United States: Common Misconceptions Regarding CFIUS And The CFIUS Process - April 2015

Mergers, acquisitions, joint ventures, and other forms of investment by foreign persons in the United States continue to increase in the current global economy. The concept of national security and its tie to economic security in these types of transactions has been confirmed, and that tie was reflected, in part, through the Exon-Florio Amendments of 1988 ("Exon-Florio") and the updates to that legislation in 2007 through the Foreign Investment and National Security Act ("FINSA"). Exon-Florio and FINSA enhanced the authority of the Committee on Foreign Investment in the United States ("CFIUS" or the "Committee"), an executive branch organization originally formed to opine on the impact of foreign investment on U.S. national security interests.

CFIUS, chaired by the Department of the Treasury, administers the CFIUS regulations, 31 C.F.R. part 800, and comprises 15 executive agencies, as well as a number of consultative agencies that review transactions when appropriate. The CFIUS regulations describe a voluntary process through which parties to a transaction whereby a foreign person will acquire control of a U.S. business may seek clearance for the proposed transaction from the Committee. In addition to the voluntary process, CFIUS may also reach out to transaction participants and "request" a submission in conformity with the regulations. Although a "request," the Committee believes it has subpoena authority and that it may require a filing if a submission is not made. In the alternative, if CFIUS does not exercise its perceived subpoena authority and no filing is made, the Committee could nonetheless review the transaction on the basis of information it collects from whatever sources are available. That review, whether based on the participation of the parties to the transaction or not, may affect the transaction.

In 2007, Congress broadened the authority of the Committee and expanded the areas in which "national security" issues may arise. Based on this expansion and the approach CFIUS has taken to reviewing transactions within the last few years, several misconceptions exist that would benefit from clarification. This Commentary outlines some, but not all, of the misconceptions and provides perspective when addressing whether to submit a CFIUS notification or wait for a reaction from the Committee.

Background: CFIUS Advice as Part of M&A Transaction Analysis

Transactional counsel advise clients on a range of financial, regulatory, and compliance requirements as part of any deal. The advice or approach that applies to most aspects of a transaction—e.g., antitrust filings, intellectual property assessments, litigation risks, employment issues, and environmental matters, among others—does not necessarily nor directly translate into how to address the national security aspects of a transaction. To ensure that deals progress smoothly and that little, if any, interruptions occur, it is essential to analyze national security and critical infrastructure concerns at the same time that other legal risk areas of a transaction are assessed. The CFIUS analyses that should be performed include, but are not limited, to:

  • The structure of the deal;
  • The assets involved (including location);
  • The contracts—both government (federal, state, and local) and commercial;
  • The products, technology, and services provided (including their status under the U.S. export control laws);
  • The research and development funding provided—both internal and external;
  • The international operations of both the target and the investor/purchaser, including agent, reseller, and distributor relationships; and
  • The involvement—whether direct or indirect—of any non-U.S. government agency.

With this as background, what common misconceptions exist when deciding whether to file a CFIUS notification? Among the most common statements, we have heard:

1. "This deal is too small." The value of the deal is small or inconsequential to the investor or purchaser.

2. "This is not high-tech stuff that the U.S. government worries about." A determination is made that because the transaction does not involve missiles, military equipment, rockets, or classified information, it is not of interest to the U.S. government.

3. "If CFIUS cared about this kind of stuff, why have we done [X] other deals and not heard from the Committee?" In other words, since this is a voluntary process and we have not heard from CFIUS on any of the other consummated deals, why should we notify this deal?

4. "It's only an investment, and the foreign investor/purchaser does not gain any rights until later." The rights the foreign purchaser gains are transitioned over time but are guaranteed as of the time the deal is executed.

5. "There's nothing classified now, and the classified stuff ended a year ago or more." An assumption is made that because there are no current classified U.S. government contracts, there are no concerns.

6. "What the non-U.S. purchaser or investor does in other countries should not be of concern to CFIUS because it's not a direct U.S. transaction." If the non-U.S. purchaser or investor is not directly selling or servicing in countries of concern through any of its U.S. facilities, then CFIUS should not be concerned about the non-U.S. activities.

