Uniqcli
Technician inspecting network equipment for supply-chain compliance

Explainer

What Is NDAA Section 889 Compliance? Covered-Equipment Ban Explained

A procurement engineer's guide to the covered-equipment ban, the prohibited manufacturers, and how Section 889 differs from TAA.

By Uniqcli Team

NDAA Section 889 compliance is the ability to demonstrate that the equipment, systems, and services an organization sells to — or operates on behalf of — the U.S. federal government do not use "covered" telecommunications or video-surveillance equipment from five named Chinese manufacturers. The requirement comes from Section 889 of the John S. McCain National Defense Authorization Act (NDAA) for Fiscal Year 2019, which places that equipment off-limits across the federal supply chain.

The rule targets specific security risks — surveillance, data exfiltration, and network compromise — rather than product quality or country of manufacture. It applies through two parts with staggered effective dates and is enforced in federal contracts through standard Federal Acquisition Regulation (FAR) clauses and self-representations. For IT and procurement teams, 889 has become a routine gate: covered gear can disqualify a bid, void a contract, or force removal from an existing deployment.

How does Section 889 work?

Section 889 has two operative parts. Part A — 889(a)(1)(A), effective August 13, 2019 — bars federal agencies from buying or renewing contracts for any equipment, system, or service that uses covered telecommunications equipment as a "substantial or essential component" of a system or as "critical technology." Part B — 889(a)(1)(B), effective August 13, 2020 — goes further: it bars agencies from contracting with any entity that uses such equipment anywhere in its own operations, even on unrelated commercial work.

Compliance is enforced through FAR clauses 52.204-24, 52.204-25, and 52.204-26. Offerors represent their status in SAM.gov and at the contract or order level, and a documented "reasonable inquiry" into their own systems is expected before answering. An affirmative "we use covered equipment" answer generally stops the award unless a narrow statutory exception or an agency-head waiver applies.

Which manufacturers and equipment are covered?

Section 889 names five Chinese companies. Huawei and ZTE are covered for their telecommunications equipment; Hytera, Hangzhou Hikvision, and Dahua are covered for video-surveillance and telecommunications equipment tied to public safety, government-facility security, critical-infrastructure surveillance, and similar national-security purposes. The prohibition extends to any subsidiary or affiliate of these entities — which matters because the same hardware is often sold under other brand names through OEM or private-label arrangements. Identifying a covered product therefore means tracing the actual manufacturer, not just the label on the box.

The ban reaches equipment that uses covered technology as a "substantial or essential component of any system, or as critical technology as part of any system," so a camera, router, or module built on a covered chipset or platform can pull an otherwise-unbranded product into scope. Routing and switching gear, IP cameras, network video recorders, and cellular gateways are the categories most often flagged during screening.

How is Section 889 different from TAA compliance?

Section 889 and the Trade Agreements Act (TAA) are separate requirements that procurement teams often must satisfy at the same time, and passing one does not imply the other. Section 889 is a manufacturer ban: it asks who made the equipment and whether that maker (or its affiliates) is on the covered list, regardless of where the product was assembled. TAA is a country-of-origin rule: it asks where a product was wholly manufactured or "substantially transformed," and permits only the United States and designated countries.

The practical result is that a product can pass one test and fail the other. A device assembled in a TAA-designated country could still contain a covered module and fail 889; conversely, a 889-clean product made in a non-designated country would fail TAA. Equipment manufactured in China typically fails both. Buyers supporting federal work should confirm each requirement independently rather than treating one certification as a proxy for the other.

When do you need to check Section 889 compliance?

Section 889 applies to essentially all federal prime contracts and the orders beneath them, across civilian and defense agencies, with no small-purchase or commercial-item carve-out — the representation is required even for micro-purchases. Its reach also extends to recipients of federal grant and loan funds in many programs. If a product will be sold to a federal customer, used to perform a federal contract, or bought with federal money, 889 is in scope.

