FCC Adopts New Foreign Adversary Attestation and Disclosure Rules Impacting Satellite Operators and Submarine Cable Landing Licensees

On Jan. 30, 2026, the Federal Communications Commission (FCC or Commission) released a Report and Order (Order) introducing new “Foreign Adversary Control” attestation and disclosure (reporting) requirements for virtually all FCC licensees and authorization holders.

As a result, regulated entities must now determine (and report) whether they are subject to “Foreign Adversary Control,” defined as being “owned by, controlled by, or subject to the jurisdiction or direction of” a “Foreign Adversary” (which, to date, includes China, Cuba, Iran, North Korea, Russia, and Venezuelan politician Nicolás Maduro). For purposes of that determination, “ownership” is defined to include voting or equity interests of 10% or greater. If an entity certifies that it is subject to Foreign Adversary Control, it must disclose (among other required information) all equity and/or voting interests that hold, either directly or indirectly, a 5% or greater interest.

The Order establishes three categories of authorization holders “based on risk to national security” with attestation and disclosure requirements varying based on the category. Satellite, earth station, and submarine cable landing licensees and authorization holders are placed in the highest category, reflecting a “heightened” national security risk, because “any exploitation of such [entities] could directly compromise the integrity of the nation’s communications networks.” As a result, satellite, earth station, and submarine cable landing licensees and authorization holders will be required to make an initial attestation by a to-be-determined deadline, along with new attestations in certain circumstances.

These measures reflect the FCC’s ongoing efforts to address perceived threats foreign adversaries pose and align with broader federal government initiatives to secure critical infrastructure.

Background and Rationale

Recent U.S. government actions reflect heightened concern regarding the security of U.S. communications networks and the potential risks associated with foreign adversary involvement. These concerns have informed a range of regulatory measures aimed at safeguarding network integrity and protecting sensitive data, consistent with broader national security priorities.

Congress has responded with multiple legislative and regulatory actions, including the Secure and Trusted Communications Networks Act and the Secure Equipment Act that, among other things, restrict the import and use of equipment and services from entities tied to Foreign Adversaries. Other federal agencies have also imposed rules and requirements aimed at addressing perceived risks from foreign adversaries. The Office of Information and Communications Technology and Services (ICTS) at the Department of Commerce, for example, has established a framework that includes a voluntary notice requirement and the Committee on Foreign Investment in the United States (CFIUS) requires a notification be filed for certain inbound foreign investment in sensitive sectors such as critical infrastructure and telecommunications. The FCC’s new requirements build on these efforts by introducing a systematic framework for gathering information on foreign ownership and control across the communications sector. The Commission “expect[s] that this information will improve our situational awareness and allow the Commission to develop approaches to eliminate or mitigate national security threats from foreign adversaries.”

Definitions and Scope

The Commission’s new attestation and disclosure rules are intended to increase visibility into whether an individual or entity is “owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary” as further defined in Section 1.70001 of the Commission’s rules. Specifically:

1. Any individual or entity, wherever located, who acts as an agent, representative, or employee, or any person who acts in any other capacity at the order, request, or under the direction or control, of a foreign adversary or of an individual or entity whose activities are directly or indirectly supervised, directed, controlled, financed, or subsidized in whole or in majority part by a foreign adversary;

2. Any individual, wherever located, who is a citizen of a foreign adversary or a country controlled by a foreign adversary, and is not a United States citizen or permanent resident of the United States;

3. Any entity, including a corporation, partnership, association, or other organization, that has a principal place of business in, or is headquartered in, incorporated in, or otherwise organized under the laws of a foreign adversary or a country controlled by a foreign adversary; or

4. Any entity, including a corporation, partnership, association, or other organization, wherever organized or doing business, that is owned or controlled by a foreign adversary, to include circumstances in which any person identified in paragraphs (1) through (3) of this section possesses the power, direct or indirect, whether or not exercised, through the ownership of a majority or a dominant minority (10% or greater) of the total outstanding voting interest and/or equity interest, or through a controlling interest, in an entity, board representation, proxy voting, a special share, contractual arrangements, formal or informal arrangements to act in concert, or other means, to determine, direct, or decide important matters affecting an entity.

The Order defines the term “Foreign Adversary” to include: “(1) The People’s Republic of China, including the Hong Kong Special Administrative Region and the Macau Special Administrative Region; (2) Republic of Cuba; (3) Islamic Republic of Iran; (4) Democratic People’s Republic of Korea; (5) Russian Federation; and (6) Venezuelan politician Nicolás Maduro.” The Order further defines the term “Foreign Adversary Country” to include both foreign governments identified as Foreign Adversaries and countries controlled by a Foreign Adversary.

Tiered Reporting Obligations

The new rules apply to “Covered Authorizations,” meaning licenses, leases, authorizations, permits, grants, and other Commission approvals. The FCC has established a risk-based classification system, assigning Covered Authorizations to three Schedules (A, B, and C) with different reporting obligations:

• Schedule A: Entities must definitively attest whether or not they are subject to Foreign Adversary Control.
• Schedule B: Entities need only attest if Foreign Adversary Control exists.
• Schedule C: No initial attestation is required.