7. "Even if the target or seller supplies the U.S. government or exports, it's all EAR99." Generally on the basis of representations by the target or seller, the non-U.S. purchaser or investor concludes that there are no U.S. national security interests because of how the target or seller treats its products, technology, or services for export purposes.

8.   "This is just an asset deal." The deal is structured as an asset purchase, but additional factors cause the transaction to be within the jurisdiction of CFIUS.

Other misconceptions may exist, but for purposes of this Commentary, we examine these eight statements under FINSA and the CFIUS regulations to outline issues to consider when analyzing whether to make a CFIUS filing.

1.   "This deal is too small." Some believe that the value of a transaction is a determinative factor on whether to file a CFIUS notification. Neither FINSA nor the CFIUS regulations, however, limit notifications on the basis of dollar value. Unlike Hart-Scott-Rodino filings or other antitrust considerations, the actual dollar value invested or the purchase price alone are not driving factors. Elements of a deal that do affect any CFIUS assessment, however, include the nature of any national security or critical infrastructure concerns raised by the target's business and the rights the investor or purchaser obtains over that business as a result of the transaction. Ending the analysis of whether to file a CFIUS notification on the basis of the price paid for the investment would be incomplete at best and wrong at worst.

2.   "This is not high-tech stuff the U.S. government worries about." Parties previously predicated their assessment of whether to file a CFIUS notification, in part, on whether the U.S. business in question made weapons, tanks, military products, or classified items. Neither FINSA nor the CFIUS regulations, however, define "national security" so narrowly. Further, both FINSA and the revisions to the CFIUS regulations completed in 2008 expanded the areas of interest to the United States to include "critical infrastructure," which includes not only classic defense or military items but also telecommunications, energy, financial, and other systems upon which the United States relies for its day-to-day operations. With such a broad definition, a potential investment by a non-U.S. person in the smart grid structure of the United States or in any investments in the U.S. financial industry that would result in foreign control could be of interest to CFIUS. Concluding that a CFIUS notification is neither required nor beneficial based on the fact that the U.S. target or seller does not make military items or weapons would be incomplete.

3.   "If CFIUS cares about this stuff, why have we done [X] deals and not heard from the Committee?" Simply because parties have not notified CFIUS of past deals or CFIUS has not reached out to request a filing does not mean that the deal is not of interest to CFIUS and/or does not implicate U.S. national security or critical infrastructure concerns.

  • First, the Committee has limited resources and relies on the parties to a transaction to file notices in appropriate circumstances.
  • Second, CFIUS does not have access to nonpublic information that could bring transactions to its attention. For example, the Committee reviews press releases, Securities and Exchange Commission filings, and other public notifications and government filings to understand what transactions have occurred or are in process. But a transaction or investment consummated between two private parties for which no press releases or other announcements exist would not necessarily come to the Committee's attention.
  • Third, within the U.S. government, not all agencies share information with CFIUS. For example, when non-U.S. purchasers or investors acquire U.S. entities or organizations, notifications regarding export license transfers may be filed with the Departments of Commerce and State. Both agencies are members of CFIUS, but whether each agency notifies Treasury is unclear. An exception to this is the Defense Security Service ("DSS"), which must receive notifications of any transactions by foreign parties of any U.S. organization or entity that holds facility clearances, maintains classified contracts, or manages personnel clearances. This is so that DSS can ensure that the parties to the transaction have properly mitigated any foreign ownership, control, or influence ("FOCI") that might jeopardize the relevant clearances. DSS is an organization within the Department of Defense ("DOD"), a member of CFIUS. Under a 2014 DOD interim rule, DSS is required to update CFIUS on the status of FOCI mitigation and provide certain information to the committee regarding classification status.

It is not helpful, therefore, to a determination of whether to file a CFIUS notification to focus on whether prior filings were made or whether CFIUS reached out to purchasers or investors in the past.

4.   "It's only an investment, and the foreign investor/purchaser does not gain any rights until later." Some transactions or investments reflect a long-term commitment in the target or entity by a foreign purchaser. Long-term commitments may be included in transaction documents that identify a current investment position and subsequent investment positions over time. For example, a non-U.S. purchaser may invest $100 million in a U.S. target and receive a 9.8 percent ownership interest and no board seat. Annex A to the investment documents, however, notes that for that $100 million investment, ownership increases each year for the next five years as long as certain targets are met—targets established in advance by a second Annex to the agreement. At the end of the five-year period, the investment documents state that the non-U.S. purchaser will own 59 percent of the U.S. target.

