WeVote
Log In
Bill
Sponsor avatar

BILL • US SENATE
S 3306

Modernizing Government Technology Reform Act

119th Congress
Introduced by Jerry Moran, Gary Peters,

The bill strengthens oversight and repayment rules for the Technology Modernization Fund by requiring CIO-led inventories of high-risk legacy IT and prioritized risk lists to moder

Introduced in Senate
0
0
Bill Summary • S 3306

Summary of Bill: Modernizing Government Technology Reform Act (S. 3306, 119th Congress)

Date introduced: December 2, 2025

Sponsor(s): Sen. Moran (primary) with Sen. Peters; co-sponsor Sen. Moran also listed as sponsor

Purpose
- To amend Section 1078 of the National Defense Authorization Act for Fiscal Year 2018 (the Technology Modernization Fund, or TMF) to realign fund use with original Congressional intent and strengthen oversight, governance, and accountability for modernizing Federal information technology (IT) systems.

What the bill would change (main provisions)
- Realignment of TMF uses (Section 1078(b)(3))
- General use (A):
- Funds from the TMF may be transferred to an agency head for acquisition, procurement, and operation of IT, or IT development when such actions modernize, retire, or replace legacy IT; enhance cybersecurity and privacy; improve long-term IT efficiency and effectiveness; or improve the agency’s ability to fulfill its mission and serve the public.
- Funds can support services or work in support of the above activities and for the Board/Director to carry out their responsibilities.
- Funding for programs/projects must be those not denied or restricted by Congress.
- Transfers must be reimbursed to the TMF to ensure the Fund remains solvent until sunset.
- Termination or suspension of funds:
- The Administrator may suspend/terminate funding for projects with fraudulent or misleading information in the application/proposal.
- Administrative and funding integrity adjustments:
- Several cross-references and terminology changes to align approvals, reporting, and solvency requirements with the revised framework.

  • Project funding and repayment terms

    • Introduces repayment terms for funds transferred to agencies to ensure the TMF remains solvent until its sunset.
    • Adds specificity about incremental funding and milestones tied to development progress (contractual/operational discipline).

  • Agency oversight, reporting, and governance enhancements (New subsection (e))

    • Agency CIOs must inventory high-risk legacy IT systems and provide lists to the Federal Chief Information Officer (CIO) within defined timelines:
    • Initial list due within 180 days after guidance is issued.
    • Annual updates thereafter.
    • The Federal CIO must:
    • Compile a 10-system prioritized list of legacy IT systems presenting the greatest security, privacy, and operational risk within 90 days of receiving agency CIO lists, and update as needed with subsequent agency updates.
    • Report to Congress (and Comptroller General) within 14 days after compilation/update; the report may include a classified annex.
    • Guidance and guidance updates:
    • The Director of the Office of Management and Budget (OMB) or equivalent Federal CIO must issue guidance within 180 days of enactment detailing:
      • Format and content for agency lists.
      • How to identify high-risk legacy systems (requiring coordination with stakeholders and consideration of security, operational, privacy risks, and mission delivery).
      • How to submit lists via existing reporting structures.
    • The guidance may be updated as necessary.

  • Reorganization of TMF subsections

    • Subsections reorganized: certain subsections (e) becomes (e) and others (e/f) are renumbered (f/g) to reflect the expanded oversight framework.
    • Several cross-reference edits to reflect the new structure and to ensure consistency with the revised definitions, reporting requirements, and repayment mechanisms.

  • Sunset and lifecycle

    • The statute maintains that the TMF sunsets on the date specified in the amended framework (g)(1), with a revised sunset trigger tied to the new governance and repayment provisions.
    • The sunset provision interacts with the new repayment requirements to maintain fund solvency until sunset.

Affected entities and impacts
- Federal agencies that operate or rely on legacy IT systems:
- Would see greater formal requirements to inventory high-risk systems and report to the Federal CIO.
- Could obtain TMF funding for modernization efforts with repayment obligations tied to the new terms.
- Federal CIO and the Board:
- Expanded responsibilities for prioritizing legacy IT risk and reporting to Congress.
- Congress and GAO:
- Receiving more structured, timely reports on legacy IT risk and TMF-funded activities (including potential classified annexes).
- Contractors and agencies administering TMF-funded projects:
- Subject to enhanced oversight, milestone-based fund disbursement, and strict reimbursement terms.

Timelines and key dates
- Guidance development:
- Not later than 180 days after enactment (for implementing guidance on subsection (e)).
- Initial inventory and 10-system prioritization processes begin after that guidance is issued.
- Reporting cadence:
- Lists due and updates annually (for high-risk legacy systems).
- Congress/GAO reporting within 14 days after compilation or update.

Overall takeaway
- S. 3306 aims to sharpen the focus of the Technology Modernization Fund on high-risk legacy IT systems, strengthen accountability and transparency through formal CIO-led inventories and prioritized risk lists, tighten repayment and solvency rules, and codify a clearer pathway for modernizing federal IT with demonstrated results while preventing fraud or misrepresentation.

Hi! I'm your AI assistant for S 3306. I can help you understand its provisions, impacts, and answer any questions.

Key Provisions Impacts Timeline
Sign in to chat