The U.S. General Services Administration (GSA) has issued draft regulatory language titled Basic Safeguarding of Artificial Intelligence Systems” (GSAR 552.239‑7001, February 2026) that would apply to federal solicitations and contracts involving artificial intelligence capabilities. The AI clause is part of the broader MAS Refresh 31 update, which introduces new compliance requirements governing artificial intelligence technologies used in federal contracts. GSA has indicated it will review industry feedback and may adjust the draft language based on stakeholder input, but it does not plan to issue formal responses to individual comments.

The clause establishes baseline requirements governing the use of AI systems across federal procurement, focusing on data ownership, cybersecurity protections, transparency, and operational oversight. If adopted, the clause would be inserted into contracts involving AI tools under the GSA Acquisition Regulation, representing a significant step toward standardized federal governance of artificial intelligence systems used by agencies.

One of the most significant provisions establishes broad government usage rights for AI systems deployed under federal contracts. The clause grants the government an “irrevocable, royalty‑free, non‑exclusive license to use the AI system for any lawful government purpose for the duration of the contract, including the ability to operate the system, input and analyze government data, integrate the system with other government platforms, and allow authorized government personnel and contractors to access and use the tool.” The clause further states that the AI system may not refuse to generate outputs based on vendor policies, ensuring that agencies retain operational control over the analytical capabilities of the system.

The proposal by GSA mirrors the recent policy guidance from the U.S. Department of War governing the use of commercial AI tools in defense environments. Those provisions emphasize that AI systems used by the government must support lawful mission requirements “without vendor-imposed content restrictions that could limit authorized analysis.” This issue has become central to litigation involving Anthropic, whose AI system policies have been challenged in connection with defense-related use cases where government users argue that commercial safeguards prevented the system from performing certain analytical tasks. In that context, the GSA clause can be viewed as part of a broader federal effort to ensure that, once an AI capability is acquired under contract, agencies retain full operational control over the system’s analytical functionality, rather than being constrained by the provider’s moderation policies.

Other Significant Provisions:
Government ownership of AI data and developments - The government retains full ownership of all data inputs and outputs used or produced through the AI system, as well as any custom developments or model enhancements created specifically for the government under the contract. Contractors and service providers receive only a limited license to use this data for the purpose of performing the contract and providing maintenance or technical support. The clause specifically prohibits contractors from using government data to train or improve their AI models or to support commercial business activities.

Data protection and security requirements - Contractors must implement technical, administrative, and physical protections designed to prevent unauthorized access, disclosure, or corruption of government data. Contractors must also ensure that government data remains logically segregated from commercial customer data and must securely delete all government data upon completion or termination of the contract.

American AI systems requirement - prohibits the use of foreign AI platforms or components controlled by non‑U.S. entities in federal AI deployments and reflects broader national security and supply‑chain priorities aimed at strengthening domestic AI capabilities within government operations.

Transparency and oversight of AI systems - AI systems used under federal contracts must provide traceability into how outputs are generated, including summaries of intermediate processing steps, model routing decisions, and descriptions of data retrieval methods used to produce responses.

Cybersecurity and interoperability requirements - Contractors must report cybersecurity incidents involving government data within seventy‑two hours and preserve logs and forensic artifacts for investigation purposes. AI systems must also support open data formats and export capabilities to ensure agencies can migrate their data without becoming dependent on proprietary vendor platforms.

Submitting Comments:
Companies that develop, integrate, or rely on AI tools in federal contracts should consider submitting comments before March 20, 2026, particularly regarding provisions addressing government ownership of AI outputs and custom developments, prohibitions on training models using government data, requirements to use “American AI systems,” and contractor liability for third‑party AI providers.

Industry feedback can be submitted directly to the General Services Administration Federal Acquisition Service through two primary methods:

• Email submission – Send comments to maspmo@gsa.gov and reference MAS Refresh 31 and the proposed clause GSAR 552‑239‑7001.
• GSA Interact comment submission – Contractors may also submit comments directly through the GSA industry notice announcing the draft MAS Refresh changes.

