The 2026 NDAA Just Changed the Rules – Are Your Vendors a Hidden Risk?

Foreign ownership. Influence operations. Hidden control. These aren’t hypothetical risks — they’re real, persistent vulnerabilities inside the U.S. defense industrial base. And now, thanks to a powerful new amendment in the 2026 National Defense Authorization Act (NDAA), the Department of Defense (DoD) is being compelled to respond with greater speed and scrutiny.

A strategic wake-up call

In July 2025, Senator Joni Ernst introduced the Assessment of Foreign Ownership Contractors amendment to purge Chinese Communist Party (CCP) influence from U.S. defense supply chains.[1] Her message was clear:

“The last thing we need to do is leave the backdoor unlocked.”

That amendment — now adopted into the NDAA — requires the DoD to vet all contractors for ties to Chinese intelligence services, especially the CCP’s powerful and shadowy United Front Work Department (UFWD). The penalty for inaction? Contract cancellation.

This isn’t just about procurement hygiene. It’s about safeguarding the very foundation of the U.S. national defense.  

Beyond contracts: The real cost of inadequate vetting

Until now, the vendor vetting process relied heavily on self-disclosure from contractors. A company simply had to say they weren’t controlled, owned or influenced by foreign entities. That model left a gaping blind spot and, as recent investigations have shown, that’s no longer good enough.

A February 2025 exposé[2] revealed that a defense contractor with $60 million in U.S. contracts was owned by a man identified by Chinese state media as a director in multiple UFWD organizations. The U.S. government had no independent visibility until journalists brought it to light.

The lesson?

Every unvetted vendor is a potential national security vulnerability.

The true risk isn’t contract loss. It’s:

• Foreign adversaries gaining access to sensitive technology
• Espionage through proxy suppliers
• Mission disruption through compromised supply chains
• Erosion of U.S. advantage through unchecked influence

Why this matters now

The NDAA amendment isn’t a symbolic gesture. It’s a line in the sand.  

• The DoD has 12 months to implement a formal vetting framework.
• Any contractor tied to foreign influence may be removed from the defense industrial base.
• But more critically, failure to act means falling behind during intense global strategic competition.

This is a test of readiness – not just for agencies, but for every contractor and supplier that supports the mission. 

Babel Street vendor vetting: Built for the moment

At Babel Street, we understand that legacy vetting methods – registry lookups, questionnaires, and manual due diligence – can’t keep pace with modern threats. That’s why we’ve built a new model:  

AI-powered risk intelligence for Vendor Vetting – designed to uncover what others miss and deliver mission assurance.  

With Babel Street, defense agencies and contractors can:  

• Detect hidden foreign influence, affiliations, and ownership, using multilingual, global data sources
• Validate risk independently, beyond self-disclosure or reactive investigations
• Continuously monitor vendor ecosystems as relationships evolve
• Accelerate NDAA compliance before the one-year clock runs out 

A whole new approach to SCRM

Traditional supply chain risk management (SCRM) and vendor vetting tools fall short. They weren’t built to detect foreign influence, adversarial ownership, or global behavioral shifts. Most rely on surface-level disclosures, outdated snapshots, or one-size-fits-all scoring models.  

At Babel Street, we’ve taken a completely new approach.  

Our solution fuses structured and unstructured data from around the world – including foreign-language and hard-to-reach sources – to provide deep visibility into the people, networks, and ownership structures behind every vendor. And we deliver it with continuous monitoring, mission-specific risk insights, and explainable AI.  

That’s the difference between managing compliance – and actually mitigating threats. Risk isn’t just something to measure. It’s something to act on. And without real mitigation, there’s no teeth to risk management – just spreadsheets and audits that fail to deliver mission assurance.  

What’s next?

Babel Street is a proud provider under the SCRIPTS BPA, making it easier than ever for federal agencies to access mission-ready intelligence capabilities.  

Whether you’re a government agency, a prime contractor, or a supplier looking to maintain mission-critical contracts, now is the time to strengthen your vendor vetting process.

The risks are real. The rules have changed. And the spotlight is coming.

Explore how Babel Street’s Vendor Vetting can help you comply, protect, and lead. 

Learn More

Not sure where you stand?

Babel Street is offering a Foreign Influence Risk Review for agencies and defense contractors preparing for the NDAA’s new requirements.  

We’ll help you:

• Benchmark your current vetting process
• Identify vendors tied to foreign ownership, influence, or hidden control
• Map a path to NDAA-aligned, mission-ready vendor intelligence

The threats are evolving. Your vetting process should too. 

Request Your Assessment

End Notes

1. DAV25D19 — Amendment by Senator Joni Ernst: Assessment of Foreign Ownership Contractors. National Defense Authorization Act for Fiscal Year 2026. Published by the Daily Caller, July 2025. https://cdn01.dailycaller.com/wp-content/uploads/2025/07/DAV25D19_Ernst.pdf

2. Lenczycki, Philip, Daily Caller “EXCLUSIVE: Owner Of US Defense Contractor Making Fighter Jet, Missile Parts Listed As Chinese Intel Agency Official,” Feb 11, 2025, https://dailycaller.com/2025/02/11/exclusive-us-defense-contractor-sl-aerospace-fighter-jet-missile-parts-chinese-influence-agency/