The U.S. government continues to aggressively monitor and impose restrictions on transactions deemed to threaten U.S. national security.
On a day-to-day basis, restrictions arise most commonly in the context of export controls and economic sanctions. In the case of investments and other transactions in the United States by foreign persons, the Committee on Foreign Investment in the United States (CFIUS) assesses potential national security risks.
This post examines recent U.S. government action and guidance that seeks to introduce greater clarity to the CFIUS review and enforcement process.
Background on CFIUS
CFIUS is a U.S. government committee comprised of representatives from multiple agencies, including the Department of the Treasury, which chairs CFIUS, and the Departments of Commerce, Defense, Energy, Homeland Security, Justice, and State. The U.S. Trade Representative and the White House’s Office of Science and Technology Policy are also among those represented on CFIUS. Ultimately, CFIUS exists to identify and address national security risks that cannot be ameliorated through another legal regime such as export controls or Foreign Ownership, Control or Influence (FOCI) mitigation.
September 2022 Executive Order Sharpens CFIUS Focus
In September 2022, to clarify the focus of CFIUS and tie the agency more formally to established national security prerogatives, President Biden issued EO 14083. The EO lists the five specific factors for CFIUS to consider when reviewing transactions:
- Supply chain resiliency.
- Protection of U.S. technological superiority.
- Incremental investments over time in a particular sector or technology.
- Cybersecurity risk.
- Sensitive data.
The EO also identified certain priority technology areas for review, including artificial intelligence, biotechnology, clean energy technologies, microelectronics, quantum technologies, and semiconductors. Finally, the EO directed CFIUS to consider national security risks associated with certain acquiring countries with a “demonstrated or declared strategic goal of acquiring a type of critical technology or critical infrastructure that would affect U.S. leadership in areas related to national security.” For a fuller treatment of the EO, please see our September 2022 blog post.
October Enforcement and Penalty Guidelines
In October 2022, CFIUS released new, non-binding Enforcement Penalty Guidelines that delineate categories of conduct that constitute violations and detail the sources of information CFIUS relies upon to determine whether a violation has occurred. The Guidelines also spell out the process for developing and imposing penalties and provide the aggravating and mitigating factors that CFIUS evaluates when deciding whether to impose a penalty. We summarized the Guidelines in greater detail in an October 2022 blog post.
Increased Review of Non-Notified Transactions
More recently, in September 2023, Assistant Secretary for Investment Security at the Department of Treasury Paul Rosen called CFIUS’s “non-notified work . . . one of [it’s] most important functions.” Non-notified deals are transactions about which the parties do not notify CFIUS but where CFIUS contacts the parties to request information about the transaction. CFIUS may become aware of a transaction from an interagency referral, public tip, media report, and even as a result of agency staff reading the press release pertaining to a transaction.
Along these lines, in its 2022 Annual Report to Congress, CFIUS hinted that it may begin to prioritize identifying and commencing reviews of more non-notified and non-declared transactions. In fact, CFIUS is reportedly adding resources specifically to detect non-notified transactions. Perhaps as a result of this new focus, in 2022, CFIUS requested filings for 19 non-notified transactions, many of which ended up in mitigation or voluntary divestment. According to the 2022 Annual Report, there are apparently more non-notified transactions “in the pipeline,” including transactions valued at “hundreds of millions of dollars.”
Enhanced Oversight of Mitigation Agreements
In 2022, nearly a quarter of transactions notified to CFIUS concluded with mitigation agreements, i.e., agreements between the parties and CFIUS binding the parties to take steps to address CFIUS’s national security concerns.
In his September remarks, Assistant Secretary Rosen stated that companies should “expect more compliance checks, questions, and site visits” and that CFIUS would lean on third-party monitors and auditors. Site visits can be quite comprehensive, including interviews “at all levels, including of line-level staff . . . spot checks on records, and . . . other measures to actively monitor compliance of mitigation agreements.” CFIUS will also bring technical experts to ensure compliance and will look for evidence of a culture of compliance.
Future Regulatory Changes
In recent public remarks, Secretary of the Treasury Janet Yellen signaled upcoming regulatory changes to the CFIUS regulatory framework. Assistant Secretary Rosen also emphasized that it is “time to refine some of those regulations, so over the course of the next year I expect the Treasury will be issuing one or more notices of proposed rulemaking to do so.”
Assistant Secretary Rosen outlined four principal updates:
- Allow for increased efficiency and effectiveness in Treasury’s case processing and review functions.
- Update CFIUS’s penalty and enforcement authorities.
- Sharpen and enhance CFIUS’s tools in the non-notified space.
- Broadly ensure CFIUS’s tools and processes are best aligned with the current landscape.
Going Forward
A more robust and active CFIUS means that parties to any transaction involving a foreign investor or acquirer must consider whether a notice to CFIUS is warranted (or, as is sometimes the case, required). While the decision of whether to voluntarily file is based on a range of factors, consideration must be given to the factors outlined in EO 14083 and the other elements on which CFIUS intends to focus. Absent a well-designed CFIUS strategy, buyers and sellers alike face increasing risk.
Please contact the authors if you have any questions about the Committee on Foreign Investment in the United States (CFIUS) and how it might impact your business.