Foreign Ownership, Control or Influence and g p, Government - - PowerPoint PPT Presentation

Presenting a live 90‐minute webinar with interactive Q&A

Foreign Ownership, Control or Influence and g p, Government Contractor Security Clearance

Mitigating FOCI and Meeting Requirements for National Interest Determinations

T d ’ f l f

1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific TUES DAY, OCTOBER 26, 2010

Today’s faculty features: Farhad Jalinous, Partner, Kaye Scholer, Washington, D.C.

• G. Christopher Griner, Partner, Kaye Scholer, Washington, D.C.
• Dr. Paul Halpern, AT&L CFIUS

Coordinator, U.S. Dept. of Defense, Arlington, Va. S tephen F . Lewis, Deputy Director, Industrial S ecurity Policy, U.S. Dept. of Defense, Crystal City, Va.

The audio portion of the conference may be accessed via the telephone or by using your computer's speakers. Please refer to the instructions emailed to registrants for additional information. If you have any questions, please contact Customer Service at 1-800-926-7926 ext. 10.

Tips for Optimal Sound Quality

If you are listening via your computer speakers, please note that the quality of your sound will vary depending on the speed and quality of your internet connection. If the sound quality is not satisfactory and you are listening via your computer speakers, you may listen via the phone: dial 1-866-871-8924 and enter your PIN when prompted. Otherwise, please send us a chat or e-mail sound@ straffordpub.com immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance.

Continuing Education Credits

FOR LIVE EVENT ONLY

For CLE and/ or CPE purposes, please let us know how many people are listening at your location by completing each of the following steps:

• Close the notification box
• In the chat box, type (1) your company name and (2) the number of

attendees at your location

• Click the blue icon beside the box to send

Foreign Ownership, Control or Influence and Government Contractor Security Foreign Ownership, Control or Influence and Government Contractor Security and Government Contractor Security Clearance and Government Contractor Security Clearance

• G. Christopher Griner, Partner, Kaye Scholer LLP

cgriner@kayescholer.com Farhad Jalinous, Partner, Kaye Scholer LLP fjalinous@kayescholer com fjalinous@kayescholer.com Stephen F. Lewis, Deputy Director, Industrial Security Policy Office of the Under Secretary of Defense (Intelligence), Security Directorate, U.S. Dept. of Defense Stephen.Lewis@osd.mil @

• Dr. Paul Halpern, AT&L CFIUS Coordinator, Office of the Under Secretary of

Defense (Acquisition Technology & Logistics), U.S. Dept. of Defense paul.halpern@osd.mil

October 26, 2010

What is FOCI? What is FOCI?

• A US company is considered to be under foreign ownership, control or

influence (“FOCI”) when a foreign interest has the power, direct or indirect, whether or not exercised, to direct or decide matters affecting the , g management or operations of the company in a manner which may result in unauthorized access to classified information or may affect adversely the performance of classified contracts. (NISPOM, paragraph 2-300a)

• The National Industrial Security Program Operating Manual (“NISPOM”)

lists the following factors to be considered in the aggregate in determining whether a company is under FOCI: et e a co pa y s u de OC

– Record of economic and government espionage against US targets, – Record of enforcement and/or engagement in unauthorized technology transfer, – Type and sensitivity of information requiring protection, yp y q g p , – The source, nature and extent of FOCI, – Record of compliance with pertinent US laws, regulations and contracts, – Nature of bilateral and multilateral security and information exchange agreements, and

5

y g g , – Ownership or control, in whole or in part, by a foreign government.

What is FOCI? What is FOCI?

• A company under FOCI is not eligible to be issued a Facility Security

Clearance (“FCL”) or continue to hold an FCL unless its FOCI is mitigated in accordance with the NISPOM and in a manner acceptable to the US in accordance with the NISPOM and in a manner acceptable to the US Government

• The Defense Security Service (“DSS”) administers the Department of

Defense (“DoD”) FOCI program and is responsible for examining foreign Defense ( DoD ) FOCI program, and is responsible for examining foreign involvement in US companies that are in the process of obtaining a DoD FCL or that hold a DoD FCL

• The Department of Energy (“DoE”) fulfills this role for DoE FCLs
• The Department of Energy ( DoE ) fulfills this role for DoE FCLs

– The DoD FOCI program is significantly larger than the DoE’s

6

Deal Implications Deal Implications

• Purchase Agreement Terms

– Reps & Warranties Reps & Warranties – Covenants – Conditions Precedent

• Customer Briefings

– Buyer information y – FOCI mitigation proposal

• DSS Notification & Engagement

g g

– Under the NISPOM, when a contractor with an FCL enters into negotiations for the proposed merger, acquisition, or takeover by a foreign interest the contractor must submit notification to DSS of the foreign interest, the contractor must submit notification to DSS of the commencement of such negotiations

7

FOCI Mitigation FOCI Mitigation

• In minority foreign investment cases, the available FOCI mitigation mechanism hinges on

whether the foreign investor is entitled to board representation or not.