Depending upon one's perspective, some parties may decide that the transaction results in ownership of 10 percent or less, while others would look at the overall transaction and find that the $100 million investment buys a 59 percent ownership stake in the U.S. target. In one circumstance, no filing will be made due to an exemption in the CFIUS regulations, and in another circumstance, a filing could be deemed prudent. The definition of "covered transaction" does not include a temporal limitation—i.e., the regulations do not indicate that a covered transaction is defined solely at the point in time when the filing is made. In fact, the examples in the CFIUS regulations say the opposite. A careful analysis would be needed to determine whether the "slice-in-time" approach to defining the transaction for CFIUS purposes would be viewed as a potential circumvention of the CFIUS regulations.

5.   "There's nothing classified now, and the classified stuff ended a few years ago." The CFIUS regulations request that any filings include a complete listing of any classified contracts or subcontracts completed or handled in the five years prior to the notification. Although the language of the regulations and published guidance appear clear, instances exist where parties may decide not to make a CFIUS filing because the classified work has ended. CFIUS notifications are voluntary, but a determination that the U.S. government would not be interested in a transaction involving the purchase by a foreign party of an organization or target that held classified contracts or subcontracts completed within the last five years, would not appear to comport with the intentions of the statute or the regulations.

One of the quintessential national security concerns for the United States is improper access to classified information. By its nature, classified information or contracts are considered important, if not critical, to U.S. national security interests. That importance, and the concomitant damage that would arise to U.S. national security interests if the information is released improperly, forms the foundation for the security classification. This is especially true regarding potential release to foreign interests, which is why DSS requires a separate procedure for foreign investments in entities holding security clearances. This procedure is designed to prevent foreign access to classified material. The government recognizes the parallel nature and goals of these reviews and requires coordination between DSS and CFIUS. This certainly suggests, however, that a company that has been in a business requiring classified access in the past likely continues to involve national security issues.

Although at least three levels of classified information exist, each bears directly on U.S. national security interests. It would appear, therefore, that a purchase or investment in a U.S. target or organization that holds or has held classified contracts or subcontracts would be the exact type of transaction that CFIUS would expect to review.

6.   "What the non-U.S. purchaser or investor does in other countries should not be of concern to CFIUS because it's not a direct U.S. transaction." Foreign governments and foreign companies have always bristled at the extraterritorial application of U.S. laws and regulations. These concerns have most frequently appeared in the antitrust and export arenas and have been long-standing complaints of both U.S. allies and U.S. foes. In the CFIUS context, this issue arises when a foreign purchaser or investor seeks to buy a U.S. business and the foreign party conducts business with countries of concern to the United States.

Some argue that the purchase of a U.S. business (whether an organization or asset) by a foreign party should be reviewed in light of what the foreign party intends to do with the U.S. business and not in light of what type of business the foreign party conducts outside the United States. From a CFIUS perspective, however, the ability of a foreign party to purchase a U.S. business or asset and to determine how those assets will be used or that business will be conducted could result in transfers to those countries of concern simply because the foreign party already transacts with those countries. Absent restrictions in the purchase or investment documents, or other self-implementing limitations of law or regulation, CFIUS would not be incorrect in assuming that the purchase or investment could allow the investor to transfer assets or technologies to countries of concern to the United States. Such follow-on or subsequent transfers could result in harm to U.S. national security.

Any CFIUS assessment, therefore, that does not examine the manner in which the foreign purchaser conducts its international activities and how that compares to the interest reflected in U.S. laws would be incomplete.

7.   "Even if the target or seller supplies the U.S. government or exports, it's all EAR99." These statements are not always well-researched or well-supported. In some instances, a U.S. target may be unsophisticated and believe that all of its activities are not subject to export regulations. Some targets are more sophisticated but have obtained inconsistent or inaccurate advice from counsel or consultants. Other targets have decided not to review their activities and simply base their conclusions on whatever remains most expedient for maximizing business and share value. And others simply make mistakes, a not uncommon situation even for the most informed, given the complexity of the export laws not only within the United States but abroad. The likelihood of errors, therefore, is high.

