Mergers, acquisitions, joint ventures, and other forms of investment by foreign persons in the United States continue to increase in the current global economy. The concept of national security and its tie to economic security in these types of transactions has been confirmed, and that tie was reflected, in part, through the Exon-Florio Amendments of 1988 ("Exon-Florio") and the updates to that legislation in 2007 through the Foreign Investment and National Security Act ("FINSA"). Exon-Florio and FINSA enhanced the authority of the Committee on Foreign Investment in the United States ("CFIUS" or the "Committee"), an executive branch organization originally formed to opine on the impact of foreign investment on U.S. national security interests.

CFIUS, chaired by the Department of the Treasury, administers the CFIUS regulations, 31 C.F.R. part 800, and comprises 15 executive agencies, as well as a number of consultative agencies that review transactions when appropriate. The CFIUS regulations describe a voluntary process through which parties to a transaction whereby a foreign person will acquire control of a U.S. business may seek clearance for the proposed transaction from the Committee. In addition to the voluntary process, CFIUS may also reach out to transaction participants and "request" a submission in conformity with the regulations. Although a "request," the Committee believes it has subpoena authority and that it may require a filing if a submission is not made. In the alternative, if CFIUS does not exercise its perceived subpoena authority and no filing is made, the Committee could nonetheless review the transaction on the basis of information it collects from whatever sources are available. That review, whether based on the participation of the parties to the transaction or not, may affect the transaction. 

In 2007, Congress broadened the authority of the Committee and expanded the areas in which "national security" issues may arise. Based on this expansion and the approach CFIUS has taken to reviewing transactions within the last few years, several misconceptions exist that would benefit from clarification. This Commentary outlines some, but not all, of the misconceptions and provides perspective when addressing whether to submit a CFIUS notification or wait for a reaction from the Committee.

Background: CFIUS Advice as Part of M&A Transaction Analysis

Transactional counsel advise clients on a range of financial, regulatory, and compliance requirements as part of any deal. The advice or approach that applies to most aspects of a transaction—e.g., antitrust filings, intellectual property assessments, litigation risks, employment issues, and environmental matters, among others—does not necessarily nor directly translate into how to address the national security aspects of a transaction. To ensure that deals progress smoothly and that little, if any, interruptions occur, it is essential to analyze national security and critical infrastructure concerns at the same time that other legal risk areas of a transaction are assessed. The CFIUS analyses that should be performed include, but are not limited, to:

  • The structure of the deal;
  • The assets involved (including location);
  • The contracts—both government (federal, state, and local) and commercial;
  • The products, technology, and services provided (including their status under the U.S. export control laws);
  • The research and development funding provided—both internal and external;
  • The international operations of both the target and the investor/purchaser, including agent, reseller, and distributor relationships; and
  • The involvement—whether direct or indirect—of any non-U.S. government agency.

With this as background, what common misconceptions exist when deciding whether to file a CFIUS notification? Among the most common statements, we have heard:

  1. "This deal is too small." The value of the deal is small or inconsequential to the investor or purchaser.
  2. "This is not high-tech stuff that the U.S. government worries about." A determination is made that because the transaction does not involve missiles, military equipment, rockets, or classified information, it is not of interest to the U.S. government.
  3. "If CFIUS cared about this kind of stuff, why have we done [X] other deals and not heard from the Committee?" In other words, since this is a voluntary process and we have not heard from CFIUS on any of the other consummated deals, why should we notify this deal?
  4. "It's only an investment, and the foreign investor/purchaser does not gain any rights until later." The rights the foreign purchaser gains are transitioned over time but are guaranteed as of the time the deal is executed.
  5. "There's nothing classified now, and the classified stuff ended a year ago or more." An assumption is made that because there are no current classified U.S. government contracts, there are no concerns.
  6. "What the non-U.S. purchaser or investor does in other countries should not be of concern to CFIUS because it's not a direct U.S. transaction." If the non-U.S. purchaser or investor is not directly selling or servicing in countries of concern through any of its U.S. facilities, then CFIUS should not be concerned about the non-U.S. activities.
  7. "Even if the target or seller supplies the U.S. government or exports, it's all EAR99." Generally on the basis of representations by the target or seller, the non-U.S. purchaser or investor concludes that there are no U.S. national security interests because of how the target or seller treats its products, technology, or services for export purposes.
  8. "This is just an asset deal." The deal is structured as an asset purchase, but additional factors cause the transaction to be within the jurisdiction of CFIUS.