• Board Resolution: Available in cases with no foreign investor representation on the board
• Security Control Agreement (“SCA”): Available in cases of minority foreign investor representation on the

board of directors

• Requires appointment of at least one independent, DSS-approved Outside Director to the SCA company’s board
• In majority foreign ownership cases, FOCI is mitigated via a Proxy Agreement, Voting Trust or a

Special Security Agreement Special Security Agreement.

• Proxy Agreement/Voting Trust: Premised on the concept of risk avoidance
• Foreign representation on board prohibited
• Proxy Holders/Trustees approved by DSS control the company, subject to limited authority of foreign owner
• US target must be financially self-sufficient

g y

• Requires establishment of a Government Security Committee (“GSC”)
• Imposes no restrictions on the Proxy company’s eligibility to have access to classified information or to compete

for classified contracts

• Requires procedures governing visits and communications between Proxy company and the Proxy company’s

parent and affiliate companies outside of the Proxy parent and affiliate companies outside of the Proxy

• Special Security Agreement (“SSA”): Premised on the concept of risk mitigation
• Minority foreign representation on the board (“Inside Directors”)
• Requires the appointment of independent Outside Directors approved by DSS
• National Interest Determinations required for access to “proscribed” classified information
• Requires establishment of a GSC and a Compensation Committee
• Requires procedures governing visits and communications between SSA company and the SSA company’s

non-SSA parent and affiliate companies

8

National Interest Determinations (NIDs) National Interest Determinations (NIDs)

– Government Contracting Activity (“GCA”) must issue NID for company cleared under SSA to have access to proscribed classified information, which includes:

• Top Secret (TS)
• Sensitive Compartmented Information (“SCI”)
• Special Access Program (SAP)
• Communications Security (“COMSEC”)

– Excluding controlled cryptographic items when unkeyed or utilized with unclassified keys Excluding controlled cryptographic items when unkeyed or utilized with unclassified keys

• Restricted Data (“RD”)

– NIDs may be contract-, project-, or program-specific – Requires a determination by the Program Executive Office of the relevant GCA Requires a determination by the Program Executive Office of the relevant GCA that “…release of proscribed information is consistent with the national security interests of the United States” – Concurrence of the Office of the Director of National Intelligence required for SCI DoE for RD and National Security Agency (“NSA”) for COMSEC SCI, DoE for RD and National Security Agency ( NSA ) for COMSEC. – New Information Security Oversight Office (ISOO) timeline requirements for NID decisions

• 30 days if GCA owns or controls proscribed information, 60 days if concurrence of

y p , y another agency is required (e.g., NSA for COMSEC)

• GCAs can get extensions in 30-day increments if there are “special circumstances”

9

CFIUS: Committee on Foreign Investment in the United States CFIUS: Committee on Foreign Investment in the United States

• If FOCI involved in the context of an acquisition, CFIUS review occurs in parallel

under

– Separate statutory process – Separate US Government participants – Separate timetables p

• Why CFIUS?

– Sect. 721 of the Defense Production Act (“DPA”) establishes process for review of the national security impacts of foreign mergers acquisitions and takeovers of U S located national security impacts of foreign mergers, acquisitions and takeovers of U.S.-located firms under the interagency CFIUS committee

• Applies to all foreign investments in defense and infrastructure-related firms regardless of whether

the U.S.-located firms have classified contracts

• Infrastructure role in national security clarified in 2007 amendments enacted in Foreign Investment

and National Security Act (“FINSA”)

– President has the authority to suspend or terminate such transactions if they present “credible threats” to national security that cannot be adequately mitigated under other laws, excluding the International Economic Emergency Powers Act

