United States: Podcast: CFIUS: Recent Regulatory Developments

In this Ropes & Gray podcast, Ama Adams and Brendan Hanifin discuss recent and forthcoming changes to the Committee on Foreign Investment in the United States ("CFIUS") review process. The Foreign Investment Risk Review Modernization Act ("FIRRMA"), passed in August 2018, significantly expanded the scope of CFIUS's jurisdiction to review foreign investments in U.S. businesses. This podcast discusses the implications of FIRRMA for U.S. and non-U.S. investors, as well as U.S. businesses that seek foreign investment.

Listen to the podcast.

Transcript:

Brendan Hanifin: Hello, and thank you for joining us today on this Ropes & Gray podcast, during which we will be discussing the Committee on Foreign Investment in the United States ("CFIUS") review process. I am Brendan Hanifin, counsel in Ropes & Gray's anti-corruption and international risk group, based in Chicago. Joining me for today's discussion is Ama Adams, a partner in our Washington D.C. office. Ama is a fellow member of Ropes' anti-corruption and international risk group, as well as the leader of the firm's CFIUS practice. Ama, this is an area of law where there's been significant regulatory development over the past 14 months. To provide context for these recent changes, could you provide a brief overview of CFIUS and its function?

Ama Adams: Thanks, Brendan. I'm glad to be here discussing this important and very timely topic. CFIUS is an interagency committee of the U.S. government with authority to review foreign investments in U.S. businesses that pose a risk to national security. CFIUS may impose mitigating measures on the parties to a covered transaction—or recommend that the President of the United States block a transaction entirely—if the Committee determines that the foreign investment threatens to impair U.S. national security.

Brendan Hanifin: What types of transactions and investments does CFIUS have the authority to review?

Ama Adams: Historically, CFIUS's jurisdiction was limited to transactions in which a foreign person makes an investment that could result in control of a U.S. business. In applying this standard, it's important to note that the CFIUS regulations generally do not define "control" in terms of a specified percentage of ownership interest or number of board seats; rather, the determination of control is fact-specific, and the definition is quite broad. Along similar lines, the term "U.S. business" encompasses both U.S. companies and the U.S. subsidiaries or U.S. operations of larger international businesses, meaning that CFIUS may be relevant for foreign-to-foreign transactions.

Brendan Hanifin: Until recently, the CFIUS review process was entirely voluntary, meaning that the parties to covered transactions were not required to notify CFIUS of the transaction. Given the voluntary nature of the process, why do parties bother with the time and expense of making a CFIUS filing?

Ama Adams: Although the review process has been voluntary, at least historically, failure to notify CFIUS of a covered transaction can result in significant risk where the transaction presents meaningful national security issues. The principal advantage in filing a voluntary notice is that CFIUS may pre-clear the transaction before closing, meaning that CFIUS cannot later raise concerns regarding the transaction. The risk of not filing a voluntary notice is that, if the Committee was concerned that the transaction threatened to impair national security, CFIUS could initiate its own review, which could result in the imposition of mitigation measures. Although post-closing investigations are relatively rare, CFIUS has the authority to initiate a review at any time after becoming aware of a covered transaction that has not been noticed to the Committee. There is no statute of limitations or time limit on CFIUS's authority. Accordingly, if the parties do not seek and obtain CFIUS clearance, CFIUS can investigate a transaction years after the transaction has closed.

Brendan Hanifin: What factors does CFIUS consider when assessing national security risk? And what are typical mitigation measures that CFIUS could impose, short of recommending that the U.S. President block (or unwind) a transaction?

Ama Adams: With respect to the national security analysis, the CFIUS regulations do not define the concept "U.S. national security"; relevant factors traditionally have included the involvement of state-owned foreign companies, particularly from China and Russia; whether the U.S. business that is the subject of the transaction develops or produces sensitive products or technologies; whether the U.S. business has contracts with U.S. government agencies with national security responsibilities or access to classified data; whether the U.S. business occupies facilities in close proximity to U.S. national security interests, including sensitive government locations and military installations; and whether the U.S. business collects large volumes of sensitive, personal information on U.S. citizens. With respect to mitigation, CFIUS has authority to impose a wide range of mitigation measures, short of blocking a transaction in its entirety.

Examples include:

  • Limiting the foreign investor's access to sensitive technology or facilities;
  • Limiting the foreign investor's access to sensitive personal data on U.S. citizens;
  • Limiting the foreign investor's participation in, and access to, parts of U.S. businesses that provide services to the U.S. government; or
  • Imposing periodic reporting requirements.

