, and others known and unknown to the grand jury, knowingly did conspire, combine, confederate, and agree with each other to commit an offense against the United States; to wit, intentionally to traffic and attempt to traffic in goods, knowing that such goods were counterfeit military goods, the use, malfunction, and failure of which were likely to cause serious bodily injury and death, the disclosure of classified information, impairment of combat operations, and other significant harm to a combat operation, a member of the Armed Forces, and to national security, in violation of Title 18, United States Code, Section 23209(a)(3). "

Articles You Can't Afford To Miss

ERAI Reported Parts Database Quarterly Report
Damir Akhoundov, ERAI, Inc.

In the last issue of INSIGHT, we began compiling detailed data from ERAI's High Risk Parts Database. Our new data structure now provides information on the types of parts being reported, the identification methods that were used to identify nonconformances and the specific types of nonconformances that were identified. This second quarter issue provides a side-by-side comparison of Q1 and Q2 reporting numbers.

The Reporting Trend

Reporting to ERAI continues on an overall upward trend in 2014. The total number of parts reported to ERAI in Q2 (315) increased 13% over Q1 (279).

Testing Data Comparison

Number of Tests Conducted

The number of tests/methods performed to detect a nonconformance showed a change from Q1 to Q2. The majority of parts (72%) reported to ERAI during Q2 underwent only one or two testing methods as opposed to 56% in Q1. It appears that once the initial nonconformance was detected using a visual inspection technique or marking permanency test, the parts are reported without further testing being conducted. Therefore, it is possible that in some cases, a part that is listed as nonconforming would be classified as suspect counterfeit, if additional testing was performed.

Only 28% of the parts reported to ERAI during Q2 underwent three or more tests versus 44% in Q1, reflecting a marked decline in the overall number of tests performed per reported part.

Testing Techniques Used

Q2 shows a continuation of the trend noted in Q1 where the majority of the parts reported to ERAI were identified using three main testing techniques:
  • Device Package External Visual Inspection
  • Lead External Visual Inspection
  • Remarking & Resurfacing Testing
These three test and inspection methods were responsible for the detection of twice as many nonconforming parts as the next eleven techniques combined.

Types of Parts Reported

This quarter we are looking at the types of electronic components that were reported to ERAI in Q1 and Q2 of 2014. The overall distribution of the types of components has been consistent between Q1 and Q2 with the majority of the parts reported to ERAI being active components. ICs as a whole account for an average of 81% of all parts reported year to date in 2014.

The top four specific types of active components comprising a significant majority of the parts are:
  • Memory IC
  • Analog IC
  • Microprocessor IC
  • Programmable Logic IC
These top four part types encompass 68% of all the parts reported in Q1 and 65% of parts reported during Q2.

As more data is accumulated throughout the following quarters and our sample size grows, we will provide you with further insight into the ERAI High Risk Parts Database. If you have any requests or recommendations for further data collection or analysis, please do not hesitate to contact me at damir@erai.com.

Making the Best of the Final DFARS re Counterfeit Parts
By Robert S. Metzger*

Finally, on May 6, 2014 the Department of Defense published a "final rule" to implement Section 818 of the FY 2012 National Defense Authorization Act. This new rule, issued as part of the Defense Acquisition Regulations Supplement (DFARS), is available at 79 Fed. Reg. 26092. Even though it took DoD 2-1/2 years to produce the regulations, the new DFARS deal with only a part of Section 818. Other rulemaking efforts are still underway. They will address critical unresolved questions, such as how to qualify suppliers who are not OEMS or authorized distributors. A proposed rule published on June 10, 2014 would expand contractor obligations to report on nonconforming material. DoD officials also have announced that they are drafting rules that will reach even more companies in the federal supply chain, going beyond electronic parts to address counterfeit material and mechanical items.