10

CFIUS Notification & Impact of FOCI CFIUS Notification & Impact of FOCI

• Initiation of CFIUS Reviews

– Notification of CFIUS with a formal filing or even informal notification is voluntary on the part of the parties; but part of the parties; but – CFIUS can initiate a review of any defense or infrastructure-related transaction on its own so voluntary filing is prudent for a deal that is clearly defense- or infrastructure-related

• Informal discussions with the CFIUS chair (the Treasury Department) or federal departments likely

( y p ) p y to have equities can help parties determine if a filing is

– Prudent: Office of Under Secretary of Defense (Acquisition Technology & Logistics) (“OUSD (AT&L)”) often vets deals when asked – Likely to meet the technical thresholds for a transaction covered by CFIUS (e.g., assets acquired in the deal, y y ( g , q , extent of foreign stake, etc.)

• OUSD (AT&L) particularly troubled when a transaction that is defense- or infrastructure-related

closes prior to CFIUS having an opportunity to review it because of enhanced risk of illegal technology transfer

• CFIUS member agencies have their own sources of news on pending transactions and often ask

the chair to approach the parties about their intentions to file before closing

• Since deals involving FOCI process due to classified contracts or a facility

clearance are by definition defense related parties to such transaction risk ire of clearance are by definition defense-related, parties to such transaction risk ire of CFIUS members if they do not file voluntarily and well before closing

11

CFIUS Member Agencies CFIUS Member Agencies

 Permanent members established in 2007 FINSA amendments

 Treasury Department (chair)  State Department  State Department  Commerce Department  DoD  Justice Department  Department of Homeland Security  DoE, and  Department of Labor & Director, National Intelligence (ex officio)

 White House by Executive Order added:  US Trade Representative and Office of Science and Technology Policy as members; US ade ep ese tat ve a d O ce o Sc e ce a d ec

• ogy o cy as

e be s;  National Security Council, Council of Economic Advisors, Office of Management & Budget, among others, as non-voting participants  Other agencies participate as relevant to particular cases g p p p  Overall composition favorable to foreign investment over national security with burden of proof

• n the latter

12

CFIUS Time Lines CFIUS Time Lines

• 30-day initial review

– Majority of filed transactions are approved at end of this period or determined not to be “covered transactions” with CFIUS jurisdiction

• Additional 45-day investigation

– Mandatory with FINSA amendments in cases of Foreign Government Control & Critical y g Infrastructure unless

• Deputy Agency Heads of co-lead agencies waive this requirement, which is rare

– Also employed when there are Also employed when there are

• Unresolved issues needing more time for review
• CFIUS member seeks approval to mitigate national security concerns posed by the deal
• CFIUS is considering a recommendation to block the deal
• 15-day Presidential review and decision

– If CFIUS deadlocked, or recommends a Presidential block, or has any other special , , y p reason, case goes to the President for decision followed by report to the Congress

13

CFIUS: Key Timing Matters CFIUS: Key Timing Matters

• CFIUS cases in investigation no longer automatically go to the President at end
• f the investigation if CFIUS satisfied with a deal

– Mitigation agreement signed – CFIUS determines no mitigation is necessary and there are no unresolved national security issues y

• Either way, Deputy Agency Heads of co-lead agencies have to certify that there are no unresolved

national security issues

– Mandatory Presidential role eliminated in revised Executive Order after 2007 FINSA y amendments

• During initial review or investigation, if parties determine after communications

with CFIUS that there will be insufficient time to resolve any national security issues before a case is required to go to the President, they can voluntarily withdraw and refile

– Refiling will automatically restart the 30-day clock – New review may be terminated early if all remaining issues are resolved

14

CFIUS: Why More Cases Subject to FOCI Process Now Go To Investigation CFIUS: Why More Cases Subject to FOCI Process Now Go To Investigation g

• As noted, FINSA amendments require that Deputy Agency Heads of co-lead

agencies certify at end of 30-day & 45-day reviews that there are no unresolved ti l it i national security issues

• Since complicated cases requiring need for FOCI mitigation necessarily involve

national security issues, DoD senior management usually will not certify at end f 30 d d ill t i ti ti th t FOCI l t d ti l it

• f 30 days and will request investigation so that FOCI-related national security

issues can be resolved before certification

• Examples of transactions with complicated FOCI issues are those with
• Large number of classified contracts
• Proscribed Information contracts requiring either a Proxy, NIDs, or divestiture
• A mix of both these situations
• A mix of both these situations
• USD(AT&L) has coordinating office for certain types of Proscribed Information

contracts and works with DSS and the Office of the Under Secretary of Defense (Intelligence) (“OUSD(I)“)in resolution of issues in complex FOCI cases (Intelligence) ( OUSD(I) )in resolution of issues in complex FOCI cases