Other misconceptions may exist, but for purposes of this Commentary, we examine these eight statements under FINSA and the CFIUS regulations to outline issues to consider when analyzing whether to make a CFIUS filing.

  1. "This deal is too small." Some believe that the value of a transaction is a determinative factor on whether to file a CFIUS notification. Neither FINSA nor the CFIUS regulations, however, limit notifications on the basis of dollar value. Unlike Hart-Scott-Rodino filings or other antitrust considerations, the actual dollar value invested or the purchase price alone are not driving factors. Elements of a deal that do affect any CFIUS assessment, however, include the nature of any national security or critical infrastructure concerns raised by the target's business and the rights the investor or purchaser obtains over that business as a result of the transaction. Ending the analysis of whether to file a CFIUS notification on the basis of the price paid for the investment would be incomplete at best and wrong at worst.
  2. "This is not high-tech stuff the U.S. government worries about." Parties previously predicated their assessment of whether to file a CFIUS notification, in part, on whether the U.S. business in question made weapons, tanks, military products, or classified items. Neither FINSA nor the CFIUS regulations, however, define "national security" so narrowly. Further, both FINSA and the revisions to the CFIUS regulations completed in 2008 expanded the areas of interest to the United States to include "critical infrastructure," which includes not only classic defense or military items but also telecommunications, energy, financial, and other systems upon which the United States relies for its day-to-day operations. With such a broad definition, a potential investment by a non-U.S. person in the smart grid structure of the United States or in any investments in the U.S. financial industry that would result in foreign control could be of interest to CFIUS. Concluding that a CFIUS notification is neither required nor beneficial based on the fact that the U.S. target or seller does not make military items or weapons would be incomplete. 
  3. "If CFIUS cares about this stuff, why have we done [X] deals and not heard from the Committee?" Simply because parties have not notified CFIUS of past deals or CFIUS has not reached out to request a filing does not mean that the deal is not of interest to CFIUS and/or does not implicate U.S. national security or critical infrastructure concerns. 
  • First, the Committee has limited resources and relies on the parties to a transaction to file notices in appropriate circumstances.
  • Second, CFIUS does not have access to nonpublic information that could bring transactions to its attention. For example, the Committee reviews press releases, Securities and Exchange Commission filings, and other public notifications and government filings to understand what transactions have occurred or are in process. But a transaction or investment consummated between two private parties for which no press releases or other announcements exist would not necessarily come to the Committee's attention.
  • Third, within the U.S. government, not all agencies share information with CFIUS. For example, when non-U.S. purchasers or investors acquire U.S. entities or organizations, notifications regarding export license transfers may be filed with the Departments of Commerce and State. Both agencies are members of CFIUS, but whether each agency notifies Treasury is unclear. An exception to this is the Defense Security Service ("DSS"), which must receive notifications of any transactions by foreign parties of any U.S. organization or entity that holds facility clearances, maintains classified contracts, or manages personnel clearances. This is so that DSS can ensure that the parties to the transaction have properly mitigated any foreign ownership, control, or influence ("FOCI") that might jeopardize the relevant clearances. DSS is an organization within the Department of Defense ("DOD"), a member of CFIUS. Under a 2014 DOD interim rule, DSS is required to update CFIUS on the status of FOCI mitigation and provide certain information to the committee regarding classification status.

It is not helpful, therefore, to a determination of whether to file a CFIUS notification to focus on whether prior filings were made or whether CFIUS reached out to purchasers or investors in the past. 

  1.  "It's only an investment, and the foreign investor/purchaser does not gain any rights until later." Some transactions or investments reflect a long-term commitment in the target or entity by a foreign purchaser. Long-term commitments may be included in transaction documents that identify a current investment position and subsequent investment positions over time. For example, a non-U.S. purchaser may invest $100 million in a U.S. target and receive a 9.8 percent ownership interest and no board seat. Annex A to the investment documents, however, notes that for that $100 million investment, ownership increases each year for the next five years as long as certain targets are met—targets established in advance by a second Annex to the agreement. At the end of the five-year period, the investment documents state that the non-U.S. purchaser will own 59 percent of the U.S. target.

