top of page

Safeguarding National Security in a Global Marketplace

By Nancy Brown, KY APEX Accelerator State Director

 

This article was originally published in our monthly KY APEX Accelerator Newsletter. If you have any questions about this topic, your KY APEX Accelerator consultant is here to help! Not a client? Sign up here.


Throughout history, the United States government has taken steps to ensure that foreign commerce does not harm domestic businesses and America’s national security. Examples include the International Traffic in Arms Regulations (ITAR); cybersecurity regulations affecting hardware, software, and service providers; sanctions and embargoes against hostile governments; and mitigating unauthorized access to classified information by foreign actors. This article will spotlight Foreign Ownership, Control or Influence (“FOCI”) regulations. FOCI is commonly used to describe situations where foreign entities apply significant influence or control over American companies. Some of those domestic companies might have contracts with the government or be involved in activities deemed critical to national security, especially those related to sensitive government contracts and classified information. As The Defense Counterintelligence and Security Agency (DCSA) has emphasized, “Foreign investment can play an important role in maintaining the vitality of the U.S. industrial base. Therefore, it’s the policy of the U.S. Government to allow foreign investment consistent with the national security interest of the United States.” Yet, if foreign entities gain access to sensitive information or technologies that can be used against the country's interests, it can severely threaten national security. Thus, FOCI requires a balancing act. Our government must carefully weigh the benefits of foreign investment to drive economic growth against the risks associated with inappropriate foreign influence.

Real-World Impact Foreign ownership and control can manifest in various ways, from direct ownership of a company by foreign investors to indirect influence through ownership of a subsidiary or a supply chain partner. Because of this, FOCI can significantly impact small businesses in various ways. One of the primary ways is interposition in small businesses' supply chain and sourcing practices. FOCI can increase uncertainty and risk if a small business depends on foreign suppliers or partners. Changes in ownership or control of a foreign supplier can disrupt the supply chain, leading to delays, quality issues and increased costs for the small business. FOCI can also limit small businesses in terms of government contracting opportunities. In the United States, companies with FOCI are subject to stringent regulations, making it more challenging to obtain government contracts. It can disadvantage small businesses that rely on government contracts if they cannot mitigate some of the restrictions. According to DCSA, when a government contractor holds contracts involving classified information, DCSA’s role is to control the “eligibility of clearances processes through Entity Vetting, Facility Clearances, and checking for Foreign Ownership, Control or Influence (FOCI).” Government contractors who have access to or who are involved in creating “classified information must first be approved through these three factors.” When approving contractor clearance, DCSA reviews different business structures and scenarios:


  1. Merger and Acquisition DCSA reviews the entity when a foreign company merges or acquires a U.S. company, and FOCI can be presumed if the foreign entity gains control over the operations or assets of the U.S. company.

  2. Investment When a foreign company invests in a U.S. company, it can gain access to sensitive information and decision-making processes. If the foreign company's investment significantly controls the U.S. company's decision-making and may allow foreign entities to influence critical decisions, such as board appointments or voting rights, it can lead to a discovery of FOCI.

  3. Technology Transfer Technology transfers or collaborations with foreign entities, such as the movement of technological advancements, expertise or intellectual property from the entity that developed or owns it to another entity, can also result in FOCI. This mainly occurs if the technology is considered sensitive or has national security implications.

  4. Supply Chain A business can also be subject to FOCI if it relies on foreign suppliers or partners. For example, if a company relies heavily on a foreign supplier or vendor for critical components, changes in the supplier's ownership or control could trigger FOCI concerns.



FOCI Mitigation Process


DCSA plays a crucial role in assessing and mitigating FOCI risks in the context of national security. Here are more details on DCSA’s responsibilities and processes:


  1. FOCI Assessment DCSA's primary focus is identifying and assessing instances of FOCI in government contractors with classified information contracts to prevent foreign influence or control that could compromise national security. This involves scrutinizing various business structures and scenarios mentioned above. 

  2. Mitigation Mechanisms In cases where FOCI is identified, DCSA works with the affected entities to implement mitigation measures. These isolation measures are designed to reduce or eliminate the potential risks of foreign influence. Mitigation mechanisms may include technology control plans, board resolutions, security control agreements, proxy agreements and voting trust agreements.

  3. Training and Oversight DCSA provides training for key personnel within the entities — such as outside directors, proxy holders and voting trustees — who play a role in mitigating FOCI risks. This training ensures that individuals involved in decision-making understand and adhere to the necessary security protocols.

  4. Continuous Monitoring DCSA continuously monitors entities with government contracts to ensure that their security posture complies with national security standards.



Ensuring national security by carefully evaluating and mitigating risks associated with entities involved in government contracts is a crucial consideration for all government contractors. For further reading on this topic, visit DCSA’s “FOCI Tools & Resources” webpage. If you have any questions, please contact your KY APEX Accelerator procurement consultant. You can also request assistance by contacting us at kyapex@kstc.com or by registering as a client on our website.

Comments


bottom of page