Earlier this month, the Department of Justice (DOJ) announced that Swiss Automation Inc., an Illinois-based precision machining company, agreed to pay $421,234 to resolve allegations that it violated the False Claims Act (FCA) by inadequately protecting technical drawings for parts delivered to Department of Defense (DoD) prime contractors. This settlement reflects DOJ’s persistent emphasis on cybersecurity compliance across all levels of the defense industrial base, reaching beyond prime contractors to encompass subcontractors and smaller suppliers. The settlement is also a reminder to all contractors not to overlook the often confusing relationship between Controlled Unclassified Information (CUI) and export-controlled information.Continue Reading An ITAR-ly Critical Reminder of Cybersecurity Requirements: DOJ Settles with Swiss Automation, Inc.
Eleventh Circuit Hears Argument on False Claims Act Qui Tam Constitutionality
On the morning of December 12, 2025, the Eleventh Circuit heard argument in United States ex rel. Zafirov v. Florida Medical Associates, LLC, et al., No. 24-13581 (11th Cir. 2025). This case concerns the constitutionality of the False Claims Act (FCA) qui tam provisions and a groundbreaking September 2024 opinion in which the United States District Court for the Middle District of Florida held that the FCA’s qui tam provisions were unconstitutional under Article II. See United States ex rel. Zafirov v. Fla. Med. Assocs., LLC, 751 F. Supp. 3d 1293 (M.D. Fla. 2024). That decision, penned by District Judge Kathryn Kimball Mizelle, was the first success story for a legal theory that has been gaining steam ever since Justices Thomas, Barrett, and Kavanaugh indicated they would be willing to consider arguments about the constitutionality of the qui tam provisions in U.S. ex rel. Polansky v. Exec. Health Res., 599 U.S. 419 (2023). In her opinion, Judge Mizelle held (1) qui tam relators are officers of the U.S. who must be appointed under the Appointments Clause; and (2) historical practice treating qui tam and similar relators as less than “officers” for constitutional purposes was not enough to save the qui tam provisions from the fundamental Article II infirmity the court identified. That ruling was appealed and, after full briefing, including by the government and a bevy of amici, the litigants stepped up to the plate this morning for oral argument.Continue Reading Eleventh Circuit Hears Argument on False Claims Act Qui Tam Constitutionality
From Yellow Jackets to Red Flags: DOJ Stings Georgia Tech for Alleged Cybersecurity Noncompliance
On September 30, 2025, the Department of Justice (DOJ) announced that Georgia Tech Research Corporation (GTRC) agreed to pay $875,000 to settle allegations that it violated the False Claims Act (FCA) and federal common law by failing to meet cybersecurity requirements under certain Air Force and Defense Advanced Research Projects Agency (DARPA) contracts. The settlement adds to the growing list of recoveries under DOJ’s Civil Cyber-Fraud Initiative and is yet another example of DOJ’s ongoing enforcement focus on cybersecurity obligations for federal contractors handling sensitive government information. The settlement also provides insight into how government contractors may challenge FCA liability when faced with allegations of cybersecurity noncompliance.Continue Reading From Yellow Jackets to Red Flags: DOJ Stings Georgia Tech for Alleged Cybersecurity Noncompliance
Hardening Software Security: DOJ’s Civil Cyber Fraud Settlements Continue to Illumina[te] the Importance of Cybersecurity
On July 31, 2025, the Department of Justice (DOJ) announced that Illumina, Inc. will pay $9.8 million to resolve allegations that it violated the False Claims Act (FCA) by selling genomic sequencing systems with software containing cybersecurity vulnerabilities to federal agencies. This is the first FCA settlement involving claims that a medical manufacturer failed to incorporate adequate product cybersecurity into its software design and development.Continue Reading Hardening Software Security: DOJ’s Civil Cyber Fraud Settlements Continue to Illumina[te] the Importance of Cybersecurity
Ninth Circuit Decision Underscores Increasing False Claims Act Risks to U.S. Importers
On June 23, 2025, the Ninth Circuit issued a long-awaited decision in Island Industries Inc. v. Sigma Corp. affirming a $26M False Claims Act (“FCA”) judgment against the defendant importer. Sigma had appealed the judgment after a jury found the company violated the FCA by failing to pay customs duties owed to U.S. Customs and Border Protection (“CBP”). The Ninth Circuit’s decision addresses an important jurisdictional issue and illustrates the significant financial exposure importers can face under the FCA at a time of increased tariffs and enforcement by the government. Continue Reading Ninth Circuit Decision Underscores Increasing False Claims Act Risks to U.S. Importers
