U.S. General Services Administration
Trade Agreements Act compliance and supply chain security on MAS
Our Multiple Award Schedule contracts are a great way to acquire safe, secure products and services that comply with foreign acquisition rules.
TAA compliance
What is prohibited: MAS contract offerings are subject to the TAA, meaning contractors must provide only U.S.-made or designated country end products and services.
What we do: GSA incorporates the required TAA clause and provision into the MAS solicitation and resulting contracts. MAS contractors certify the country of origin for each product which is displayed on GSA Advantage (U.S. products are highlighted with an American flag icon). Contracting officers have extensive access to supply chain data that flags potentially non-compliant products offered to us.
Order-level actions: No additional steps are required. If product or package marketing suggests an item was manufactured in a non-TAA compliant country, please report it using the “Report Incorrect Product Listing” feature on GSA Advantage.
Supply chain security
What is prohibited: Federal agencies face an increasing number of threats that pose risks to the integrity, security, and resilience of the federal supply chain. Specific prohibitions are outlined in FAR part 40 (GSA Class Deviation RFO-2025-40) Information Security and Supply Chain Security.
What we do: We reduce supply chain risk by incorporating the security prohibition provision and clause at 52.240-90 (GSA Class Deviation RFO-2025-52) and 52.240-91 (GSA Class Deviation RFO-2025-52), respectively, into the MAS solicitation and resulting contracts. This ensures that suppliers are contractually obligated to meet specific security requirements. In addition, we conduct upfront compliance screenings, perform ongoing monitoring, and leverage supply chain illumination tools to identify and remove prohibited or high-risk products and suppliers from the program. When new exclusion orders are issued, we notifiy impacted customers when possible.
Order-level actions (when needed): Most MAS acquisitions do not require additional steps. However, ordering agencies may need to take additional actions such as:
- Including additional order-level security controls for higher-risk requirements such as patching, maintenance, incident reporting, enhanced security standards, and so on.
- Awarding software in accordance with agency-level policies and processes that match agency risk determination and needs .
- Reviewing items awarded as order-level materials, since OLMs are not awarded under the MAS contract and have not been reviewed or approved by our agency.
- Taking action to remove or replace prohibited items if new governmentwide restrictions apply.
- Using GSA’s SCRIPTS BPAs to acquire tools and services that support supply chain risk identification and mitigation for higher-risk acquisitions