What is FOCI Risk?

A US company is considered to be under FOCI risk (Foreign Ownership, Control or Influence) when a foreign interest has the power, direct or indirect, whether or not exercised, to direct or decide matters affecting the management or operations of the company in a manner which may result in a unauthorized access to classified information or may affect adversely the performance of classified contracts. 1
NATIONAL INDUSTRIAL SECURITY PROGRAM OPERATING MANUAL (NISPOM), Paragraph 2-300a
FOCI Risk is More Than a National Security Concern.
The U.S. government has assessed China as a major threat due to their supply chain dominance, economic coercion and cyber attacks. Information and Communications Technology (ICT) is identified as a key target, potentially threatening all entities with an IP address and/or foreign vendors, in addition to government systems.

How Prevalent is Chinese FOCI Risk?
Exiger’s experts analyzed the amount of goods being shipped directly from China, Chinese goods shipped by third-party countries, and its recipients with our technology platform. The resulting picture demonstrates an economic dependence on Chinese supply chains and products in the Americas, despite heightened security and counterfeit risks.

[Download the FOCI Risk Infographic]
What is the “I” in FOCI Risk? How Do You Define Influence?

We define foreign influence as an entity’s dependence on a foreign entity or foreign adversary for revenue, funding, debt, supply, infrastructure or other non-ownership based economic relationships that create a measurable degree of impact on the entity’s decision-making and interests. What companies need to be aware of is when the influence creates a risk like cyber vulnerabilities, supply chain disruption or avenues to obtain and exploit your intellectual property for their gain. Influence is the soft underbelly for the US and Ally industrial base.
BRANDON DANIELS, CEO, Exiger
How Should I Go About FOCI Mitigation ?
It’s time to get acquainted with your suppliers, and your supplier’s suppliers. In a recent global market study of over 300 risk management professionals, Exiger, in partnership with Stax Inc., found that 77% of large companies indicated the need to monitor risks of suppliers down to Tier 3. Our award-winning technology platform solution is designed to surface risk. Illuminate FOCI, Financial Health, Cybersecurity, Environmental Social and Governance (ESG), and Modern Slavery, and other critical risk factors that matter the most to your shareholders and customers.
Empower and visualize your data
DDIQ Analytics
Manage complex risks and find answers fast. Combining the power of Exiger’s proprietary tech stack, DDIQ Analytics distills and visualizes large and complex data sets making it easy to interrogate your risk ecosystem.
Illuminate your supply chain
Supply Chain Explorer
Work at unprecedented speed and scale. Supply Chain Explorer delivers unparalleled transparency in a single click, empowering companies and government agencies to meet the urgent imperative to protect global supply chains from risk.
Do more with less
Insight 3PM
decisions and increase efficiency, transparency, and auditability with our workflow tool Insight 3PM. Real-time research & configuration attributes empower you to take control over your third parties and supply chain.
Get the FOCI Risk Infographic
Sources
- https://www.nispom.org/NISPOMwithISLsMay2014.pdf
- https://media.defense.gov/2021/Nov/03/2002885874/-1/-1/0/2021-CMPR-FINAL.PDF
- https://www.fbi.gov/news/speeches/the-threat-posed-by-the-chinese-government-and-the-chinese-communist-party-to-the-economic-and-national-security-of-the-united-states
- https://www.cnbc.com/2019/02/28/1-in-5-companies-say-china-stole-their-ip-within-the-last-year-cnbc.html
- https://www.uschamber.com/assets/archived/images/documents/files/measuringthemagnitudeofglobalcounterfeiting.pdf