DoD’s Proposed FOCI Rule Could Bring Ownership Scrutiny to More Contractors

The Department of Defense’s proposed DFARS rule on foreign ownership, control, or influence should be read as more than a technical update for cleared contractors. It signals a broader movement in federal procurement toward treating ownership, control, beneficial ownership, foreign influence, supply chain exposure, and sensitive data access as core acquisition-risk issues. The proposed rule, published in the Federal Register on May 7, 2026, would implement new requirements for mitigating risks related to FOCI and beneficial ownership. It would apply to certain DoD contracts and subcontracts above $5 million, while generally excluding commercial products and commercial services unless a senior DoD official identifies a national security or sensitive data risk.

The practical importance of the proposed rule is that FOCI analysis may no longer be viewed as a specialized compliance concern limited to companies holding facility clearances. For many defense contractors, especially those operating in technology, logistics, professional services, data management, cybersecurity, systems integration, engineering, and supply chain support, the ownership and control structure of the business may become part of the government’s responsibility and risk assessment. Contractors with foreign parents, foreign investors, private equity ownership, complex affiliate structures, foreign board rights, foreign lenders, or subcontractor arrangements involving foreign ownership may need to explain those relationships earlier and more completely than they have in the past.

The rule also appears likely to create a cascading compliance concern through the subcontracting chain. If prime contractors must assess or flow down FOCI-related requirements to subcontractors above the relevant threshold, then ownership transparency becomes a supply chain management issue, not merely a legal department issue. This could affect teaming decisions, subcontractor diligence, proposal timelines, and the documentation contractors request from potential partners before including them in bids.

From a contractor-readiness perspective, the best response is not panic, but preparation. Contractors should begin by mapping their current ownership and control structure. This includes parent companies, subsidiaries, affiliates, minority investors, voting rights, board seats, veto rights, debt instruments, foreign ownership interests, and any contractual rights that could allow a foreign interest to exercise influence. They should also examine whether foreign-owned or foreign-influenced subcontractors have access to sensitive data, controlled technical information, covered defense information, source selection information, or mission-critical systems.

The larger lesson is that DoD increasingly views contractor risk through an integrated lens. Cybersecurity, supply chain security, data access, ownership transparency, and national security are no longer separate compliance silos. They are converging into a more demanding form of contractor responsibility.

For federal contractors, the proposed FOCI rule should be treated as an early warning. Companies that wait until proposal submission to understand their ownership profile may find themselves disadvantaged. Companies that can explain their ownership, identify risks, document mitigation, and manage subcontractor transparency will be better positioned in a procurement environment where trust, control, and security increasingly influence award decisions.

Disclaimer: This post is for informational purposes only and does not constitute legal advice. Federal procurement rules, agency guidance, and enforcement priorities may change. Contractors should consult qualified counsel or appropriate advisors before making legal, compliance, proposal, or contracting decisions.