Waiting for the new DFARS has caused dread among some participants in DoD's supply chain. Higher tier companies worried that the rules would impose costly burdens and liabilities and foreclose their access to necessary out-of-production parts. Those DoD contractors subject to government oversight of "contractor business systems" also were concerned that a counterfeit "escape" would expose their Purchasing Systems to government disapproval, and potentially to reductions in payments. Middle tier companies were troubled that they would be subject to the new rules, where they sell directly to DoD, and also to risk-shifting compliance "flowdown" from their customers who are DoD primes. Companies in the middle tier have no assurance that their downstream supply chain would accept the same anti-counterfeit obligations (and potential liabilities) as may be applied to them. Commercial sources and suppliers of commercial-off-the-shelf (COTS) equipment viewed with great suspicion the prospect that customers who represent only a tiny fraction of their sales might hold them to obligations to meet specialized and costly DFARS requirements. Small businesses, though favored in many defense procurements, faced the uncertain prospect of having to create and maintain costly systems to detect and avoid counterfeit electronic parts. Especially vulnerable were those specialized supply chain participants who answer the continuing demand for out-of-production and obsolete parts. To this group, including stocking distributors, on-demand brokers, and others who use the Internet to match parts supply and demand, the new regulations are a potential threat to business viability because of preferences for purchases from "original" and therefore most trusted sources.

There was something to worry about for virtually every participant in the defense supply chain.

This is not to suggest that participants in the defense supply chain should question the public purpose. Counterfeits pose a very real threat, which runs the gamut from "fakes" created by criminals for their financial gain, to "taints" where adversaries covertly modify authentic parts to impair a military system or execute a cyber attack. Every responsible actor in the defense supply chain should be motivated to improve assurance in the authenticity of its products. Apart from rightly fulfilling customer expectations, anti-counterfeit practices reduce exposure to liability that can result if a counterfeit is delivered and fails. But federal regulations rarely recognize or accommodate the diversity of real world situations and circumstances. Prescriptive regulations could produce unintended and undesired consequences, increase the costs of defense articles, discourage participation in the defense supply base, and potentially disrupt on-going manufacture and sustainment of military systems.

The final DFARS is not so bad as some feared, but many aspects of its interpretation and application remain as yet unresolved. Some critical issues are essentially ignored, others deferred. The final regulations create new compliance and business risks, the nature of which depends upon where a particular company is placed in the supply chain. Much depends on how the Government will apply and enforce the rules.

At its core, there are several key features to the new DFARS:
  1. Contractors subject to the rule (the "covered contractors" – see below) must establish and maintain systems to detect and avoid counterfeit electronic parts. The adequacy of these systems will be measured against twelve criteria.
  2. An emphasis is placed upon practices that will improve the traceability of electronic parts so that customers are able to know a part's history and chain of custody.
  3. DoD will oversee and administer the contractor systems as part of "Contractor Purchasing System Reviews," part of the larger program to monitor "business systems" of larger suppliers.
  4. Contractors are strongly encouraged to use original sources (OEMs and OCMs), whenever possible, but are provided no guidance on how they should qualify other sources if needed parts are not available from the sources considered most trusted.
  5. Additional test and inspection is required for parts not from the most trusted sources, using "risk-based" methods, though factors and criteria for these methods are not well articulated.
  6. Companies must take care to identify both suspect and confirmed counterfeit electronic parts and to give notification when discovered.
  7. Costs of replacing counterfeits are unallowable for larger companies that do cost-based contracting with DoD.
  8. Suspect and confirmed counterfeit electronic parts must be quarantined and reported to appropriate authorities and measures must be taken to avoid their being returned into the supply chain.
  9. Companies are to improve training, make greater use of industry standards and keep informed on reported counterfeit incidents and on new counterfeiting information and trends.
  10. DoD contractors subject to the regulation are required to flow down counterfeit detection and avoidance requirements to all levels in the supply chain.
Four critical implementation issues arise from the new rules, as explained below.

Qualification of Additional Trusted Suppliers.

The continuing demand for electronic parts that are no longer available from the original sources creates a problem for contractors subject to the final DFARS. Many parts that are obsolete or no longer in production are available only from independent distributors that happen to hold such parts in inventory, or from brokers, who may find such parts in the open market.