Brendan Hanifin: Now that we have a basic understanding of what CFIUS is and does, let's discuss some of the recent changes to the CFIUS review process, which have been the subject of considerable attention by investors and investment targets alike. Ama, could you walk us through the high points?

Ama Adams: Sure. In August 2018, Congress passed—and the President signed into law—the Foreign Investment Risk Review Modernization Act ("FIRRMA"), which significantly expanded the scope of CFIUS's jurisdiction. FIRRMA was passed on a bipartisan basis, and was motivated by the view among U.S. national security figures that CFIUS was not equipped to handle new threats to U.S. national security posed by foreign investment, particularly from China. A comprehensive discussion of FIRRMA is beyond the scope of this podcast, but for present purposes, FIRRMA introduced two fundamental changes to the CFIUS review process. First, FIRRMA expanded CFIUS's jurisdiction to non-passive, non-controlling investments in three categories of U.S. businesses: companies that produce, design, test, manufacture, fabricate, or develop one or more critical technologies; companies that own, operate, manufacture, service, or supply critical infrastructure; and companies that collect or maintain sensitive data of U.S. citizens. Second, FIRRMA authorized CFIUS to introduce a mandatory filing requirement for certain categories of transactions.

Brendan Hanifin: When do these important changes take effect?

Ama Adams: In October 2018, CFIUS announced a "pilot program" that implemented certain aspects of FIRRMA, on a temporary/provisional basis. The remainder of FIRRMA is scheduled to be implemented by February 2020. In September 2019, the Department of Treasury published proposed rules that address most—but not all—remaining elements of the legislation; however, these rules are not yet final.

Brendan Hanifin: Focusing first on the pilot program, what do investors need to know?

Ama Adams: The pilot program introduced, for the first time, a mandatory CFIUS notification requirement for certain non-passive investments in critical technology companies. Failure to comply with the pilot program's mandatory notice requirement can result in a significant civil penalty, up to the value of the entire transaction or investment. For an investment to trigger the pilot program's mandatory notice requirement, three criteria must be present:

  1. The U.S. business that is the subject of the transaction must operate within, or develop technology for use in, one of 27 designated "pilot program industries." These industries include, among others, aircraft, electronics, military, nuclear, chemical, biotechnology, and semiconductor manufacturing.
  2. The U.S. business must produce, design, test, manufacture, fabricate, or develop one or more "critical technologies." As currently defined, "critical technologies" include most items controlled under U.S. export controls; certain nuclear-related materials and items covered by the select agents and toxins regulations. Of note, pursuant to the Export Control Reform Act—which was passed alongside FIRRMA—the Department of Commerce currently is in the process of identifying so-called "emerging and foundational technologies." Once published, these technologies will be subject to export control restrictions, and covered under the definition of "critical technology."
  3. The foreign investor must acquire at least one of three triggering rights: board membership or observer rights; access to non-public technical information concerning the U.S. business's critical technology; or involvement in substantive decision-making regarding the U.S. business's critical technology. Note, if the foreign investor obtains control over a critical technology business that would qualify as well. The parties to a pilot program covered transaction have the option of submitting a traditional CFIUS filing, known as a joint voluntary notice; or an abbreviated declaration. Each option presents certain advantages and disadvantages.

Brendan Hanifin: It sounds like the pilot program introduced some very significant changes to the process. How are investors coping?

Ama Adams: For firms whose funds may qualify as foreign persons (as broadly defined for CFIUS purposes), the pilot program has promoted a top-to-bottom reassessment of investment strategy and pre-investment due diligence requirements, increasing the risk—and the transaction costs—for parties that operate within, or seek to invest in, designated pilot program industries. Even for U.S. investment firms, the pilot program has sparked rethinking of fundraising strategy, as well as heightened attention to negotiation of investment documentation. However, as certain key terms in the pilot program regulations—most notably, "emerging and foundational technology"—have not yet been defined, the pilot program has had less bite than predicted. In practice, many parties negotiate contractual or side letter rights that remove one or more pilot program jurisdiction triggers, thereby eliminating the need for a mandatory CFIUS filing.

Brendan Hanifin: Understanding that these changes have not yet been implemented, how will FIRRMA affect investments in U.S. businesses that own or operate critical infrastructure; or collect or maintain sensitive data of U.S. citizens?

