Administrative and National Policy Requirements

1. Security and Policy Requirements

Awards made under this BAA will include security and policy requirements, including requirements related to the domestic production and domestic control of intellectual property (15 U.S.C. § 4656(g)) and a prohibition on providing award funds to a foreign entity of concern (FEOC) (15 U.S.C. § 4657). CRDO will impose additional restrictions and requirements to ensure that the economic and national security objectives are met.

To ensure compliance with these requirements, NIST reserves the right to request additional information to assess any identified risks and to require additional risk mitigation strategies.

1.1 Investment Security

Applicants in consideration for an Investment Fund award will be subject to national security diligence. The applicant will be required to submit a SF328 Certificate Pertaining to Foreign Interest, as well as information regarding business relationships with foreign entities and relationships with foreign entities of concern. 
The applicant will be required to identify primary directors, officers, major shareholders, and corporate structure. Applicants that are subsidiaries must provide information regarding the ultimate corporate parent.

The applicant will need to demonstrate that it has established or will establish a program to protect sensitive information from deliberate or accidental unauthorized release. CRDO’s review will consider physical security, operational, security, personnel security, information security, cyber security, and technology control plans maintained by the applicant. 

The applicant will need to demonstrate that it has policies and plans to mitigate relevant supply chain security risks, including risks from a lack of geographic diversification and risks that foreign adversaries could degrade, exploit, or compromise the supply chain through the introduction of counterfeit or malicious items. 

Where appropriate, CRDO will impose restrictions through award terms to address any issues identified in diligence. 

1.2 Research Security

Awards made under the R&D Project Path are subject to additional requirements applicable to research and development activities, including:

• Requirements imposed by National Security Presidential Memorandum-33 (NSPM-33) and 42 U.S.C. § 6605, which require participants in the Federal R&D enterprise to periodically disclose information related to potential conflicts of interest and commitment, including monetary and non-monetary research support; and
• 42 U.S.C. §§ 19231 – 19237, which prohibit certain research participants from participating in malign foreign talent recruitment programs.

Applicants and subrecipients of the R&D Project Path are expected to reasonably exercise due diligence to ensure that individuals who contribute in a substantive, meaningful way to the scientific development or execution of a research and development project or could have insight into or control over the project are not subject to foreign interference or exploitation. Applicants will be required to identify and create a list of “Identified Key Actors” such as —

1. Covered individuals¹, as well as primary officers, senior technical personnel, board members, or board observers, from the Applicant and any partner organization; and
2. Investors and major partners (including funded participants and unfunded collaborators) that have or could have in the future (including through debt conversion), access to the applicant's and/or organization's proprietary or otherwise commercially or technically sensitive information.

Prior to NIST making an award under this BAA, applicants must update the NIST Agreements Officer of any such changes immediately. Before the recipient engages in any research and development activities, NIST will approve all individuals on the list. If the recipient wants to add new individuals to the list, it must notify NIST and complete a Current and Pending (Other) Support Common Form for each individual. NIST will review these materials before approving an updated list.

FEOCs are also ineligible to participate in this BAA as unfunded collaborators.

For additional information and resources, applicants can refer to the —

1. Safeguarding International Science: Research Security Framework (NIST IR 8484)
2. CHIPS R&D Research Security and Technology Protection web page
3. CHIPS Technology Protection Guidebook 

1.3 Security Review and Risk Determination

Prior to making an award pursuant to the R&D Project Path, NIST will review all available information to assess whether the applicant, its investors or major partners, or any Identified Key Actors — including foreign nationals who are not lawful permanent residents or protected persons as defined in 8 U.S.C. § 1324b(a)(3) — are subject to any undue foreign influence or interference through conflicts of interest or conflicts of commitment. Undue foreign influence or interference may include, but is not limited to, associations or affiliations with foreign strategic competitors or governments of countries that have a history of intellectual property theft, research misconduct, or targeting U.S. technology for unauthorized transfer. Affiliations include any past or present organization (foreign and domestic) with whom the applicant has a formal relationship or obligation (e.g., universities, scholarships, professional societies, foreign talent recruitment programs). NIST will examine associations or affiliations during the ten-year period immediately preceding the application submission.

Specific items subject to review include, at a minimum —

• Ensuring that the applicant, subrecipients, unfunded collaborators, and Identified Key Actors, including covered individuals, are not FEOCs or do not have unacceptable ties to foreign countries of concern (FCOCs);
• Checking for compliance with regulations relevant to U.S. export control, the Committee on Foreign Investment in the United States (CFIUS), and Office of Foreign Assets Control (OFAC); and
• Verifying the adequacy of cybersecurity and physical security practices.

