National security has never been more closely tied to economic resilience, so understanding Foreign Ownership, Control, or Influence (FOCI) risks has become a top priority for the Department of Defense. Accrete has created a FOCI detection tool that identifies the risk of foreign influence by filtering through siloed data, mapping relationships and identifying activity indicative of nefarious influence, an ideal solution for this national security concern.
We sat down with Josh Bramble, Product Manager for Argus for Supply Chain Influence, to get his take on the value of the tool and its role in protecting the defense industrial base.
In the discussion, Bramble sheds light on why AI-powered due diligence is essential and how organizations can protect themselves from hidden threats.
The Critical Role of Argus in National Security
Accrete: From your perspective, why is a tool like Argus for Supply Chain Influence crucial in National Security?
Josh Bramble: Argus streamlines the due diligence process by surfacing latent risks that would otherwise require an insurmountable level of manual analysis. By automatically mapping organizational ecosystems across multiple, otherwise siloed data sources, Argus rapidly identifies specific supply chains and ownership structures that pose a risk to national security.
Having a tool that can search through N-tier networks and pinpoint vulnerabilities is critical for organizations to spend less time surfacing evidence and more time taking action. This is especially valuable in public-private sector ecosystems in foreign countries, where a company that appears private may actually have deep ties to government agencies.
Identifying FOCI Risks in Supply Chains
Accrete: When companies or government agencies are focused on FOCI, what information should they be looking for?
Bramble: Organizations need to analyze a combination of data sources, including corporate registries, financial disclosures, and news articles. Only when these disparate data points are semantically combined can they reveal how a foreign government may be exerting influence on a company’s supply chain.
Often, it’s necessary to investigate beyond the first few layers of corporate structure. For example, a vendor may be owned by a domestic firm, but its ultimate parent company could be a foreign state-owned enterprise. Alternatively, a key supplier may be in a joint venture with an entity that operates on behalf of a foreign government. These risks are frequently obfuscated across multiple data sources, making automated tools indispensable for due diligence.
The Challenges of Detecting Hidden FOCI Risks
Accrete: Why is it difficult to uncover some critical data or connections that reveal FOCI? How is this data hidden?
Bramble: Traditional due diligence methods—such as supplier questionnaires or self-disclosures—are inherently flawed. Companies may not even be aware of the risks embedded within their supply chains, while others might actively withhold information to avoid scrutiny.
Furthermore, key data on organizational structures and business relationships is scattered across various databases and geographies. Analysts must spend excessive time stitching together a holistic picture, making manual investigations inefficient and prone to oversight.
The Role of Knowledge Graphs and Advanced Search
Accrete: Why are knowledge graphs and search features essential when drilling into hidden FOCI data?
Bramble: Knowledge graphs are necessary but insufficient on their own. To effectively highlight vulnerabilities, they need to be refined using advanced search algorithms that prioritize context over simple keyword matching.
A comprehensive knowledge graph might outline a company’s global operations, but the challenge lies in filtering out noise to pinpoint meaningful connections. For example, identifying which subsidiaries introduce risk or tracing suppliers back to foreign governments requires more than just raw data—it demands intelligent automation to surface the most relevant insights.
Key Indicators of FOCI Concerns
Accrete: What are some key indicators that a company or government agency may be subject to FOCI concerns?
Bramble: FOCI risks are often not immediately apparent, as adversarial entities go to great lengths to obscure their identities. Some common red flags include:
- Joint ventures with foreign entities linked to government influence
- Executives holding positions in multiple companies abroad
- Investments from entities with high-risk FOCI profiles
By identifying multi-tier linkages between board members, suppliers, and investors, organizations can uncover hidden vulnerabilities that might otherwise go unnoticed.
Best Practices for Assessing and Monitoring Supply Chain Risks
Accrete: How can organizations assess and monitor their supply chains for FOCI risks?
Bramble: Organizations must move beyond self-reported supplier data and traditional vetting processes like sanctions list matching. Bad actors can easily circumvent these measures by leveraging intermediaries or obscure corporate structures.
Instead, companies should implement continuous monitoring systems that can rapidly conduct due diligence on suppliers, customers, investors, and even board members. It’s important to recognize that even tier-1 companies may not be acting maliciously but could still be unwitting conduits for foreign government influence.
The Impact of Argus on FOCI Risk Mitigation
Accrete: How does using a tool like Argus help in vetting third-party vendors to prevent FOCI-related threats?
Bramble: Argus significantly reduces the time needed to identify FOCI risks by tracing up to five tiers of corporate relationships. Its advanced search algorithms allow organizations to focus on the specific connections that matter rather than sifting through an overwhelming amount of data.
Unlike generic risk assessment models, Argus allows users to define risk criteria based on their unique needs. This means organizations can tailor their due diligence efforts to capture nuanced threats that might otherwise slip through conventional vetting processes.
Emerging Trends in FOCI-Related Supply Chain Risks
Accrete: In your experience using Argus, what emerging trends or threats do you foresee in FOCI-related supply chain risks?
Bramble: Organizations are becoming increasingly aware of the long-term strategies employed by foreign governments to infiltrate supply chains. These efforts often appear commercially-motivated at first—such as investments by state-owned enterprises or strategic acquisitions—but over time, they create significant vulnerabilities.
One concerning trend is the increasing complexity of ownership structures. Foreign actors often establish convoluted networks of subsidiaries and shell companies, making it harder to trace their true influence. This is particularly evident in industries where national security is a concern, such as defense, technology, and critical infrastructure.
Conclusion
The ability to detect and mitigate FOCI risks is a necessity because the stakes are high. As adversaries refine their tactics to obscure their influence, organizations must adapt by leveraging automation and AI-powered tools like Argus for Supply Chain Influence. By doing so, they can proactively safeguard their supply chains and ensure long-term resilience against foreign interference.
Accrete’s Argus empowers organizations to move beyond surface-level assessments and uncover the hidden threats that could compromise national security.