CFIUS Filing Considerations in Light of E.O. 14083 and CFIUS's 2021 Annual Report – Lexology

Review your content’s performance and reach.
Become your target audience’s go-to resource for today’s hottest topics.
Understand your clients’ strategies and the most pressing issues they are facing.
Keep a step ahead of your key competitors and benchmark against them.
add to folder:
Questions? Please contact [email protected]
Heading into 2023, U.S. companies in search of foreign investors and foreign parties considering investments in U.S. enterprises have new tools available to assist in their deliberations whether the Committee on Foreign Investment in the United States ("CFIUS" or "the Committee") will take an interest in reviewing or investigating their transactions. CFIUS released its 2021 Annual Report to Congress ("Annual Report") in August 2022, providing the first full-year snapshot of filings submitted after final implementation of the changes brought on by the Foreign Investment Risk Review Modernization Act of 2018 ("FIRRMA"). A few weeks later, on September 15, 2022, the President signed an Executive Order providing formal direction to guide the Committee's review of covered foreign investment transactions, E.O. 14083. While neither document is particularly groundbreaking, when taken in conjunction they will be helpful in scenarios where parties are considering the advisability of submitting a voluntary notification to CFIUS and how the Committee might respond to a given set of facts.
CFIUS Annual Report: Noteworthy Numbers
CFIUS Annual Report: Dispositions of Filings
Stepping back from the number-crunching, these figures reflect that a significant majority of transactions involve no CFIUS-imposed mitigation whatsoever, that the Committee's decision to investigate a transaction does not automatically lead to a mitigation requirement, and that only a handful of transactions are deemed so problematic from a national security standpoint that they cannot proceed. The numbers also indicate that parties who choose not to file voluntarily generally appear to be conducting well-informed risk assessments of the Committee's likely interest in their transactions.
National Security Considerations
In reviewing covered transactions, CFIUS determines whether the transactions pose a risk to national security. In making these assessments, CFIUS is guided by statutory text (including FIRRMA, Pub. L. 115-232, § 1702(c)), its 2008 Guidance, and input from participating agencies, particularly the intelligence community. Moving forward, the Committee's analysis will include E.O. 14083 which elaborates on the existing statutory factors and changes many of them from permissive to mandatory while also adding to the Committee's list of considerations.
Under these authorities, CFIUS considers factors including:
In order to impose mitigation on a transaction, CFIUS participating agency(ies) must first justify in writing a finding of a national security risk and the measures reasonably necessary to mitigate the risk, and then CFIUS as a whole must agree that risk mitigation and the proposed measures are appropriate. CFIUS can impose mitigation measures only if provisions of law outside of the foreign investment statutes (50 U.S.C. § 4565, as amended) do not adequately address the risk. In some scenarios, for instance, export controls imposed by the International Traffic in Arms Regulations ("ITAR") or the Export Administration Regulations ("EAR") could adequately protect against the risk posed by a transaction. See 73 FR 74568 (Dec. 8, 2008).
Eleven percent of the Notices filed in 2021 involved mitigation measures, meaning that CFIUS determined other legal provisions were inadequate to address the risks presented by those transactions. The Annual Report does not detail why CFIUS deemed a particular sort of mitigation necessary (in some cases, the reason is classified) or how many times it imposed a given type of mitigation. But the measures described in the Annual Report taken in conjunction with the national security considerations outlined above give prospective parties hints regarding what might trigger a given measure, such as sensitive data concerns that are beyond the scope of export controls but which CFIUS might deem subject to exploitation in the absence of additional constraints.
CFIUS supervises and enforces mitigation through one or more monitoring agencies that assign designated personnel to conduct on-site compliance reviews, approve appointment of security or other personnel required by the mitigation measures, review and approve policies and procedures (such as visitor and data policies), and review reports from independent auditors.
Considerations for Future Transactions
Parties contemplating receiving or making a foreign investment can turn to the same authorities as and run similar analysis to CFIUS using those means to assess the Committee's likely response to a transaction. For instance, where a U.S. business holds sensitive personal data, it might consider how that data could be exploited, determine whether the data is the primary point of interest for a prospective investor or whether its collection is ancillary to the business's technology or infrastructure, then review and strengthen internal controls on access to and use of the data, and mutually agree with the prospective investor regarding the situations, if any, in which the investor might be permitted access to some or all of that data. Upon review, CFIUS might agree with the self-imposed limitations or request or require additional measures; whatever the Committee's reaction, the parties will be better situated to respond if they anticipated the aspects of the transaction on which CFIUS might focus.
In addition, parties who have not previously made any submissions to the Committee should review their history of transactions and plans for future investments, considering whether there is any transaction that might appear to pose a greater national security risk when regarded in the aggregate, or that would be more difficult to modify after the fact, using considerations like those as deciding factors for making voluntary filings.
Where parties to a covered transaction do not file and receive CFIUS approval, the Committee has the power to review the transaction long after it has been completed. This means, for instance, that CFIUS could review a non-notified transaction that closed in 2020 in light of E.O. 14083. It can be advantageous for parties to submit a proposed transaction for review by CFIUS at the time of the transaction rather than taking a chance on having to undergo CFIUS review at a later time when the regulations in force may be more demanding, or political situations (e.g., Russia and Ukraine) may increase the likelihood of mitigation or requirements to unwind a deal. In the event the parties choose not to file after consideration of all relevant information, careful analysis in light of known CFIUS trends and E.O. 14083, and documentation of that review could prove invaluable should CFIUS later inquire about the transaction.
add to folder:
If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected].
© Copyright 2006 – 2022 Law Business Research



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top