DOJ’s Civil Rights Fraud Initiative Bolsters Threat of False Claims Act Enforcement Under “Anti-DEI” Executive Order
On May 19, 2025, Deputy Attorney General Todd Blanche issued a Memorandum creating the Civil Rights Fraud Initiative that will “utilize the False Claims Act to investigate and . . . pursue claims against any recipient of federal funds that knowingly violates federal civil rights laws.” According to the Memorandum, though racial discrimination has “always been illegal,” the Administration posits that “many corporations and schools continue to adhere to racist policies and preferences—albeit camouflaged with cosmetic changes that disguise their discriminatory nature.” In an effort to prevent federal funds from being used in connection with or support of these purportedly racist policies and preferences, the Initiative will wield the power of the False Claims Act, the government’s most powerful tool to fight fraud, waste, and abuse.Continue Reading DOJ’s Civil Rights Fraud Initiative Bolsters Threat of False Claims Act Enforcement Under “Anti-DEI” Executive Order
For Better or MORSE: Another Settlement Under DOJ’s Civil Cyber-Fraud Initiative
On March 26, 2025, the Department of Justice (DOJ) announced that defense contractor MORSECORP Inc. (MORSE) will pay $4.6 million to settle allegations that MORSE violated the False Claims Act (FCA) by failing to comply with cybersecurity requirements and subsequently submitting false or fraudulent claims for payment in its contracts with the Departments of the Army and Air Force. This is the first FCA settlement that is based on a defense contractor’s failure to reevaluate and promptly update its self-assessment score in the Supplier Performance Risk System (SPRS) after a third-party assessment resulted in a lower score.Continue Reading For Better or MORSE: Another Settlement Under DOJ’s Civil Cyber-Fraud Initiative
The Top FCA Developments of 2024
FY 2024 saw continued growth in False Claims Act enforcement, with a record year for new qui tam and government-initiated actions, and the highest total recovery in three years. Enforcement of pandemic-related fraud and cybersecurity noncompliance increased, and health care, procurement, and small business fraud violations were again priority areas. A groundbreaking opinion from the
AG Nominee Pam Bondi Confirms Commitment To Defending Constitutionality of False Claims Act as Qui Tam Provisions Face Scrutiny in the Courts
Yesterday, less than an hour into the first day of confirmation hearings for attorney general nominee Pam Bondi, Senator Chuck Grassley (R-IA) questioned Bondi on her commitment to defending the constitutionality of the False Claims Act (FCA) if she is confirmed. Bondi responded that she would “of course” defend the constitutionality of the FCA and that she understands the importance of whistleblowers, the FCA’s protections, and “the money it brings back to our country.” Senator Grassley’s questioning indicated he was focused on the FCA’s qui tam provisions, as it comes on the heels of U.S. ex rel. Zafirov v. Florida Medical Associates, Inc., — F.Supp.3d –, 2024 WL 4349242 (M.D. Fla. Sept. 30, 2024), a first-of-its-kind decision from Judge Kathryn Kimball Mizelle, who held that the FCA’s qui tam provisions improperly appoint a relator “an officer of the United States” in violation of the Appointments Clause in Article II of the Constitution, and are therefore unconstitutional. Senator Grassley appeared to be seeking assurances about Bondi’s willingness to ensure the Department of Justice continues to defend the FCA’s qui tam provisions and commit the resources necessary to do so.Continue Reading AG Nominee Pam Bondi Confirms Commitment To Defending Constitutionality of False Claims Act as Qui Tam Provisions Face Scrutiny in the Courts
Allegations of a Litany of Lyin’: Penn State Settles Claims of Cybersecurity Noncompliance
On October 22, 2024, the Department of Justice (DOJ) announced that Pennsylvania State University (Penn State) will pay $1.25 million to resolve allegations that it violated the False Claims Act (FCA) by failing to comply with contractually mandated cybersecurity requirements by the Department of Defense (DoD) and National Aeronautics and Space Administration (NASA). The announcement marks the most recent settlement under DOJ’s Civil Cyber-Fraud Initiative although, unlike prior settlements, there is no allegation of a cybersecurity incident or breach that was related to or caused by the contractor’s alleged noncompliance.Continue Reading Allegations of a Litany of Lyin’: Penn State Settles Claims of Cybersecurity Noncompliance