Potential New SBIR Rules in 2026 Spending Deal

A newly unveiled federal spending package is sending ripples through the U.S. research community with a slate of provisions that could reshape how agencies handle their Small Business Innovation Research (SBIR) funds and related R&D obligations. Congressional appropriators from the House and Senate released a conferenced Fiscal Year 2026 appropriations bill this week that, in the absence of a formal SBIR program reauthorization, lays down detailed directives affecting SBIR dollars, small-business contracting, and research grant oversight at major agencies. The bill – a three-bill, bipartisan funding package covering the Departments of Energy, Commerce, Justice, Interior, NASA, the National Science Foundation (NSF) and more – represents a compromise blueprint that must now clear both chambers of Congress(**). House Speaker Mike Johnson said he plans to bring the package to a vote within days, racing a January 30 deadline when existing stopgap funding runs out(**). If enacted, the legislation would not only avert a government shutdown but also introduce a host of new rules and flexibilities with significant implications for the SBIR landscape at science agencies. Below, we break down the key SBIR-relevant measures – and what they could mean for small innovators and federal labs – as well as the procedural steps ahead to make this proposal law.

DOE Gets Latitude to Reprogram SBIR Funds in Absence of Reauthorization

One noteworthy section of the bill quietly hands the Department of Energy (DOE) more freedom to manage its SBIR and related research funds amid the program’s uncertain status. Section 309 of the Energy and Water Development division allows DOE to reprogram funds set aside for SBIR, Small Business Technology Transfer (STTR), and the department’s Technology Commercialization Fund (TCF) within each of its R&D accounts, without the usual bureaucratic hurdles that come with shifting appropriated money. Specifically, funding allocated under DOE’s clean energy, electricity, fossil energy, cybersecurity, and science programs “for the purposes of section 9 of the Small Business Act” – the statute authorizing SBIR/STTR – or for TCF activities may be moved around inside the same account at will, exempt from the normal reprogramming restrictions (which typically require advance notice to Congress over certain dollar thresholds). The only caveat is that DOE’s program offices must coordinate these award decisions with the offices overseeing the original funds, ensuring some internal oversight even as flexibility expands.

Implication: For DOE and its network of national labs and research offices, this provision is a timely pressure valve. The SBIR/STTR program’s authorization lapsed on October 1, 2025, when Congress failed to extend it(**). In practical terms, that lapse has meant agencies cannot initiate new SBIR awards until reauthorization, leaving pots of set-aside money in limbo. DOE normally must reserve a few percent of its R&D budget for SBIR/STTR and an additional portion for the TCF (which funds commercialization of DOE-backed technologies). Section 309 suggests that lawmakers are giving DOE leeway to keep those innovation-focused funds from sitting idle. If SBIR remains stalled, DOE could channel unused SBIR dollars into TCF projects or among SBIR/STTR efforts in different programs without jumping through hoops. Should SBIR be reactivated by Congress, DOE would likewise have the agility to rebalance funds to support a surge of new awards. Either way, the agency has a freer hand to manage these carve-outs so that promising R&D isn’t starved for funding simply because it was tagged for a now-frozen program. For small businesses, this flexibility might mean DOE can continue supporting innovation – possibly through commercialization grants or adjusted SBIR-like efforts – even as the formal SBIR program awaits rescue. It’s a stopgap form of resilience, signaling that DOE is not to be handcuffed by SBIR’s authorization woes when it comes to deploying innovation dollars.

Small Business Subcontracting Boost at a Key Energy Lab

Another nod to the role of small firms in federal R&D appears in Section 310, which tweaks procurement law to expand how DOE can take credit for small-business subcontracting at one of its national laboratories. The bill amends Section 15(g)(3) of the Small Business Act – the provision dealing with agency small business contracting goals – by adding a new clause: “and by site support prime contractors at the National Energy Technology Laboratory”. In plainer terms, Congress is saying that when DOE tallies up how much of its contracting dollars go to small businesses, it can now include the subcontracts awarded by NETL’s site support contractor in that count.

This technical change carries history behind it. The National Energy Technology Laboratory (NETL) is unique among DOE labs – it’s government-owned and government-operated (a GOGO lab), with federal staff, but it relies on a private site support contractor for many operations and R&D support functions. (By contrast, most other DOE labs are run by managing contractors entirely.) Previously, DOE could take credit toward its small-business contracting goals for subcontracts issued by the private operators of its major labs. Now, NETL’s support contractor will be treated similarly, ensuring small businesses performing work at NETL through that contractor are formally recognized in DOE’s small-business utilization metrics.