Ama Adams: As noted, in mid-September, the Department of Treasury published proposed rules that would expand CFIUS's jurisdiction to review non-passive, non-controlling investments in certain critical infrastructure companies, as well as certain companies that collect sensitive data of U.S. citizens. With respect to critical infrastructure, the expanded jurisdiction would apply to U.S. businesses that perform specified services with respect to a delineated list of critical infrastructure. Covered critical infrastructure would include, for example, specified airports and maritime ports; public water systems; certain interstate oil and natural gas pipelines; and certain electrical energy infrastructure. With respect to personal data, the expanded jurisdiction would apply to U.S. businesses that collect genetic information, as defined under HHS regulations; or collect certain categories of "identifiable" data and either tailor their products and services to U.S. agencies with intelligence, national security, or homeland security responsibilities; or maintain or collect such data on greater than one million individuals.

In all cases, for the expanded jurisdictional requirements to apply, the foreign investor must acquire qualifying rights in respect of the U.S. business. These rights will be familiar from our discussion of the pilot program. The qualifying rights include: board member or observer rights; access to material non-public technical information in the possession of the U.S. business; or involvement in substantive decision-making regarding the use, development, acquisition, or release of critical technology, critical infrastructure, or sensitive personal data. Importantly—subject to one key exception—the proposed rules would not extend the mandatory notification requirement to U.S. businesses that deal in critical infrastructure or sensitive personal data. The exception is that the proposed rules would introduce a new, mandatory filing requirement for transactions in which a foreign government would acquire a substantial interest in a U.S. critical technology company, U.S. critical infrastructure company, or U.S. personal data company. "Substantial interest" is defined as a 25% or greater voting interest by a foreign person, in which a foreign government holds a 49% or greater voting interest.

Brendan Hanifin: When FIRRMA was passed, the legislation's treatment of real estate transactions prompted a lot of concern among foreign investors. Would the proposed rules implement any changes with respect to real estate investments?

Ama Adams: Yes. Historically, CFIUS has had jurisdiction over real estate transactions only where the transaction could result in control by a foreign person over an entity engaged in interstate commerce in the United States. The proposed rules would expand CFIUS's jurisdiction to include certain types of real estate transactions, even where there is no accompanying investment in a U.S. business. Specifically, CFIUS would have jurisdiction to review any purchase or lease by, or concession to, a foreign person of covered real estate, that affords the foreign person at least three qualifying rights. Covered real estate is defined to include real estate that is located within, or will function as part of, an airport or maritime port; or located within specified proximity of a designated military installation or other facility or property of the U.S. government. Qualifying property rights would include the right to physically access the real estate; exclude others from physical access to the real estate; improve or develop the real estate; or attach fixed or immovable structures or objects to the real estate. Notably, the proposed rules would not introduce a mandatory notice requirement for covered real estate transactions. In addition, the proposed rules would incorporate key exceptions based on the type of real estate transaction, such as covered real estate located in urbanized areas or that qualifies as a single housing unit.

Brendan Hanifin: Many foreign investors are surprised to learn that CFIUS—at least historically—has not differentiated from a jurisdictional perspective between countries that are friendly to the United States, such as Canada and the United Kingdom, and countries that are perceived to be less friendly to (or competitors of) the United States, such as China and Russia. The introduction of the mandatory filing requirement exacerbated this issue, as the filing requirement—and penalties for failure to file—apply across the board. Would the proposed rules address this incongruity?

Ama Adams: One of the questions that the U.S. government has grappled with in implementing FIRRMA is whether to issue a so-called "white list" of countries or investors that are exempt from CFIUS's jurisdiction, to reduce the burden on the Committee of reviewing notices and declarations and to focus CFIUS's energy on the actors that, in the U.S. government's estimation, present the greatest national security risk. The proposed rules introduce the concept of "excepted foreign states," a list of which will be published by the Department of Treasury at a future date. However, if the proposed rules were implemented in their current form, there is a reason to believe that the "excepted foreign state" exemption will be narrow.