Responding to demand for "legacy" parts has been an question since enactment of Section 818. The DFARS regulation was an important opportunity to clarify how DoD and its supply chain should deal with the conflict between statutory insistence upon parts with no counterfeit risk, on the one hand, and market requirements for these parts available only from sources with imperfect assurance, on the other. Unfortunately, the DFARS regulations do no more than acknowledge this critical subject:

Paragraph (c)(3)(A)(ii) of section 818 also permits the acquisition of electronic parts that are not in production or currently available in stock from trusted suppliers. Paragraphs (c)(3)(C) and (c)(3)(D) require DoD and contractors and subcontractors to establish procedures and criteria for the identification of such trusted suppliers. DoD contemplates further implementation with regard to identification of trusted suppliers under DFARS Case 2014–D005.

79 Fed. Reg. 26095. The rule-makers dropped the ball on this one. No one can deny the active market of demand and supply for parts that cannot be obtained from the "trusted suppliers" as preferred both by Section 818 and the DFARS regulation. All sectors of the supply chain remain unsure whether, in what circumstances, and with what controls they may acquire and use parts from sources, such as distributors or brokers, who are not the original sources.

Although DoD thus far has issued no guidance on this key point, careful analysis shows that the law can accommodate the use of such "additional" trusted suppliers. The plain words of the statute, at section 818(c)(3), provide that DoD contractors should "whenever possible" obtain electronic parts from original manufacturers and their authorized distributors. (Emphasis added.) This phrasing necessarily admits that it may not be possible in every situation to acquire parts from these preferred sources.

Section 818(c)(3)(B) requires DoD to "establish requirements for notification" and "inspection, testing and authentication" of electronic parts that are obtained from "any source other than" the preferred categories. Again, the phrasing recognizes that other sources may be utilized.

DoD should clarify its intentions and offer guidance here, because uncertainty presents a time-sensitive conundrum. Higher tier companies that sustain defense equipment need to purchase parts available only from distributors and brokers. They need to know what rules apply. For their part, distributors and brokers need guidance on what they can or must do to satisfy anti-counterfeit objectives.

In the author's judgment, DoD should confirm that contractors subject to the new DFARS may use their reasonable judgment (risk-informed as appropriate) and make their own decisions on notification, inspection, testing and authentication measures to qualify "additional" trusted suppliers. Where such practices are responsible, guided by industry standards, reflective of historical experience with parts and their suppliers, and documented, contractors should be able to qualify, purchase and use parts from "additional" trusted suppliers that are not OCMs or authorized distributors.

Treatment of Inventory

The focus of Section 818 is on future purchases of electronic parts and what measures might be taken to reduce supply chain vulnerability to counterfeits. Neither the statute nor the new DFARS rule say anything about inventory purchased before the new rules. But preliminary regulator Comments that were published along with the DFARS rule have created a major concern for industry.

Responding to a question regarding inventory, one Comment quotes § 818(c)(3)(A)(i) to remind contractors that they are to obtain parts, "whenever possible," that are currently in production or available in stock from the original manufacturer. 79 Fed. Reg. 26095. Another question prompted this answer in the Comments:

If the parts are already on the contractor's shelf or in inventory, and they were not procured in connection with a previous DoD contract, they will be subject to the same requirements, such as traceability and authentication.

79 Red. Reg. at 26099 (emphasis added). Many contractors purchase electronic parts in large quantities and keep them in inventory until required for production or maintenance. Millions of parts have been accumulated. It has not been the common practice to purchase electronic parts to a specific contract or for particular customers, excepting custom items and special parts such as those that are space-qualified. It will not be possible now to impose on parts already in inventory the DFARS' new requirements on "traceability" and "authentication." Retroactive application of these rules is impracticable. In most cases it will be impossible to show the "provenance" of inventory with the same level of data or documentation as will accompany future purchases of electronic parts. Nor is it practicable or affordable to perform tests for "authentication" of all the parts in inventory.

There will be severe and costly consequences unless the new DFARS is interpreted and applied to permit prudent use of accumulated inventory. Companies will be required to discard and replace inventory. Claims may be made against the Government for these costs. Some of the parts now in inventory will be obsolete or otherwise unavailable. That implies disruption to existing manufacturing and support commitments, and the real possibility that companies will be unable to perform existing contracts. What extends this scenario towards the absurd is that this waste – of millions of parts, worth millions of dollars – could occur without any evidence that any parts in inventory actually were flawed, faulty, "suspect" or "counterfeit."