Implication: This change might seem arcane, but it incentivizes NETL’s contractors to engage more small businesses and gives DOE credit for those engagements. Small tech and engineering firms that subcontract at NETL could see their contributions more valued, possibly leading to greater subcontracting opportunities at the lab. It’s an accounting fix with a policy purpose: keeping DOE on track to meet government-wide goals (at least 23% of contract spending to small businesses) by acknowledging every avenue through which DOE research dollars reach small companies. In the bigger picture, at a time when SBIR’s future is murky, Congress appears keen to shore up other mechanisms for involving small enterprises in federal research – including the often-overlooked subcontracts that help drive innovation at energy labs.

Overhead Costs: A Four-Agency Freeze to Protect Research Partners

Amid fiscal tightening, one provision comes as a relief to universities and small contractors alike: the bill freezes indirect cost policies at FY 2024 levels for key research agencies, effectively preventing any new caps or changes to the overhead rates that grant recipients and contractors can recover. This issue gained prominence in mid-2025 when the National Science Foundation (NSF) sparked an uproar by proposing to cap indirect costs on research grants – the administrative and facilities expenses – at 15%, far below many institutions’ negotiated rates. Although that NSF policy was met with lawsuits and protests, the uncertainty lingered.

Now Congress has weighed in. Section 313 of the Energy & Water title directs DOE to “continue to apply the indirect cost rates, including negotiated indirect cost rates, as described in 2 C.F.R. §200.414, … to the same extent and in the same manner as was applied in fiscal year 2024”. In plain English, DOE must stick with the status quo on how it reimburses overhead in financial assistance (grants, cooperative agreements, etc.), honoring the established negotiated rates and deviation approval processes exactly as it did last year. Moreover, the bill explicitly forbids DOE from using any funds to “develop, modify, or implement changes” to those indirect cost rate policies. In the Commerce-Justice-Science division of the bill, Section 542 extends a parallel mandate to the Departments of Commerce (which includes NOAA and NIST), NASA, and NSF, likewise ordering them to hold the line on negotiated indirect cost rates as in FY 2024. The message is unmistakable: no new overhead restrictions or sneaky cuts are to be imposed on research grant awards or contracts at these agencies, at least for the duration of FY 2026.

Implication: This is a clear win for research institutions and small businesses relying on federal R&D awards. Overhead (indirect) costs – things like lab utilities, administrative support, facility maintenance, or a small firm’s rent and back-office expenses – are a real part of doing R&D. Many small businesses participating in SBIR, for instance, negotiate indirect cost rates with a cognizant federal agency or use the default 10% de minimis rate if they don’t have a negotiated one. There were concerns that agencies facing budget pressure might arbitrarily cap these rates (as NSF attempted) to stretch program dollars, effectively squeezing the operational budgets of awardees. By freezing the indirect cost policy, Congress is assuring the R&D community that agencies will pay the full overhead costs they agreed to, and cannot suddenly change the deal to the detriment of performers. For small businesses in SBIR or similar programs, this means predictability and fairness – their project budgets won’t be upended by a unilateral cut to allowable admin expenses. It also signals that lawmakers are attuned to the concerns of the scientific community: after the NSF episode, they are stepping in to block any repeat, using the power of the purse to maintain trust in federal research partnerships.

New Oversight on Awards – Once a Government-Wide Standard is Set

Congress also used the must-pass spending bill to introduce tougher transparency and conflict-of-interest safeguards for federal grants and contracts – albeit with a built-in trigger that delays implementation. Section 513 of the CJS appropriations text outlines a multi-part plan to audit and disclose more information about grant and contract recipients, and to ensure award funds don’t enrich conflicted parties, all in the name of accountability:

• Stepped-up audits: The Inspectors General (IGs) at Commerce, Justice, NASA, NSF, and even the Legal Services Corporation are directed to audit grants or contracts funded by this Act and report their progress to Congress every 180 days. This sweeping mandate means watchdogs will be digging into how award money is spent, likely including research grants (such as SBIR awards, where applicable) and contracts at those agencies. The IGs’ reports can include preliminary findings and must update lawmakers twice a year.
  
• Public disclosure of results: Within 60 days of completing any such audit, agency heads (e.g., the NSF Director, NASA Administrator, etc.) must post the audit results on their website for public viewing, with appropriate redactions. The only things that can be withheld are the usual sensitivities – classified or law enforcement sensitive info, personal data that could be abused (identity theft risks), and other material exempt under FOIA. This provision aims to shine sunlight on how taxpayer funds are used (and potentially misused), letting the public and Congress see issues uncovered in, say, a grant program or a contract.
  
