The Foreign Investment Risk Review Modernization Act of 2018 ("FIRRMA") emerged from a House-Senate conference committee with its wings clipped. House Conferees made sure the multi-agency Committee on Foreign Investment in the United States ("CFIUS") couldn't color outside the lines, keeping the focus of CFIUS reviews on national security, and – at the same time – refusing to create "white lists" of trusted investors from allied countries. Nevertheless, the bill marks a significant new era for CFIUS reviews. The bill passed the House of Representatives on July 26 by a vote of 359-54 as part of the defense authorization bill. The defense bill, including the CFIUS title, is expected to pass the Senate shortly. The President is expected to sign the bill.

Here's what U.S. sellers and foreign investors can expect:

  • As a general proposition, investments in unaffiliated critical technology or critical infrastructure companies should expect CFIUS review. For the first time, this will include investments that fall short of control, but that allow the foreign investor access to material non-public information, membership or observer rights on the board (or the right to nominate directors), or any substantive involvement (other than voting shares) in (among other things) the use, development, or release of critical technology, or the management of critical infrastructure.
  • Similar non-controlling foreign investments in firms that maintain or collect personal data of U.S. citizens will be subject to CFIUS review – if the data may be exploited in a manner that threatens national security.
  • CFIUS review may now be triggered by any change in a foreign investor's rights in a U.S. business that could either result in foreign control of the U.S. business – or in an investment in critical technology, critical infrastructure, or in a firm maintaining or collecting sensitive personal data.
  • Real estate purchases, leases and concessions will be subject to CFIUS review – for the first time – if they are in or part of an airport or seaport – or if they are in "close proximity" to a U.S. government or military facility and could pose a national security risk – even if they do not involve the acquisition of a U.S. business.
  • There will be no formal "Black Lists" or "White Lists", but a short-form – 5-page – "declarations" process may allow for low-risk transactions to get cleared in 30 days or less. Transactions not cleared may be invited to submit full filings.
  • Transactions in which a foreign government would hold a "substantial interest" in critical technology, critical infrastructure, or personal data maintenance/collection firms will be required to file declarations – but CFIUS can waive this requirement if the Committee finds that the investments are not directed by a foreign government – and the investor has a history of cooperation with CFIUS. (The latter requirement almost assuredly translates to a history of transparency, especially with regard to company ownership.)
  • Transactions structured, designed or intended to evade CFIUS review will be covered. If a safe haven cannot be found within the four corners of the statute or the regulations, it likely doesn't exist.
  • Reviews may be longer – or shorter. Prefiling reviews can last no longer than 10 days if the parties stipulate that the transaction is a "covered transaction." Initial reviews for transactions that are not cleared through the "declarations" process – or that bypass the process altogether will run 45 days. That's 15 days longer than the current process. Additional 45-day investigations may still follow, but extensions will only be allowed for "extraordinary circumstances" – and then only for 15 days. (Given, however, that withdrawal and refiling can be in the interest of the parties if a transaction is otherwise headed toward veto or onerous mitigation, "voluntary" withdrawals will presumably remain an option.)
  • CFIUS may suspend a pending transaction that (in the judgment of the Committee) may "pose a risk to the national security" during the time that it is under review – thereby preventing the parties from closing the deal until CFIUS has completed its work.
  • Information "important to the national security analysis or actions of the Committee" may be shared with any domestic governmental entity and with allied foreign governments "to the extent necessary for national security purposes."
  • Minority reports may roil the waters. If CFIUS fails to reach consensus, the dissenters must "produce" a written statement justifying the alternative recommendation – together with a risk-based analysis that supports the alternative. At this writing, it is hard to predict whether this provision will encourage consensus or dissent, but when and if such papers are prepared, they are certain to find an audience.
  • A comprehensive report will issue on Chinese investment. The bill makes no provision for "white lists" – but it leaves little question which country is the principal "country of special concern." The bill takes roughly two pages to detail the particulars of a report that Congress wants CFIUS to provide in two years on Chinese investment in the U.S. – including businesses "established" as well as businesses acquired – and an analysis of patterns in investment – volume, type, sector, and how those patterns of investments align with the PRC's "Made in China 2025" plan.
  • Filing fees will be imposed. The legislation authorizes CFIUS to assess and collect filing fees, which means that filing fees are certain to be levied. Fees are "not to exceed" 1% of the value of the transaction or $300,000 (adjusted annually for inflation), whichever is less, and may not exceed the cost of administering reviews (an unlikely event).
  • Export controls have been reinvigorated. An export control title (the "Export Control Reform Act of 2018") will give statutory underpinning to the Export Administration Regulations governing export of sensitive commercial technology. Most important for foreign investors are provisions establishing a process to identify and control "emerging and foundational technologies" – technology "essential" to U.S. national security that is not currently subject to export controls.
  • Effective dates are staggered, with certain provisions taking effect immediately (e.g., information sharing, timing for reviews, and provisions concerning administration of CFIUS) and others taking effect 30 days after regulations are in place (but no later than 18 months after enactment).
  • Sleeper issues:

    • The potential loss of skilled U.S. workers will be an issue. Among the "Sense of Congress" provisions in the Preamble is a provision encouraging CFIUS to consider "the availability of human resources" and to "construe that term to include potential losses of such availability resulting from reductions in the employment of United States persons whose knowledge or skills are critical to national security, including the continued production in the United States of items that are likely to be acquired by the Department of Defense or other Federal departments or agencies for the advancement of the national security of the United States." [Emphasis added.] For decades, Congress has avoided making "jobs" or "employment" a CFIUS issue – but this provision draws the nexus to national security – targeting (as noted) the loss of highly skilled jobs and personnel whose "knowledge or skills are critical to national security."
    • Patterns of foreign investment will come under scrutiny. Another "Sense of the Congress" provision encourages CFIUS to consider "the potential national security related effects of the cumulative control of, or pattern of recent transactions involving, any one type of critical infrastructure, energy asset, critical material, or critical technology by a foreign government or foreign person." This provision essentially gives CFIUS the green light to look beyond the transaction in front of the Committee to the "cumulative" impact of foreign acquisitions involving national security assets. Transactions may fail review, for example, because the market is saturated with foreign-owned firms, putting certain industries and technologies "off limits."
    • Foreign indirect investments through U.S.- managed investment funds may be exempt from coverage as "other" (i.e., no controlling) investments even if foreign limited partners sit on a fund advisory board if (among other things) the advisory committee cannot control the fund, the foreign persons cannot otherwise control the fund, and the foreign investors do not have access to material non-public information through their participation on the advisory board.
    • Bright Line Standards. The bill instructs CFIUS to come up with a definition of "close proximity" for real estate transactions to "ensure" that the term "refers only to a distance or distances within which the purchase, lease, or concession of real estate could pose a national security risk." In other words, Congress is looking for CFIUS to establish a true "safe harbor" provision by declaring that properties inside a given radius are problematic – and properties outside such limits are not. It's not at all clear that risk analysis will admit of such clean lines – but the desire for a literal "bright line" standard is understandable.

FIRRMA marks the first broadscale amendment of U.S. foreign investment legislation in more than ten years. Advocates for tougher legislation did not get everything they wanted – but the new law will significantly broaden foreign investment reviews.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.