How Compliant Are Fortinet’s Products to TAA Regulations?

The Trade Agreement Act (TAA) is a piece of legislation that ensures and fosters the growth and maintenance of fair and open international trading. Predominantly, TAA outlines that the U.S. government can only acquire products that have been manufactured or “substantially transformed” in the U.S. or certain designated, TAA-compliant countries.

TAA was created to encourage fair international trade with designated countries. So any organization that works with products or services manufactured outside of the U.S. needs to be aware of the restrictions of TAA compliance.

Federal, local, and state government buyers can receive government-wide contracts with the General Services Administration (GSA). The GSA Schedules, also known as Multiple Award Schedules (MAS) or Federal Supply Schedules (FSS), give these agencies access to over 11 million products and services from commercial firms at a discounted cost. As a government department, all products and services sold by GSA contract holders must be manufactured in the U.S. or other TAA-compliant countries.

This includes security products from companies like Fortinet. Fortinet TAA products and services are widely available.

How To Identify a Product That Is Compliant with TAA

Understanding products that are TAA-compliant is reliant on knowing which countries are included in the legislation. To comply with TAA, organizations must ensure products are either fully manufactured in the U.S. or at least 50% produced by a designated TAA-compliant country.

Organizations that have a GSA Schedule must agree that products or services that come from outside the U.S. have been “substantially transformed.” This means the product has been transformed into a new commercial product with a different name, use, or character from the original.

TAA-Compliant Countries

Countries that are compliant with the TAA legislation are liable to change. However, the compliant list includes the following:

1. Nations that are included in the World Trade Organization Government Procurement Agreement
2. All countries in the Free Trade Agreement
3. Nations in the least developed countries
4. All Caribbean Basin countries

Non TAA-Compliant Countries

The main countries to be wary of are China, India, Malaysia, and Russia, which are major manufacturing countries that are not listed on the compliance list. All countries on the TAA noncompliance list are:

1. China
2. India
3. Indonesia
4. Iran
5. Iraq
6. Malaysia
7. Pakistan
8. Russia
9. Sri Lanka

To remain TAA-compliant, organizations should consider the following checklist:

1. Maintain documentation of all supplier agreements, including any letters of supply.
2. Ensure the proper and correct documentation around the country of origin of any product. This includes any origin markings and codes denoting the product’s country of origin and current or most recent country of origin.
3. Maintain a detailed inventory of all sample products, as well as product matching and product markings.
4. Ensure the organization is up to date with the latest protection information from the U.S. Customs Border and Protection.
5. Regularly take part in product market training and sampling.
6. Research issues around TAA compliance to remove issues as quickly as possible.
7. Seek professional help if the organization has done a significant volume of sales with any country on the TAA noncompliance list.
8. Only use approved and compliant products and services, such as Fortinet TAA-approved security solutions.

Significance of TAA

TAA compliance is crucial to ensuring that organizations do not do business with non-TAA companies or purchase products or services that originated in non-compliant countries. Doing so would result in an organization breaking its GSA Schedule terms and conditions.

TAA outlines that the U.S. government can only acquire products and services made in the U.S. The legislation is therefore crucial to ensuring organizations only purchase compliant solutions, like Fortinet TAA products and services.

Fortinet’s TAA-Compliant Products

The Fortinet company is committed to TAA compliance. All Fortinet security products are TAA-compliant, ensuring customers that need to meet the legislation’s requirements can rely on Fortinet TAA solutions. Fortinet provides both G and USG products, and the following standards apply:

1. Fortinet’s G and USG products are validated as compliant with the country of origin requirements as mandated by TAA guidelines.
2. Fortinet’s USG products are defaulted to only receive firmware, software, and security updates from designated servers located in the USA.
3. S. Federal customers can get technical support on USG products. This is covered by Fortinet’s FortiCare maintenance plan and provided by U.S. citizens who work in a dedicated Technology Assistance Center that is also located in the USA.

All of Fortinet’s G and USG products can be easily spotted for purchasing purposes because they are assigned with a product SKU that finishes with -G and -USG. By using these products, you need not worry whether they are compliant with TAA regulations or not.