15

CFIUS & FOCI Process: Hybrid Results CFIUS & FOCI Process: Hybrid Results

• FOCI mitigation primarily limited to impact of foreign ownership, control
• r influence on performance on U.S. classified contracts
• A large, complex, or sensitive foreign acquisition subject to FOCI

process can also raise national security issues that involve matters such as:

– Supply chain reliability and integrity based on possible off-shoring of production facilities or concerns about the new foreign owner’s willingness to supply DoD during certain types of military conflicts – Critical infrastructure reliability and integrity in areas such as telecommunications – Technology security concerns in areas of controlled but unclassified technology technology

• Some transactions that fall into this “dual concerns” category may

receive both required FOCI mitigation and a CFIUS mitigation agreement agreement

16

AT&L Role in the CFIUS & FOCI Reviews AT&L Role in the CFIUS & FOCI Reviews

• Separate from Sect. 721 of the DPA, AT&L has informally delegated statutory

authority from Secretary of Defense under 10 U.S.C. 2537(c) to determine if the U S -located firm in each CFIUS case is U.S. located firm in each CFIUS case is

– “Engaged in development of critical defense technology”

• Staff expertise, firm’s R&D contracts, Militarily Critical Technology Program, US Munitions List

– “Otherwise important to defense industrial and technology base”

• Technology base importance interpreted to mean mature critical defense technology that is strictly

export-controlled under the International Traffic in Arms Regulations (ITAR)

• Industrial base importance interpreted to mean unique production capabilities, market dominance,

single source, sole qualified source with long and costly qualification times impacted by availability of lt ti f t alternative sources; ease of entry

– AT&L also interested in the financial status of the parties to a transaction and whether the buyer has any strategic interest in and prior experience with the defense market

• Positive findings under one or more of these statutory criteria does not

t ti ll t i d ti f CFIUS i ti ti CFIUS iti ti automatically trigger recommendations for CFIUS investigation, CFIUS mitigation, CFIUS block or stricter FOCI mitigation regime but it can impact AT&L’s policy recommendations to DoD senior management

• AT&L is the DoD component that interacts with defense-related companies the

AT&L is the DoD component that interacts with defense related companies the most, always willing to advise them on the CFIUS process and vet deals early

17

Policy Developments Policy Developments

• Issuance of Directive-Type Memorandum (DTM) 09-019 – “Policy

Guidance for Foreign Ownership, Control or Influence (FOCI),” September 2009 Change 1 June 2010 2009, Change 1 June, 2010

– Applies to DoD Components, including DSS – Provides specific direction regarding assessments of FOCI action plans submitted by i companies – Requires invalidation of facility clearance if sale is completed prior to approval of FOCI action plan – Requires OUSD(I) approval for FOCI template plans, DSS reporting of deviation from template – Requires DSS to address electronic communications in assessment of FOCI action plans

• Update to 32 CFR Part 2004, NISP Directive No. 1, April, 2010

– Provides direction across the Federal Government S t ti li f i d i l f NID f f i d i l d d – Sets timelines for issuance or denial of NIDs for foreign-owned companies cleared under SSAs

18

Relevant References Relevant References

• Executive Order 12829, 6 January 1993, National Industrial Security

Program (NISP): Established federal program for protection of classified information in industry

• NISP Operating Manual, DoD 5220.22-M: Baseline security requirements

for industry, includes FOCI measures, reporting for industry, includes FOCI measures, reporting

• Directive-Type Memorandum (DTM) 09-019 - “Policy Guidance for Foreign

Ownership, Control, or Influence (FOCI)”: Direction for DoD components and non DoD agencies using DoD industrial security services and non-DoD agencies using DoD industrial security services

• 32 C.F.R. Part 2004, National Industrial Security Program Directive No. 1:

Direction for Federal Government

• Template FOCI Agreements at www.dss.mil
• 31 CFR Part 800, RIN 1505–AB88: Regulations Pertaining to Mergers,

Acquisitions and Takeovers by Foreign Persons: Applies to Federal Acquisitions, and Takeovers by Foreign Persons: Applies to Federal Government and private sector, provides CFIUS guidance and direction

19

Q&A Q&

20