Parts in the inventory of covered contractors should not be presumed to be counterfeit absent some "credible evidence" or, at least, fact-driven indicators or "red flags" to cause additional investigation. Contractors should be authorized to use a "risk-based approach" to assess where (if at all) their existing inventory may be vulnerable to counterfeit insertion, and to determine whether additional authentication or assurance measures are warranted.

The "Flowdown" Contradiction

All companies in the defense supply chain need to understand whether – and how – the new rules apply to them. The statutory source for the new DFARS was Section 818 of NDAA FY 2012. That statute governs only the approximately 1,200 DoD contractors (the "covered contractors") who are subject to full or partial coverage of the Cost Accounting Standards (CAS). By some accounts, there are about 23,000 other companies, not subject to CAS, who sell products to DoD. The new rules do not apply directly to any of these 23,000 companies or to any companies in their supply chain (unless they happen to be a covered company).

There can be no doubt, however, that DoD wants all its suppliers, and all their suppliers, to abide by the new rules. The final rule, at DFARS 252.246-7007(c)(9), requires:

(9) Flowdown of counterfeit detection and avoidance requirements, including applicable system criteria provided herein, to subcontractors at all levels in the supply chain that are responsible for buying or selling electronic parts or assemblies containing electronic parts, or for performing authentication testing.

Despite this demand, DoD knows it lacks the direct legal authority to compel this result. The strategy of DoD's new regulations is to require covered contractors to flow down the anti-counterfeiting requirements to "all levels in the supply chain," including companies responsible for "buying or selling electronic parts or assemblies containing electronic parts." The flowdown would reach commercial and COTS suppliers, and small businesses, regardless of whether they sell directly to DoD.

This is explained in the promulgation Comments:

However, all levels of the supply chain have the potential for introducing counterfeit or suspect-counterfeit electronic items into the end items contracted for under a CAS-covered prime contract. The prime contractor cannot bear all responsibility for preventing the introduction of counterfeit parts. By flowing down the prohibitions against counterfeit and suspect counterfeit electronic items and the requirements for systems to detect such parts to all subcontractors that provide electronic parts or assemblies containing electronic parts (without regard to CAS-coverage of the subcontractor), there will be checks instituted at multiple levels within the supply chain, reducing the opportunities for counterfeit parts to slip through into end items.

79 Fed. Reg. at 26009. The rule goes too far in reliance upon an idealized notion of how all tiers of the supply chain will work together. Critically, the rule presumes that covered contractors have sufficient market power to impose the flowdown upon commercial and COTS suppliers. There are many reasons to believe that they do not. Where defense markets are incidental to their business, commercial and COTS suppliers cannot be presumed to accept the costs, burdens and potential liabilities that accompany flowdown of the DFARS. In other cases, OEMs and OCMs will decline to employ DoD-specific anti-counterfeiting measures where they believe their proprietary techniques are superior. Thus, it is virtually guaranteed that flowdown will not occur as the rule-makers sought. Covered contractors, and those below in their supply chain, in many cases will not accept the contractual flowdown.

Even though it is true that risk of counterfeits exists at all tiers and among all classes of suppliers, at least to some degree, companies in the zone where the risk is least will have little incentive to accept the flowdown. DoD may be at greater risk should these suppliers refuse to sell to DoD's covered contractors or should production or support stop because covered contractors cannot get parts from sources willing to accept the flowdown.

By its terms, Section 818 binds only covered contractors subject to CAS, and so the Government can enforce the DFARS regulations only upon such CAS-covered contractors. The promulgation Comments actually confirm that Section 818 is "specifically limited to ‘covered contractors'" and allowed that the new rule "has limited application at the prime contract level (including implementation of paragraph (c)(3) of section 818 (Trusted Suppliers)) to CAS-covered contractors." 79 Fed. Reg. at 26098 (emphasis added). Thus, the mandatory flowdown, at best, presents a fundamental contradiction because the rule (a) applies only to CAS-covered contractors, but (b) requires flowdown across the entire breadth and depth of a supply chain that is not CAS-covered. It is impossible to reconcile and irresponsible to ignore this discrepancy, and the desired 100% flowdown will not be achievable in the marketplace.

Companies that are not CAS-covered become subject to Section 818 or the DFARS regulations only to the extent they accept the flow-down in a contract term from a covered contractor. It both unreasonable and unnecessary to expect that all companies in the defense supply chain will accept full flowdown. Companies should be encouraged to improve their anti-counterfeit practices, but not excluded from DoD's industrial base if they choose not to accept the full DFARS flowdown.

For the same reasons, the DFARS rule makes a serious error by putting covered contractors at risk for disapproval of their Purchasing System, or for some other form of non-compliance should their vendor base decline to accept the flow-down or insist upon different terms to vary the obligations and risks.

Surely DoD does not intend that its covered contractors will apply for waivers or other specific relief each time that a member of their supply chain refuses to accept the flowdown or negotiates a different deal. That result would be absurd and highly disruptive to the industrial base, to the system of defense supply and support and to contract administration. Accordingly, DoD must issue guidance to recognize that a contractor's system will not fail Contractor Purchasing System Review (CPSR) where contractors find they must continue to do business with suppliers who will not accept the flow-down or insist upon modified application.

Flexible Administration

A contractor's counterfeit parts prevention system must address twelve system criteria. DFARS 246.870-2(b)(1) - (12). For three of these – training, traceability and methodologies to identify suspect counterfeit electronic parts – the promulgation Comments expressly assert that the rule provides a contractor with "flexibility." See DFARS 246.870-2(b)(1), (b)(4) and (b)(7).
  • For training, the Comments state that "DoD is providing contractors with the flexibility to determine the appropriate type of training required for individual firms." 79 Fed. Reg. at 26097.
  • For traceability, the Comments advise that the rule "provides a contractor flexibility to utilize industry standards and best practices to achieve the required outcome." 79 Fed. Reg. at 26097.
  • Similarly, as concerns the methodologies to identify "suspect" parts, the Comments indicate that "the rule provides the contractor flexibility to employ a risk-based approach to tests and inspections." 79 Fed. Reg. at 26098).
By reference to flexibility for three system criteria, DoD recognizes that implementation of the rule must be context-driven because the universe of affected companies is so diverse. Industry wonders, however, whether flexibility also will govern oversight and administration of the nine other required system elements. Some of these appear relatively straightforward, but in actual implementation there will be great variety as covered contractors seek to adapt the rule to their business. The nine other categories – where flexibility also is needed – are inspection and testing of electronic parts (#2), processes to abolish counterfeit parts proliferation (# 3), use of suppliers that are the original manufacturer (#5), reporting and quarantining (#6), design, operation and maintenance of systems to detect and avoid counterfeit electronic parts (#8), flowdown (#9), keeping informed of information and trends (#10), screening GIDEP reports and other sources (#11), and control over obsolete parts (#12).

Oversight authorities, principally DCMA, should refrain from any attempt to prescribe "one size fits all" solutions for any of these. Contractors should be encouraged to demonstrate how they answer the demands of the law and the new DFARS and why their solutions are reasonable in light of their business requirements and the risk relevant to their sources of supply and their products. DCMA should strive to share what it learns of best practices and decisions it makes on implementation. DCMA also should be careful to recognize, especially for larger contractors, the importance of consistency in administration across business units and over time.

DCMA should always be heedful of the tension between the costs of compliance, the disruption to sources of supply and sustainment, and the actual benefits realized in avoidance of counterfeit electronic parts. While all responsible parties seek to reduce the exposure of the defense supply chain to counterfeit electronic parts, that does not mean that companies can be held to impossible standards, impracticable practices or unaffordable costs.

Robert S. Metzger is a shareholder with the law firm of Rogers Joseph O'Donnell and is the Managing Partner of its office in Washington, D.C., a Vice-Chair of TechAmerica's Supply Chain Assurance Subcommittee and a widely published and cited author on counterfeit parts avoidance and related cyber security matters. He can be reached at rmetzger@rjo.com or by phone at (202) 777-8951.

White Paper Reviews

Winning the Battle Against Counterfeit Semiconductor Products by the World Semiconductor Council

Why you should read it: Gain a perspective on how to stop counterfeit semiconductors through the purchase of parts from authorized distribution as proposed by the World Semiconductor Council.