• Conflict-of-interest certification: In addition, anyone receiving a grant or contract under the bill must certify that none of the awarded funds will be “made available through a subcontract or in any other manner” to any other person or entity with a financial interest in the awardee. In simpler terms, a small business or organization getting a federal award has to swear it won’t funnel that money to any affiliate or individual who owns a stake in the awardee. This is targeting self-dealing or conflicts of interest – for example, a scenario where a research center winning a grant might try to hire a for-profit subsidiary it partially owns, or where a small business might sub-contract work to a sister company under common ownership. Such arrangements could enrich insiders unfairly; the new certification is a mechanism to prevent that, on pain of false certification penalties.
  

However, all these measures come with a significant asterisk. Section 513(d) makes the implementation of subsections (a) through (c) contingent on executive branch action. The provisions will take effect 30 days after the Director of the Office of Management and Budget, in consultation with the Office of Government Ethics (OGE), determines that a uniform set of substantively similar rules is in place across all federal agencies. In other words, Congress is putting these transparency and ethics requirements on the books, but they’re pressing “pause” until the White House budget office and ethics office say, yes, we’ve got government-wide rules that match this. This unusual trigger likely reflects a desire not to create conflicting mandates: if the executive branch is already moving toward standard conflict-of-interest rules for all agencies, these agency-specific mandates will wait and then dovetail with that.

Implication: For the SBIR community, the audit and disclosure rules in Section 513 telegraph an era of heightened scrutiny on award use and ethical conduct, though the delay indicates they’re part of a larger reform effort. If and when they take effect, SBIR contractors and grantees will need to be prepared for possible IG audits that could go public – meaning any misuse of funds could quickly become a headline. The conflict-of-interest certification should prompt small businesses to double-check their subcontractor relationships; an SBIR firm, for instance, will need to ensure it isn’t quietly passing work (and money) to an entity with shared ownership or to a principal’s family member’s company, etc., unless they want to risk violating the certification. For now, the trigger gives everyone time to adjust, but it also signals that once a government-wide ethics rule is set, these requirements will kick in automatically, with no further action from Congress. The bottom line is a push for cleaner, more transparent management of federal research dollars – a trend that SBIR firms, as frequent federal awardees, will need to navigate carefully.

Cybersecurity Checks for Agency IT Purchases Could Touch Small Tech Firms

In a provision seemingly ripped from today’s headlines about supply-chain security, Section 514 imposes new cybersecurity and supply-chain risk review mandates on four agencies – Commerce, Justice, NASA, and NSF – before they can spend money on certain IT systems. It’s a direct response to worries about foreign cyber-espionage and compromised technology in U.S. government networks, and it could indirectly affect small tech vendors, including SBIR startups, aiming to sell solutions to these agencies.

The section prohibits any funds in the bill from being used to acquire a “high-impact or moderate-impact information system” (terms defined by federal information security standards) by those agencies unless a detailed supply chain risk assessment is done. Concretely, before an agency like NASA or Commerce buys a new software system, database, or other IT rated as moderate or high impact (meaning its breach or failure could be significant), it must:

1. Review the supply chain risk of the system itself against criteria set by the National Institute of Standards and Technology (NIST) and the FBI. This implies checking where the components are made, the security practices of suppliers, and any known vulnerabilities or backdoors.
   
2. Review the risk posed by the presumptive awardee (the vendor) using any available threat intelligence from the FBI or other agencies. In other words, vet the company that’s about to get the contract – does it have ties to adversary nations? Any concerning ownership or partnerships?
   
3. In consultation with the FBI (or appropriate federal experts), conduct an assessment of cyber-espionage or sabotage risk associated with the acquisition. This explicitly includes evaluating if the system is produced or assembled by an entity linked to countries deemed cyber threats – naming China, Iran, North Korea, or Russia as examples. It’s a clear reference to recent security scandals (like Chinese telecom equipment or Russian software in federal use) and mandates due diligence to ensure hostile actors aren’t in the supply chain.
   

And that’s just the pre-acquisition phase. Section 514(b) then says, even after all those reviews, the agency cannot proceed to actually acquire the system unless top officials have taken additional steps: developed a mitigation strategy for any identified risks (with NIST, FBI, and supply chain experts), affirmatively determined that buying this system is in the national interest despite the risks (again with consultation), and reported that determination to the House and Senate Appropriations Committees and the agency’s own Inspector General. Only with that triad of mitigations, justification, and notification can the procurement go forward.