The General Services Administration’s (GSA) January 28, 2026 Federal Register notice, “Information Collection; System for Award Management Registration Requirements for Financial Assistance Recipients,” signals a significant potential shift in the compliance obligations attached to federal financial assistance. The notice proposes revising the Financial Assistance General Representations and Certifications in the System for Award Management (SAM) to align with the Department of Justice’s July 29, 2025 guidance on “unlawful discrimination and Executive Order 14173.” Comments are due by March 30, 2026.

Under existing federal requirements, most applicants and recipients of federal financial assistance must register in SAM and maintain an active registration for as long as an application is under consideration or an award remains active. This change is intended to ensure that organizations conform to the Department of Justice’s July 29, 2025 guidance for recipients of federal funding regarding unlawful discrimination, as well as Executive Order 14173, “Ending Illegal Discrimination and Restoring Merit-Based Opportunity.”

Although framed as an information collection revision, the proposal has broader significance because certifications made in SAM often function as gateways to eligibility and continued participation in federal funding programs. As a result, the proposed revisions should be understood not merely as administrative adjustments, but as a potential expansion of the compliance representations expected of financial assistance recipients.

The proposal aims to make SAM registration a substantive compliance checkpoint for entities receiving federal financial assistance, including grants, cooperative agreements, loans, insurance, and direct appropriations. Recipients will face heightened scrutiny of their own policies and programs as well as oversight of subrecipients, contractors, and other third parties supported with federal funds. This uses a routine registration and certification process to embed the administration’s policy of “anti-DEI” into the federal financial assistance framework. That may create legal ambiguity, compliance uncertainty, and a strong incentive for overcorrection by recipients that wish to avoid certification risk. Universities, nonprofits, state and local governments, minority business support organizations, and vendors serving federally funded entities should treat this notice as an early warning that financial assistance certifications may soon carry significantly greater substantive and enforcement consequences.

Summary of the Proposal
The proposal requires recipients to certify compliance with the DoJ guidance, cited by GSA, which emphasizes that recipients of federal funding may face risk not only for their own allegedly unlawful practices, but also for knowingly “supporting or funding discriminatory conduct by third parties.” This potentially extends compliance concerns beyond internal personnel rules or public statements and into program operations, subawards, technical assistance arrangements, vendor relationships, and other funded partnerships. The agency specifically requests comment on the necessity of the collection, the accuracy of its burden estimates, the clarity of the information sought, and ways to reduce burden through technology or other means.

Key Concerns for Recipients
SAM certifications as an enforcement tool. What was once largely an administrative certification could become a substantive attestation regarding the legality of institutional practices, funded programs, and third-party relationships.
Legal ambiguity. Under DOJ guidance and Executive Order 14173, recipients may face uncertainty over which access, outreach, or targeted support programs remain clearly lawful, which require revision, and which may create certification risk.
Third-party exposure. Because the guidance extends risk to contractors, grantees, and other federally supported partners, recipients may need to strengthen subrecipient oversight, procurement review, partner vetting, and downstream compliance controls.
Overcompliance and program retrenchment. To avoid scrutiny, some recipients may scale back or eliminate lawful outreach, diversity-related initiatives, technical assistance, fellowships, or business support programs.
Conflict with other obligations. A stricter SAM certification regime may conflict with other legal, contractual, philanthropic, or accreditation expectations that still support inclusion, targeted outreach, community investment, or supplier diversity.

