New "security requirements" issued by the U.S. Department of Defense are seeking to end Accenture's practice of outsourcing technical work to contractors in "adversarial countries" like China.
The Defense Department’s recently updated its “Security Requirements Guide” mandating that only personnel from non-adversarial countries work on its cloud systems, with technically qualified escorts and detailed audit logs tracking all access and actions.
The changes come on the heels of revelations from a ProPublica investigation that Accenture and Microsoft used the “digital escort” staffing model, in which U.S. personnel supervise China-based engineers on Department of Defense (DoD) projects.
Accenture, a Fortune Global 500 IT and consulting firm, reported $64.9 billion in revenue in 2024, with several billion stemming from U.S. government and defense contracts.
According to ProPublica's investigation, to comply with Pentagon rules barring foreign nationals from accessing sensitive systems, the “digital escort” workaround was created, allowing engineers in China to support U.S. defense cloud infrastructure. Under this system, a China-based engineer guides a U.S.-based “digital escort"—often an under-qualified third-party staffer, earning as little as $18 per hour—by sending commands through an instant messaging platform. While technically compliant, the process effectively provides foreign workers indirect access to critical DoD environments and introduces a serious risk of undetected malicious code being introduced into U.S. networks.
National security analyst Peter E. Harrell with the Carnegie Endowment for International Peace argues that outsourcing critical tech services to personnel linked to China, even indirectly, poses unacceptable risks. Under China’s sweeping cyber and intelligence laws, all Chinese nationals and entities can be compelled to hand over data or assist in espionage in coordination with the Chinese Communist Party.
The Department of Homeland Security has previously warned that Chinese tech partnerships can lead to covert data exfiltration—the installation of backdoors and even encrypted system compromise. The overlap between Accenture’s defense contracts and its ongoing hiring of Chinese-fluent engineers presents such a vulnerability.
Accenture maintains a substantial footprint in the region, with more than 20,000 employees across 15 locations in mainland China, Hong Kong and Taiwan.
The firm operates five delivery centers in the region, and its Chinese headquarters are located in Beijing’s World Financial Center.
Accenture partners with Chinese tech giants Huawei and Alibaba, both of which are under U.S. government scrutiny for national security risks due to their ties to Chinese government and military operations, raising concerns given Accenture’s large DoD and federal IT contracts.
Accenture has joint ventures with Huawei to deliver cloud solutions for telecom, finance and manufacturing, while its alliance with Alibaba integrates generative AI and analytics into regional business operations.
An IPVM report in 2020 revealed that Alibaba’s Cloud Shield facial recognition technology could identify Uighurs, sparking concerns over its role in China’s surveillance and repression in Xinjiang.
The Chinese government has used these tools to enable mass detention, indoctrination and slave labor of Uighurs, including that fueling global supply chains for goods sold in the U.S.
Both Huawei and Alibaba have been blacklisted, investigated or sanctioned by U.S. agencies due to concerns over data privacy, surveillance and forced technology transfers under China's 2017 National Intelligence Law.
That law compels Chinese firms and citizens to support China’s intelligence services, regardless of where the data resides.
This legal obligation creates a backdoor channel for the Chinese Communist Party to access sensitive data accessible by Chinese nationals working inside American networks.
Accenture’s U.S. federal contracts include a $1.6 billion Air Force deal for its Cloud One program and a $380 million agreement to modernize IT at U.S. Customs and Border Protection, along with recent contracts from the Departments of State, Interior and the Social Security Administration.
ASM Research, a wholly owned Accenture subsidiary, is also staffing critical cybersecurity and cloud roles on the Military OneSource contract, which is valued at up to $700 million.
Three days after ProPublica’s mid-July investigation into Microsoft’s use of “digital escorts,” Defense Secretary Pete Hegseth canceled the program and issued an immediate ban on China-based personnel supporting Pentagon cloud services.
Hegseth’s actions followed a letter from U.S. Sen. Tom Cotton (R-Ark.) expressing concern over reports that Microsoft employs engineers in China to maintain DoD systems.
“Chinese state-sponsored hacking campaigns have long targeted U.S. officials through Microsoft systems,” Cotton wrote.
