New Articles

7th National Conference on CFIUS

cfius

7th National Conference on CFIUS

The American Conference Institute is pleased to announce the 7th National Conference on CFIUS taking place virtually on April 20-21, 2021! Attend to ensure deal success amidst expanded scrutiny of foreign investments in Technology, Infrastructure, Data and Real Estate. Plus, obtain government insights from the U.S. Department of Justice, U.S. Department of Defense, U.S. Department of Defense Trusted Capital, Delegation of the European Union to the United States, Embassy of Australia to the United States, and the U.K. Department for International Trade (DIT).

2021 CONFERENCE HIGHLIGHTS include:

-A 360 Degree View of Today’s CFIUS Landscape 1 Year Post-FIRRMA Implementation

-Interactive Think-Tank with CFIUS Alumni: Addressing FIRRMA Pressure Points and Challenges

-Examining New Rules on CFIUS Mandatory Filings: Implications for Critical Technology Investments and the Interplay with Recently Issued Export Control Reform

-Updating Your Mitigation Approach to New and Evolving CFIUS Requirements and Trends

-Managing the New Enforcement Regime and the Uptick in Investigations of “Non-Notified” Transactions

-How CFIUS’s Expanded Jurisdiction Over Sensitive Data is Affecting Deal Reviews, Deal Flows and Mitigation Approaches

-And More!

View the Full Agenda and List of Distinguished Speakers and Register Today!

SAVE 10% off registration with Global Trade Magazine Code: D10-858-858GX08.

Online: http://bit.ly/2MfLrL1

Email: customerservice@americanconference.com

Phone: 1-888-224-2480

CFIUS

New CFIUS Regulations Formally Implemented: What Your Business Needs to Know

The Committee on Foreign Investment in the United States (CFIUS or the Committee) is an interagency government committee authorized to review, modify, and block foreign acquisitions of or investments in U.S. businesses that could adversely affect U.S. national security.

In 2020, new regulations went into effect that broadened the scope of foreign investment transactions subject to review by the Committee. Historically, CFIUS national security reviews were limited to transactions that could result in a foreign investor obtaining “control” of a U.S. business. However, the scope of transactions subject to potential CFIUS review has been expanded, and now includes certain non-controlling foreign investments in U.S. businesses involved in critical technologies, critical infrastructure, or sensitive personal data of U.S. citizens. In addition, CFIUS has instituted new mandatory filing requirements for specific types of foreign investment in U.S. critical technology companies.

It is now more important than ever for non-U.S. companies doing business with or investing in the U.S. to understand how their business can be impacted by the revised CFIUS regulations. If a non-U.S. company is considering buying or investing in a U.S. business, conducting an assessment of potential CFIUS risks and obligations must be included in the due diligence process. To assist with this assessment, below is an overview of CFIUS, as well as a breakdown of the key CFIUS regulatory changes implemented in 2020 that stand to impact your business.

Committee on Foreign Investment in the United States (CFIUS)

CFIUS is chaired by the U.S. Department of Treasury and has the authority to review any transaction by or with a foreign person which could result in control (or in certain non-controlling interests) of a U.S. business by a foreign person. This includes proposed or completed mergers, acquisitions, or takeovers by foreign governments, foreign entities, and those controlled by foreign governments and entities. When CFIUS has jurisdiction over a proposed transaction, parties can voluntarily notify the Committee of the transaction and its terms. CFIUS is authorized to commence reviews unilaterally, but it rarely uses this power.

Foreign investors often seek to file for CFIUS approval voluntarily because once a transaction is cleared by the Committee, it qualifies for a “safe harbor” and is generally considered cleared indefinitely, thereby eliminating CFIUS-related risks. On the other hand, if CFIUS does not clear a particular transaction prior to its closing, there is a chance that the Committee will unilaterally initiate an investigation and ultimately require divestiture of the foreign party, potentially even years after the transaction has closed.

If CFIUS determines that a covered transaction presents a national security risk, it has the authority to impose certain mitigating conditions before allowing the deal to proceed, and may also refer the transaction to the President, who has sole authority to block a proposed transaction or unwind a completed transaction. However, U.S. Presidents have rarely used their power to block transactions because CFIUS generally enters into mitigation agreements with the parties to high-risk transactions in order to alleviate any identified national security concerns.

