The Fund CISA Personnel Act of 2026 directs the Treasury to make available whatever sums are necessary to the Director of the Cybersecurity and Infrastructure Security Agency (CISA) to pay employees’ regular wages, allowances, pay differentials, benefits, and similar payments for any period after February 14, 2026, in which full-year or interim FY2026 appropriations are not in effect.
The bill limits those Treasury funds to cover only employees who would otherwise be unpaid during a lapse, requires that expenditures be charged against the applicable appropriation once Congress enacts it, and subjects payments to the requirements and limitations already applicable under the Full-Year Continuing Appropriations and Extensions Act, 2025. The measure preserves CISA’s workforce and core operations during a shutdown but creates accounting and oversight implications for appropriators and agency payroll administrators.
At a Glance
What It Does
The bill appropriates, 'out of amounts in the Treasury not otherwise appropriated,' such sums as necessary to the Director of CISA to pay standard rates of pay, allowances, pay differentials, benefits, and other regular payments to CISA employees for any period starting February 14, 2026, when FY2026 appropriations are not in effect. It bars duplicate payments and requires charging those expenditures to the applicable appropriation once Congress later enacts it.
Who It Affects
Directly affects CISA employees and payroll administrators, the CISA Director responsible for administering these funds, and the Department of Homeland Security’s budget offices. It also matters to House and Senate appropriations staff because the bill changes how pay during a lapse is financed and later reconciled.
Why It Matters
The bill prevents CISA furloughs and maintains critical cybersecurity functions during funding gaps, while creating a precedent for agency-specific continuing appropriations and imposing a mechanism that shifts costs onto future appropriations and appropriators' calculations.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The Act authorizes the Treasury to provide whatever funds are necessary to the Director of CISA to continue paying employees’ regular compensation and related payments for periods in FY2026 when no interim or full-year appropriations are in effect. The appropriation language is broad — 'such sums as may be necessary' — and explicitly covers standard rates of pay, allowances, pay differentials, benefits, and other regularly payable amounts to agency employees.
The coverage begins for the period starting February 14, 2026.
To prevent double payments, the bill forbids using these Treasury-provided funds for any portion of a lapse-period for which an employee already receives the same pay or benefits from another funding source. In practice that requires payroll offices to reconcile multiple funding streams (for example, reimbursements, detailees paid by other agencies, or awards funded from special accounts) before applying the temporary Treasury funds.The statute instructs that expenditures made under this authority must be charged to the 'applicable appropriation, fund, or authorization' whenever Congress later enacts an Act containing that appropriation.
That is an explicit retroactive accounting rule: the temporary Treasury financing will be offset against the appropriation line when the relevant regular or continuing appropriation is enacted. The bill also makes all payments subject to the same authorities, conditions, and limitations that governed CISA pay under the Full-Year Continuing Appropriations and Extensions Act, 2025 (Public Law 119-4), so many existing payroll rules and restrictions carry forward.Termination of the temporary authority occurs at the earliest of three events: enactment of an appropriation that covers the same purposes, enactment of a later appropriations measure that omits funding for those purposes, or September 30, 2026.
The Act takes effect retroactively as if enacted on February 13, 2026. Notably, the text covers agency employees only; it does not authorize payments to contractors or otherwise alter contracting authorities.
The Five Things You Need to Know
The bill authorizes 'such sums as may be necessary' from Treasury to the Director of CISA to pay employees’ regular pay, allowances, pay differentials, benefits, and similar payments for any lapse period beginning February 14, 2026.
It prohibits using the Treasury-provided funds to cover any portion of a lapse period for which an employee already receives the same pay or benefits from another source.
Expenditures under the Act must be charged to the applicable appropriation, fund, or authorization once Congress enacts the later appropriation — effectively requiring a retroactive accounting against future appropriations.
All payments made under this authority are subject to the requirements, authorities, conditions, and limitations that applied to CISA under the Full-Year Continuing Appropriations and Extensions Act, 2025 (Public Law 119–4).
The temporary funding authority terminates on the earliest of: enactment of covering appropriations, enactment of an appropriations act that omits the covered purposes, or September 30, 2026; the Act is retroactive to February 13, 2026.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title
Provides the Act’s short title, 'Fund CISA Personnel Act of 2026.' This is enactment housekeeping but signals the bill’s narrow purpose: funding CISA personnel during an appropriations lapse.
