The public comment period for the long-awaited Defense Federal Acquisition Regulation Supplement (“DFARS”) proposed rule, “Mitigating Risks Related to Foreign Ownership, Control, or Influence” (the “proposed DFARS FOCI rule”), closed on July 6, 2026. But recent activity in Congress suggests that the Department of War (“DoW”)’s proposed rule may be only one part of a broader effort to expand the government’s visibility into and mitigation of foreign ownership, control, or influence (“FOCI”) risks across the defense industrial base. Taken together, the proposed DFARS FOCI rule and pending provisions in the House and Senate versions of the Fiscal Year (“FY”) 2027 National Defense Authorization Act (“NDAA”) could substantially extend FOCI-related scrutiny beyond the traditional universe of cleared contractors performing classified work.

DoW Proposes to Extend FOCI Requirements Beyond Classified Contracts

FOCI requirements historically have been associated most closely with the National Industrial Security Program and contractors that hold a facility security clearance to access classified information. Over time, however, policymakers increasingly viewed that framework as leaving a potential gap in the government’s ability to assess and mitigate FOCI risks presented by contractors performing unclassified but sensitive work—including work involving controlled unclassified information (“CUI”), cybersecurity systems, and national security systems.

As Covington previously reported, DoW sought to address this perceived gap in May 2026 by issuing proposed DFARS amendments that would significantly broaden the scope of existing FOCI requirements. The proposed DFARS FOCI rule is intended to implement statutory language enacted in the FY 2020 and FY 2021 NDAAs and, if finalized, would require prime contractors and subcontractors performing certain DoW contracts valued above $5 million to comply with FOCI disclosure and mitigation obligations as part of the procurement process, regardless of whether they hold a facility clearance or perform classified work. The DoW estimates that the proposed rule’s new requirements would affect nearly 40,000 entities acting as offerors or subcontractors.

Although the proposed DFARS FOCI rule generally exempts contracts for the acquisition of commercial products or commercial services, that exemption would not apply if a designated—though not yet named—senior DoW official determines that a contract presents a “risk or potential risk to national security or potential compromise because of sensitive data, systems, or processes.” The proposed DFARS FOCI rule provides limited guidance regarding how DoW would make that determination, leaving open questions about when ostensibly commercial work could nevertheless trigger FOCI scrutiny.

The public comment period on the proposed DFARS FOCI rule closed on July 6, 2026.

Recent congressional activity indicates that the proposed DFARS FOCI rule is unlikely to be the final word on FOCI-related reform for defense contractors.

Senate NDAA

On June 1, 2026, Senators Elizabeth Warren (D‑MA) and Chuck Grassley (R‑IA) introduced bipartisan legislation that would further expand FOCI disclosure requirements. The bill included two principal components:

  • It would lower the contract-value threshold for FOCI disclosure and mitigation requirements established in the FY 2020 NDAA, and reflected in the proposed DFARS FOCI rule, from contracts valued above $5 million to contracts valued above $500,000.
  • It would align the definition of “beneficial owner” with an existing definition in Title 10, rather than defining the term by reference to 17 C.F.R. § 240.13d-3.

Senators Warren and Grassley described the legislation as closing a gap in current law that permits contractors with less than $5 million in contracts to avoid ownership disclosure and FOCI mitigation requirements. The provision lowering the threshold for disclosure from $5 million to $500,000 was subsequently incorporated as Section 820 of the Senate Armed Services Committee (“SASC”) version of the FY 2027 NDAA.

The SASC bill does not include the Warren-Grassley bill’s proposed change to the definition of “beneficial owner,” though identifying beneficial ownership of defense industrial base companies remains a focus elsewhere in the SASC-version of the NDAA. Section 842 of the SASC bill requires the Secretary of War to designate an office under the Assistant Secretary of War for Industrial Base Policy with “primary responsibility for identifying, assessing, monitoring, and mitigating risks related to adversarial capital in the defense industrial base” including the “analysis of entities to determine when tactics are used to obfuscate the ownership relationships to hide adversarial capital flows….” The SASC bill has been reported out of committee and awaits action on the Senate floor.

House NDAA

Key Takeaways

Defense contractors should continue to monitor the pending DFARS rulemaking, as well as congressional consideration of FOCI-related provisions in the FY 2027 NDAA. If adopted in their current form, these initiatives could:

  • Expand FOCI disclosure and mitigation requirements to many DoW contractors that do not perform classified work;
  • Subject certain commercial contractors to FOCI scrutiny based on national security risk considerations;
  • Increase disclosure and mitigation compliance obligations for contractors with foreign investors, foreign affiliates, or complex ownership structures; and
  • Continue a broader trend toward greater transparency into ownership and control within the defense industrial base, through both affirmative contractor disclosures and enhanced DoW monitoring capabilities.

