Integration of FOCI Mitigation into Deal Structure

Companies seeking to undertake classified work for the US government, either as prime contractors or subcontractors, face special hurdles if they accept investment from non-US sources, as they must undergo a review to probe Foreign Ownership, Control or Influence (FOCI).This complimentary overview will explore the FOCI review process and provide tips for successfully managing it and the FOCI-mitigation compliance requirements that may follow.

FOCI reviews have evolved to address a rapidly transforming risk and regulatory landscape, including heightened concerns about cybersecurity and Controlled Unclassified Information (CUI). The FOCI review process is, for the first time, governed by codified regulations since the longstanding NISPOM was incorporated into the CFR in February 2021. Our panelists—an official from the Defense Counterintelligence and Security Agency (DCSA), two Ankura professionals who have helped multiple companies develop and implement FOCI-mitigation agreements, and two Arnold & Porter national security attorneys experienced in negotiating FOCI-mitigation agreements with the DCSA—will help you better navigate the process.

Topics

• FOCI: How is it identified?
• NNISPOM Codification: What changed?
• FOCI-mitigation: What are the options?
• FOCI mitigation and parallel review by CFIUS or Team Telecom: Integrating it into the structure of your deals and developing specific mitigation measures
• DCSA's work on FOCI and CUI: The overlap with other emerging DoD requirements under the Cybersecurity Maturity Model Certification (CMMC)
• FOCI-mitigation and cybersecurity programs: Implementation and continuation