The New SAM.gov Certifications Every Federal Grantee Needs to Understand Before March 30

Every organization that receives federal financial assistance — universities, nonprofits, state agencies, tribal governments, research institutions — registers through the System for Award Management. SAM.gov is the gateway. No registration, no federal dollars.

On February 18, 2026, the General Services Administration quietly proposed revising the certifications that every SAM.gov registrant must agree to. Three new attestations, touching diversity programs, immigration practices, and national security, would apply government-wide to all 222,760 entities currently registered for federal financial assistance. If finalized, checking the wrong box — or failing to understand what you're certifying — could jeopardize your entire federal funding portfolio.

The public comment period closes March 30, 2026. Here's what you need to know.

Three Certifications, One Registration

The proposed rule adds three new mandatory certifications that applicants and recipients must affirm during initial SAM.gov registration and every annual renewal.

Certification 1: "Illegal DEI" Compliance. Registrants would certify they do not operate programs involving "unlawful discrimination on the basis of race or color" in federally funded activities. GSA's proposal lists specific practices it considers potentially violating: race-based preferences in hiring, scholarships, promotions, or resource allocation; segregation by race in training, facilities, or program access; "diverse slates" in hiring or race-based contract selection; trainings that stereotype or exclude protected groups; and adverse actions against employees who object to such practices.

The legal basis is Executive Order 14173, signed January 21, 2025 ("Ending Illegal Discrimination and Restoring Merit-Based Opportunity"), reinforced by the Department of Justice's July 29, 2025 guidance memo to all federal funding recipients.

Certification 2: Immigration. Registrants must attest they will not "knowingly bring or attempt to bring to the United States, transport, conceal, harbor, shield, hire, or recruit for a fee an illegal alien." The certification cites 8 U.S.C. §1324, the federal smuggling and harboring statute.

Certification 3: National Security. Entities must certify they will not "fund, subsidize, or facilitate violence, terrorism, or other illegal activities that threaten public safety or national security."

Why This Is Different From Past Requirements

Federal grantees have always certified compliance with civil rights laws — Title VI, Title VIII, Title IX, Section 504, the Age Discrimination Act. That hasn't changed. What's new is the scope and the mechanism.

Currently, individual agencies attach specific terms and conditions to each award. A university receiving an NIH grant might face one set of compliance requirements; the same university receiving a DOE cooperative agreement might face slightly different language. Compliance is agency-specific and award-specific.

The GSA proposal changes that math entirely. By embedding these certifications into SAM.gov registration itself, compliance becomes government-wide and self-executing. When a grantee certifies during registration, that attestation covers every future application across every federal agency — regardless of the issuing department. A single registration checkbox could bind an organization to commitments affecting programs it hasn't yet applied for.

For the 222,760 entities currently registered in SAM for financial assistance, this isn't a theoretical concern. It's a practical one with legal consequences. False certification in SAM.gov can trigger False Claims Act liability, debarment proceedings, or both.

The DEI Certification Is the Hardest to Navigate

The immigration and national security certifications, while significant, are relatively binary. Most grant recipients can truthfully certify they don't harbor undocumented immigrants or fund terrorism. The DEI certification is different.

Consider a university that runs a scholarship program for underrepresented minority students in STEM fields. Or a nonprofit that requires diverse candidate slates for senior hires. Or a research institution that tracks and reports on the racial composition of its research teams as part of an existing federal reporting requirement. Under the proposed certification language, each of these practices could potentially fall within the scope of what GSA considers "unlawful discrimination."

The difficulty lies in the gap between what courts have actually ruled and what the certification implies. Multiple federal courts have enjoined aspects of Executive Order 14173's implementation. In Rhode Island Coalition v. Kennedy (D.R.I., July 21, 2025), King County v. Turner (W.D. Wa., May 2, 2025), and City of Seattle v. Trump (W.D. Wa., July 31, 2025), courts blocked enforcement of portions of the executive order. Following the Supreme Court's ruling in Trump v. CASA (2025), these injunctions are now limited to specific parties and regions rather than applying nationally — but the legal landscape remains unsettled.

GSA's proposal acknowledges that active court orders may render the certifications "inapplicable" to affected recipients. How that exception works in practice — who determines applicability, what documentation suffices, whether the certification checkbox includes a judicial-exemption carve-out — remains entirely unclear.

What Organizations Should Do Before March 30

Submit a public comment. The proposed rule is open for comment through March 30, 2026 on regulations.gov. If your organization has concerns about the breadth of the DEI certification, the ambiguity in compliance standards, or the government-wide scope of a registration-level requirement, this is the formal channel to raise them. Comments on the record shape the final rule.

Audit your programs now. Map every program, initiative, scholarship, hiring practice, and training that touches race, ethnicity, or national origin. For each, document the legal basis — is it required by a separate federal statute? Mandated by a court order? Required by a different agency's grant terms? Programs with independent legal mandates stand on stronger ground than voluntary initiatives.

Brief your board and leadership. The certification applies at the entity level, not the grant level. If your SAM.gov registration is managed by a grants office, the people checking the box need to understand what the organization is attesting to across every department and division. This isn't a compliance task for one person — it's an organizational commitment.

Talk to your attorneys. The interaction between the proposed certification, existing court injunctions, agency-specific terms and conditions, and your organization's particular programs creates a legal puzzle that requires individualized analysis. Blanket guidance won't cut it.

Don't wait for the final rule. Organizations that scramble to respond after a final rule is published will have far less room to maneuver than those who understand the landscape now and have already conducted an internal audit.

The Bigger Picture

The SAM.gov certification proposal is one piece of a broader recalibration in how the federal government uses the grantmaking apparatus to enforce policy priorities. The executive order on improving grant oversight tightened drawdown procedures. The indirect cost rate cap proposals (blocked by Congress but still debated) targeted research institutions. The BIOSECURE Act restricted grant recipients' relationships with designated foreign entities.

Each of these changes independently affects how organizations receive and manage federal funds. Together, they represent a shift in the compliance burden that federal financial assistance carries — from post-award monitoring to pre-registration attestation, from agency-specific terms to government-wide requirements, from programmatic reviews to self-certification with legal liability.

For grant seekers, the message is clear: understanding the terms of federal funding now requires legal analysis before you even hit "submit" on your SAM.gov registration. The days of treating registration as a purely administrative task are over.

The public comment period closes March 30. Use it, or live with whatever comes next. Tools like Granted can help you stay ahead of regulatory shifts and identify funding opportunities that match your organization's evolving compliance posture.