Appropriation authority for CISA pay during lapses
Grants the Director of CISA access to Treasury funds—'out of amounts in the Treasury not otherwise appropriated'—for FY2026 to cover standard pay, allowances, pay differentials, benefits, and other regularly payable compensation for employees during periods when interim or full-year FY2026 appropriations are not in effect, beginning February 14, 2026. The 'such sums as may be necessary' phrasing gives the agency flexibility to meet payroll without an explicit dollar cap.
Limits, reconciliation, and governing rules
Section 2(b) forbids use of these funds for any period for which an employee is paid from other sources, creating a prohibition on duplicate payment. Section 2(c) requires that expenditures be charged to the applicable appropriation once Congress later enacts it, meaning temporary Treasury outlays will be reconciled against future enacted appropriations. Section 2(d) makes payments subject to the requirements, authorities, conditions, and limitations that applied to CISA pay under the Full-Year Continuing Appropriations and Extensions Act, 2025, which imports existing supervisory and statutory constraints into this temporary authority.
Termination triggers and sunset
Specifies three termination events: enactment of an appropriation that covers the purposes funded; enactment of an appropriations measure that does not include such funding (i.e., an explicit omission); or September 30, 2026. The clause structures the authority as temporary and contingent on later congressional action, and it creates an administrative endpoint for payroll and reconciliation activities.
Retroactive effective date
States that the Act takes effect as if enacted on February 13, 2026. The retroactive date aligns the temporary authority with periods beginning February 14, 2026, requiring agencies and payroll offices to reconcile pay and potentially process retroactive payments or offsets.
This bill is one of many.
Codify tracks hundreds of bills on Government across all five countries.
Explore Government in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- CISA employees: The primary beneficiaries; the bill preserves regular pay, differentials, and benefits during funding lapses, avoiding furloughs and income interruptions for agency staff.
- CISA operational leadership and program managers: They retain the ability to keep critical cybersecurity operations staffed and maintain continuity of incident response, network defense, and critical infrastructure coordination.
- Federal cybersecurity partners and private critical infrastructure owners: They benefit indirectly because CISA’s sustained operations reduce the risk that government-side coordination, warnings, and mitigations will be interrupted during a shutdown.
Who Bears the Cost
- Treasury/future appropriations: The temporary outlays originate in the Treasury and will be charged back to the relevant appropriation lines once Congress enacts a covering appropriation, shifting costs into future budget authority.
- House and Senate Appropriations Committees: They must reconcile these retroactive charges against enacted accounts and may see reduced available balances or need to identify offsets when finalizing FY2026 allocations.
- CISA payroll and DHS budget offices: They face new administrative burdens — tracking eligibility, preventing duplicate payments, reconciling retroactive charges, and implementing the limits and conditions imported from prior continuing appropriations law.
Key Issues
The Core Tension
The central tension is between ensuring uninterrupted national cybersecurity capacity during funding gaps and preserving Congress’s Article I power over the purse: the bill shields CISA payroll from a shutdown’s operational impacts, but doing so narrows appropriators’ leverage and shifts costs and accounting complexity into later budget actions.
The bill balances operational continuity against the mechanics of the appropriations process but leaves several implementation questions unresolved. First, the retroactive, 'such sums as may be necessary' funding model gives payroll offices discretion but creates reconciliation complexity: agencies must determine which employees qualify, track alternative funding sources, and later charge specific appropriations.
That creates timing and accounting burdens and potential disputes with appropriators when reconciling line items.
Second, by importing the Full-Year Continuing Appropriations and Extensions Act, 2025’s requirements and limitations, the bill preserves existing restrictions but also imports any ambiguities from that law. It does not spell out payroll procedures, audit trails, or enforcement mechanisms if duplicate-pay prohibitions are violated.
The measure also omits contractors and grantees; services primarily delivered by contract remain vulnerable during a lapse and could blunt the practical continuity the bill intends to secure. Finally, the explicit charge-to-future-appropriations mechanism means Congress will ultimately pay for the temporary funding, which raises questions about offsets, scoring, and whether other accounts will be reduced when reconciliation occurs.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.