From a CFIUS perspective, the export classification and licensing of products, technology, and services is directly relevant to a national security assessment. First, the CFIUS regulations specifically request details of export classifications and licensing related to the target for at least the Departments of State, Commerce, and Energy. Second, in some circumstances, if a foreign purchaser or investor acquires a U.S. business that is subject to the Department of State regulations (the International Traffic in Arms Regulations), licenses that were in the target business's asset base may not be able to transfer. Third, a misclassification of products, technology, or services could result in the transfer of these items to parties or countries with which the U.S. government has serious concerns. Fourth, a purchaser may not have been approved as an end user on an export license, but that same purchaser could buy the entire asset and thereby obtain the items or technologies that could not be exported to them under U.S. export laws. The purchase, therefore, circumvents the export denials and potentially adversely affects U.S. national security interests. A CFIUS filing will bring these issues to light.

A CFIUS assessment, therefore, solely on the basis of representations made by a target concerning the export classification and licensing of the target's products, technology, or services, would be equally incomplete. A decision not to file a CFIUS notification on the basis of these representations may not be considered reasonable should CFIUS "request" a submission.

8.   "This is just an asset deal." For a variety of reasons, including efforts to minimize the potential for successor liability, corporate transactions sometimes are structured as asset purchases. In such cases, parties may think that the transactions are not within the jurisdiction of CFIUS because a foreign person is not acquiring a U.S. business. Take, for example, the acquisition of a building adjacent to a sensitive military facility in the United States. Deals often involve more than just the building, including leases for current tenants, etc. Those additional aspects of the transaction cause the "asset" to look and feel more like a "business." In addition, those assets may have characteristics important for CFIUS review—such as access or proximity to sensitive U.S. facilities. In those cases, deciding not to make a CFIUS filing on the basis that the transaction is an asset deal would not be prudent.

As noted at the outset, FINSA and the CFIUS regulations expanded the areas of concern for the U.S. government. As a result, although the process remains voluntary, the analysis needed to make an informed decision on whether to file a notification should be conducted for every transaction.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

In association with
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
Email Address
Company Name
Confirm Password
Mondaq Topics -- Select your Interests
 Law Performance
 Law Practice
 Media & IT
 Real Estate
 Wealth Mgt
Asia Pacific
European Union
Latin America
Middle East
United States
Worldwide Updates
Check to state you have read and
agree to our Terms and Conditions

Terms & Conditions and Privacy Statement

Mondaq.com (the Website) is owned and managed by Mondaq Ltd and as a user you are granted a non-exclusive, revocable license to access the Website under its terms and conditions of use. Your use of the Website constitutes your agreement to the following terms and conditions of use. Mondaq Ltd may terminate your use of the Website if you are in breach of these terms and conditions or if Mondaq Ltd decides to terminate your license of use for whatever reason.

Use of www.mondaq.com

You may use the Website but are required to register as a user if you wish to read the full text of the content and articles available (the Content). You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these terms & conditions or with the prior written consent of Mondaq Ltd. You may not use electronic or other means to extract details or information about Mondaq.com’s content, users or contributors in order to offer them any services or products which compete directly or indirectly with Mondaq Ltd’s services and products.


Mondaq Ltd and/or its respective suppliers make no representations about the suitability of the information contained in the documents and related graphics published on this server for any purpose. All such documents and related graphics are provided "as is" without warranty of any kind. Mondaq Ltd and/or its respective suppliers hereby disclaim all warranties and conditions with regard to this information, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Mondaq Ltd and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of information available from this server.

The documents and related graphics published on this server could include technical inaccuracies or typographical errors. Changes are periodically added to the information herein. Mondaq Ltd and/or its respective suppliers may make improvements and/or changes in the product(s) and/or the program(s) described herein at any time.


Mondaq Ltd requires you to register and provide information that personally identifies you, including what sort of information you are interested in, for three primary purposes:

  • To allow you to personalize the Mondaq websites you are visiting.
  • To enable features such as password reminder, newsletter alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our information providers who provide information free for your use.