Potential Impact By Sector
Universities and Colleges | May require review of scholarships, fellowships, student support programs, faculty recruitment, research partnerships, and supplier diversity practices.
Nonprofits and Foundations | May face pressure to revisit eligibility criteria, outreach strategies, partnerships, and grantmaking structures, especially where programs serve underserved communities.
State and Local Governments | May need stronger oversight and documentation for pass-through funding, community investment programs, and subrecipient relationships.
Minority business organizations and supplier diversity advocates | May face a chilling effect as recipients become more cautious about outreach, technical assistance, incubators, and inclusion-focused initiatives.
Software and enterprise technology vendors | May see increased demand for compliance tools supporting documentation, audit trails, workflow controls, certification management, access controls, and third-party oversight.

What You Can Do
For recipients, the central takeaway is that this proposal is not merely administrative. It signals a broader compliance environment in which federal financial assistance may carry heightened scrutiny regarding program design, institutional policies, downstream partnerships, and certification accuracy. Organizations that rely on federal funding should begin reviewing their exposure now and consider submitting comments before the March 30, 2026 deadline.

Please submit comments only and cite Information Collection “3090-0290, System for Award Management Registration Requirements for Financial Assistance Recipients”, in all correspondence related to this collection. Federal Register :: Information Collection; System for Award Management Registration Requirements for Financial Assistance Recipients

Public comments are particularly invited on:

• Whether this collection of information is necessary;
• whether it will have practical utility;
• whether our estimate of the public burden of this collection of information is accurate, and based on valid assumptions and methodology;
• ways to enhance the quality, utility, and clarity of the information to be collected; and
• ways in which we can minimize the burden of the collection of information on those who are to respond, through the use of appropriate technological collection techniques or other forms of information technology.

March {xx} 2026

General Services Administration
Regulatory Secretariat Division (MVCB)
1800 F Street NW
Washington, DC 20405

RE: Information Collection 3090-0290, System for Award Management Registration Requirements for Financial Assistance Recipients

To Whom It May Concern:

On behalf of [Name of Minority Supplier Development Council], we appreciate the opportunity to comment on the General Services Administration’s proposed revision to the information collection titled "System for Award Management Registration Requirements for Financial Assistance Recipients," Information Collection 3090-0290.

[Name of Council] is a [regional/national/state] minority business advocacy organization that works to expand economic opportunity, strengthen supplier diversity, and support the growth of minority-owned businesses through business development, certification, corporate engagement, and access to procurement and capital opportunities. Our members and stakeholders include minority-owned businesses, corporate partners, public-sector entities, nonprofit organizations, and other institutions that may apply for, receive, administer, or support federally funded assistance.

We are concerned that the proposed revisions to SAM financial assistance representations and certifications may have effects well beyond routine administrative registration. The proposal could transform SAM certifications into a more substantive compliance checkpoint affecting institutional practices, third-party relationships, and programs intended to expand access and opportunity. In that respect, this proposal raises concerns not merely about paperwork burden, but about broader legal uncertainty, operational risk, and the potential chilling effect on lawful, mission-driven activities supported by federal assistance.

I. Whether the collection of information is necessary

We recognize that the federal government has a legitimate interest in ensuring that recipients of federal financial assistance provide accurate and current information through SAM and that agencies maintain a reliable framework for accountability, transparency, and eligibility verification.

At the same time, any revised collection should be narrowly tailored to information that is truly necessary for award administration and oversight. To the extent the proposed revisions require recipients to make broader substantive representations regarding program design, third-party relationships, or compliance judgments that may be legally complex, GSA should ensure that the collection does not exceed what is necessary for a registration platform. A SAM registration process should not become an imprecise vehicle for imposing unclear or overly broad compliance obligations that are better addressed through formal agency guidance, rulemaking, or award-specific terms.

Accordingly, we urge GSA to clearly distinguish between information necessary to verify recipient identity, eligibility, and accountability, and information that may require nuanced legal interpretation or institution-specific judgment.

II. Whether the collection will have practical utility

For a collection of information to have practical utility, respondents must be able to understand what is being requested, provide accurate responses, and rely on clear standards for compliance. Here, the proposal may have limited practical utility unless GSA provides more specific definitions, clearer instructions, and meaningful examples.