At the conclusion of the security review, NIST will issue a determination of low, medium, or high risk for the application based on the totality of available information, which may include but is not limited to —

• The ownership structure, subsidiaries, and obligations of the applicant, the project team (including subrecipients or unfunded collaborators), or of any other major partners or investors;
• Conflicts of interest and conflicts of commitment of Identified Key Actors, including covered individuals;
• Participation of Identified Key Actors in a foreign talent recruitment program; and
• Any military-civil applications of the funded research, as applicable.

CRDO may, at its sole discretion, provide the applicant an opportunity to mitigate any assessed risks prior to making a final funding determination. CRDO further reserves the right to require specific mitigation actions, including but not limited to requiring additional training for project participants or segmentation of certain tasks of the proposed work, and any follow-up information needed to assess risk or mitigation strategies. CRDO may determine not to make an award, despite any proposed mitigation terms in connection with an application.

1.4 Requirements for Recipients to Update Security-Related Information

For R&D Project Path awards, certain events may also require an update to the security review and should also be reported to the NIST Agreements Officer, in alignment with the above timelines. These “triggering events” include —

• A Covered Individual or Identified Key Actor having affiliations that could subject the Covered Individual or Identified Key Actor to undue foreign influence or interference by a Foreign Country of Concern; 
• A breach or compromise of nonpublic data; 
• Physical or logical loss of Intellectual Property; 
• An Awardee, subrecipient, Covered Individual or Identified Key Actor becoming a Foreign Entity of Concern; 
• The Awardee being in actual or alleged non-compliance with any Sanctions, Export Control Laws, anti-money laundering laws, or anti-corruption laws; 
• The Awardee failing to make a mandatory Committee on Foreign Investment in the United States (CFIUS) filing; 
• The Awardee receiving written notice from CFIUS that there are unresolved national security concerns after the completion of any review or investigation under section 721 of the Defense Production Act of 1950, as amended by the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA); 
• The Awardee receiving an inquiry from CFIUS regarding a non-notified transaction; or
• The Awardee becoming aware that Developed Technology is being used for military applications. 

Following a triggering event and updated security review, NIST may consider actions to limit any newly identified export risks, such as modifying or terminating the award.

2. Intellectual Property (IP) and Domestic Production

The CHIPS Act, 15 U.S.C. § 4656(g), directs the Department to “develop policies to require domestic production, to the extent possible, for any intellectual property” resulting from R&D conducted as a result of a CRDO award. 15 U.S.C. § 4656(g) also requires CRDO to develop domestic control requirements to protect any such intellectual property from foreign adversaries.

For the purposes of 15 U.S.C. § 4656(g) under this BAA, “intellectual property” means any invention that is or may be patentable under U.S. law; and “foreign adversaries” include any “foreign entity of concern” and “foreign country of concern,” as those terms are defined in 15 U.S.C. § 4651(7)-(8) and 15 C.F.R. §§ 231.102, 231.104, as well as any entity whose actions, policies, or personnel decisions are controlled by a “foreign entity of concern” or “foreign country of concern.”

2.1 Domestic Production

Consistent with 15 U.S.C. § 4656(g), CRDO will impose appropriate domestic production requirements related to intellectual property developed as a result of the award. This could, among other requirements, include requirements related to the manufacture, integration, assembly, testing, and packaging of products, materials, or equipment developed or improved as a result of CHIPS funding. CRDO will require applicants to provide a Commercial Viability and Domestic Production Plan tailored to each application path. 

2.2 Domestic Control

Consistent with 15 U.S.C. § 4656(g), CRDO will include award terms and conditions related to domestic control of intellectual property that results from research and development that is conducted as a result of the award. These terms may include requirements that —

1. At least one domestic entity must own or co-own any Federally-funded intellectual property resulting from work (e.g., CHIPS-funded applicant or sub-awardee activities) conducted under this BAA and must have full rights to enforce the applicable intellectual property rights, at least for a period of years to be determined prior to the final award.
2. At the conclusion of the period of years, ownership of the resulting intellectual property may generally be sold, transferred, or assigned to a foreign entity that is not a foreign adversary.
3. In the event a domestic entity sells, transfers, or assigns ownership of the resulting intellectual property, the entity must promptly disclose such transaction to NIST prior to such transaction.
4. Any owner or co-owner of the resulting intellectual property (including successors in interest) may not sell, transfer, or assign ownership of such intellectual property to a foreign adversary.
5. Any owner of the resulting intellectual property may not license such intellectual property to a foreign adversary, subject to limited specific exceptions determined by NIST.

