The FY 2025 National Defense Authorization Act: What’s New for Defense Contractors

The FY 2025 National Defense Authorization Act: What’s New for Defense Contractors
View of outside of the Supreme Court

The recently passed National Defense Authorization Act (NDAA or Act) for Fiscal Year 2025 addresses recurring areas of focus relevant to defense contracting, including supply chain risks related to China, organizational conflicts of interest, the government’s procurement of artificial intelligence (AI) and machine learning technologies, and cybersecurity.

On December 23, 2024, President Joe Biden signed into law the 2025 NDAA following passage by the U.S. Senate and U.S. House of Representatives days earlier. The 2025 NDAA obligates $895.2 billion in funding for the U.S. Department of Defense (DoD), a nearly $9 billion increase from the previous year. Totaling nearly 1,800 pages, the 2025 NDAA addresses a broad array of DoD procurement policies. As with NDAAs in prior years, the 2025 NDAA will set in motion rulemaking activity and agency initiatives in areas relevant to defense contractorsthat promote innovation, efficiency, and security.

In this Update, we highlight key procurement-related provisions affecting defense contractors.

Key Provisions in the FY 2025 NDAA 

The annual authorization of appropriations for DoD includes funding for defense-related activities, including $143.8 billion for research, development, test, and evaluation; $17.5 billion for science and technology programs; and $17.5 billion for military construction projects.

Bid Protests

The 2025 NDAA makes a slight change to the jurisdiction of the Government Accountability Office (GAO) to entertain bid protests challenging task orders under multiple-award contracts. Under existing laws and regulations, GAO lacks jurisdiction to hear a bid protest challenging the award of a DoD task or delivery order valued below $25 million. The Act increases the dollar threshold for a task or delivery order protest from $25 million to $35 million (Section 885). Also, the Act requires GAO and DoD to submit a joint proposal addressing various issues related to bid protests before GAO, including an “a process for enhanced pleading standards” for protesters seeking access to the administrative record and a process for payment by unsuccessful offerors to the government and contract awardee (Section 885). The Act stops short of a “loser pays” requirement but holds out the possibility of future changes in the bid protest process.

Supply Chain, China, and Israel

The 2025 NDAA highlights Congress’ focus on restrictions and disclosure requirements related to the defense industrial base (DIB) supply chain and China.

  • The Act calls for expanding disclosure requirements for contractors whose employees are working in China. It also adds additional disclosure requirements regarding cybersecurity vulnerabilities for covered contracts (Section 839).
  • The Act prohibits DoD from entering into or renewing contracts for any covered semiconductor products and services with any entity that knowingly provides these products and services to Huawei, absent a waiver (Section 853).
  • The Act prohibits DoD from entering into contracts with an entity, including its parents and subsidiaries, that engages in “lobbying activities” for any entity determined to be a Chinese military company (Section 851). DoD publishes a list of entities as Chinese military companies operating in the United States, found here.
  • The Act also prohibits DoD from entering into contracts for the Defense Commissary Agency with contractors that have engaged in or engage in a boycott of the state of Israel, including boycotts of companies and individuals doing business with Israel and Israeli companies (Section 855).

The above restrictions will require rulemaking, likely through revisions to the Defense Federal Acquisition Regulation Supplement (DFARS) that memorialize the prohibitions and related compliance through solicitation provisions and contract clauses.

Commercial Product or Service Determinations

The 2025 NDAA amends commercial product and service determinations under 10 U.S.C. § 3456, making it easier for products or services to qualify as commercial for subsequent procurements (Section 814). Under this provision, DoD contracting officers need only rely on a prior acquisition of commercial products and services that used FAR Part 12 commercial acquisition procedures to make a commercial determination. This determination includes products (1) without a part number or (2) with a different part number but the same functionality. To deviate from this determination, a DoD or military senior procurement executive must issue a written justification explaining why commercial acquisition procedures are no longer appropriate.

