On August 1, 2018, the Senate passed the National Defense Authorization Act for Fiscal Year 2019 (NDAA).1 The House of Representatives passed the same bill last week, and it will now go to the President for his signature.
The bill includes significant provisions to modernize the Committee on Foreign Investment in the United States (CFIUS or the Committee).2 Originally introduced as a separate bill by Senator John Cornyn (R-TX), and now included as Title XVII of the NDAA, the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA) significantly modifies the rules for foreign investments in the United States. Passage of FIRRMA reflects growing bipartisan concern that certain foreign transactions are diminishing US technological superiority and that, as currently constituted, CFIUS lacks sufficient authority and resources to account for the complex deal mechanisms foreign investors may employ to acquire valuable stakes in US companies that are important for US security.
The new law will make substantial changes to the current CFIUS regime. Navigating deal risks associated with CFIUS will likely grow more complex going forward, for both US sellers and foreign buyers. FIRRMA will allow CFIUS to analyze a greater range of transactions than before, will empower CFIUS to require certain investors to make mandatory filings, will allow CFIUS for the first time to charge filing fees, and will require the Commerce Secretary to oversee the creation of new export control restrictions for emerging critical technologies. The law also attempts to create greater certainty for deal parties by requiring CFIUS to complete its work within 45 days except in extraordinary circumstances.
Critically, FIRRMA requires the Secretary of the Treasury, who chairs CFIUS, to craft new regulations to implement many provisions of the law. The rule-making process is likely to play out over the next year, with a variety of opportunities for companies to engage with the Treasury Department about the new regulations. Both US sellers and foreign investors will want to monitor these regulatory developments closely and may want to participate in the process to ensure the final regulations do not unnecessarily hinder foreign investment. We recommend interested parties engage in the regulatory process and in the writing of guidelines and examples such as those that accompany the Foreign Investment and National Security Act of 2007.
In short, the passage of FIRRMA will mark a milestone, but not the end, of the CFIUS-reform process. Key elements of FIRRMA include:
Broadening the Scope of Covered Transactions Beyond Foreign Control of a US Business
FIRRMA amends the Defense Production Act of 1950 (50 U.S.C. § 4565(a)) by broadening the scope of “covered transactions” that are subject to CFIUS review and by adding or amending several key terms.3
Under FIRRMA, covered transactions would include not just any merger, acquisition or takeover by a foreign person that could result in foreign control of a US business—including those carried out through a joint venture—but also:
- Any other investment by a foreign person in any US business involved in critical infrastructure, the production of critical technologies, or that maintains sensitive personal data that, if exploited, could threaten national security;
- Any change in a foreign investor’s rights regarding a US business where that change would result in foreign “control” of a US business or where the change involves critical infrastructure or critical technology companies;
- Any other transaction, transfer, agreement, or arrangement designed to circumvent or evade CFIUS; or
- The purchase, lease, or concession by or to a foreign person of certain real estate in close proximity to military or other sensitive national security facilities.
Each of these provisions will require new regulations from the Treasury Department.
The expansion of CFIUS jurisdiction to cover any other investment in a US business involved in critical infrastructure or the production of critical technologies will be especially significant because it may allow CFIUS to assert jurisdiction over even small investments in certain businesses that would today not be subjected to regulatory scrutiny. FIRRMA states that an “other investment” may include either a direct or indirect investment that gives a foreign person (i) access to “material non-public technical information” possessed by the US business, (ii) membership or observer rights on the board of directors of the US business, or (iii) involvement in substantive decision making on the handling of personal data, the development or use of critical technologies, or the management of critical infrastructure.
However, FIRRMA includes a special exception for limited partner investments in critical infrastructure or critical technology companies that will likely be of great importance to private equity funds and deal teams structuring complex transactions. Under FIRRMA, membership on an advisory board or investment committee as a limited partner or the equivalent in an investment fund investing in a critical technology or critical infrastructure company does not trigger CFIUS jurisdiction if (i) the fund is managed by a general partner or equivalent, (ii) the general partner is not a foreign person, (iii) the advisory board or committee does not have the power to disapprove or control investment decisions of the fund or decisions made by the general partner, and (iv) the foreign person does not otherwise have any power to control the operations of the fund.
FIRRMA will allow parties to submit a declaration with “basic information” about a transaction instead of a full CFIUS Notice pursuant to regulations to be created by the Committee.4 In response to such short-form declarations, the Committee may require a full filing, may notify the parties that all reviews for the transaction are complete, or may inform the parties that CFIUS cannot complete its review and provide safe harbor to the parties unless a full CFIUS filing is submitted to the Committee.
FIRRMA also allows CFIUS to promulgate regulations requiring mandatory short-form declarations for transactions involving substantial foreign government interests or in relation to certain sensitive US businesses. It empowers the Committee to impose penalties on entities that do not comply with such filing requirements.