Depending upon the specifics of a project or the corporate structure and business model of an applicant, CRDO may impose other requirements to achieve the objectives of 15 U.S.C. § 4656(g).

3. Substantial Involvement of CRDO

For awards made in the R&D Project Path, CRDO intends to have ongoing and substantial programmatic involvement with the award recipient throughout the award period of performance, aimed at supporting the recipient’s activities and working jointly with the recipient in a partnership role. Primary responsibility for the operation and management of the project will reside with the award recipient; however, responsibility for specific tasks and activities may be shared between the recipient and CRDO, or between the recipient and other NIST organizations, as described in the award agreement.

4. Administrative Requirements

The award will be subject to administrative requirements set forth in the terms of the award agreement. These may include terms to ensure the appropriate use of Federal funds, compliance with programmatic requirements and commitments made by the applicant in the application, and conditions to mitigate project or applicant specific risks identified in the review process; remedies for noncompliance, including, but not limited to, temporarily withholding or suspending payments, disallowing costs, suspension or termination of the award, the return of funds made available under the award, the initiation of suspension or debarment proceedings in accordance with law; and other terms to ensure the efficient and effective execution of the project.

5. Environmental Authorizations

Certain activities may be subject to various Federal, state, and local requirements related to environmental requirements. CRDO may, at its discretion, request the applicant to provide additional information to support the Department’s environmental review or consultation obligations for proposed activities under consideration in connection with an application for Federal award under the 2025-NIST-CHIPS-CRDO-01 BAA. CRDO may also request further supplementary written information or ask questions during pre-selection interviews, site visits, or other diligence activities.

6. Davis-Bacon Requirements

15 U.S.C. § 4656(h) requires that any construction project that receives financial assistance under the BAA comply with the requirements of 42 U.S.C. § 3212. In particular, all laborers and mechanics employed by the applicant, subrecipients, or contractors or subcontractors in the performance of construction, alteration, or repair work as part of a construction project funded in whole or in part under the 2025-NIST-CHIPS-CRDO-01 BAA, shall be paid wages at rates not less than those prevailing on similar projects in the locality, as determined by the Secretary of Labor in accordance with subchapter IV of chapter 31 of title 40, United States Code, commonly referred to as the “Davis-Bacon Act.” Recipients of funding under the 2025-NIST-CHIPS-CRDO-01 BAA may also be required to undergo Davis-Bacon Act compliance training and to maintain competency in Davis-Bacon Act compliance.²

7. Prohibition on Certain Telecommunications and Video Surveillance Services or Equipment

Recipients, as well as contractors and subrecipients, will not use telecommunications or video surveillance equipment or services produced or provided by Huawei Technologies Company or ZTE Corporation, Hangzhou Hikvision Digital Technology Company, Dahua Technology Company, or any subsidiary or affiliate of such entities as a substantial or essential component of any system, or as critical technology as part of any system developed using Federal funds under this Agreement.

8. Fraud, Waste, and Abuse

The U.S. Department of Commerce Office of Inspector General (OIG) seeks to improve the efficiency and effectiveness of the Department’s programs, including deterring and detecting fraud, waste, abuse, and mismanagement. The OIG accomplishes this mission primarily through investigations, audits, and inspections of Department activities, including grants, cooperative agreements, loans, and contracts.

Disclosures. Recipients of financial assistance from the Department shall timely disclose, in writing, to the OIG and Department, whenever, in connection with the award, performance, or closeout of an award under the 2025-NIST-CHIPS-CRDO-01 BAA, the recipient suspects that a principal, employee, agent, or subrecipient has committed: (a) A violation of Federal criminal law involving fraud, conflict of interest, bribery, or gratuity violations found in Title 18 of the United States Code; or (b) A violation of the Civil False Claims Act (31 U.S.C. §§ 3729-3733).

Reporting. The OIG maintains a hotline to receive allegations of fraud, waste, or abuse. To report such allegations, please visit the DOC OIG Hotline website. Upon request, the OIG will take appropriate measures to protect the identity of any individual who reports misconduct, as authorized by the Inspector General Act of 1978, as amended. Reports to the OIG may also be made anonymously. 

9. Use of Federal Government-Owned Intellectual Property

If the applicant anticipates using any Federal government-owned intellectual property, in the custody of NIST or another Federal agency, to carry out the work proposed, the applicant must clearly identify such intellectual property in its proposal. This information will be used to ensure that no Federal employee involved in the development of the intellectual property will participate in the review process for that competition. In addition, if the applicant intends to use the Federal Government-owned intellectual property, the applicant must comply with all statutes and regulations governing the licensing of Federal government patents and inventions, described in 35 U.S.C. § 200-212, 37 C.F.R. Part 401, 2 C.F.R. § 200.315. Questions about these requirements may be directed to the Chief Counsel for NIST a via e-mail at nistcounsel [at] nist.gov (nistcounsel[at]nist[dot]gov).

