Network security company Fortinet has agreed to pay $545,000 to resolve allegations that it violated the US’s False Claims Act.

According to the settlement agreement made public on April 12, 2019, “Fortinet acknowledged that during the more than seven years between January of 2009 and the fall of 2016, a Fortinet employee responsible for supply chain management arranged to have labels on certain products altered to make the products appear to be compliant with the Trade Agreement Act (TAA). A portion of the products was resold through distributors and subsequent resellers to U.S. government end users.” 

“Today’s announcement illustrates the continuing commitment of the US Attorney’s Office and our law enforcement partners to identify and prosecute fraudulent schemes relating to the sale of goods to the United States,” said US Attorney David L. Anderson.  

“Contractors that supply the US government with Chinese-made technology will be pursued and held accountable when violating the Trade Agreement Act,” said Defense Criminal Investigative Service (DCIS) Special Agent in Charge Bryan D. Denny. “The DCIS and its law enforcement partners are committed to combating procurement fraud and cyber-risk within US Department of Defense programs.”

The TAA prohibits certain government contractors from purchasing products that are not entirely from, or “substantially transformed” in, the United States or certain designated countries. According to the public announcement, in this case Fortinet acknowledged that the “Responsible Employee” directed certain employees and contractors to change product labels so that no country of origin was listed or to include the phrases “Designed in the United States and Canada,” or “Assembled in the United States.”  

According to Fortinet’s website, the company serves government organization customers. Some of these include Alamance County in North Carolina and Salt Lake County in Utah. 

The company has agreed to pay $400,000 and to provide the United States Marine Corps with additional equipment valued at $145,000.  

The lawsuit was filed by former Fortinet employee Yuxin “Jay” Fang under the qui tam provisions of the False Claims Act. It was then investigated by the U.S. Attorney’s Office of the Northern District of California, along with other government organizations.

“This settlement displays the steadfast commitment of our agents and our federal law enforcement partners,” said the U.S. Army Criminal Investigation Command’s (USACIDC’s) director of major procurement fraud unit, Marion “Frank” Robey. “This settlement is a clear signal to the supply community doing business with the Department of the Army; fraud will not be tolerated in any way, shape or form.”