This supplements The Compliance Collective webinar, “Responding to Shifting Federal Enforcement in Government Contracting,” held on February 19, 2026.
Overview
Deregulation does not necessarily mean decreased enforcement. Even as the Trump administration has reduced federal regulations through executive orders and agency action, the U.S. Department of Justice (DOJ) continues to prosecute government contractors—more aggressively than before, if the overall rise in False Claims Act (FCA) recoveries is any indication. For example, in Fiscal Year (FY) 2025, DOJ spotlighted nearly $600 million in recovery from FCA settlements involving procurement, loan, and grant fraud, which vastly exceeds the nearly $71 million highlighted in FY 2024.[1] For government contractors acclimating to the new regulatory environment, the message is clear—compliance matters more than ever.
Where Risk Is the Greatest
DOJ has reorganized its enforcement focus around the administration’s core priorities. For government contractors, certain areas require immediate attention:
Cybersecurity Compliance
DOJ recently escalated the risk for government contractors of noncompliance with cybersecurity requirements from civil to criminal repercussions. On December 9, 2025, Danielle Hillmer was indicted for allegedly misleading federal agencies about the security and FedRAMP compliance of a cloud-based platform used by the U.S. Department of War (DoW) and other agencies.[2] The criminal indictment charged Hillmer with wire fraud, major government fraud, and obstruction of a federal audit. Concurrently, DOJ’s civil enforcement under the FCA for allegedly false certifications of cybersecurity requirements has been more active than ever, as exemplified by the recent settlements with Health Net Federal Services, Illumina, Raytheon, and Georgia Tech.[3] With the Cybersecurity Maturity Model Certification (CMMC) requirements for DoW contractors now final and operative, the trend toward increased enforcement is expected to continue.[4]
- What to do. Audit your cybersecurity posture against applicable requirements and ensure compliance with all certifications. Confirm all information uploaded to the Supplier Performance Risk System (SPRS) is accurate and up to date. Verify subcontractors’ CMMC compliance status and SPRS score, as appropriate, and request and maintain evidence from subcontractors showing proof of compliance for your records.
DEI Programs
Executive Orders 14151 and 14173 did not merely discourage Diversity, Equity, and Inclusion (DEI) programs—they created a new certification requirement for government contractors with significant implications for FCA exposure.[5] Executive Order 14173 specifically provides that a contractor’s compliance with federal antidiscrimination laws is “material” to the government’s payment decisions.[6] This is meaningful under the FCA, which requires materiality as an element of a violation.[7] DOJ’s Civil Rights Fraud Initiative, announced in May 2025 and co-led by the Civil Fraud Section and Civil Rights Division, signals that resources to pursue such cases will be available.[8]
- What to do. Audit all company programs, policies, guidelines, and initiatives relating to hiring, promotion, training, and related protocols to ensure compliance, and document the review and results for your records.
Antitrust in Procurement
The Procurement Collusion Strike Force (PCSF) is an interagency partnership led by DOJ’s Antitrust Division with more than 30 federal agency partners. Since 2019, the PCSF has produced more than 75 guilty pleas and convictions, over $70 million in fines and restitution, and trained over 46,000 government personnel to detect bid-rigging and procurement fraud.[9] Recent criminal guilty pleas for bid-rigging on DoW contracts affecting millions in commerce confirm that the PCSF’s efforts remain a top criminal enforcement priority.[10]
- What to do. Ensure your third-party agreements and contracts include appropriate restrictions and disclosure requirements regarding conflicts of interest, kickbacks, bribery, and all other applicable antitrust guardrails. Do not share pricing information with third parties, make independent bidding decisions, and limit information exchanges with competitors, as appropriate.
Small Business Programs
DOJ continues to target companies that misrepresent their small business status, with the Small Business Administration (SBA) launching an immediate and full-scale audit of the 8(a) Business Development Program in June 2025.[11] In January 2026, the DoW expanded this review for DoW contracts to all small business set-asides over $20 million.[12]
- What to do. Audit your limitations on subcontracting and document your compliance. If you have active DoW set-aside awards over $20 million, verify your certifications and prepare for potential contract action in the coming months. If your small business has undergone any change in ownership, affiliation, or size status, re-verify your certifications.
Trade and Customs
The administration’s “America First” focus, and attendant tariff enforcement agenda, has teeth—and the newly established Trade Fraud Task Force ensures continued focus on this area.[13] In December 2025, DOJ announced a $54.4 million FCA settlement with Ceratizit USA LLC for alleged evasion of duties on Chinese goods (e.g., tungsten carbide products) through misrepresentation of country of origin and tariff misclassification—the largest customs-related FCA resolution ever.[14]
- What to do. Review and vet your supply chain and confirm your import and other trade-related records can withstand an audit.
In conclusion, the government’s removal of regulations that create undue barriers is changing the legal landscape, but the consequences of noncompliance for government contractors remain ever present. DOJ is clearly prioritizing specific areas for enforcement, and incentives for whistleblowers are higher than ever. The government contractors that will fare best throughout this period are the ones investing in compliance now, before a government investigation forces the issue.
Endnotes
[1] Compare U.S. Dep’t of Just., Civ. Div., Fact Sheet False Claims Act Settlements and Judgments FY2025 (2026), with Press Release, U.S. Dep’t of Just., False Claims Act Settlements and Judgments Exceed $2.9B in Fiscal Year 2024 (Jan. 15, 2025).
[2] Grand Jury Indictment, United States v. Hillmer, No. 35-383, 2025 WL 3542486 (D.D.C. Dec. 9, 2025).
[3] Press Release, U.S. Dep’t of Just., Deputy Attorney General Lisa O. Monaco Announces New Civil Cyber-Fraud Initiative (Oct. 6, 2021).
[4] Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements, 90 Fed. Reg. 43,560 (Sep. 10, 2025).
[5] Exec. Order No. 14151, 90 Fed. Reg. 8,339 (Jan. 20, 2025); Exec. Order No. 14173, 90 Fed. Reg. 8,633 (Jan. 21, 2025).
[6] Exec. Order No. 14173, 90 Fed. Reg. 8,633 (Jan. 21, 2025).
[7] 31 U.S.C. § 3729(a)(1)(B), (b)(4).
[8] Press Release, U.S. Dep’t of Just., Justice Department Establishes Civil Rights Fraud Initiative (May 19, 2025).
[9] U.S. Dep’t of Just., Antitrust Div., Procurement Collusion Strike Force, (last visited Feb. 18, 2026).
[10] Press Release, U.S. Dep’t of Just., Executive of North Carolina Construction Company Pleads Guilty to Multi-Million Dollar Bid-Rigging Conspiracy (Dec. 17, 2025), Press Release, U.S. Dep’t of Just., Executive Pleads Guilty to Multi-Million Dollar Bid-Rigging Conspiracy (Feb. 10, 2026).
[11] Press Release, U.S. Small Bus. Admin., Administrator Loeffler Orders Full-Scale Audit of 8(a) Contracting Program (June 27, 2025).
[12] Video posted by Secretary of War Pete Hegseth (@SecWar), X (Jan. 16, 2026, at 6:13 PM ET).
[13] Press Release, U.S. Dep’t of Just., Departments of Justice and Homeland Security Partnering on Cross-Agency Trade Fraud Task Force (Aug. 29, 2025).
[14] See supra note 2.