Recipients may face substantial uncertainty regarding which outreach, access, or support activities remain clearly lawful, which require revision, and which may create certification risk. That ambiguity reduces the practical utility of the collection because organizations may respond inconsistently, defensively, or without confidence that their submissions are accurate.

Without clearer standards, the collection may produce:

• inconsistent interpretations across recipients and agencies;
• overly cautious responses driven by fear of enforcement rather than clarity of compliance; and
• limited value to the government if the collected information is too general, subjective, or legally uncertain to support reliable administration.

To improve practical utility, GSA should issue instructions that explain what the certification does and does not require, how it applies to financial assistance recipients, and how respondents should evaluate third-party relationships and existing programs.

III. Whether the estimate of public burden is accurate and based on valid assumptions and methodology

We are concerned that the burden estimate may understate the real burden on respondents, particularly for organizations with complex funding structures, multiple subrecipients, external partners, or mission-driven programs serving historically underserved communities.

The burden of responding is unlikely to be limited to the act of entering information into SAM. For many organizations, the practical burden may include:

• internal legal review;
• coordination across compliance, grants, procurement, and program offices;
• review of subrecipient, contractor, and vendor relationships;
• reassessment of existing program language, eligibility criteria, and outreach materials; and
• board, executive, or outside counsel consultation where certification language is uncertain.

This burden may be especially significant for universities, nonprofits, local governments, business support organizations, and smaller entities that do not have dedicated compliance staff. If the proposal increases scrutiny of downstream partnerships and third-party oversight, the actual burden could extend well beyond a standard registration update and require substantial policy, operational, and legal review.

We therefore recommend that GSA revisit its burden estimate to account for the time and cost associated with internal review, legal interpretation, training, policy assessment, and third-party compliance analysis.

IV. Ways to enhance the quality, utility, and clarity of the information to be collected

If GSA proceeds, the quality and clarity of the collection would be improved by providing more precise guidance and a more structured certification framework. Specifically, GSA should consider:

1. Defining key terms clearly. Terms such as "unlawful discrimination," "supporting," "funding," and any references to third-party conduct should be clearly defined in the instructions.
2. Providing examples and safe harbors. Respondents would benefit from examples illustrating compliant and non-compliant situations, as well as safe-harbor language for lawful outreach, neutral inclusion efforts, and ordinary supplier engagement practices.
3. Limiting ambiguity in certifications. Any representations should be drafted to avoid forcing respondents to certify broad legal conclusions without sufficient context.
4. Distinguishing prime-recipient and downstream obligations. The instructions should clarify what recipients are expected to know, review, and monitor with respect to contractors, subrecipients, and partner organizations.
5. Aligning with operational reality. The collection should recognize that recipients vary significantly in size, structure, staffing, and funding complexity.

These improvements would help ensure that the information collected is more reliable, more consistent across respondents, and more useful to agencies administering federal assistance.

V. Ways to minimize the burden of the collection through technology and other information tools

GSA should take steps to reduce burden by designing the collection to be clear, efficient, and technologically supported. We recommend the following:

• provide plain-language instructions embedded directly in SAM;
• include help text, definitions, and FAQs adjacent to the certification fields;
• use branching logic so respondents see only the questions relevant to their organizational structure and funding status;
• permit respondents to rely on standardized attestations rather than duplicative narrative explanations where possible;
• allow prepopulation of unchanged organizational information from existing SAM records;
• provide downloadable guidance and checklists that organizations can review offline with counsel or compliance staff;
• offer a technical assistance period, webinar, or helpdesk support before implementation; and
• consider phased implementation for smaller or lower-capacity respondents.

These measures would improve response quality while reducing unnecessary administrative burden, especially for smaller organizations and mission-driven entities with limited compliance capacity.