If CFIUS opposes a foreign investment or acquisition, and mitigating measures cannot be implemented by the transacting parties, it is often the case that the foreign investor withdraws the deal prior to CFIUS escalating its recommendation to the President. While to date only five investments have ever been blocked by a President, numerous proposed transactions have been withdrawn by the parties involved to avoid the risk of having the transaction formally blocked.

CFIUS has become much more active in recent years, particularly under the Trump administration, where the Committee reviewed 697 transactions between 2017 and 2019. Recent high-profile examples include the following:

-In 2017, President Trump blocked the acquisition of Lattice Semiconductor Corp. by the Chinese investment firm Canyon Bridge Capital Partners due to national security and intellectual property concerns.

-In 2018, President Trump blocked the acquisition of U.S. telecommunications equipment company Qualcomm by the Singapore microchip maker Broadcom.

-In 2019, CFIUS raised concerns over Beijing Kunlun Company’s investment in Grindr LLC, an online dating site, over concerns of foreign access to personally identifiable information of U.S. citizens. The Chinese firm subsequently divested itself of Grindr.

-In 2020, President Trump announced plans to ban the popular social media platform TikTok based on its ownership by Chinese technology company ByteDance and its potential access to sensitive personal data of U.S. citizens. CFIUS and ByteDance are still in the process of negotiating the terms of prospective mitigating measures that would allow TikTok to continue its U.S. operations.

Changing Landscape: Foreign Investment Risk Review Modernization Act

In recent years, there has been a push for CFIUS reform by government officials who viewed the process as inadequate to face modern geopolitical threats to U.S. businesses and technologies posed by foreign direct investments into U.S. companies – particularly from Chinese foreign investment. This led to the passing of the broad CFIUS reform legislation known as the Foreign Investment Risk Review Modernization Act (FIRRMA) in August 2018.

FIRRMA was designed to expand the scope of foreign investment reviews conducted by the Committee, and overhauled the CFIUS review process to more effectively address modern U.S. national security concerns. The revised CFIUS regulations provided for in FIRRMA formally took effect in February 2020.

Historically, CFIUS reviews have been based on voluntary notice submissions by parties to a covered transaction. Only transactions that involved foreign control and that raised national security concerns would be filed by the transacting parties with the Committee for approval. Under FIRRMA, the Committee now also has the authority to review non-controlling “covered investments” by a foreign person in a U.S. critical technology, critical infrastructure or sensitive personal data company. These “TID Businesses” (i.e., U.S. Technology, Infrastructure and Data companies) include companies that engage in one of the following activities:

-Produces, designs, tests, manufactures, fabricates or develops one or more critical technologies;

-Owns, operates, manufactures, supplies or services critical infrastructure; or

-Maintains or collects sensitive personal data (e.g., health or financial data) of U.S. citizens that may be exploited in a manner that threatens national security.

A “covered investment” includes circumstances where a foreign investor obtains:

-Access to material non-public technical information;

-Membership or observer rights on the board of directors or an equivalent governing body of the business or the right to nominate an individual to a position on that body; or

-Any involvement, other than through voting of shares, in substantive decision making regarding sensitive personal data of U.S. citizens, critical technologies, or critical infrastructure.

CFIUS has also instituted new mandatory filing requirements involving inbound investment in U.S. companies involved with “critical technology.” When FIRRMA was initially implemented, filings became mandatory for certain transactions involving U.S. critical technology businesses that were included among 27 specified industries identified by their North American Industry Classification System (NAICS) codes.

However, beginning in October 2020, CFIUS implemented a new rule tying the “critical technology” definition to U.S. export control regulations. Now, filing a declaration with CFIUS is mandatory for covered transactions involving a U.S. business that “produces, designs, tests, manufactures, fabricates, or develops one or more critical technologies” where a “U.S. regulatory authorization” would be required for the export, re-export, or transfer of such critical technologies to the foreign investor. Accordingly, having a clear understanding of U.S. export control classification regimes and licensing requirements, including those promulgated under the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR), is now a significant component of any CFIUS analysis.

