77 Meridian Law & Policy

Washington, DC
DJ Rosenthal, Founder & Principal

Type of Firm: TPA (multiple transactions/NSAs) and TPM (multiple transactions/NSAs, including in CFIUS-ordered, complex, non-notified matters)

Description: Boutique national security consulting firm founded and led by DJ Rosenthal, who held senior positions in the U.S. Intelligence Community, the National Security Division of the U.S. Department of Justice, and the National Security Council. The firm provides sophisticated guidance from direct experience overseeing CFIUS reviews and managing sensitive intelligence operations, both inside and outside of government.

FTEs Involved in Average Case: Engagements personally led by our founder with specialized experts tailored to each matter. This ensures senior-level attention throughout while keeping the scope, scale, and cost appropriate to the engagement requirements.

Subject Matter Expertise: Transaction risk assessment, mitigation strategy development, compliance program design. The firm brings insider perspective on CFIUS evaluations from multiple government vantage points, designing practical solutions (including NSA compliance programs) that address security concerns while supporting business objectives.

IT, Computer, Cyber Expertise: Our team includes former FBI supervisory special agents and CISOs of Fortune 100 companies who understand both national security requirements and corporate operational realities.

Industry Expertise: Advanced technology, telecommunications, defense technologies, critical infrastructure, emerging technologies, AI, financial services, and data services.

China Expertise: Extensive experience evaluating Chinese bidders for U.S. acquisitions, conducting due diligence reviews on foreign government connections, and developing effective mitigation measures.

Other Expertise: Independent transaction evaluations, compliance auditing, third-party monitoring, and national security governance. The firm has advised on transaction restructuring and authored expert legal briefs on CFIUS’s role in balancing international trade and national security.

Ankura Consulting

New York, NY
Randy Cook, Senior Managing Director

Type of Firm: TPA (8+ transactions or NSAs) and TPM (10+ transactions or NSAs)

Description: Independent global expert services and advisory firm. The firm’s National Security, Trade Technology practice works with organizations, investors, and their counsel in identifying, assessing, and reducing national security-related risk. Firm also assists with transaction diligence and design, embedding regulatory requirements in business systems and processes, and more.

FTEs Involved in Average Case: Typically deploys 2-4 FTEs to address an engagement. Firm prefers to use FTE resources, and deploys outsourced capabilities only where specific, discrete, or specialized capabilities are required (e.g., for Software Dev/Sec/Ops capabilities).

Subject Matter Expertise: Firm has defense, technology, and technical standards industry experience; expertise in U.S. export controls and information security; familiarity with operating pursuant to DCSA proxy agreements; and mitigation agreement compliance perspective across the spectrum of issue and industry areas.

IT, Computer, Cyber Expertise: The firm’s NSTT team integrates experts in cybersecurity, technology, and data privacy and management to provide a full-service suite of intelligent information security solutions. Global team of cybersecurity practitioners includes leaders with extensive experience as members of the intelligence community, law enforcement personnel and federal agents, digital forensic specialists, and founders of cyber technology firms. Firm claims that experts “have handled some of the largest and most sensitive cybersecurity incidents and regularly advise leading organizations on their data privacy policies.”

Industry Expertise: Aerospace, Defense Technologies, Financial Services, Hospitality, Media, AI, Semiconductors, Software, Memory Technologies, Biotechnology, Life Sciences, Logistics, Social Media, Identity Management and Security, Professional Services, Legal, Automotive, Consumer Services, Telecommunications, Energy, Infrastructure, and Alternative Energy.

China Expertise: Extensive experience serving as TPM, TPA, and as a direct advisor to clients seeking to mitigate risk related to Chinese investment, supply and vendor relationships, or other geo-political risk-related concerns.

Other Expertise: Advises companies on mitigating risk and implementing best practices. Deep expertise in export controls as a TPM and TPA, as well as cybersecurity expertise in guiding companies towards compliance with relevant industry standards. Frequently helps companies improve the design and operation of compliance programs.

Charles River Associates

Boston, MA
Waqas Shahid, Vice President

Type of Firm: TPA (4 transactions or NSAs, including some at prior firm) and TPM (5, including some at prior firm)

Description: Global consulting firm that offers economic, financial, strategic, forensics, and compliance expertise to major law firms, corporations, accounting firms, and governments around the world. The firm’s experts bring cutting-edge research, state-of-the-art methods, and significant experience to bear on their clients’ challenges.

FTEs Involved in Average Case: Numbers vary engagement to engagement. According to the firm, “in no case are individuals assigned to solely work on a single monitorship or audit matter, so it’s hard to assign “FTE” numbers.” Team sizes working on a given matter can range from two to 10, depending on the complexity of the matter and the nature of the required work.