The Order delegates authority to the FCC’s bureaus and offices responsible for issuing covered licenses and authorizations, including those not addressed in the Order, to update the list of licenses and authorizations within each Schedule by adding, removing, or reassigning them.

Schedule A: Heightened Risk and Definitive Attestation

Covered Authorizations in Schedule A, including those satellite operators, earth station operators, and submarine cable landing licensees hold, are subject to the most robust reporting requirements. An officer or “other authorized representative” of entities assigned to Schedule A must make a definitive “yes” or “no” attestation as to whether or not they are subject to Foreign Adversary Control.

Schedule B: Targeted Attestation Where Risk Is Present

Entities classified under Schedule B must provide a definitive attestation only if they are, in fact, subject to Foreign Adversary Control. The FCC found that while the national security risks here are lower than for Schedule A entities, oversight remains important.

Schedule C: Exemptions for Minimal Risk

Schedule C includes those Covered Authorizations that are exempt from the initial attestation requirement. These are typically authorizations where the risk of Foreign Adversary Control is limited, where sufficient ownership information is already available through other reporting mechanisms, or where the entities involved are small and present minimal national security risk. The FCC found that imposing additional attestation requirements on these entities would be “unnecessarily burdensome upon these individuals and entities, substantially outweighing the benefits.”

To file the required attestations and disclosures, the Commission will create a Foreign Adversary Control System (FACS) database. Attestations and disclosures submitted through FACS will generally be made available to the public, although the Order delegates authority to the Office of Economics and Analytics and the Public Safety and Homeland Security Bureau, in consultation with relevant Licensing Bureaus and Offices and the Office of General Counsel, “to determine what information, if any, should be withheld from public disclosure and the method and format in which to publicly disclose these filings.” The Order establishes an initial filing deadline of 60 days “after the public notice announcing the launch of the FACS.”

Affirmative Certifications

Entities in Schedules A and B, as well as entities in Schedule C, that affirmatively attest to having Foreign Adversary Control, must:

• Disclose all of its 5% or greater direct or indirect equity and/or voting interest holders and controlling interest holders;
• Provide an ownership diagram that details the entity’s vertical ownership structure, including both natural persons and entities that hold 5% or greater equity and/or voting interests in the FCC-regulated entity;
• Specify the foreign adversary or foreign adversary country or countries the FCC-regulated entity is owned by, controlled by, or subject to the jurisdiction or direction of;
• Detail the nature of the foreign adversary ownership, control, jurisdiction, or direction to which the FCC-regulated entity is subject; and
• Attest to the truth and accuracy of the information.

Additionally, regulated entities holding a Schedule A or B authorization that have attested to being subject to Foreign Adversary Control must file a new attestation:

• Upon application for any new FCC authorization regulated under the Order;
• Upon application for a non-pro forma assignment of any FCC authorization regulated under the Order and held by the regulated entity;
• Upon application for renewal of an FCC authorization regulated under the Order;
• Upon application to modify an FCC authorization regulated under the Order;
• Within 30 days of any changes to a 5% or greater direct or indirect equity and/or voting interest, or controlling interest, held in the regulated entity; or
• Within 30 days of the effective date of a public notice designating an authorization regulated under the Order in Schedule B.

Entities that made an affirmative attestation but subsequently determine they are no longer subject to Foreign Adversary Control must file an attestation within 30 days of such determination.

Continuing Obligation

After the initial deadline for attestations, the Order requires regulated entities to make new attestations in certain circumstances, including:

• Regulated Entity Becomes Subject to Foreign Adversary Control. A regulated entity holding a Schedule A or B authorization must file a new attestation: (a) within 30 days of the regulated entity becoming subject to Foreign Adversary Control, to the extent that the change does not require FCC approval; or (b) within 60 days (or within 120 days for small entities) of the effective date of an addition to the Department of Commerce’s list of foreign adversaries in 15 C.F.R. § 791.4 of a foreign government or foreign non-government person that has Foreign Adversary Control over the regulated entity.
• Regulated Entity Holds an Authorization That Is Newly Designated in Schedule A. If a regulated entity holds an FCC authorization that is newly designated in Schedule A by the Commission or its bureaus or offices, the regulated entity must file an attestation within 30 days of the effective date of a public notice announcing the designation.

Additionally, if an entity either: (a) applies for an initial authorization designated in Schedule A; or (b) applies for the entity to be the (non-pro forma) transferee or assignee of an initial authorization designated in Schedule A, the prospective authorization holder, transferee, or assignee must file an attestation.

Enforcement

Entities that fail to comply with the new requirements may be subject to citations, monetary penalties, or, in the most serious cases, authorization revocations. Schedule A regulated entities that fail to timely submit an initial filing on FACS will be referred to the Enforcement Bureau, and incomplete or inaccurate FACS filings may also result in an enforcement action.