This page is an index. The actionable items are the requirements below.
Standards this statute points to
FAR 52.204-21 — Basic Safeguarding of Covered Contractor Information Systems
Official sourceBaseline 15 safeguarding controls for any federal contractor handling Federal Contract Information.
Adopts: NIST 800-171— Many 800-171 controls extend the FAR baseline.Adopts: FAR 52.204-21— The clause itself defines the 15 basic safeguards.
In plain terms. The False Claims Act (FCA) is the government's main tool for punishing fraud against it. Its original caption read, "An Act to prevent and punish Frauds upon the Government of the United States."
Who it applies to. Anyone who submits — or causes the submission of — a claim for federal payment, including contractors. It is the central fraud-enforcement risk in government contracting and is increasingly used for cybersecurity misrepresentations.
What it requires.
- It prohibits knowingly presenting a false or fraudulent claim, bill, or voucher to any federal department or official for payment or approval.
- It authorizes "qui tam" actions — lawsuits a private whistleblower ("relator") brings on the government's behalf.
Why it matters. Penalties are severe: civil fines, treble damages (three times the government's actual loss), and litigation costs. If the Department of Justice intervenes, the whistleblower may recover up to 25 percent of the judgment or settlement; if it does not, up to 30 percent — a powerful incentive that drives FCA enforcement.
Citation. Pub. L. 37-67 (Mar. 2, 1863); 31 U.S.C. ch. 37, subch. III.
DOJ Civil Cyber-Fraud Initiative; SF/agency compliance certifications; qui tam procedures; intersects with DFARS 252.204-7012/7019/7020 and NIST 800-171 self-assessment (SPRS) representations.