FAR Rule Prohibits Federal Procurement of Semiconductors from CXMT and YMTC Beginning August 2026

The FAR Council published a final rule in the Federal Register on May 15, 2026 adding Changxin Memory Technologies — CXMT — and Yangtze Memory Technologies Company — YMTC — to the list of covered entities whose products are prohibited in federal procurement under Section 5949 of the FY 2023 National Defense Authorization Act. The rule, effective August 1, 2026, adds a new FAR clause at 52.204-XX that contracting officers must insert in solicitations and contracts for information technology or telecommunications services and equipment. Contractors must represent that equipment and services they provide do not contain semiconductors from CXMT, YMTC, or any entity owned by or operating under the direction of the People's Republic of China that has been added to the FAR prohibition list. The rule builds on the existing prohibition framework established by the FY 2019 NDAA's ban on Huawei and ZTE telecommunications equipment, extending the supply chain restriction from the system-integration layer to the semiconductor production layer.

Scope of CXMT and YMTC Products in the Federal Supply Chain

CXMT is China's primary dynamic random-access memory manufacturer, producing DRAM chips used in servers, personal computers, networking equipment, and embedded systems across a wide range of commercial electronics. YMTC produces NAND flash memory — the type of semiconductor storage used in solid-state drives, USB drives, and memory cards — and has been expanding its global market share aggressively since 2022 despite being added to the Commerce Department's Entity List that year. Both companies sell memory chips primarily as commodity components into the global electronics supply chain, meaning that federal contractors may be handling CXMT or YMTC semiconductors in finished equipment purchased from American or allied-nation original equipment manufacturers without direct awareness of the underlying chip provenance. A server purchased from a U.S. manufacturer may contain DRAM or NAND modules from multiple suppliers, and the OEM may not have visibility several tiers down its supply chain into the specific fab that produced those modules. The FAR rule creates a contractor compliance obligation that reaches into this supply chain complexity: contractors must either have a supply chain visibility program capable of identifying chip-level provenance or avoid product categories where CXMT or YMTC market presence is significant.

Implementation Challenges and Waiver Provisions

The FAR Council acknowledged in the rule's preamble that full supply chain transparency at the semiconductor level is not immediately achievable for all product categories, and the rule includes a waiver provision that allows agency heads to grant limited-duration waivers when compliance is technically impractical and a compliant alternative is not available at reasonable cost. The waiver provision mirrors the structure used for the Huawei and ZTE prohibition waivers and is intended to provide relief for situations where a specific equipment category has no commercially available alternative that does not rely on CXMT or YMTC memory components. However, the waiver process requires affirmative agency action and documentation of the technical impracticality, which places a significant burden on agencies that must manage waiver requests for equipment across multiple contractors and contracts. Federal contractors should not assume that a waiver will be available or granted; the recommended approach is to work proactively with suppliers to identify compliant alternatives before the August 1, 2026 effective date.

What It Means for Contractors

The CXMT and YMTC FAR prohibition creates supply chain compliance obligations that extend to memory chips embedded in servers, storage systems, networking equipment, and other IT products delivered to federal customers.

• Contractors providing IT hardware under federal contracts should immediately conduct a supply chain mapping exercise to identify products in their portfolio that contain DRAM or NAND flash memory, then trace those components to their manufacturers; this is a multi-tier supply chain exercise that may require engaging OEM partners and distributors with specific data requests about component provenance.
• The August 1, 2026 effective date is four months from the rule's publication — a timeline that is likely insufficient for full supply chain remediation in product categories where CXMT or YMTC market share is substantial; contractors should identify impacted product lines now and begin the waiver process if compliant alternatives are not available.
• The new FAR clause at 52.204-XX will require affirmative contractor representation at contract award; making a false representation in a contract certification is a potential FCA exposure, so the compliance program must be documented and accurate before the representation is made.
• The broadest practical impact is likely on servers and storage systems, where DRAM and NAND memory costs drive OEM purchasing decisions toward the lowest-cost compliant suppliers; contractors should verify whether their server OEM partners have proactively established compliant supply chains or whether memory sourcing decisions have been left to component-level distributors.

Supply Chain Mapping and Product Compliance Assessment

The practical compliance challenge of the CXMT and YMTC prohibition is fundamentally a supply chain transparency problem. Memory chips are commodity components that move through multiple layers of the electronics supply chain — from fab to memory module manufacturer to system OEM to reseller to end customer — and the provenance of specific chips in a finished product is typically not visible at the point of purchase. A server purchased from a U.S.-headquartered OEM may contain DRAM modules sourced from a memory module manufacturer that purchased chips from CXMT or YMTC based on price and availability at a particular point in the production cycle. The OEM may not track chip-level provenance across its memory module supply base, and the contracting officer issuing the server procurement has no visibility into the component stack at all. The FAR rule creates a compliance obligation that runs downstream through this supply chain: the contractor delivering the server to the government must represent that it does not contain CXMT or YMTC semiconductors, which requires the contractor to have obtained that assurance from the OEM, which requires the OEM to have obtained it from the memory module supplier, which requires the module supplier to have obtained it from its chip sourcing channels. Building out this chain of assurance requires investments in supply chain transparency tools — product bill-of-materials databases, component provenance tracking systems, and supplier certification programs — that the defense industrial base has not uniformly deployed at the chip level. Contractors that have already invested in Trusted Supplier programs under the existing DFARS supply chain risk management clause will be better positioned to meet the CXMT and YMTC compliance obligation, as those programs often include component-level provenance tracking.

Sources

• FAR Rule — Federal Prohibition on CXMT/YMTC Semiconductors (May 15, 2026)
• FAR 52.204-25 — Prohibition on Contracting for Certain Telecommunications
• Commerce Department Entity List — Bureau of Industry and Security