The bill authorizes classified appropriations for FY2026 for intelligence and intelligence‑related activities, the Intelligence Community Management Account ($674.5M specified in the unclassified text plus classified amounts), and the Central Intelligence Agency Retirement and Disability Fund ($514M). It also adds many programmatic and governance changes across the intelligence community.
Most consequentially, the bill creates a National Counterintelligence Center (NCC) within the Office of the Director of National Intelligence with a Senate‑confirmed Director who serves as the principal advisor on counterintelligence and is given explicit authority to direct and deconflict counterintelligence activities across the intelligence community, establish a National Counterintelligence Program, conduct damage assessments, and set tradecraft and polygraph standards. The measure further tightens rules and reporting on artificial intelligence, open‑source/commercially available information (OSINT/CAI), CIA installation security (including limited unmanned aircraft system authorities), and workforce and personnel processes.
At a Glance
What It Does
Authorizes FY2026 intelligence appropriations (classified schedule) and establishes a National Counterintelligence Center with budgetary and operational roles; creates a National Counterintelligence Program and requires new reports, strategies, and oversight. It also mandates IC‑wide policies on AI use of classified data, audits and budget transparency for OSINT/commercial data, and new CIA security and unmanned aircraft authorities.
Who It Affects
Elements of the intelligence community (ODNI, CIA, NSA, NRO, NGA, DIA, FBI intelligence components), Department of Defense intelligence components, commercial suppliers of imagery and commercial data, AI developers and infrastructure operators, and congressional intelligence and appropriations committees.
Why It Matters
Centralizes counterintelligence leadership and budgeting inside ODNI and gives the NCC direct authorities that can change how IC counterintelligence investigations and operations are planned and executed. The OSINT and CAI budget, acquisition, and audit rules will alter procurement patterns and vendor relationships; the AI and security provisions set new expectations for classified‑data use, rapid review of AI capabilities, and government playbooks on defending advanced AI.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The bill bundles the routine FY2026 funding authorization with an ambitious reorganization of counterintelligence authorities. It creates a National Counterintelligence Center inside ODNI led by a presidential appointee (Senate confirmed) who is explicitly designated the principal counterintelligence advisor to the President and DNI.
The Director has statutory authority to set requirements, direct and deconflict activities across the IC, access counterintelligence information from other elements, and transfer funds to support counterintelligence tasks. The NCC is charged with establishing the National Counterintelligence Program, producing multi‑year strategies and assessments, and running a National Counterintelligence Task Force to coordinate operational campaigns.
To operationalize the NCC, the bill requires embedding NC C liaisons in IC elements, a centralized storage system for foreign threat actor information, formalized damage‑assessment processes with mandatory agency notifications, and a polygraph program tailored for counterintelligence. It also includes transition rules that realign counterintelligence functions from existing ODNI offices to the NCC, permits temporary personnel and fund transfers with notifications to congressional committees, and repeals or relocates prior statutory counterintelligence provisions to avoid conflicts.On technology and acquisition, the bill pushes the IC to standardize and accelerate how classified data can be used to train AI models, to develop an AI Security Playbook via NSA (including classified annexes and an unclassified summary), and to speed reviews of authorizations to operate AI capabilities with mandatory notices when reviews exceed 60 days.
It bans a named commercial application (DeepSeek) from national security systems and directs the DNI to issue removal standards. The bill also tightens rules for procurement and oversight of commercially available information (CAI), mandates audits and detailed budget disclosures for OSINT/CAI spending, requires an IC‑wide training course on collection tradecraft, and orders the purge of incidentally collected publicly available or commercial information about U.S. persons.Other operational provisions: DoD components must avoid duplicative CAI purchases and implement a deconfliction/oversight capability for vendor support to clandestine activities; CIA receives new authorities and guidance obligations for ‘novel and significant’ expenditures and explicit domestic unmanned aircraft system authorities for specially designated properties (with time and reporting limits); the bill also contains workforce rules (unclassified appraisals at DIA, prohibitions on compelled political activism, merit‑based personnel restraints), several foreign‑focused requirements (China net assessments, a National Intelligence Manager for China, an NIE on Chinese biotech), and a package of reporting adjustments—some new, some repealed.
