Presentation is loading. Please wait.

Presentation is loading. Please wait.

Section Six: Foreign Ownership, Control, or Influence (FOCI)

Published byCesar Leap Modified over 9 years ago

Similar presentations

Presentation on theme: "Section Six: Foreign Ownership, Control, or Influence (FOCI)"— Presentation transcript:

1 Section Six: Foreign Ownership, Control, or Influence (FOCI)
Requirements Note: All classified markings contained within this presentation are for training purposes only.

2 Foreign Ownership, Control, or Influence (FOCI) Indicators
A U.S. company is under FOCI when A foreign interest has the power, whether or not exercised, to direct or decide matters affecting the management or operations of the company This may result in unauthorized access to classified information or may adversely affect performance of classified contracts Indicators include Substantial foreign holdings of company stock > 5 % of the ownership interests > 10% of the voting interest Existence of foreign subsidiaries Foreign corporate officers or board directors Contractual agreements with foreign sources Foreign debts/income Shared corporate officers or board directors

3 Foreign Ownership, Control, or Influence (FOCI) Business Impact
If a defense contractor is determined to be under FOCI: The Defense Security Service (DSS) takes immediate action to safeguard classified information Contractor is not eligible for a new facility clearance until FOCI review Existing facility clearance can continue if DSS sees no risk of compromise Existing facility clearance will be revoked if security measures inadequate If a contractor does not currently possess, or have a current/impending requirement for access to classified information, their facility clearance is administratively terminated The U.S. Government can impose any security methods it deems necessary to protect classified information

4 Foreign Ownership, Control, or Influence (FOCI) Mitigation Requirements and Objectives
U.S. companies that have some degree of foreign ownership or control must develop and implement a mitigation plan FOCI mitigation requires the company to develop a plan to control or deny access to technical information by the foreign entity The U.S. Government and the contractor have to concur on the mitigation plan Objectives To protect classified and export-controlled information To recognize and assess the influence and direction exerted by the foreign parent (and/or foreign government) To develop and to put into effect remedies when foreign influence may be adverse to U.S. national security interests

5 Foreign Ownership, Control, or Influence (FOCI) Mitigation Requirements and Objectives (cont.)
Mitigation enables U.S. contractors to perform on classified programs with provisions in place to Negate foreign influence over that company Deny the foreign entity access to classified or export- controlled data Defense Security Service (DSS) permits mitigation through one of the following: Board Resolution Proxy Agreement and Voting Trust Agreement Security Control Agreement (SCA) and Special Security Agreement (SSA) Technology Control Plan (TCP) and Electronic Communications Plan (ECP)

6 Foreign Ownership, Control, or Influence (FOCI) Mitigation Instruments
Board Resolution Used when the foreign entity does not own voting stock sufficient to elect a representative to the company's governing board Proxy Agreement (PA) and Voting Trust Agreement (VTA) Used when a cleared company is owned or controlled by a foreign entity Both agreements are substantially identical whereby the voting rights of the foreign owned stock are vested in cleared US citizens approved by the Federal Government (DSS) Neither arrangement imposes any restrictions on the company's eligibility to have access to classified information or to compete for classified contracts Security Control Agreement (SCA) Used when the cleared company is not effectively owned or controlled by a foreign entity and the foreign interest is entitled to representation on the company's governing board There are no access limitations under an SCA

7 Foreign Ownership, Control, or Influence (FOCI) Mitigation Instruments (cont.)
Special Security Agreement (SSA) Used when a company is effectively owned or controlled by a foreign entity SSA has access limitations Allows foreign owned U.S. companies to win and work on classified contracts The SCA and SSA are substantially identical arrangements that: Require specific organization of the U.S. company (board, security committee, etc.) Designed to manage contact between the cleared company and its parent and affiliates Grant security clearance to specific sites and employees for classified U.S. projects

8 Foreign Ownership, Control, or Influence (FOCI) Mitigation Instruments (cont.)
Technology Control Plan (TCP) A plan developed and implemented to prescribe security measures necessary to reasonably foreclose the possibility of unauthorized or inadvertent access by any foreign person to information for which they are not authorized The documentation that results from the collaborative process of site functions creating a written plan to manage the presence of foreign nationals in the work place Reinforces workplace awareness and education Identification of physical and electronic controls Established Audits/Checking Serves as evidence to U.S. Government Addresses where foreign national can and cannot go, who will escort them, how will they access information they need, what pre-authorizations are in place A TCP must be in place when: When non-U.S. persons are hired as employees in accordance with applicable laws Visits of three weeks or longer of a non-U.S. person A program involves non-U.S. customers who frequent or are assigned to a cleared site

9 Foreign Ownership, Control, or Influence (FOCI) Mitigation Instruments (cont.)
Electronic Communications Plan (ECP) Required by DSS for FOCI companies Describes the oversight of communications between contractor personnel and the foreign owner and/or affiliates Intended to deter and detect undue influence by the foreign owner/affiliates over management affairs or unauthorized attempts to access classified information or export controlled technology For non-classified networks A network description will be included and contain All electronic communication mediums including but not limited to, personal/network firewalls, remote administration, monitoring, maintenance, and separate servers (as appropriate) The scope will include all communications including telephone, teleconference, video conferences, facsimile, cell phones, PDAs and all computer communication including s and server access Video conferencing shall be treated as a visit under the visitation requirements of the FOCI mitigation agreement Controls will be looked at during your annual DSS Inspection

Download ppt "Section Six: Foreign Ownership, Control, or Influence (FOCI)"

Similar presentations

Managing the Health and Safety of Contractors

Managing the Health and Safety of Contractors
Subchapter M-Indian Self- Determination and Education Assistance Act Program Part 273-Education Contracts under Johnson-OMalley Act.

Subchapter M-Indian Self- Determination and Education Assistance Act Program Part 273-Education Contracts under Johnson-OMalley Act.
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.

WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.
Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service Facility Clearance Branch (FCB)
MANAGING FACILITY CLEARANCES AND CHANGES OF CONTROL Mary Beth Bosco Patton Boggs LLP 2550 M Street, N.W. Washington, D.C. 20037 202.457.6420.

MANAGING FACILITY CLEARANCES AND CHANGES OF CONTROL Mary Beth Bosco Patton Boggs LLP 2550 M Street, N.W. Washington, D.C
BOARD STRUCTURES, BYLAWS AND MEETINGS ADDRESSING THE CHALLENGES by Heman A. Marshall, III, Principal Woods Rogers PLC September 2, 2009.

BOARD STRUCTURES, BYLAWS AND MEETINGS ADDRESSING THE CHALLENGES by Heman A. Marshall, III, Principal Woods Rogers PLC September 2, 2009.
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.

Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.
UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.

UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
Justin Walsh FOCI Program Manager Industrial Security Field Operations.

Justin Walsh FOCI Program Manager Industrial Security Field Operations.
National Contract Management Association – Norfolk Chapter Contracting Ground Rules.

National Contract Management Association – Norfolk Chapter Contracting Ground Rules.
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.

18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
WORK HEALTH AND SAFETY ACT IMPLICATIONS FOR SMALL BUSINESS

WORK HEALTH AND SAFETY ACT IMPLICATIONS FOR SMALL BUSINESS
Security Policies Group 1 - Week 8 policy for use of technology.

Security Policies Group 1 - Week 8 policy for use of technology.
How to Hold Electronic Meetings and Votes Community Associations Institute 2012 Annual Conference Steve Sowell.

How to Hold Electronic Meetings and Votes Community Associations Institute 2012 Annual Conference Steve Sowell.
Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.

Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.

Similar presentations

Ads by Google