Mondaq (and its affiliate sites) do not sell or provide your details to third parties other than information providers. The reason we provide our information providers with this information is so that they can measure the response their articles are receiving and provide you with information about their products and services.

If you do not want us to provide your name and email address you may opt out by clicking here .

If you do not wish to receive any future announcements of products and services offered by Mondaq by clicking here .

Information Collection and Use

We require site users to register with Mondaq (and its affiliate sites) to view the free information on the site. We also collect information from our users at several different points on the websites: this is so that we can customise the sites according to individual usage, provide 'session-aware' functionality, and ensure that content is acquired and developed appropriately. This gives us an overall picture of our user profiles, which in turn shows to our Editorial Contributors the type of person they are reaching by posting articles on Mondaq (and its affiliate sites) – meaning more free content for registered users.

We are only able to provide the material on the Mondaq (and its affiliate sites) site free to site visitors because we can pass on information about the pages that users are viewing and the personal information users provide to us (e.g. email addresses) to reputable contributing firms such as law firms who author those pages. We do not sell or rent information to anyone else other than the authors of those pages, who may change from time to time. Should you wish us not to disclose your details to any of these parties, please tick the box above or tick the box marked "Opt out of Registration Information Disclosure" on the Your Profile page. We and our author organisations may only contact you via email or other means if you allow us to do so. Users can opt out of contact when they register on the site, or send an email to unsubscribe@mondaq.com with “no disclosure” in the subject heading

Mondaq News Alerts

In order to receive Mondaq News Alerts, users have to complete a separate registration form. This is a personalised service where users choose regions and topics of interest and we send it only to those users who have requested it. Users can stop receiving these Alerts by going to the Mondaq News Alerts page and deselecting all interest areas. In the same way users can amend their personal preferences to add or remove subject areas.


A cookie is a small text file written to a user’s hard drive that contains an identifying user number. The cookies do not contain any personal information about users. We use the cookie so users do not have to log in every time they use the service and the cookie will automatically expire if you do not visit the Mondaq website (or its affiliate sites) for 12 months. We also use the cookie to personalise a user's experience of the site (for example to show information specific to a user's region). As the Mondaq sites are fully personalised and cookies are essential to its core technology the site will function unpredictably with browsers that do not support cookies - or where cookies are disabled (in these circumstances we advise you to attempt to locate the information you require elsewhere on the web). However if you are concerned about the presence of a Mondaq cookie on your machine you can also choose to expire the cookie immediately (remove it) by selecting the 'Log Off' menu option as the last thing you do when you use the site.

Some of our business partners may use cookies on our site (for example, advertisers). However, we have no access to or control over these cookies and we are not aware of any at present that do so.

Log Files

We use IP addresses to analyse trends, administer the site, track movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.


This web site contains links to other sites. Please be aware that Mondaq (or its affiliate sites) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of these third party sites. This privacy statement applies solely to information collected by this Web site.

Surveys & Contests

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.


If a user elects to use our referral service for informing a friend about our site, we ask them for the friend’s name and email address. Mondaq stores this information and may contact the friend to invite them to register with Mondaq, but they will not be contacted more than once. The friend may contact Mondaq to request the removal of this information from our database.


From time to time Mondaq may send you emails promoting Mondaq services including new services. You may opt out of receiving such emails by clicking below.

*** If you do not wish to receive any future announcements of services offered by Mondaq you may opt out by clicking here .


This website takes every reasonable precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected using firewalls and other security technology. If you have any questions about the security at our website, you can send an email to webmaster@mondaq.com.

Correcting/Updating Personal Information

If a user’s personally identifiable information changes (such as postcode), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the “Your Profile” page or by sending an email to EditorialAdvisor@mondaq.com.

Notification of Changes

If we decide to change our Terms & Conditions or Privacy Policy, we will post those changes on our site so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

How to contact Mondaq

You can contact us with comments or queries at enquiries@mondaq.com.

If for some reason you believe Mondaq Ltd. has not adhered to these principles, please notify us by e-mail at problems@mondaq.com and we will use commercially reasonable efforts to determine and correct the problem promptly.