The Five Things You Need to Know
The bill creates a Senate‑confirmed Director of the National Counterintelligence Center with statutory authority to direct or require concurrence for counterintelligence activities across IC elements and to access all counterintelligence information in IC possession.
The National Counterintelligence Center must produce a National Counterintelligence Strategy every three years and a National Counterintelligence Outlook every five years and will prepare a National Threat Identification and Prioritization Assessment on a three‑year cycle.
DNI must develop IC‑wide policies within 180 days on use of classified information to train or refine AI models and the NSA must deliver an AI Security Playbook (initial report in 180 days, final within one year) including classified annexes and an unclassified public summary.
The bill requires detailed, recurring budget transparency and audits for open‑source and commercially available information spending (multiple deadlines for audit briefings from 2026–2031) and bars IC reprogramming of OSINT funds without DNI approval above thresholds the DNI sets.
The CIA is granted limited domestic unmanned aircraft system authorities over specially designated properties (defined in a classified annex), with notification to DOJ within 15 days and to Congress within 90 days, retention limits on seized materials, and a statutory sunset for the authorities in 2029.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Appropriations and classified schedule
Authorizes FY2026 appropriations for intelligence activities and specifies the IC Management Account unclassified amount ($674.5M) and CIA retirement funding ($514M); the actual amounts for programs are set in a classified Schedule of Authorizations and may be distributed within the executive branch only under prescribed limits. Practically, this is the statutory vehicle that attaches the operational and program changes in later titles to the FY2026 funding year.
Establishes the National Counterintelligence Center and Program
Creates the NCC inside ODNI with a Presidentially‑appointed, Senate‑confirmed Director who reports to the DNI and serves as principal CI advisor. The NCC’s duties are wide: lead and direct CI campaigns, prioritize requirements, coordinate and deconflict operations, establish tradecraft standards (including an NCC polygraph program), run damage assessments, centralize threat‑actor information, and embed liaisons across IC elements. The provision gives the Director the statutory authority to direct other IC heads to act or to require their concurrence; to access CI data across the IC; to transfer NCC funds to other agencies; and to set and manage a National Counterintelligence Program budget—shifting how CI resources are planned and tracked.
IC governance, AI policies, and technology adoption
Contains governance rules that clarify authorization limits and pay adjustments, expands acquisition authorities for certain agencies (including an option for the NRO to certify large commercial procurements up to $500M under narrow conditions), and mandates IC‑wide AI policies: harmonized criteria for using classified data to train/refine models (maximize usable data consistent with protection), accelerated review guidance for AI deployments (60‑day notice for long reviews), IC technology adoption metrics, and an NSA‑led AI Security Playbook addressing vulnerabilities in advanced AI and protecting model components from theft.
CIA procurement, security, and installations
Requires CIA guidance on ‘novel and significant’ expenditures for congressional notification, updates terminology around ‘installation’ security, and creates a narrowly tailored authority for CIA to detect, intercept, seize, disable, or destroy unmanned aircraft systems threatening specially designated properties in the U.S. The UAS authority comes with mandatory FAA coordination, DOJ and congressional notifications, retention/destruction rules for seized materials, and a statutory sunset for the authority (2029). The Director must also provide budget displays for these activities.
DoD and other element reforms
Directs DoD intelligence components to avoid duplicative CAI purchases unless an exception is approved and requires a secure oversight capability to deconflict vendor support to clandestine activities (including subcontractors), with reporting to congressional committees for exclusions. It disestablishes certain advisory boards (NGA/NRO) and requires DoE personnel to report travel to countries of risk.
Open‑source intelligence: definitions, budgets, audits, training and purge rules
Standardizes definitions for publicly available information, commercially available information, and open‑source intelligence. DNI must designate officials to harmonize training, data sharing, acquisitions, and governance, plus an official to oversee CAI procurement and limit duplication. The bill mandates detailed budget materials for OSINT/CAI spending, CFO audits of those expenditures (multiple deliverables through 2031), an IC‑wide training course on open‑source collection, and a requirement to purge incidentally collected public/commercial data on U.S. persons.
