//www.congress.gov/bill/117th-congress/house-bill/7900″ target=”_blank” rel=”noopener noreferrer”>NDAA 2026: How Defense Contractors Are Being Screened for FOCI

For decades, the Department of Defense assessed Foreign Ownership, Control, or Influence (FOCI) among defense contractors through self-reporting. This system worked under older geopolitical assumptions but cannot detect layered beneficial ownership schemes or membership in foreign government committees designed to exert influence.

The 2026 National Defense Authorization Act (NDAA) is changing this. Senator Joni Ernst’s amendment in the Senate Armed Services Committee, with companion House language, proposes independent, DoD-directed verification of contractor ownership structures and foreign ties. The Ernst amendment specifically targets membership or affiliation with the Chinese Communist Party’s United Front Work Department (UFWD), an organization that operates as both an influence apparatus and intelligence service.

This amendment represents formal acknowledgment that the DoD’s vendor due diligence model must match the sophistication of state-sponsored corporate capture tactics. Contractors implementing this change comprehensively will establish defensible procurement relationships with government customers for years to come.

What the Ernst Amendment Requires and What Changes

Senator Ernst’s amendment, passed by the Senate Armed Services Committee, gives the DoD twelve months to formalize vetting policies assessing all prime contractors and subcontractors for FOCI risks. If DoD fails to implement within this window, the consequence is automatic: cancellation of all contracts and subcontracts with unassessed contractors.

The amendment does not specify a single methodology. It establishes a compliance deadline and penalty structure. Contractors must be assessed for membership, affiliation, or participation in foreign malign influence programs, specifically including the United Front Work Department (UFWD)-China’s primary mechanism for exerting control and extracting intelligence from foreign entities.

The House Armed Services Committee has advanced companion language mandating a “Clandestine Activities Vendor Database” cataloging contractors engaged in covert operations. The Ernst amendment targets peacetime ownership verification; the House language addresses operational security. Both committees have moved in lockstep, and both bills will likely contain FOCI-strengthening language in the final reconciled NDAA.

The UFWD and Why CCP Influence in Defense Contracts Is a New Enforcement Priority

The United Front Work Department, founded in 1948 and reorganized under CCP chairmanship in 2018, coordinates party influence across diaspora populations, ethnic minorities, and foreign business interests. It maintains formal committees, membership rosters, and organizational hierarchies-a documented institution with publicly available structures.

UFWD affiliation is relevant to contractor vetting because formal UFWD membership indicates a documented institutional relationship with an organization that collects intelligence for the CCP. This creates a latent obligation structure that may activate under operational circumstances.

The Ernst amendment targets UFWD specifically, rather than broader “CCP ties,” because membership is verifiable. Contractors can credibly deny vague “CCP connections” but cannot deny documented committee membership. The amendment shifts the evidentiary burden from government (proving malign intent) to contractors (demonstrating absence of institutional ties).

This represents a doctrinal shift in foreign control assessment. Previous FOCI frameworks focused on ownership percentages and board representation. The Ernst amendment expands “control” to include institutional affiliations not appearing on governance documents. A minority shareholder with UFWD membership may exercise more influence than a majority shareholder without it.

The Self-Disclosure Problem: Why Vendor-Reported FOCI Wasn’t Working

Before the Ernst amendment, DoD lacked formalized mechanisms for independently verifying contractor ownership structures. Contractors self-reported beneficial ownership and submitted FOCI certification forms as part of compliance. The system relied on the assumption that contractors would accurately self-report data exposing them to contract cancellation.

This worked for straightforward ownership structures, but collapsed with layered schemes. A foreign entity acquiring stakes through shell companies in different jurisdictions could obscure the true beneficial owner. A CCP official maintaining informal UFWD membership while owning a U.S. contractor through family trusts had no obligation to disclose.

The problem was not contractor dishonesty but the absence of enforcement mechanisms detecting concealed ownership. Self-reporting fails when the reporting party controls information the government lacks. Contractors with access to beneficial ownership records can selectively disclose. The government, without independent access to corporate registries and relationship mapping databases, cannot verify what contractors omit.

What a Defensible Contractor Vetting Program Requires

The transition from self-reported FOCI assessment to independent DoD verification demands access to detailed beneficial ownership records, historical shareholder changes, board member network affiliations, and personal background data on principals.

Independent FOCI verification requires beneficial ownership analysis reaching natural persons, not just corporate entities. It requires corporate registry data across jurisdictions to identify shell structures, historical record access showing how ownership changed over time, and relationship mapping identifying foreign government ties.

For contractors preparing for this transition: First: Conduct internal beneficial ownership audits tracing all equity stakes to natural person owners. Second: Compile board member and officer background files including foreign government committee memberships and family relationships with foreign officials. Third: Maintain historical records of ownership changes, investor communications, and M&A activities establishing current structures. Fourth: Identify any ownership relationships, board memberships, or vendor relationships creating FOCI exposure under the new standard. SEC disclosure absence is not compliance proof. The standard is whether beneficial ownership or institutional affiliation with foreign malign influence organizations exists.

The broader geopolitical context supports this shift. The European Union and NATO alliance are advancing parallel frameworks for contractor vetting. The contractor demonstrating independent, verified FOCI assessment will have competitive advantage across the allied defense industrial base.

For defense contractors and procurement teams operating within the defense industrial base, the 2026 NDAA amendments represent a shift from compliance theater to operational security. The self-reporting model is being retired and replaced by a verification standard demanding transparency about beneficial ownership and foreign institutional affiliations.

Vendor due diligence in the national security space requires more than internal audit. Beneficial ownership analysis, corporate registry access, and connection mapping to sanctioned entities and foreign government organizations are operational necessities. For contractors preparing to comply with the new FOCI standard, Sayari’s Defense & Intelligence capabilities provide the data infrastructure needed for independent ownership analysis and relationship verification.

The regulatory window is one year. Contractors beginning independent FOCI verification now will transition smoothly to compliance. Those that wait will manage the assessment process under deadline pressure. The 2026 NDAA has answered whether independent FOCI verification is necessary. The question now is whether you will manage that transition proactively or reactively.