Specifically, the proposed rules suggest that the list of "excepted foreign states" will be quite short, at least initially. In addition, not all parties located in or organized under the laws of an "excepted foreign state" would be exempt from CFIUS's jurisdiction. To qualify for the exemption, the party must be organized in, and maintain its principal place of business within, the excepted foreign state or the United States. In addition, all directors and investors over 5% must be citizens of either the excepted foreign state or the United States. In addition, the "excepted foreign state" exemption will not be available to parties that have been subject to any adverse action by CFIUS or a range of other agencies of the U.S. government, including the agencies responsible for administering U.S. economic sanctions and U.S. export controls. Accordingly, while there may indeed be a "white list" once FIRRMA is fully implemented, the exemption may have limited practical application.

Brendan Hanifin: Assuming the "excepted foreign state" exemption did not apply, are there other exemptions that foreign investors may avail themselves of?

Ama Adams: Yes, with the caveat that all of the exemptions are fairly narrow in practice. For example, the CFIUS regulations recognize an exception for so-called "greenfield investments," meaning investments in start-up initiatives without current operations, on the theory that such initiatives do not qualify as "U.S. businesses." Under the regulations, a foreign person makes a "greenfield investment" in the United States if the investment involves only such activities as "separately arranging for the financing of and the construction of a plant to make a new product, buying supplies and inputs, hiring personnel, and purchasing the necessary technology." In practice, this exception is very narrow. In particular, in some cases, CFIUS may view assets assembled in anticipation of forming a future business as sufficient to constitute a "U.S. business." In addition, the regulations describe a "safe harbor" for transactions that result in a foreign person holding 10% or less of the outstanding voting interest in a U.S. business. CFIUS narrowly construes the safe harbor exemption, and the Committee will scrutinize any action by a foreign investor that is inconsistent with holding or acquiring an interest solely for the purpose of passive investment. With respect to critical technology companies, critical infrastructure companies, and companies that collect sensitive data of U.S. citizens, the safe harbor will not be available if the foreign investor acquires a qualifying right (such as board or observer rights; access to material non-public technical information; or involvement in substantive decision-making).

Finally, FIRRMA codified what has become known as the "indirect investment fund exception." This exception provides that indirect participation by foreign persons through investment funds in covered transactions will not automatically result in CFIUS jurisdiction, even if the foreign investor is represented on an advisory board or a fund committee. For the exception to apply, the following criteria must be met: the fund must be managed by a U.S. general partner or a U.S. managing member (or equivalent); the relevant advisory board or committee must not approve, disapprove, or control the fund's investment decisions; the foreign person must not otherwise have the ability to control the fund; and the foreign person must not have any access to material nonpublic technical information as a result of its advisory board or committee representation.

Because of the complexity of fund structures, application of the indirect investment fund exception can require nuanced, structure-specific analysis.

Brendan Hanifin: FIRRMA is scheduled to be fully implemented by February 2020. What should investors and investment targets be doing between now and then?

Ama Adams: First, parties should familiarize themselves with the proposed rules published on September 17 and assess whether those rules—if implemented in their current form—would present new and significant CFIUS considerations. Because the rules are not yet finalized, it is difficult to fully account for them in the drafting of limited partnership agreements, due diligence questionnaires, and similar documents. However, as the proposed rules indicate where CFIUS appears to be headed, this is an opportune time for investors and investment targets to begin some advance planning, particularly as significant transactions and fundraising activities can involve many months' lead-time.

Second, parties should be on the lookout for the Department of Commerce's forthcoming rulemaking on "emerging and foundational technologies." In addition to expanding the scope of the critical technology pilot program, this rulemaking will affect transactions that are excluded from the scope of FIRRMA, such as licensing arrangements and pure technology transfers. Although these transactions will remain outside of CFIUS's jurisdiction, they could require export licenses from the Department of Commerce.

Finally, parties should prepare themselves to contribute greater time and resources to conducting CFIUS diligence pre-investment, on both the investor and the investment target side. The introduction of a mandatory notice requirement for certain transactions significantly increases the importance of ensuring that the pre-investment CFIUS analysis is based on accurate and complete information. Along similar lines, the pending regulations to implement FIRRMA foreseeably will result in an increase in CFIUS filings (and, thereby, longer CFIUS review periods).

Brendan Hanifin: Thank you, Ama, for joining me today for this discussion. And thank you to our listeners. Thanks again for listening.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
Similar Articles
Relevancy Powered by MondaqAI
Wilson Sonsini Goodrich & Rosati
 
In association with
Related Topics
 
Similar Articles
Relevancy Powered by MondaqAI
Wilson Sonsini Goodrich & Rosati
Related Articles
 
Related Video
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.

Disclaimer

The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.

General

Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions