Page 140 - Cyber Defense eMagazine March 2024
P. 140

a false record or statement material to a false or fraudulent claim.” Material is defined as “having a natural
            tendency to influence, or be capable of influencing, the payment or receipt of money or property.”

            Given how the government has structured the CMMC program and its assessment requirements, it is
            almost certain that the government will consider inaccurate CMMC certifications “material” for purposes
            of the FCA. Contractors at the CMMC Level 1 and CMMC Level 2 tiers should be especially careful to
            ensure  they  fully  comply  with  all  required  security  assessments.  FCA  penalties  are  considerable—
            potentially up to three times the government’s damages, plus a statutory penalty linked to inflation—and
            the Department of Justice has signaled an increased focus on the cybersecurity space by launching its
            Civil Cyber-Fraud Initiative in 2021.



            Conclusion

            The proposed rule provides contractors with the structure in which the three-tiered certification program
            will operate. Given the importance and complexity of the rule and the requirement to sift through more
            than  230 submitted  comments,  a  final  rule  is  unlikely  to  be  published  for  a  few  months  and  maybe
            upwards  of  a  year.  However,  contractors  should  begin  digesting  the  requirements  and  consider
            implementing the necessary measures to comply with the obligations now, many of which mirror already-
            existing obligations, before the official rollout begins to ensure compliance.



            About the Author

            Richard  W.  Arnholt,  a  member  at Bass,  Berry  &  Sims  PLC in  Washington,  D.C.,
            advises  government  contractors  on  risk  mitigation  through  ethics  and  compliance
            programs and on allegations of procurement fraud or misconduct. He can be reached
            online    at [email protected]      and     at     our    company       website
            https://www.bassberry.com/professionals/arnholt-richard/



                               Adam  Briscoe,  an  associate  at Bass,  Berry  &  Sims  PLC in  Washington,  D.C.,
                               advises companies as they navigate the contracting process with federal, state, and
                               local governments. He can be reached online at [email protected] and
                               at our company website https://www.bassberry.com/professionals/briscoe-adam/





















            Cyber Defense eMagazine – March 2024 Edition                                                                                                                                                                                                          140
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   135   136   137   138   139   140   141   142   143   144   145