Companies that have historically viewed FOCI as a concern relevant primarily to cleared contractors should reassess that assumption—and prepare for enhanced disclosure obligations during the procurement process—as DoW and Congress continue to expand the government’s visibility into, and mitigation of, FOCI risks across the defense supply chain.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Heather Finstuen Heather Finstuen

Heather Finstuen has extensive experience advising clients on cross-border investment and U.S. national security matters, negotiating and implementing mitigation agreements, and leading internal investigations and responding to government inquiries related to U.S. national security risks. Clients regard Heather as “very thoughtful” and “superb…

Heather Finstuen has extensive experience advising clients on cross-border investment and U.S. national security matters, negotiating and implementing mitigation agreements, and leading internal investigations and responding to government inquiries related to U.S. national security risks. Clients regard Heather as “very thoughtful” and “superb at translating legal requirements to business realities” (Chambers USA).

Heather represents domestic and international companies in numerous industries in securing the approval of the Committee on Foreign Investment in the United States (CFIUS). She frequently advises clients on national industrial security program regulations and engages with the Defense Counterintelligence and Security Agency, the Department of Energy, and other cognizant security agencies on the determination and mitigation of foreign ownership, control, or influence (FOCI).

Heather has expertise in identifying CFIUS and FOCI mitigation solutions that support commercial strategic objectives and translating complex mitigation requirements into pragmatic business practices. She has been involved in many complex CFIUS and FOCI matters across all industry sectors, including Brookfield Asset Management and Cameco’s $7.9 billion acquisition of Westinghouse; Advent International’s $14 billion consortium investment in McAfee and $6.4 majority investment in Maxar Technologies; BAE Systems’ $5.5 billion acquisition of Ball Aerospace and $2 billion combined acquisition of Collins Aerospace’s military GPS business and Raytheon’s military radios business; Peugeot’s $58 billion merger with Fiat Chrysler Automobiles to create Stellantis N.V.; Nexen Inc.’s $15 billion sale to China National Offshore Oil Corporation; and GlobalFoundries’ $1 billion acquisition of the IBM Microelectronics Division.

Heather counsels U.S. government contractors on National Industrial Security Program Operating Manual (NISPOM) requirements, obtaining and maintaining facility and personnel security clearances, safeguarding requirements, and supply chain considerations. Heather has led numerous internal investigations relating to U.S. national security issues and compliance concerns and has counseled U.S. government contractors in connection with internal investigations, mandatory disclosures, federal inquiries and investigations, and compliance policies and procedures.

Heather was recognized as a Law360 International Trade MVP for 2021 and 2024.

Before joining the firm, Heather served as a law clerk to the Honorable Carolyn Dineen King of the United States Court of Appeals for the Fifth Circuit.

Photo of Scott A. Freling Scott A. Freling

Scott Freling co-chairs the firm’s Government Contracts practice and is recognized by Chambers USA as a leading practitioner. He divides his practice between representing civilian and defense contractors in traditional government contracts matters and guiding buyers and sellers—including a number of leading private…

Scott Freling co-chairs the firm’s Government Contracts practice and is recognized by Chambers USA as a leading practitioner. He divides his practice between representing civilian and defense contractors in traditional government contracts matters and guiding buyers and sellers—including a number of leading private equity firms—through the regulatory aspects of complex M&A deals involving government contractors.

Chambers USA ranks Scott as a Band 1 lawyer for Government Contracts M&A. Scott is sought after for his regulatory expertise and his ability to apply that knowledge to the transactional environment. He has extensive experience leading classified and unclassified due diligence reviews of government contractors, negotiating transaction documents, and assisting with integration and other post-closing activities. He has served as the lead government contracts lawyer in dozens of M&A deals, with a combined value of more than $80 billion. Some of Scott’s notable transactions include Shield AI’s acquisition of Aechelon, Warburg Pincus and Berkshire Partners’ take-private acquisition of TRIUMPH for $3 billion, Advent International’s take-private acquisition of Maxar Technologies for $6.4 billion, and Aptiv’s acquisition of Wind River for $3.5 billion.

Scott also represents contractors at all stages of the procurement process and in their dealings with federal, state, and local government customers. He handles a wide range of government contracts matters, including compliance counseling, contract terminations, claims, disputes, audits, and investigations. Scott frequently advises contractors on organizational conflicts of interest and government intellectual property rights. He also counsels clients on risk mitigation strategies, including obtaining SAFETY Act liability protection for anti-terrorism technologies.

Law360 has recognized Scott as a MVP in Government Contracts. He was a founding co-chair of the Mergers and Acquisitions Committee of the ABA’s Public Contract Law Section.

Darby Yeager

Darby Yeager is an associate in the Government Contracts and CFIUS Practice Groups. She advises clients on a range of regulatory issues involving cross-border transactions and government contract compliance issues. Her practice includes advising clients on the U.S. national security review process administered…

Darby Yeager is an associate in the Government Contracts and CFIUS Practice Groups. She advises clients on a range of regulatory issues involving cross-border transactions and government contract compliance issues. Her practice includes advising clients on the U.S. national security review process administered by the Committee on Foreign Investment in the United States (CFIUS) as well as on emerging national security regulatory regimes, such as the Treasury Department’s Outbound Investment Program.

Photo of Eunsun Cho Eunsun Cho

Eunsun Cho is an associate in the Government Contracts Practice Group. She assists clients on a range of regulatory and compliance issues.

Eunsun also maintains an active pro bono practice.