Understanding FOCI: Compliance Tips for Government Contractors
“Foreign investment can play an important role in maintaining the vitality of the U.S. industrial base. Therefore, it’s the policy of the U.S. Government to allow foreign investment consistent with the national security interest of the United States.”
– United States Defense Counterintelligence and Security Agency
As a government contractor, it’s crucial to understand and comply with the rules and regulations surrounding Foreign Ownership, Control, or Influence (FOCI). FOCI is a significant consideration for contractors who have access to classified information or perform on contracts involving national security. In this article, we will explore the key aspects of FOCI and provide insights on how contractors can ensure compliance and mitigate potential risks.
What Is FOCI and Why Is It Important?
In the interest of national security, the U.S. Government seeks to ensure that its contractors’ operations cannot be compromised by foreign influence. The rules respecting FOCI are designed to ensure that, where potential national security issues are at stake, companies doing business with the Federal government are not vulnerable to foreign control and interest.
Which Federal Contracts Are Subject to FOCI Rules?
FOCI rules apply to contractors holding Facility Security Clearances (FCLs) or operating under Proxy Agreements with federal agencies.
How Does FOCI Restrict or Prohibit Government Contractors?
- A contractor under FOCI cannot be granted an FCL
- A contractor without an FCL cannot begin work on a contract requiring an FCL
- A contractor with an FCL may (or may not) be allowed to continue that status while negotiating mitigation measures with DCSA (more on the mitigation process below)
How Does the Government Evaluate FOCI Concerns?
The government evaluates FOCI concerns through a comprehensive review process conducted by the Defense Counterintelligence and Security Agency (DCSA). This evaluation includes an examination of a business’s ownership and control structures, financial arrangements, and relationships with foreign entities. The objective is to assess whether a contractor’s operations could be compromised by foreign influence.
The DCSA’s FCL FOCI review is based on contractor’s responses to Standard Form 328 (which is required for any contract requiring FCLs), plus any supporting documentation. This form contains ten questions, including:
- “Does your organization directly, or indirectly through your subsidiaries and/or affiliates, own 10 percent or more of any foreign interest?”
- “Does your organization have any contracts, agreements, understandings, or arrangements with a foreign person(s)?”
- “During your last fiscal year, did your organization derive 5 percent or more of its total revenues or net income from any single foreign person?”
The Contractor must provide additional information & documentation about any “yes” answers to the questions on Standard Form 328.
What Constitutes Foreign Control or Influence?
The DCSA has determined that a company is operating under foreign control or influence when the following parameters are met:
“A company is considered to be operating under FOCI whenever a foreign interest has the power, direct or indirect, whether or not exercised, and whether or not exercisable, to direct or decide matters affecting the management or operations of that company in a manner which may result in unauthorized access to classified information or may adversely affect the performance of classified contracts.”
To make this determination, the DCSA applies a ‘Seven Factors’ test, and considers the following:
- Record of economic and government espionage against U.S. targets;
- Record of enforcement and/or engagement in unauthorized technology transfer;
- The type and sensitivity of the information that shall be accessed;
- The source, nature, and extent of FOCI;
- Record of compliance with pertinent U.S. laws, regulations, and contracts;
- The nature of any bilateral and multilateral security and information exchange agreements that may pertain;
- Ownership or control, in whole or in part, by a foreign government.
Mitigating Actual or Potential FOCI Problems
For those contractors who present FOCI concerns, the DCSA has a policy and process in place to work with these businesses in order to, if possible, sufficiently mitigate the FOCI concerns and allow these businesses to ultimately receive their FCL. This process, referred to as a Mitigation Agreement, involves the DCSA identifying concerns to the business, and the business formulating a plan to address these concerns. Common mitigation actions may involve personnel or structural changes, including (but not limited to):
- Changes of ownership;
- Reassignment of personnel;
- Termination or resignation of certain personnel.
Contractor Responsibilities Regarding FOCI
Contractors and potential contractors have a responsibility to identify and report any FOCI concerns to the DCSA or relevant federal agency. This includes disclosing any foreign ownership or control and reporting any changes that may occur during contract performance. It is essential to maintain transparency and promptly address FOCI issues.
Common Misconceptions About FOCI Rules
- FOCI rules only apply to large defense contractors: In reality, FOCI rules can apply to contractors of all sizes who have access to classified information or perform on contracts involving national security. It’s important for contractors to assess their FOCI status regardless of their size or industry.
- FOCI issues can be easily resolved or disregarded: Addressing FOCI concerns can be a complex and lengthy process. Contractors must approach FOCI with diligence, following the proper procedures and working closely with the DCSA.
Despite these misconceptions and the restrictive/prohibitive nature of FOCI determinations, it should be noted that:
- Businesses under FOCI can still be awarded and perform federal contracts, except where specifically prohibited (e.g., where FCL is required);
- Businesses under FOCI can still qualify for small business status, so long as they satisfy the Small Business Administration (SBA) test – which includes having a place of business in the U.S. & making a significant contribution to the U.S. economy).
Conclusion
Compliance with FOCI rules is essential for government contractors involved in national security contracts or holding Facility Security Clearances. By understanding FOCI requirements, promptly reporting any concerns, and implementing appropriate mitigations, contractors can ensure compliance while safeguarding national security interests. Remember to stay informed about FOCI updates and consult with experts to navigate the complexities of FOCI successfully.
For a more in-depth analysis of FOCI, and to better understand what Federal contractors need to know in order to comply with FOCI requirements, check out Govology’s on-demand webinar titled Foreign Ownership, Control or Influence (FOCI) Rules for Federal Contractors. In this webinar, presenter Steven Koprince explores FOCI, and the FOCI determination analysis, in greater detail.
About the Author