Amendments to Timing of CFIUS Review Process
FIRRMA includes several provisions designed to expedite CFIUS reviews.
In light of a growing trend at CFIUS of parties encountering substantial delays initiating the review process, FIRRMA requires the Committee to provide comments on filings or accept complete written notices within 10 business days of the submission of a case where the parties stipulate that the transaction is a covered transaction or that it is a foreign government-controlled transaction.5
FIRRMA also changes the amount of time the Committee has to complete the review process.6 Today, CFIUS reviews can last as long as 75 calendar days (a 30-day review period plus a 45-day investigation period). CFIUS sometimes demands that parties withdraw and refile to start the clock anew. FIRRMA changes the timing for the Committee’s review process by extending the time available for the CFIUS review period from 30 to 45 calendar days. The 45-day clock for the investigation remains unchanged, but FIRRMA gives the Committee authority to extend an investigation for an additional 15 calendar days in extraordinary circumstances. CFIUS is charged with crafting regulations to determine what constitutes such a circumstance. (In rare cases where a case is referred to the President, the President has an additional 15-day period to announce a decision about the transaction.)
Unilateral Reviews, Suspension Powers and Mitigation Agreements
FIRRMA clarifies the power of CFIUS to initiate its own reviews of transactions and its ability to stop a transaction from closing when the Committee perceives a threat to national security that may require mitigation or result in a recommendation that the transaction be blocked.7 In particular, FIRRMA makes clear that CFIUS has the authority to suspend a transaction during a review or investigation if the transaction “may” pose a risk to the national security of the United States.8 This means that CFIUS will have expanded authority to stop parties from closing a transaction before CFIUS completes its review process.
The bill also grants CFIUS the authority to use mitigation agreements and conditions to address situations where the parties have chosen to abandon a transaction without a presidential order as well as to impose interim mitigation agreements and conditions for national security risks posed by completed transactions while such transactions are undergoing CFIUS review.9
Establishment of New Assistant Secretary of the Treasury
The bill establishes a new Assistant Secretary for Investment Security at the Department of the Treasury. This official will require Senate confirmation and will principally focus on Committee work. The bill also directs each CFIUS member to designate an Assistant Secretary-level official to carry out the Committee’s duties.10
Reports on China and on US Rail Assets
FIRRMA requires that no later than two years after enactment, and every two years thereafter through 2026, the Secretary of Commerce must submit to Congress and the Committee a report on foreign direct investment transactions made by Chinese entities in the United States.11
It also requires a report to Congress, submitted not later than one year from the law’s enactment, from the Secretary of Homeland Security assessing the national security risks related to investments in the manufacture and assembly of freight and passenger rail assets in the US by foreign state-owned or state-controlled entities.12
The bill directs that within 180 days of enactment, the secretaries of Treasury and Commerce shall develop plans to implement FIRRMA and submit them to Congress, along with a timeline for implementation and any needs for additional staff or resources.13 The bill directs the President to determine whether the expanded responsibilities of the Committee necessitate additional resources and, if so, to include a request for additional resources in future budgets.14
FIRRMA also creates a CFIUS Fund to be supported by filing fees paid by companies filing CFIUS notices. The amount paid is to be determined by regulations that are yet to be written. Congress is authorized to appropriate $20 million to the fund for each of fiscal years 2019 through 2023.15
Export Controls Act of 2018
Finally, FIRRMA repeals and replaces the Export Administration Act of 1979, which had lapsed and had been continued in effect by the International Emergency Economic Powers Act.16 Among the provisions of the new Export Controls Act of 2018 is a requirement for the Commerce Department to create new export restrictions on “emerging and foundational” technologies that are important to the defense community and are not otherwise captured under the US export control regime. Specifically, FIRRMA tasks the Secretary of Commerce and an interagency group to identify such technologies that are essential to national security and are not currently controlled under the International Traffic in Arms Regulations, multilateral controls regimes implemented by the Commerce Control List or other relevant US regulations. The interagency group will include the Departments of Defense, Energy, State and Commerce, along with other agencies, as appropriate. Information relating to reviews and investigations of transactions by CFIUS may inform this interagency process. The Commerce Department is authorized to require that any license application for the export of emerging and foundational technologies identify “any foreign person with significant ownership interest in a foreign person participating in” a joint venture, joint development agreement or similar collaborative arrangement involved in an export transaction.
This provision is significant because FIRRMA negotiators hotly contested how best to address concerns about the export of emerging technologies to foreign competitors, particularly regarding the transfer of know-how for creating advanced technologies important to US national security. The conferees chose to address those concerns by enhancing the export control regime rather than regulating through the CFIUS process. Companies developing or acquiring any advanced technology should be sensitive to these new export control provisions and consider how the CFIUS process and other interactions with the government could affect export control determinations.