FAR 4.2300—Scope of subpart.
Plain-English Summary
FAR 4.2300 is a scope statement, so it does not create detailed operating procedures by itself; instead, it tells readers what this subpart is for and how long its authority lasts. Specifically, it says the subpart implements the Federal Acquisition Supply Chain Security Act of 2018 (FASCSA), which is the statutory framework for federal supply chain security actions, and it also implements the Federal Acquisition Security Council (FASC) regulation at 41 CFR part 201-1. In practical terms, this means the subpart is the FAR’s bridge between procurement policy and the governmentwide supply chain security regime used to address risks from products, services, and sources that may threaten federal information systems or operations. The section also establishes a sunset date for the authority in this subpart—December 31, 2033—by cross-referencing 41 U.S.C. 1328, which matters because agencies and contractors must know that the authority is time-limited unless extended by law. For contracting officers, contractors, and acquisition personnel, this section signals that the subpart should be read together with the FASCSA statute and the FASC regulations, and that any actions taken under this subpart must fit within that broader legal framework.
Key Rules
Implements FASCSA
This subpart exists to carry out the Federal Acquisition Supply Chain Security Act of 2018. In practice, that means the FAR provisions in this subpart are not standalone policy; they are the acquisition-side implementation of a separate statutory supply chain security regime.
Implements FASC regulations
The subpart also implements the Federal Acquisition Security Council regulation at 41 CFR part 201-1. Users must therefore consult both the FAR and the FASC rules to understand the full process, authority, and procedures.
Limited to supply chain security
The scope is specifically tied to federal acquisition supply chain security, not general procurement administration. The section signals that the subpart addresses security-related acquisition actions involving supply chain risk, rather than ordinary contract formation or performance issues.
Authority expires in 2033
The authority for this subpart expires on December 31, 2033, under 41 U.S.C. 1328. That sunset date is important because it limits how long the current authority remains in effect unless Congress extends or revises it.
Cross-reference required
Because this section is only a scope provision, it must be read with the underlying statute and the FASC regulation. The practical rule is that the FAR text here points users to the controlling external authorities rather than fully defining the program itself.
Responsibilities
Contracting Officers
Recognize that actions under this subpart are grounded in FASCSA and FASC regulations, and ensure any supply chain security-related acquisition decisions are made within that legal framework. They must also be aware of the sunset date when relying on this authority.
Agency Acquisition Personnel
Use this subpart as a pointer to the broader supply chain security regime and coordinate acquisition actions with the applicable FASC requirements. They should not treat this section as a complete procedural guide.
Contractors
Understand that federal supply chain security requirements may arise under this subpart and that those requirements are tied to statutory and regulatory authorities outside the basic FAR text. Contractors should monitor whether their products, services, or sources are affected and note the time-limited nature of the authority.
Federal Acquisition Security Council
Issue and maintain the implementing regulation at 41 CFR part 201-1 that this subpart references. The Council’s regulatory framework supplies the operational detail for the supply chain security program.
Congress
Provide the statutory authority for the subpart and determine whether the authority remains in effect, is extended, or expires. The sunset date reflects congressional control over the duration of the authority.
Practical Implications
This section tells users where to look next: the real operational rules are in FASCSA and 41 CFR part 201-1, not in this short FAR scope statement.
A common pitfall is assuming the FAR text here is self-contained; it is not, and missing the cross-referenced authorities can lead to incomplete compliance analysis.
The December 31, 2033 expiration date matters for long-term planning, especially for multi-year contracts, policy updates, and compliance programs that depend on this authority.
Contracting officers should verify that any supply chain security action they take is authorized under the current statutory/regulatory framework and not just under general procurement discretion.
Contractors should watch for supply chain security-related notices, exclusions, or other actions that may flow from this authority and affect sourcing, product selection, or contract performance.
Official Regulatory Text
This subpart implements the Federal Acquisition Supply Chain Security Act of 2018 (title II of Pub. L. 115–390 ) and the Federal Acquisition Security Council (FASC) regulation at 41 CFR part 201–1 . The authority provided in this subpart expires on December 31, 2033 (see 41 U.S.C. 1328 ).