• National Security/CFIUS

Innovative solutions for complex regulations.

BDO assists organizations in meeting national security requirements set by the Committee on Foreign Investment in the United States (CFIUS) during cross-border mergers and acquisitions. We offer support to companies, both foreign and domestic, in all stages of CFIUS preparation, submission, and review. From helping clients in their process improvement, to maintaining compliance for national security purposes, to acting as Independent Third-Party Auditors, Monitors, and Escrow Agents, BDO employs proven methodologies and innovative technologies through each stage of the CFIUS process.
BDO’s team members have deep experience addressing complex CFIUS requirements and regulatory compliance criteria. In every engagement, BDO leverages that experience, serving virtually every industry related to U.S. National Security Assets and U.S. Critical Infrastructure. Our team has been actively engaged on various significant CFIUS matters in the areas of telecommunications, aerospace and defense, oil and gas, financial services, critical manufacturing, and information technology.
Our services include:
  • Experience and understanding of National Security concerns and government agencies’ focus
    Performing Independent Third-Party compliance audits, Monitorships, and acting as Escrow Agents when requested
  • Developing governance models for systems, processes, and controls that protect national security interests
  • Developing mitigation assessment models including security plan implementation and pre-audit evaluation components
  • Assessing internal controls, including physical and logical access, vulnerability testing, and network and infrastructure segregation
  • Evaluation of source code through manual and automated comparison tools for mitigation against possible system failure, security vulnerabilities, and security threat analysis
  • Assisting with CFIUS negotiation strategy, including organizational, operational and financial impact studies.
  • Implementing practices to achieve Cybersecurity Maturity Model Certification's (CMMC) maturity levels and assistance in navigating through regulation mapping, gap analysis, and risk assessments.