Additional Concern for Minority Business and Supplier Diversity Stakeholders

As a minority supplier development organization, we are particularly concerned that unclear, overly broad, or legally indeterminate certifications could create a substantial chilling effect on lawful business development, technical assistance, outreach, capacity-building, and supplier diversity-related efforts. Many organizations that receive federal funding do so precisely to promote economic opportunity, expand participation in the marketplace, strengthen underserved communities, and advance broader economic and social stability. If those organizations are forced to operate under vague certification standards and heightened enforcement uncertainty, many may curtail, restructure, or abandon lawful programs simply to avoid regulatory risk.

The consequences of that chilling effect would extend far beyond administrative inconvenience. It could materially undermine the ability of nonprofit organizations, local governments, educational institutions, community development entities, and business support organizations to deliver services and initiatives that stabilize local economies, strengthen small business ecosystems, support job creation, expand access to capital and procurement opportunities, and promote long-term community resilience. In many communities, these federally supported efforts are not peripheral; they are foundational to economic mobility, entrepreneurship, workforce participation, and neighborhood-level revitalization.

We are especially concerned that the practical result could be widespread retrenchment in programs designed to reach underserved entrepreneurs, minority-owned businesses, distressed communities, and other populations that have historically faced barriers to opportunity. Such retrenchment would not merely slow progress. It could have a destabilizing effect on local and regional economies and produce serious adverse consequences for community stability, economic inclusion, and the broader public interest.

GSA should therefore take particular care to ensure that any revised information collection does not inadvertently deter lawful efforts to expand opportunity, strengthen supplier pipelines, foster economic participation, and support the institutions whose federally funded work helps anchor economic and social stability across the nation.

We are also especially concerned that a registration-based certification process should not become a substitute for clear rulemaking or for nuanced, fact-specific legal determinations. Where certification language is broad and consequences are significant, ambiguity can produce overcompliance, inconsistent administration, and reduced participation by organizations engaged in lawful opportunity-expanding activities.

Conclusion

We appreciate the opportunity to provide comments on this proposed information collection. We urge GSA to ensure that any revised SAM certification framework is narrowly tailored, clearly defined, administratively workable, and fully attentive to the significant compliance and operational burdens it may impose on recipients of federal financial assistance.

Absent greater clarity and appropriate safeguards, the proposal risks discouraging lawful, mission-driven activities by organizations whose federally supported work promotes economic participation, community stability, and broader social resilience. The resulting effects could be far-reaching, weakening local institutions, constraining economic opportunity, and destabilizing communities that rely on these programs and partnerships across the country.

We would welcome the opportunity to engage further on ways to improve the clarity, utility, and administrability of this collection.

Sincerely,

[Name]
[Title]
[Minority Supplier Development Council]
[Address]
[Email]
[Phone]

On March 26, 2026, President Trump issued an Executive Order titled “Addressing DEI Discrimination by Federal Contractors,” establishing a new federal contracting policy that treats certain diversity, equity, and inclusion practices as prohibited racial discrimination in the performance of federal contracts and subcontracts. The order states that the Administration’s policy is to promote “economy and efficiency” in federal contracting by preventing racial discrimination, and it defines “racially discriminatory DEI activities” broadly to include disparate treatment based on race or ethnicity in recruiting, hiring, promotions, vendor agreements, program participation, and the allocation or deployment of company resources. The White House has also released a “fact sheet” that outlines the Order’s main enforcement mechanisms including required contract clauses, OMB guidance, potential contract termination or debarment, and possible False Claims Act exposure.

Within 30 days, agencies must include a new clause on Federal prime contracts, contract-like instruments, subcontracts, and lower-tier contracts that require contractors to:

• agree not to engage in covered DEI activities
• provide information and access to books and records requested by the government to assess compliance,
• report known or reasonably knowable subcontractor conduct that may violate the clause
• notify the agency if litigation involving a subcontractor places the validity of the clause at issue.

Most notably, the order states that compliance with the clause is “material” to the government’s payment decisions for purposes of the False Claims Act. This moves DEI-related compliance from a policy and HR issue into the realm of contract performance, payment eligibility, suspension and debarment exposure, and potential False Claims Act criminal liability.