Implication: This measure raises the security bar for IT purchases, likely slowing down and scrutinizing the process whenever an agency wants to bring in a new data system or software of consequence. For small businesses in the tech space – including SBIR awardees who often develop cutting-edge software, AI, sensors, or cloud solutions that agencies might procure – this means an extra layer of vetting. A startup with a great product but critical components sourced overseas, for example, might find its path to a government contract complicated by these rules. On the flip side, firms that build their tech entirely in the U.S. or other trusted supply chains could tout that as a competitive advantage. The SBIR program has long been a vehicle for agencies to get innovative tech from startups; now those startups will need to ensure their cybersecurity house is in order and be ready to answer questions about every element of their product’s origin. In the bigger scheme, Section 514 underscores how national security concerns are increasingly intertwined with R&D and procurement. For the SBIR community, which straddles the line between research and commercialization, understanding supply-chain risk is no longer optional – it’s becoming a prerequisite for doing business with federal customers.

False “Made in USA” Claims Will Carry Steep Procurement Penalties

The appropriators didn’t stop at cybersecurity; they also homed in on a classic issue of trade and honesty in contracting: country-of-origin labeling. In Section 506, the bill gets tough on contractors that falsely stamp products as “Made in America.” If a court or federal agency determines that any person intentionally affixed a “Made in America” label (or a stamp with similar meaning) to a product that isn’t actually made in the USA, that person will be deemed ineligible for any contract or subcontract funded by this Act. Essentially, it’s a mandatory government-wide debarment for perpetrators of fraudulent labeling, executed via the government’s suspension and debarment process (references to the Federal Acquisition Regulation’s sections 9.400–9.409 are included). Misleading buyers about American-made content, in other words, becomes a ticket to losing out on all federally funded awards under the FY26 bill.

Furthermore, Section 506 has a forward-looking encouragement: it directs that, “to the extent practicable,” agencies use funds to buy American-made promotional items. Promotional items – as defined by OMB Circular A-87’s guidance – usually mean branded pens, merchandise, and trinkets agencies purchase for outreach or conferences. The provision nudges agencies to ensure even the tchotchkes are domestically produced, if possible.

Implication: Honesty and domestic preference in procurement get teeth here. For small businesses, many of which pride themselves on being made-in-America or leverage that status in marketing, this enforcement language should be welcome – it promises a level playing field by punishing bad actors who falsely claim U.S. origin to win contracts. It also aligns with the broader push for Buy American compliance in federal spending. However, it’s a warning as well: any SBIR company that manufactures a product (say a device or material resulting from its R&D) must be scrupulously truthful in its labeling and advertising. An accidental mislabeling might not rise to “intentional” ineligibility, but firms will not want to test those waters. The immediate impact on SBIR awards is limited (since SBIR projects are R&D, not product procurement, and typically don’t involve labeling consumer goods). Yet many SBIR projects eventually yield products that could be sold to the government or commercialized. When they do, claims about domestic manufacture need to be accurate or the company could face exclusion from future contracts. The promotional items clause is a minor addendum but reinforces the climate: agencies are being asked to favor U.S. producers, even in small purchases, reflecting an intent to support domestic supply chains at every level. All told, Section 506 broadcasts that there’s little tolerance in Congress for companies undermining Buy American laws, and it arms the procurement officials with clear consequences if they catch such violations.

Quarterly Unspent Funds Reports Aim to Speed Agency Awards

Finally, in an effort to keep federal agencies on their toes financially, Section 507 establishes a rigorous new reporting mandate on unobligated funds – money that has been appropriated by Congress but not yet legally committed to a specific project or contract. The Departments of Commerce and Justice, NASA, and NSF each must provide the Appropriations Committees quarterly reports on the status of balances in each of their accounts, including how much remains unobligated (and uncommitted) vs. obligated but not yet expended. Crucially, the reports must break down those balances by the fiscal year from which the funds originated. So if, say, NSF still has $10 million sitting unobligated from its FY 2024 research account and $50 million unobligated from FY 2025, Congress wants to see each separate. Likewise, for any money that’s obligated to a project but unspent, they want to know in which year it was put on contract or grant. These reports are due within 30 days of each quarter’s end.

If an agency’s financial system can’t slice the data exactly as ordered (not all accounting systems easily tag uncommitted balances by origin year), the law doesn’t let them off the hook – it says they must do as much as practicable and explicitly describe any shortcomings in the report. In short, no glossing over holes; agencies must fess up to any limitations that prevent full transparency.