In day-to-day terms, you check whenever you respond to a federal solicitation, add a SKU to a GSA Schedule or contract vehicle, refresh a bill of materials, or onboard a networking or surveillance product into an environment that touches federal work. Because Part B covers an entity's own internal use, organizations also screen the gear inside their own offices and data centers — not only what they resell.

What should buyers consider when sourcing covered-equipment-sensitive products?

Effective screening starts at the true-manufacturer level. Ask vendors for a written Section 889 statement, trace OEM and private-label relationships back to the actual producer, and check subsidiaries and affiliates of the named companies rather than relying on the brand printed on the chassis. Component-level visibility matters most for cameras, recorders, radios, and network gear, where a covered chipset or module can sit inside an unfamiliar brand.

Keep the compliance evidence with the record: manufacturer attestations, country-of-origin data for the parallel TAA question, and the date and basis of your reasonable inquiry. Re-verify when a product is revised or a supplier changes sources, because a compliant SKU can drift as its bill of materials changes. Where a covered item is genuinely unavoidable, the only lawful paths are the statute's narrow exceptions or a formal agency waiver — not an informal workaround.

Key takeaways

  • Section 889 is a manufacturer ban, not a country-of-origin rule: it targets five named Chinese companies — Huawei, ZTE, Hytera, Hikvision, and Dahua — plus their subsidiaries and affiliates.
  • Two parts, two dates: Part A (Aug 13, 2019) bars agencies from buying covered equipment; Part B (Aug 13, 2020) bars them from contracting with entities that use it internally.
  • The prohibition reaches covered gear used as a "substantial or essential component" or "critical technology," so private-label products built on covered platforms are in scope.
  • Section 889 and TAA are independent requirements — a product can pass one and fail the other, so verify each separately.
  • Compliance runs through FAR clauses 52.204-24, 52.204-25, and 52.204-26 with SAM.gov representations, and requires a documented "reasonable inquiry."
  • Screen at the true-manufacturer level, keep written attestations on file, and re-check whenever a bill of materials or supplier changes.

Shop it at Uniqcli

Frequently asked

Is NDAA Section 889 the same as TAA compliance?
No. Section 889 is a manufacturer ban that asks whether equipment comes from five named Chinese companies (or their affiliates), regardless of where it was made. The Trade Agreements Act is a country-of-origin rule that asks whether a product was manufactured or substantially transformed in the United States or a designated country. A product can meet one and fail the other, so federal buyers typically verify both independently.
Which manufacturers are prohibited under Section 889?
Five Chinese companies are named. Huawei and ZTE are covered for telecommunications equipment; Hytera, Hangzhou Hikvision, and Dahua are covered for video-surveillance and telecommunications equipment used for public-safety and security purposes. The ban also covers any subsidiary or affiliate of these companies, which is why the same restricted hardware can appear under other brand names.
Does Section 889 apply to equipment a company uses internally?
Yes, through Part B, effective August 13, 2020. Part B prohibits agencies from contracting with an entity that uses covered equipment anywhere in its operations — not only in what it sells to the government. That is why organizations screen the gear in their own offices, networks, and data centers, and not just the products they resell.
Are there any exceptions or waivers to Section 889?
Yes, but they are narrow. The statute allows limited exceptions — for example, certain service-provider and backhaul situations, and equipment that cannot route or redirect user data — and an agency head can grant a one-time waiver under specific conditions. These are formal, documented paths, not a substitute for screening, and a contractor cannot grant a waiver to itself.

About the author

Uniqcli Team

Uniqcli's newsroom, buying guides and glossary are produced by our in-house team — seven procurement and technology professionals who source, screen and integrate IT and security hardware every day, working with two editors. Practitioners draft from live sourcing and integration work; editors review every piece for accuracy and plain language before it publishes.

More about the Uniqcli Team

Speccing hardware for a project?

Send your requirement or a bill of materials — we confirm stock, TAA country of origin and a below-market total. No payment up front.