Subject Matter Expertise: Export Controls, Supply Chain, Cyber Security, Biotechnologies, Artificial Intelligence and other Emerging Technologies, Financial Firms, Big Data.

IT, Computer, Cyber Expertise: Cyber Incident Response and Recovery, Artificial Intelligence, Big Data, Software Engineering, Secure Software Engineering Processes, Cybersecurity Frameworks.

Industry Expertise: Aerospace & Defense, Biomanufacturing, Bioengineering, Manufacturing, Energy, Financials, IT & Software, Artificial Intelligence

China Expertise: Firm claims that “many of the NSAs and LOAs for which we’ve been a monitor or auditor involve Chinese buyers.”

Control Risks

Washington, DC
Brian Mich, Partner
Jerry Fowler, Partner

Type of Firm: TPA (10+ transactions or NSAs) and TPM (10+ transactions or NSAs)

Description: Specialist risk consultancy focused on creating secure, compliant, and resilient organizations. Blend of geopolitical, regulatory, technology and cyber expertise with particular focus on CFIUS and international trade compliance.

FTEs involved in Average Case: On average, 3-5 FTE.

Subject Matter Expertise: Firm has a team of compliance, forensics, and intelligence experts that deliver full range of national security compliance services under CFIUS jurisdiction, from evaluating current-state and target-state operational security models to auditing comprehensive mitigation structures. Firm also has an expertise advising on international trade controls to include compliance with export controls and sanctions.

IT, Computer, Cyber Expertise: Firm has a dedicated cyber team comprised of former government, military, and industry experts, who are embedded into CFIUS and national security projects.

Industry Expertise: Aerospace, Artificial Intelligence, Biometrics, Critical Infrastructure, Cyber Security, Defense Technologies, Export Controls, Emerging and Critical Technologies, Financial Services, Gaming, Port Operations, Renewable Energy, Robotics, Semiconductors, Software Development, Supply Chain Management, and Telecommunications.

China Expertise: Firm has extensive experience serving in TPA and TPM roles involving Chinese investments, as well as advising companies on supply chain management, vendor screening, and other relationships involving geo-political risks.

Other Expertise: Extensive experience developing and implementing compliance plans, insider risk programs, corporate investigations, cyber threat intelligence, cyber protection and response, and FCPA compliance.

Darkhorse Global

Pittsburgh, PA
John Lash, President

Type of Firm: TPA (10+ transactions or NSAs) and TPM (10+ transactions or NSAs)

Description: Specialized geoeconomics and national security strategy firm that claims to have advised on national security strategy, integration, and enforcement for M&A assignments “totaling over $100 billion in transaction value.” Specialty is providing businesses with insights necessary to make the right strategic decisions to proactively manage geopolitical, geo-economic, and regulatory risk. Firm works with executive stakeholders and functional teams to design and implement “innovative approaches to maximize opportunity value from M&A, transactions, and post-merger integration.”

FTEs Involved in Average Case: One 

Subject Matter Expertise: Cybersecurity, physical security, supply chain, post-merger integration

IT, Computer, Cyber Expertise: NIST 800-171, NIST 800-53, CIS Benchmarks, NERC CIP

Industry Expertise: Semiconductors, Telecommunications, Robotics, Software Development, and Renewable Energy

China Expertise: Expansive China experience, including multiple board-level roles, enforcement cases (TPA/TPM), and proactive mitigation consulting

Other Expertise: Work focuses on compliance strategy, mergers and acquisitions, and performance transformation across a variety of high tech and advanced-industrial subsectors.

Deloitte

New York, NY
Robert Biskup, Managing Director

Type of Firm: TPA (2 transactions or NSAs) and TPM (5 transactions or NSAs)

Description: Deloitte is the largest Big 4 professional services firm with extensive global services across Advisory, Consulting, Tax, and Audit. The firm’s National Security practice works with organizations on CFIUS and NSA readiness and implementation, including DSPPs, controls testing plans, auditing and monitoring, reporting, etc.

FTEs Involved in Average Case: 1 FT and 2 outsourced. Firm claims its CFIUS team “brings a dynamic combination of deep monitoring experience, CFIUS regulatory domain expertise, internal controls and auditing/monitoring, IT security and controls, and data privacy controls.”

Subject Matter Expertise: Firms is a full service professional services firm covering all industries and subject matter domains.

IT, Computer, Cyber Expertise: Dedicated Cyber and InfoSec professionals embedded in CFIUS team.

Industry Expertise: Manufacturing, Consumer Products, Technology, Energy, Life Sciences, Financial Services, and others. 

China Expertise: Significant China experiencem including large member firm presence across most major cities in China.

EisnerAmper

New York, NY
Michael Rose, Practice Leader, Eisner Amper National Security Practice

Type of Firm: TPA and TPM

Brief Description: National professional services firm with a focus on risk and compliance services. Work has included NSA/mitigation agreement readiness, due diligence, and advisory for potential filings.