Implication: While this might seem like inside-baseball budgeting, it has real significance for program managers and outsiders awaiting funding alike. Shining a light on unobligated balances puts pressure on agencies to justify delays or excess carryover. In the context of SBIR, consider that with the program’s authorization expired at FY25’s end, agencies like NASA or NSF likely have FY 2026 SBIR allocation dollars but no authority (yet) to award them. Those funds could be stacking up as unobligated balances. With quarterly reporting, Congress will see that pile grow in black-and-white. That scrutiny alone can be a prod: agencies may seek creative ways to deploy funds or at least avoid lapsing money that could be used for research. More broadly, if an agency is slow to make awards – whether research grants, contracts, or cooperative agreements – it will now have to report exactly how much it’s sitting on, every three months, to the very lawmakers who control its purse strings. Agencies hate having large unobligated balances exposed, because it invites budget cuts (“use it or lose it,” appropriators often warn) or rescissions in future bills.

For the SBIR community, this could accelerate the tempo of awards once the program is reauthorized: agencies will want to get that money out the door rather than appear inefficient or over-funded. It might also lead to more frequent funding calls or quicker grant processing in programs beyond SBIR – for example, NSF might push harder to award its research grants on time to keep unobligated funds low. On the flip side, if SBIR’s hiatus continues, these reports could become a visible ledger of missed innovation opportunities, potentially spurring Congress to act on reauthorization knowing that tens of millions earmarked for small-business R&D are languishing. In any case, quarterly balance reporting creates a new accountability mechanism that research-intensive agencies will feel – and one that savvy observers in the R&D community can track to gauge how briskly agencies are moving funds into investigators’ and innovators’ hands.

A Bipartisan Compromise – and the Road Ahead

The inclusion of these diverse provisions – from SBIR fund flexibility to IT supply-chain security to spending oversight – in the year-end appropriations package illustrates how lawmakers often use omnibus bills to steer policy via purse strings. This conferenced FY 2026 appropriations bill is the product of intensive bipartisan, bicameral negotiations. House Appropriations Chairman Tom Cole (R-Okla.) introduced the finalized text on Monday, framing it as a critical step to fund the government for the rest of the fiscal year(**)(**). The package bundles three of the twelve annual appropriations measures (covering Commerce-Justice-Science, Energy-Water, and Interior-Environment) and reflects concessions from both parties on spending levels and policy riders. Notably, it does not resolve the lapse in SBIR’s authorization – that issue lies with the congressional committees overseeing the Small Business Act – but it does what an appropriations bill can: signal how agencies should handle the program’s funding and related research priorities in the interim.

Procedurally, the bill’s path to becoming law is straightforward if fraught with timing pressures. The House is expected to pass the three-bill package this week(**), after which it will move to the Senate. Given that top appropriators from the Senate were at the table drafting it, observers anticipate bipartisan support there as well. The hard deadline is Jan. 30, 2026, when the current continuing resolution (a stopgap that reopened the government after a recent shutdown) expires(**). If both chambers clear the bill and send it to President Trump before that date, the sections described above will take effect as law, shaping agency actions through September. A presidential signature is expected; with a narrowly averted funding crisis fresh in memory, the White House has signaled willingness to accept Congress’s compromise to keep agencies running.

For the SBIR program and the small business R&D community, this appropriations package is a double-edged sword. On one hand, it provides workarounds and stability amid uncertainty: DOE can repurpose innovation funds to avoid stalls, agencies can’t arbitrarily slash overhead which protects project viability, and small-business contributions via NETL will get due credit. It also puts everyone on notice about new compliance and oversight norms likely on the horizon – better cybersecurity diligence, truthful marketing, and transparent finances will be the cost of doing business with Uncle Sam. On the other hand, no appropriations rider can fully substitute for SBIR’s authorization. As of today, agencies like NSF, NASA, and NIH remain unable to announce new SBIR/STTR solicitations or awards, a situation that has already begun to cause heartburn for startups and labs that rely on that pipeline(**). The bill implicitly assumes SBIR will continue – it references the program repeatedly – yet without a separate act of Congress to reauthorize SBIR/STTR, those references can only govern funds on paper, not enable new projects.

The optimistic view in the R&D policy circle is that the detailed SBIR-related directives in this spending bill indicate Congress’s intent to eventually revive and strengthen the program. Lawmakers are effectively saying: “Here’s how we expect agencies to treat small-business research dollars and partnerships – now, let’s get on with updating the program itself.” In the meantime, agencies are being guided to make the best of the status quo – protect your small contractors, keep the innovation engine warm, don’t waste money – while safeguarding taxpayer interests through audits and security checks.