Cotton chairs the Senate Select Committee on Intelligence, which oversees U.S. intelligence and addresses cybersecurity risks. He also serves on the Senate Committee on Armed Services, overseeing military and defense matters.
Cotton emphasized the systemic risks posed by China’s cyber operations.
“The U.S. government recognizes that China's cyber capabilities pose one of the most aggressive and dangerous threats to the United States, as evidenced by infiltration of our critical infrastructure, telecommunications networks, and supply chains,” Cotton wrote. “DoD must guard against all potential threats within its supply chain, including those from subcontractors.”
The day after Hegseth announced that the DoD would cancel “digital escorts” a massive cyberattack was launched by Chinese hackers involving Microsoft servers at hundreds of companies. The intrusions targeted proprietary software and exploited vulnerabilities in cloud platforms such as those worked on by Chinese engineers employed by Microsoft and Accenture.
According to cybersecurity company Eye Security, the breaches enabled “hackers to steal cryptographic keys that would allow them to impersonate users or services even after the server was patched.”
Microsoft has since pledged to cease using “digital escorts” and comply with new federal rules that require technical qualifications for all escorts and stricter audit trails for system access.
However, public job postings show Accenture and subsidiary ASM Research are still actively hiring U.S.-based personnel to oversee Chinese nationals, with Accenture still recruiting staff tied to China and fluent in Mandarin.
ProPublica previously reported that Accenture had hired some of the same U.S. supervisors who oversaw Microsoft’s China-based staff.
This week, cybersecurity firm Mandiant reported a major cyberattack by Chinese hackers targeting multiple U.S. software companies and law firms.
The FBI is actively investigating, but officials say the full scope remains unclear.
U.S. officials also note that Chinese cyber operatives vastly outnumber FBI agents.
In a video released in late August by the Department of War, Hegseth stated that “digital escorts” originated during the “Obama-Biden era.”
“Last month, the Department of Defense was made aware of an Obama-Biden-era legacy program called Digital Escorts,” Hegseth said.
“For nearly a decade, Microsoft has used Chinese coders, remotely supervised by U.S. Contractors, to support sensitive DoD cloud systems. The program was designed to comply with contracting rules, but it exposed the department to unacceptable risk. I mean, if you're thinking America first and common sense, This doesn't pass either of those tests.”
Hegseth described the program as an example of misplaced priorities within the national security contracting system and emphasized that the Pentagon is coordinating with other federal agencies to secure U.S. networks across government infrastructure.
“All Department of Defense software vendors will identify and terminate any Chinese involvement in DOD systems,” Hegseth said. “It blows my mind that I'm even saying these things in such common sense that we ever allowed it to happen. That's why we're attacking it so hard. We expect vendors doing business with the Department of defense to put U.S. National security ahead of profit maximization.”
Beyond its use of Chinese engineers and close ties to Chinese companies, Accenture has also faced criticism for its federal contract procurement processes.
Earlier this year, U.S. Rep. Abe Hamadeh (R-Ariz.) urged Army Secretary Daniel Driscoll to investigate Accenture contracts, citing alleged favoritism, procurement irregularities and national security risks tied to foreign labor.
“Systemic waste, fraud, and corruption under poor stewardship of taxpayer resources now places us in a position of having to make difficult choices about our posture and readiness,” Hamedah wrote in an April letter to Driscoll. The Trump Administration’s Department of Government Efficiency (DOGE) labeled Accenture as a symbol of consulting monopolies wasting taxpayer dollars through inefficiency and backroom deals.
Court filings and congressional sources indicate the Army under the Biden Administration may have misused the Other Transaction Authority to bypass standard acquisition rules.
In early 2025, DOGE canceled an Accenture contract, causing its stock to drop 7%.
“These issues indicate a troubling pattern of potential mismanagement and impropriety in the DoD's contracting processes, particularly concerning Accenture's involvement,” Hamedah wrote. “It is imperative that these matters are thoroughly investigated to ensure taxpayer dollars are being used efficiently and effectively, and that contract awards are based on merit not political influence or flawed procedures.”