Any use of Federal government-owned intellectual property by a recipient of an award under this announcement is at the sole discretion of the Federal government and will need to be negotiated on a case-by-case basis by the recipient and the Federal agency having custody of the intellectual property. The applicant must indicate within the statement of work whether it already has a license to use such intellectual property or whether it intends to seek a license from the applicable Federal agency.

If any inventions made in whole or in part by a NIST employee arise in the course of an award made pursuant to this BAA, the United States Government retains its ownership rights in any such invention.

Licensing or other disposition of the Federal government’s rights in such inventions will be determined solely by the Federal agency which is the custodian of such inventions. 

10. Export Controls

Some activities may require access to export-controlled items and therefore be subject to export control laws and regulations. The recipient and all subrecipients are required to comply with United States export laws and regulations, including, but not limited to, the International Traffic in Arms Regulations and the U.S. Department of Commerce Export Administration Regulations. Under no circumstances may foreign entities (organizations, companies, or persons) obtain access to export-controlled items unless such access is authorized pursuant to law or regulation. 

If involvement of foreign entities in award activities is approved by CRDO, recipients must develop measures to properly protect export-controlled information. Approval of foreign entity involvement by CRDO does not constitute approval or waiver of any export licensing or other export requirements or prohibitions. 

11. Funding Availability and Limitation of Liability

Funding for the 2025-NIST-CHIPS-CRDO-01 BAA is contingent upon the availability of funds. Neither NIST nor the Department of Commerce will be responsible for application preparation costs. Publication of the 2025-NIST-CHIPS-CRDO-01 BAA does not oblige NIST or the Department of Commerce to award any specific project or to obligate any available funds.

12. Management Systems and Procedures

Recipient organizations are expected to have systems, policies, and procedures in place by which they manage award funds and activities. Recipients may use their existing systems to manage award funds and activities as long as they are consistently applied regardless of the source of funds and across their business functions. To ensure that an organization is committed to compliance, recipient organizations are expected to have in use clearly delineated roles and responsibilities for their organization’s staff, both programmatic and administrative; written policies and procedures; training; management controls and other internal controls; performance assessment; administrative simplifications; and information sharing.

13. Financial Management System Standards

Recipients must have in place accounting and internal control systems that provide for appropriate monitoring of other transaction accounts to ensure that obligations and expenditures are congruent with programmatic needs and are reasonable, allocable, and allowable. In addition, the systems must be able to identify unobligated balances, accelerated expenditures, inappropriate cost transfers, and other inappropriate obligation and expenditure of funds, and recipients must notify NIST when problems are identified. A recipient’s failure to establish adequate control systems will constitute a material violation of the terms of the award.

14. Safety

NIST is committed to maintaining a work environment that safeguards the public and the environment, as well as Government personnel and property. Employees, contractors, and other associates of award recipients who conduct project work at a NIST-owned or operated site will be required to comply with all applicable NIST safety policies and procedures, and with all applicable terms of their guest research agreement.

Personal Protective Equipment (PPE). NIST may provide the following generic PPE: reusable hard hats, lab coats, non-prescription safety glasses, face shields, laser safety glasses, clean room PPE where required, and disposable gloves and earplugs. The employer shall provide all required person-specific, non-disposable, PPE specific to the work performed and the associated hazards. This type of PPE may include but is not limited to custom-fitted safety shoes and prescription safety glasses.

Allowable Costs. Applicants may request funding for any required person-specific, non-disposable, personal protective equipment (PPE) that is specific to the work that will be performed, as well as for any required medical services and tests. Applicants may include in the budget the costs necessary and reasonable to meet any safety equipment and medical services requirements associated with work to be performed under an award.

Medical Services Related to Safety/Hazards. NIST shall perform health hazard evaluations associated with the recipient’s employees, contractors, and associates work at a NIST-owned or operated site that involves the potential exposure to a health hazard, to make the determination of the need for medical surveillance. Award recipients are responsible for providing the medical services and tests required for any applicable medical surveillance program.

15. Compliance with Executive Orders

The Department expects recipients to comply with applicable Executive Orders, and the award agreement will include explicit terms requiring compliance with Executive Order 14173, 90 FR 8633 (Jan. 21, 2025).