Workforce, foreign country focus, reporting changes
Adds workforce protections and personnel rules (unclassified appraisals for DIA, bans on compelled political activism, merit restrictions, senior biotech official designations, and VA‑benefits treatment for some CIA service). Requires China net assessments and a National Intelligence Manager for China (with possible DNI waiver), an NIE on Chinese biotech advancement, extends a Russian atrocities coordinator, adjusts a number of reporting requirements (some repealed), and creates or modifies reporting and notification obligations across the IC.
This bill is one of many.
Codify tracks hundreds of bills on Defense across all five countries.
Explore Defense in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Federal counterintelligence operators and planners — NCC centralization gives a single, statutory authority to set CI priorities, deconflict campaigns, and access cross‑IC information, enabling more integrated strategic planning and resource allocation.
- Congressional intelligence and appropriations committees — the bill creates new, regular reports, briefings, and notification triggers (e.g., NCC strategies, damage‑assessment briefs, CAI/OSINT audits, AI review notices) that improve visibility into CI operations, budgets, and tech adoption.
- Certain national security programs and mission managers — the National Counterintelligence Program and required strategic products (strategy, outlook, threat assessment) provide clearer priority signals and budgetary transparency across counterintelligence activities.
Who Bears the Cost
- Commercial data and imagery vendors — increased auditing, budget transparency, deconfliction, and requirements to justify uniqueness will complicate contracting, may reduce duplicative buys (good for cost control but painful for vendors with overlapping products) and lengthen procurement cycles.
- Elements of the intelligence community — the NCC’s authority, new audit and reporting obligations, OSINT purge and training demands, and the requirement to embed liaisons create administrative burdens, likely requiring reallocation of staff and program funds to compliance and integration tasks.
- Small contractors and subcontractors supporting clandestine activities — new DoD deconfliction and oversight capability increases vetting and disclosure obligations; vendors excluded for counterintelligence reasons may see contracts curtailed and will face increased risk assessments.
Key Issues
The Core Tension
The bill forces a classic trade‑off: policymakers want unified, decisive counterintelligence leadership and robust defenses against state and non‑state threats — which requires centralized authorities, cross‑agency access, and rapid tech adoption — but those same central powers risk creating single‑point bottlenecks, undermining agency autonomy (and law‑enforcement prerogatives), increasing compliance burdens, and concentrating decision‑making inside classified processes that diminish public transparency and complicate congressional oversight.
Centralizing counterintelligence authority in a Senate‑confirmed Director inside ODNI creates one place to set doctrine, fund priorities, and run cross‑IC campaigns — and that consolidation comes with tradeoffs. It can eliminate stovepipes and reduce operational friction, but it also concentrates operational direction and budget control in one office that must coordinate with agencies (notably the FBI, which retains prosecutorial discretion).
That raises implementation questions about day‑to‑day deconfliction: how will the NCC coordinate when FBI criminal investigations, DoD covert actions, and foreign partner equities overlap? The statute preserves prosecutorial discretion, but operational tension between law enforcement and centralized CI direction is likely to surface in practice.
The bill’s technology and procurement changes are similarly double‑edged. Audit and budget transparency for OSINT/CAI aim to curb waste and duplication, and the AI Security Playbook and classified guidance on training AI with classified data attempt to balance capability and protection.
But tighter central oversight can slow acquisitions, risk vendor flight to other purchasers, and place heavy compliance costs on IC components. The CIA’s domestic unmanned aircraft authority gives a practical tool for physical protection of installations, but its civil‑liberties, aviation‑safety, and interagency coordination implications (FAA, DOJ notifications, retention limits) require careful procedural guardrails.
Finally, the bill relies on classified annexes (special properties list, Schedule of Authorizations), so congressional and executive branch actors will be implementing many consequential decisions behind classification walls, raising transparency challenges for public accountability and oversight.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.