In addition, FIRRMA added mandatory filings requirements for certain types of foreign government investment. If a foreign government holds a “substantial interest” in a foreign investor that in turn obtains a “substantial interest” in a TID Business, a CFIUS filing is now mandatory. This filing requirement is triggered when a foreign government holds at least a 49% (direct or indirect) interest in the foreign investor, whereas a foreign person will obtain a “substantial interest” in a TID Business if it seeks to obtain at least a 25% (direct or indirect) interest. In such scenarios, the parties must file a mandatory declaration with CFIUS at least 30 days prior to the transaction’s closing.

Global Impact

In terms of global impact, U.S. businesses and foreign investors previously unfamiliar with the CFIUS filing process, or that were previously outside the jurisdiction for a covered transaction, will now have to analyze the potential implications of a mandatory or voluntary CFIUS filing when considering even passive forms of foreign investment. This includes businesses ranging from health care companies, telecommunications companies, technology start-ups, related infrastructure industries, venture capital funds, emerging technology companies and manufacturers, and any company that maintains or can access sensitive U.S. consumer personal or health data.

Robust due diligence on proposed foreign investments will be more important than ever to ensure compliance with any mandatory CFIUS requirements. This will result in cross-border deals becoming much more time-consuming processes that will require significant scrutiny and attention to detail when drafting contractual rights afforded to foreign investors. Importantly, this will also require increased “up-stream” due diligence on any proposed non-U.S. investor’s corporate structure and ultimate ownership.

The business decision that a potential non-U.S. investor will need to make regarding which type of filing (if any) should be made with CFIUS is based on factors such as the complexity of the transaction, the working relationship between the parties, the national security implications and risk-level of the U.S. business, the likelihood of a successful resolution with CFIUS, the economy of legal resources, the evolving definition of what constitutes a “national security concern,” and current CFIUS enforcement priorities.

_______________________________________________________________

Alan Enslen and Julius Bodie are attorneys at law firm Baker Donelson, they can be reached at aenslen@bakerdonelson.com and jbodie@bakerdonelson.com. Jiri Mestecky, Takanori Nakajima and Yunosuke Hirano are are attorneys at Kitahama Partners. They can be reached at JMestecky@kitahama.or.jp, TNakajima@kitahama.or.jp and YHirano@kitahama.or.jp.

foreign investment

New Foreign Investment Restriction Regulations Cement CFIUS Reform

One of the emerging focal points of the U.S.-China trade war involves the implementation of updated foreign investment restrictions in key U.S. industries. 

On September 17, 2019, the Department of the Treasury issued proposed regulations to implement the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA), legislation that sought to reform and expand the scope of foreign investment reviews conducted by the Committee on Foreign Investment in the United States (CFIUS). CFIUS, an inter-agency committee chaired by the Treasury Department with the authority to review, modify and potentially reject certain types of foreign investment that could adversely affect U.S. national security, has undergone a significant overhaul during the past year in the wake of FIRRMA becoming law in August 2018. It is now more vital than ever that companies understand how their business can be affected by the updated CFIUS regulations when they are seeking or negotiating a merger, acquisition, real estate investment or even a non-controlling investment from a foreign investor.

Typically, CFIUS reviews are voluntary and are conducted for merger or acquisition transactions where a non-U.S. company or a foreign government-controlled entity obtain a controlling interest in a U.S. company. If CFIUS determines that a covered transaction presents a national security risk, it has the authority to impose certain mitigating conditions before allowing the deal to proceed and can refer the transaction to the President for an ultimate decision. 

However, FIRRMA updated and expanded the scope of CFIUS jurisdiction to authorize reviews of additional types of non-controlling foreign investments based on the type of U.S. company involved. The implementing regulations proposed in September 2019 are set to take effect February 13, 2020, and while the CFIUS reform regulations are motivated by concerns directly related to China, the impact of FIRRMA will be felt globally and the new rules will not be tied to or affected by impending trade negotiations. U.S. businesses, particularly those involved in critical technologies, real estate, infrastructure and data collection or maintenance, must take heed of how the updated rules will affect their global business decisions moving forward.

New Regulations for TID Companies Effective February 2020

Effective February 13, 2020, CFIUS will be authorized to review “covered control transactions,” (all foreign acquisitions resulting in direct control in a U.S. business, which CFIUS already had jurisdiction over), as well as non-controlling “covered investments” by a foreign person in a U.S. critical technology, critical infrastructure or sensitive personal data company. The new rules refer to these as “TID U.S. Businesses” (Technology, Infrastructure and Data), or to be more specific, a company that engages in one of the following categories of activity: 

-produces, designs, tests, manufactures, fabricates or develops one or more critical technologies;

-owns, operates, manufactures, supplies or services critical infrastructure; or

-maintains or collects sensitive personal data of U.S. citizens that may be exploited in a manner that threatens national security.