16. Reporting Requirements

Financial and Performance Reports. Each recipient may be required to submit periodic financial, performance, and/or technical reports. Detailed reporting requirements will be outlined in the terms and conditions of the award.

Patent and Property Reports. As applicable, and in accordance with the terms and conditions governing the award, the recipient may be required to submit property and patent reports.

Audit Requirements. Any recipient that expends Federal awards of $1,000,000 or more in the recipient’s fiscal year must conduct a single or program specific audit similar to the requirements set out in the 2 C.F.R. Part 200, Subpart F. Additionally, unless otherwise specified in the terms and conditions of the award, entities that are not subject to Subpart F of 2 C.F.R. Part 200 (e.g., for-profit commercial entities) that expend $1,000,000 or more in DOC funds during their fiscal year must submit to the assigned NIST Agreements Officer either (1) a financial related audit of each DOC award or subaward in accordance with Generally Accepted Government Auditing Standards or (2) a project specific audit for each award or subaward with similar content to that requested in 2 C.F.R. § 200.507. Applicants are reminded that CRDO, the U.S. Department of Commerce Office of Inspector General, or another authorized Federal agency may conduct an audit of an award at any time.

17. Foreign Partners and Activities

For R&D Path awards, subject to CRDO review and written approval, foreign organizations may participate as members of a project team, as subrecipients, or as contractors, provided that they are not a foreign entity of concern. For the purposes of this BAA —

• a foreign entity is any entity that is not a domestic entity.
• a domestic entity is an entity (a) organized under the laws of the United States or any jurisdiction within the United States and (b) having a principal place of business in the United States. The principal place of business generally means the place where an entity’s officers direct, control, and coordinate the entity’s activities. A foreign adversary cannot be considered a domestic entity.

Funded work must be conducted within the United States, though certain tasks outside the United States may be allowed, at the sole discretion of CRDO, based on the unique and specific capabilities available at the foreign location, their relevance to the BAA objectives, and the lack of comparable capabilities in the United States.

CRDO must provide written approval for a foreign partner’s participation in a funded project prior to the foreign partner engaging in any project-related work. Such participation may include receipt of CHIPS funding, receipt of CHIPS-funded intellectual property, or research activities occurring outside of the United States.

The applicant must provide CHIPS R&D with a written justification demonstrating:

1. That the foreign partner’s involvement is essential to advancing program objectives, such as by offering access to unique facilities, IP, or expertise that is otherwise not readily available in the United States;
2. That, if any phase of the CHIPS-funded work occurs outside the United States, this is essential and the partnership does not jeopardize the soundness of the project’s proposed pathway to domestic production.
3. The adequacy of any agreements and protocols between the applicant and foreign partner regarding IP protection and data protection;
4. As applicable, the foreign partner will comply with any necessary nondisclosure agreements, security regulations, export control laws, audit requirements, and other governing statutes, regulations, and policies;
5. The foreign entity is not based in a “foreign country of concern,” as that term is defined at 15 U.S.C. § 4651(7) and implemented by the final rule entitled Preventing the Improper Use of CHIPS Act Funding, 88 FR 65600 (Sept. 25, 2023), codified at 15 C.F.R. § 231.104; and
6. The foreign partner agrees to be subject to a security review by CHIPS R&D, which may include a risk assessment of IP leakage, if appropriate. 

[1] For the purposes of this BAA, and consistent with 42 U.S.C. § 6605(d)(1), the term “covered individual” means “an individual who (1) contributes in a substantive, meaningful way to the scientific development or execution of a research and development project proposed to be carried out with a research and development award from a Federal research agency; and (2) is designated as a covered individual by NIST.” Covered individuals include any identified principal investigators, co-investigators, and associate investigators and any individual listed by the applicant as “key personnel” or as a “Senior/Key Person” or for whom a resume or CV is included. Personnel who participate only through isolated tasks that are incidental to the research (for example, setting up equipment or performing administrative functions), and those individuals who support research by executing discrete tasks as directed are not covered individuals. Disclosures from broader classes of individuals (e.g., certain graduate students and undergraduate students) will generally be unnecessary, except when the activities of such an individual in a specific proposal rise to the level of meeting the definition of a “covered individual”.

[2] The U.S. Department of Labor offers free prevailing wage seminars several times a year that meet this requirement at https://www.dol.gov/agencies/whd/government-contracts/construction/seminars. For additional guidance on how to comply with the Davis-Bacon provisions and clauses, see https://www.dol.gov/agencies/whd/government-contracts/construction and https://www.dol.gov/agencies/whd/government-contracts/protections-for-workers-in-construction.