"You need to be able to increase the costs of getting caught" -- Edward Snowden
Deliberately inserted malware, laying in plain sight in source code, is an existential risk for a company with a reputation like IBM's. Of course, there isn't a 100% guarantee of it being noticed, but a 1% chance of that happening is enough for them to tell the spooks to fuck off.
Special Access Programs only work because God-mode coprocessors like the Intel ME ensure zero risk of blowback for the manufacturer. Force them to have skin in the game and they aren't pushovers anymore.
Sure, because I have the complete source code for all three of those things:
https://www.raptorcs.com/TALOSII/