FTEs involved in Average Case: Over 90 professionals for the National Security Practice; average case 3-5 professionals.

Subject Matter Expertise: All industries especially Telcom, Financial Services, Manufacturing, Semiconductors, Technology, Supply Chain, IT Controls, Export Controls.

IT, Computer, Cyber Expertise: National Practice of Technology, IT Controls, and Cyber expertise including NIST

Industry Expertise: Across all industries draw from our national industry practices.

China Expertise: Extensive experience with China related companies.

Other Expertise:  Firm has worked with transaction parties from Europe, Eastern Europe, Asia, Middle Eastern and the Americas.

Kaerus Consulting

Austin, TX
Albert Schultz, President

Type of Firm: TPA (2 transactions or NSAs) and TPM (number of transactions not available)

Description: National network of former U.S. intelligence officers with business degrees and private sector business experience, including M&A. Kaerus personnel have also served as security officers (twice), trustees, security directors and mitigation consultants.

FTEs Involved in Average Case: 1 FTE and 2 outsourced.

Subject Matter Expertise: Cybersecurity, Insider Threat, Physical Security

IT, Computer, Cyber Expertise: Extensive Cybersecurity, Privacy, and PII protection expertise. The firm tends to team up with others on projects that require computer forensics.

Industry Expertise: Alternative Energy, Oil and Gas, Dating Applications, Satellite, Health Care, Social Media, AI

China Expertise: Extensive experience in China, both from previous government experience (e.g. CIA) as well as CFIUS mitigation projects. 

Other Expertise: M&A, Private Placements, pre-IPO

Kroll

New York, NY
Samuel Jacobs, Managing Director

Type of Firm: TPA (number of transaction not available) and TPM (number of transaction not available)

Description: Independent provider of risk and financial advisory solutions. The firm’s CFIUS and National Security advisory services are organized under a Cyber Risk team, which positions the firm for CFIUS audits “with significant information security and protected data components.”

FTEs Involved in Average Case: NA

Subject Matter Expertise: Kroll practitioners Samuel Jacobs and Jonathan Frenkel previously worked on CFIUS and Team Telecom matters inside the U.S. government; collectively, they have experience at the Department of Defense, the Department of Homeland Security, the Federal Bureau of Investigation, and the Department of the Treasury.

StoneTurn

Washington, DC, Scott Boylan, Partner
Boston, MA, David Holley, Partner

Type of Firm: TPA (8+ transactions or NSAs) and TPM (5 transactions or NSAs)

Description:  Global advisory firm that assists companies, counsel and government agencies on regulatory, national security risk and compliance issues, investigations and business disputes. The firm’s National Security & CFIUS Compliance team draws on high-level government expertise to assess transactions that would be subject to CFIUS reviews, and works with companies to operationalize compliance.

FTEs Involved in Average Case:  Depending upon the nature of the NSA, the firm deploys 2 to 5 FTEs to support an NSA monitorship or audit.

Subject Matter Expertise:  Spans a wide range of relevant experience, including mitigation agreement compliance and auditing, due diligence, insider risk, data protection and data loss prevention, foreign direct investment advisory, consulting in anticipation of a CFIUS or Team Telecomm filing, and sanctions and regulatory compliance.

IT, Computer, Cyber Expertise:  The firm has served as an independent CFIUS cybersecurity auditor, and boasts a full capabilities cyber practice and team that is comprised of former NSA, Federal Bureau of Investigation, military, and other industry experts. Practice includes cybersecurity advisors, detection methods and processes, and technologies to detect, assess, and quickly mitigate advanced cyber threats.

Industry Expertise:  Private Equity and FDI, Aerospace, Manufacturing, Electronic Consumables, Technology, Biotechnology, Real Estate, Hospitality, Biometrics, Security, Software, Gaming, Government Contracting, Crypto, Cyber, Threat Detection, Professional Services, Transportation, Freight, Consumer Packaged Goods.

China Expertise:  Members of the firm’s National Security & CFIUS Compliance team have extensive experience providing services involving China, including CFIUS NSA audits, due diligence and beneficial ownership investigations, export controls, mitigating supply chain risks, and NSA compliance. The firm has similar experience with Russia, including FTEs with deep subject matter expertise related to Russian politics, culture, and national security. The team includes a former Federal Investigator and Intelligence Officer expert in foreign intelligence and counterintelligence threats, capabilities, and methodologies.

Other Expertise:  Assists clients with developing and implementing insider risk programs, assessing and improving compliance programs, investigating regulatory breaches, responding to cyber intrusions, and conducting internal investigations.

Guidepost Solutions

Washington, DC
Stephanie Douglas, President National Security Practice