Organizational Conflicts of Interest

The Act requires that a contractor submit a written justification when requesting a waiver of an organizational conflict of interest (OCI) (Section 881). This would appear to be a new burden for contractors when addressing an OCI. Such a step would require revision FAR 9.503, which governs waiver of OCIs. This provision is among other efforts to overhaul FAR Part 9. On January 15, 2025, the FAR Council issued a proposed rule that, among other things, moves OCI coverage from FAR Part 9 to FAR Part 3, updates OCI definitions and other terms, and explains methods to avoid, reduce, mitigate, or waive an OCI.

Streamlined Acquisition Pathways

The Act codifies streamlined acquisition pathways for rapid prototyping and fielding of emerging technologies (Section 804). It also creates a new acquisition and development pathway for software and related hardware (Section 805).

Contract Claims

Under the Act, a contracting officer’s unilateral definitization of a contract (i.e., a letter contract) constitutes a final decision under the Contract Disputes Act, appealable to either the Armed Services Board of Appeals or the U.S. Court of Federal Claims (Section 803). 

Artificial Intelligence

The 2025 NDAA is the latest sign of Congress’ interest in AI to achieve national security and defense objectives by implementing AI in DoD’s acquisition strategy and contract administration. DoD must establish the following AI-related programs: 

  • DoD’s Chief Digital and Artificial Intelligence Office (CDAO) must identify and assess AI models that could pose a national security risk if accessed by an adversary of the United States and develop strategies to prevent such access (Section 225).
  • A pilot program to assess the feasibility and advisability of using AI-enabled software to optimize workflow operations for DoD manufacturing and contract administration (Section 237).
  • A pilot program to develop near-term use cases and demonstrations of AI for national security-related biotechnology applications (Section 236). 
  • A center(s) for excellence to support the development and maturation of AI-enabled weapon systems by organizations within DoD (Section 1534).
  • A program to test and process requirements for next-generation AI capabilities located at DoD installations or accessible through commercial cloud or hybrid cloud environments (1532).

To successfully implement these programs, DoD must integrate and train its workforce in AI. The CDAO must develop online education courses regarding AI concepts, including the ethical acquisition and procurement of AI (Section 222). The Act also requires an initiative to improve the human factor of AI systems, which includes plans to ensure human systems integration elements are considered in the early development or evaluation of an AI procurement (Section 1531).

Cybersecurity

DoD’s chief information officer (CIO) must develop guidance for the application of DoD’s “Zero Trust Strategy” to Internet of Things hardware (Section 1513). The DoD CIO also must develop a 10-pronged strategy to manage and address cybersecurity of multicloud environments (Section 1514). The strategy also would address the certification process for cloud service providers.

Data Rights

The Act would require DoD to create procedures to produce or manufacture certain items through reverse engineering or re-engineering where the government lacks technical data rights or where technical data rights prevent manufacturing (Section 882). These procedures only apply in limited circumstances that require immediate access to the items, weapon system readiness, or sustainment of operations. The Act’s call to use reverse or re-engineering by DoD signals the government’s efforts to anticipate situations in which its rights to a contractor’s technical data may be limited.

Small Business Issues

Within the next year, DoD must design a Small Business Bill of Rights to ensure a healthy partnership between DoD and the DIB that encourages small businesses to contract with the DoD (Section 876). The Small Business Bill of Rights will create a resolution process to expeditiously resolve customer service issues and conflicts and develop informational resources regarding small businesses’ legal rights, including directories for ombudsmen and administration offices at DoD and military components. In addition, the Act calls for a pilot program to streamline access to shared classified commercial infrastructure for small businesses and higher educational institutions (Section 874).

Inflation Relief

The Act extends DoD’s temporary authority to modify contracts based on the effects of inflation until the end of this year (Section 824).

Conclusion 

Certain NDAA provisions create new opportunities for defense contractors, particularly to provide commercial products and services. It also may provide opportunities for small businesses. These new requirements suggest changes to the defense procurement landscape that emphasize innovation, efficiency, and security. Contractors should monitor these provisions and adopt these new requirements as they become codified in the DFARS and incorporated into contracts.

Print and share

Authors

Explore more in

Government Contracts

Related insights
© 2025 Perkins Coie LLP