“Critical technologies” include defense articles or defense services under the International Traffic in Arms Regulations, certain nuclear-related products regulated by the Nuclear Regulatory Commission Controls and certain technologies on the Commerce Control List under the Export Administration Regulations. In addition, “critical technologies” will include certain “emerging technologies” that are yet to be defined, and the Commerce Department’s Bureau of Industry and Security is currently reviewing at least 17 technology areas that are anticipated to result in new controls (including bio-tech, artificial intelligence, microprocessors, positional navigation and timing technology, quantum computing and additive manufacturing (3D printing)). 

“Critical infrastructure” includes key industry subsectors such as telecommunications, utilities, energy and transportation. “Sensitive personal data” is defined to include ten categories of data maintained or collected by U.S. businesses that (i) target products or services to sensitive populations (including U.S. military members and federal national security employees); (ii) collect or maintain such data on at least one million individuals; or (iii) have a business objective to collect such data on greater than 1 million individuals and such data is an integrated part of the U.S. business’s primary product or service. The categories of data include types of financial, geolocation and health data. 

Non-Controlling Covered Investments

Under the new regulations, CFIUS will be authorized to review non-controlling covered investment in TID U.S. Businesses. A “covered investment” includes scenarios where a foreign investor obtains:

-access to material non-public technical information;

-membership or observer rights on the board of directors or an equivalent governing body of the business or the right to nominate an individual to a position on that body; or

-any involvement, other than through voting of shares, in substantive decision making regarding sensitive personal data of U.S. citizens, critical technologies, or critical infrastructure.

Filing a CFIUS declaration for a non-controlling covered investment will remain a largely voluntary process, and parties will be able to file a notice or submit a short-form declaration notifying CFIUS of a covered investment in order to receive a potential “safe harbor” letter (after which CFIUS in most scenarios will not initiate a review of a transaction). 

However, if a foreign government holds a “substantial interest” in the foreign investor that obtains a “substantial interest” in a TID U.S. Business, a CFIUS filing will be mandatory. The updated regulations provide that a foreign government is considered to have a substantial interest in the foreign investor if it holds a 49% direct or indirect interest, whereas a foreign person will obtain a substantial interest in a TID U.S. Business if it obtains at least a 25% direct or indirect interest. CFIUS is also authorized to mandate declarations for transactions involving certain types of critical technology companies. 

The proposed rules also include a “white list” provision providing CFIUS the authority to designate certain “excepted investors” and “excepted foreign states” that may be eligible for an exclusion in connection with non-controlling covered investments. 

Global Impact: How Does This Affect My Business? 

The most important practical effect of the updated regulations is the breadth of U.S. companies standing to be impacted or affected by new foreign investment restrictions. U.S. businesses and industries that have previously never had to consider filing a CFIUS declaration, including healthcare companies, tech start-ups, related infrastructure industries, venture capital funds, emerging technology companies and manufacturers, and any company with access to sensitive consumer data, will now have to contemplate the implications of a CFIUS review when considering even passive foreign investment. Robust due diligence on potential investors will be more important than ever to ensure compliance with both mandatory and voluntary CFIUS declaration filings. Cross-border deals will be a costlier and more time-consuming process that will require acute attention to detail when drafting the contractual rights afforded to foreign investors. 

If you have any questions about the impact of the updated CFIUS regulations or how they may affect your company, please contact a member of Baker Donelson’s Global Business Team for additional information.

___________________________________________________________________

Joe D. Whitley is a shareholder at Baker Donelson, chair of the Firm’s Government Enforcement and Investigations Group and former General Counsel at the Department of Homeland Security. He can be reached at jwhitley@bakerdonelson.com

Alan Enslen is a shareholder with Baker Donelson and leads the International Trade and National Security Practice and is a member of the Global Business Team. He can be reached at aenslen@bakerdonelson.com

Julius Bodie is an associate with Baker Donelson who assists U.S. and foreign companies across multiple industries with international trade regulatory issues. He can be reached at jbodie@bakerdonelson.com