CFIUS Review Expansion: An Eye Toward National Security

CFIUS Review Expansion: An Eye Toward National Security

As the end of the calendar year draws near, many companies hasten to close M&A deals as others gear up for such transactions next year. A major consideration for any foreign merger or acquisition is submitting the proposed transaction for review to the Committee on Foreign Investment in the United States (CFIUS). This year, with new directives from the President and published guidelines signal a more complicated time for companies looking to receive a “safe harbor” certification.

As we have discussed before, the United States has reoriented its thinking about a variety of international trade topics to better account for national security concerns. Continuing this trend, and with an definite view towards national security, earlier this year The President signed Executive Order 14083 to Ensure Robust Reviews of Evolving National Security Risks by the Committee on Foreign Investment in the United States. EO 14083 requests that CFIUS examine national security risks as a part of their review of any given transaction. EO 14083 highlights the importance of considering whether a transaction party has “commercial, investment, non-economic, or other ties” with a foreign person that may pose a national security threat.

EO 14083 is the first presidential directive regarding CFIUS. The order outlines many of the factors that CFIUS already considers when reviewing transactions under its purview. EO 14083, defines five key national security factors for CFIUS to consider when analyzing transactions for potential violations:

· Effect on U.S. supply chain resilience, including those outside the defense industrial base

·       Effect on U.S. technological leadership in national security sectors, including microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy, and climate adaptation technologies

·       Industry investment trends and possible national security reverberations from the transaction

·       Cybersecurity risks threatening national security

·       Risks to U.S. persons’ sensitive data

These national security factors dovetail in important ways with other government initiatives. Supply chain resilience, maintaining U.S. technological leadership, and protecting against cybersecurity risks are all familiar topics over the recent past. The EO, arguably, simply continues to expand the topics through the operations of the government.

Soon after E.O. 14083 was signed, the U.S. Department of Treasury released Enforcement and Penalty Guidelines that outline conduct violating the CFIUS regulations. Specifically, these Guidelines (i) clarify the types of conduct that constitute a violation, (ii) discuss the Committee’s procedure for imposing a penalty, and (iii) highlight aggravating and mitigating factors that will influence the Committee’s penalty calculation. The guidelines signal an increased use by the Committee of its enforcement and penalty authorities.

Central to both the Guidelines and EO 14083 are the importance of voluntary self-disclosures and the consequence for failing to make mandatory filings to the CFIUS Committee. These two recent actions highlight the significance the Administration places on CFIUS as a tool to combat national security threats. As members of the CFIUS Committee publish compliance guidelines and new rules (e.g. Compliance Program Guidelines Issues by DDTC and New Export Controls on Advanced Computing and Semiconductor) companies should perform compliance reviews and ensure all policies and procedures are up to date and well documented.

For companies contemplating global M&A activities, there are additional concrete steps that should be taken in light of EO 14083 and the Enforcement and Penalty Guidelines. M&A teams should include experts in export compliance practices, international sanctions application, and similar topics. Whereas in the past parties may have simply created a contingency fund in case such issues arose, now it is important to review and discover the issues (as well as quantify the risk) earlier, rather than later. Failure to do so could have serious negative consequences for the company.

If you have questions about a potential transaction and the applicability of a CFIUS review or performing a compliance review do not hesitate to contact an attorney at Barnes Richardson, & Colburn LLP.