Foreign Ownership Rules Are Expanding—Is Your Vendor Network Putting You at Risk?

If you’re a small business in the government contracting space—especially in IT, telecom, drones, or physical security—your vendor list could be your weakest link. The feds aren’t just scrutinizing what you sell to them; they want to know what’s in your office, who made it, and whether any part of your supply chain touches banned or foreign-owned tech.

Section 889 of the FY2019 NDAA may have started the fire, but the flames have been fanned by recent provisions in the FY2024–25 NDAA and Executive Orders like 14222. The result? A full-on shift in how contractors select equipment, software, suppliers, and even subcontractors.

Here’s what’s happening—and what your business should be doing about it.

What’s Changed and Why It Matters

Let’s break it down:

• Section 889(a)(1)(A) bans the federal government from buying anything that contains “covered telecom” components from companies like Huawei, ZTE, Hytera, Hikvision, or Dahua.

• Section 889(a)(1)(B) takes it even further. If you use those banned products—even in your own office or warehouse—you could be disqualified from winning contracts.

• The FY2024 NDAA adds drones, semiconductors, and other components to the crosshairs, especially if they originate from China.

• Executive Order 14222 pressures agencies to review all contracts with foreign entities for waste and risk—so if your supply chain is murky, your contract could get chopped.

Bottom line: This isn’t just about what you deliver to the government. It’s about everything in your operation—from office security cameras to the chipsets in your subcontractor’s drone.

Why Small Businesses Need to Pay Close Attention

If you’re a small contractor, this hits especially hard. Here’s why:

• Compliance costs hurt more. Replacing low-cost, non-compliant gear (like a $150 Hikvision camera) with a compliant one can get expensive—fast.

• Knowledge gaps are real. Unlike big primes with compliance departments, many small firms are finding out about these rules after they’ve already submitted a bid.

• You’re not just on the hook for your stuff. Primes are pushing compliance obligations down the chain. If you're a subcontractor and can’t prove your gear is clean, you’re off the team.

• False Claims Act penalties are steep. Certifying compliance and then getting caught? That’s potentially fraud—with real financial and legal consequences.

And if you’re selling through GSA Schedules, take note: You can’t even accept new orders unless you’ve certified compliance with Section 889 Part B.

What You Should Be Doing Right Now

Don’t wait for a CO or a prime to flag you. Get ahead of this. Here are five moves you should make:

1. Do a full supply chain audit.

• Inventory everything: telecom gear, cameras, network hardware, drones, etc.

• Map your suppliers and their subs—who makes what, and where.

2. Build a vetted vendor list.

• Stick to U.S. or allied-made equipment.

• Ask vendors to sign certifications confirming they don’t use or source from banned entities.

• Avoid “gray market” products from third-party resellers on Amazon or eBay.

3. Train your team.

• Make sure your procurement and IT staff know what’s banned.

• Teach them to check the FCC Covered List and GSA guidance before making purchases.

4. Use compliance as a competitive advantage.

• Highlight your clean supply chain and sourcing policies in proposals.

• Let primes know you’re a “low-risk” sub who won’t jeopardize their bid.

5. Leverage tools and support.

• Platforms like Project Spectrum and supply chain risk tools like Interos can help.

• Contact your agency’s small business office or contracting officer if you’re unsure—don’t guess.

The Big Picture

These rules aren’t going away. If anything, they’re expanding. Federal contracting is being reshaped around resilience and security. That means preference is being given to vendors who are domestic, diversified, and low-risk.

Sure, the compliance burden is real—but for small businesses that act early, it’s also a path to differentiation. Think of this as a filter. The companies that adapt will get access to more opportunities. Those that don’t? They’ll be filtered out.

So the question is simple: Are you ready to compete in a security-first federal market?

Want to dig deeper into how cybersecurity and supply chain rules are reshaping government contracting? Check out our post: “Cyber Rules Are Tightening—Here’s What Small Contractors Need to Know Now.”

If you aren't a Squared Compass partner, what are you waiting for? From getting your business set up with specific government set aside programs at both the State and Federal level, to being empowered by a Fractional Capture team to win government contracts, to receiving tailored government contract opportunities Squared Compass delivers immense value which helps propel our partners to success. Schedule a chat with our team today.