ERAI Insight: This paper begins with a concise background on counterfeit semiconductors and the semiconductor industry. After describing how counterfeits are harmful, a description of semiconductor manufacturing is provided. This background is helpful in understanding how counterfeit semiconductors can cause failures on boards and in final products. The paper concludes that counterfeit parts can be avoided by procuring legacy components from authorized sources and from aftermarket manufacturers that are authorized by the OCMs to manufacture obsolete parts.
Collaborating Across the Supply Chain to Address Taint and Counterfeit by Dan Reddy

Why you should read it: Read why collaboration and standardization throughout the entire supply chain is critical to guard against cybersecurity threats posed by counterfeit parts and malicious code.

ERAI Insight: In order to provide authenticity, integrity and security in a product offering, all suppliers must apply the right controls to prevent taint and product failures caused by malicious code, poor quality and counterfeit components. Since all suppliers depend on each other, each must apply best practices to achieve accountability throughout the supply chain. This is facilitated through the use of industry standards that each supplier can be evaluated against in order to ensure consistency. An example of a standard is the Open Group's Open Trusted Technology Provider Standard (OTTPS) which provides for evaluation by third party assessors, offering a baseline and reportable measure on how products are developed and engineered and risks for tainted and counterfeit goods are addressed.
DFARS Case 2012-D055, Public Meeting – Detection & Avoidance of Counterfeit Electronic Parts – Further Implementation [Comments] by Robert S. Metzger

Why you should read it: Read a legal perspective on primary and secondary sources of supply and supplier selection as proposed by Section 818 of the FY 2012 National Defense Authorization Act.

ERAI Insight: Mr. Metzger provides commentary regarding DFARS Case 2012-D055 and its identification of the term "trusted supplier". Mounting frustration is prevalent throughout the industry due to the delay of the proposed DFARS addressing Section 818. Given his assumption that the DFARS will only cover entities subject to the Cost Accounting Standards, Mr. Metzger questions how the DoD can impose that primary suppliers procure largely from authorized or original sources when the current emphasis is on procuring low-cost electronic components, rendering this a difficult and sometimes impossible task. Turning to a secondary source is many times the solution for obsolete products. Section 818 states that "trusted suppliers" should be used; however, there is a clear lack of definition of what qualifications are required for an entity to be "trusted". The DoD will need to mandate in these cases the requirements for notification as well as inspection, testing and authentication. In Mr. Metzger's opinion, the DoD should employ a flexible approach for supplier qualification and should defer to the contractors' judgment to avoid further contractor burden while providing evaluation and verification of the supplier selection systems for secondary sources.

ERAI Training and Events

During the past several months, ERAI Members have contacted us regarding U.S. Customs and Border Protection seizing shipments destined to the US from abroad. There is much confusion regarding the seizure process: why are shipments detained; what rights does the importer have and who makes the final determination on the authenticity of the parts?

On June 3, 2014, ERAI and Snell & Wilmer cohosted a webinar titled "Customs Seizures: My goods are good. So why are they in detention?" The objective of this free online training was to expand awareness and address concerns relative to U.S. Customs' procedures for detaining and seizing suspected counterfeit parts.

If you were unable to attend, you may now access a recorded copy of this webinar available via the ERAI website at www.erai.com and then clicking on the Events tab. This recorded webinar is only available to ERAI Members; a login is required.

"This webinar was prepared for your convenience and the material is intended to provide overall guidance. Reliance solely on the webinar material and information may not be considered reasonable care. Importers should review Treasury Decision 97-96, published in the Federal Register of December 4, 1997 and in the Customs Bulletin of December 17, 1997 for a discussion of the reasonable care concept."

Meet ERAI at the following events:

SAE 2014 Aerospace Systems and Technology Conference
Cincinnati, Ohio
September 23-25, 2014
POWER-GEN International Conference
Orlando, Florida
December 9-11, 2014
DMSMS 2014
San Antonio, Texas
December 1-4, 2014
DSEI 2015
London, United Kingdom
September 15-18, 2015

Join the ERAI's Group at LinkedIn
Follow ERAI on Twitter
Follow ERAI on Facebook
Send an email to ERAI
Follow ERAI on Google Plus