The enforcement provisions are significant. The order instructs agencies to cancel, terminate, or suspend contracts for noncompliance and to pursue suspension and debarment where appropriate. It also directs the Attorney General, in consultation with contracting agencies, to consider False Claims Act enforcement against contractors or subcontractors that violate the clause and to ensure prompt review of related qui tam actions brought by private relators. In addition, OMB, DOJ, the Domestic Policy Council, and the EEOC are directed to identify sectors deemed to pose heightened risk and to issue further compliance guidance for those industries.

The order also directs the Federal Acquisition Regulation (FAR) Council to amend procurement regulations to incorporate the new clause and remove inconsistent provisions and to issue interim guidance within 60 days, pending formal rulemaking. Agency heads must review implementation within 120 days and continue regular oversight thereafter.

Significant Risk and Burden for Contractors
The EO essentially creates three layers of exposure at once:

• liability for the underlying conduct;
• liability for weak documentation, reporting, and subcontractor oversight; and
• enforcement consequences through contract remedies, debarment, and potential False Claims Act cases.

This order materially increases legal and compliance risk for federal contractors and subcontractors. Because the order’s definition of prohibited activity is broad and reaches employment practices, vendor relationships, mentoring and leadership programs, and resource allocation, contractors should expect scrutiny not only of formal set-aside or preference programs, but also of internal diversity initiatives and supplier-diversity practices that may be characterized by enforcement officials as race-based decision-making.

While the enforcement is clear, many of the requirements of contractors are not. For example, the EO requires contractors to report subcontractor conduct that is “known or reasonably knowable,” that “may” violate the clause but it does not define that phrase, leaving scope for later interpretation through OMB guidance, FAR implementation, and enforcement practice.

The EO also adds significant record keeping and flow-down management oversight of subcontractor activities, essentially forcing prime contractors to face risk both from their own conduct and from failures to manage downstream compliance.

Recommended Next Steps for Contractors
Federal contractors should promptly review DEI-related employment, promotion, mentorship, supplier-diversity, subcontracting, and training programs to assess whether any elements could be alleged to involve differential treatment based on race or ethnicity. Companies should also review subcontractor oversight processes, contract certifications, compliance protocols, document retention practices, and escalation procedures for government inquiries. Contractors with active federal business should be prepared for new contract clauses, additional agency guidance, and heightened enforcement attention over the next 30 to 120 days.

Call to Action
The EO directs OMB and other agencies to issue guidance and identify sectors viewed as higher risk, and the FAR Council is expected to amend the FAR. Businesses, large and small, that expect disproportionate harm should stay in close contact with your Regional Council leadership to monitor the Federal Register and be prepared to provide comments, propose clarifying definitions, press for safe harbors, and document unintended economic consequences for contractors, subcontractors, and supply chains.

Small and minority-owned businesses, and the organizations that support them, must contact their representatives in the House and Senate immediately and with urgency. Congress must oppose this EO which creates a serious risk that fear-driven compliance, legal uncertainty, and administrative burden will lead prime contractors and agencies to narrow opportunities, restrict access, and preemptively exclude diverse firms from federal supply chains at every level. If left unchallenged, the result could be fewer pathways into the federal marketplace, reduced competition, weakened supplier networks, and lasting damage to inclusive economic growth. Policymakers must hear now, directly and clearly, that the consequences of this Order extend far beyond compliance—and will undermine opportunity, participation, and economic resilience across the federal contracting ecosystem.

Large prime contractors should consider shifting from identity-explicit preferences to race-neutral criteria such as outreach to underserved markets, identifying under-resourced businesses, small-business capacity building, broader recruiting pipelines, mentorship open to all, or geographically targeted opportunity programs. This approach can preserve business goals while reducing exposure under the EO’s wording, which is framed around “disparate treatment based on race or ethnicity.”