Depending upon one's perspective, some parties may decide that the transaction results in ownership of 10 percent or less, while others would look at the overall transaction and find that the $100 million investment buys a 59 percent ownership stake in the U.S. target. In one circumstance, no filing will be made due to an exemption in the CFIUS regulations, and in another circumstance, a filing could be deemed prudent. The definition of "covered transaction" does not include a temporal limitation—i.e., the regulations do not indicate that a covered transaction is defined solely at the point in time when the filing is made. In fact, the examples in the CFIUS regulations say the opposite. A careful analysis would be needed to determine whether the "slice-in-time" approach to defining the transaction for CFIUS purposes would be viewed as a potential circumvention of the CFIUS regulations.

  1. "There's nothing classified now, and the classified stuff ended a few years ago." The CFIUS regulations request that any filings include a complete listing of any classified contracts or subcontracts completed or handled in the five years prior to the notification. Although the language of the regulations and published guidance appear clear, instances exist where parties may decide not to make a CFIUS filing because the classified work has ended. CFIUS notifications are voluntary, but a determination that the U.S. government would not be interested in a transaction involving the purchase by a foreign party of an organization or target that held classified contracts or subcontracts completed within the last five years, would not appear to comport with the intentions of the statute or the regulations. 

One of the quintessential national security concerns for the United States is improper access to classified information. By its nature, classified information or contracts are considered important, if not critical, to U.S. national security interests. That importance, and the concomitant damage that would arise to U.S. national security interests if the information is released improperly, forms the foundation for the security classification. This is especially true regarding potential release to foreign interests, which is why DSS requires a separate procedure for foreign investments in entities holding security clearances. This procedure is designed to prevent foreign access to classified material. The government recognizes the parallel nature and goals of these reviews and requires coordination between DSS and CFIUS. This certainly suggests, however, that a company that has been in a business requiring classified access in the past likely continues to involve national security issues.

Although at least three levels of classified information exist, each bears directly on U.S. national security interests. It would appear, therefore, that a purchase or investment in a U.S. target or organization that holds or has held classified contracts or subcontracts would be the exact type of transaction that CFIUS would expect to review.

  1. "What the non-U.S. purchaser or investor does in other countries should not be of concern to CFIUS because it's not a direct U.S. transaction." Foreign governments and foreign companies have always bristled at the extraterritorial application of U.S. laws and regulations. These concerns have most frequently appeared in the antitrust and export arenas and have been long-standing complaints of both U.S. allies and U.S. foes. In the CFIUS context, this issue arises when a foreign purchaser or investor seeks to buy a U.S. business and the foreign party conducts business with countries of concern to the United States.

Some argue that the purchase of a U.S. business (whether an organization or asset) by a foreign party should be reviewed in light of what the foreign party intends to do with the U.S. business and not in light of what type of business the foreign party conducts outside the United States. From a CFIUS perspective, however, the ability of a foreign party to purchase a U.S. business or asset and to determine how those assets will be used or that business will be conducted could result in transfers to those countries of concern simply because the foreign party already transacts with those countries. Absent restrictions in the purchase or investment documents, or other self-implementing limitations of law or regulation, CFIUS would not be incorrect in assuming that the purchase or investment could allow the investor to transfer assets or technologies to countries of concern to the United States. Such follow-on or subsequent transfers could result in harm to U.S. national security.

Any CFIUS assessment, therefore, that does not examine the manner in which the foreign purchaser conducts its international activities and how that compares to the interest reflected in U.S. laws would be incomplete. 

  1. "Even if the target or seller supplies the U.S. government or exports, it's all EAR99." These statements are not always well-researched or well-supported. In some instances, a U.S. target may be unsophisticated and believe that all of its activities are not subject to export regulations. Some targets are more sophisticated but have obtained inconsistent or inaccurate advice from counsel or consultants. Other targets have decided not to review their activities and simply base their conclusions on whatever remains most expedient for maximizing business and share value. And others simply make mistakes, a not uncommon situation even for the most informed, given the complexity of the export laws not only within the United States but abroad. The likelihood of errors, therefore, is high.

From a CFIUS perspective, the export classification and licensing of products, technology, and services is directly relevant to a national security assessment. First, the CFIUS regulations specifically request details of export classifications and licensing related to the target for at least the Departments of State, Commerce, and Energy. Second, in some circumstances, if a foreign purchaser or investor acquires a U.S. business that is subject to the Department of State regulations (the International Traffic in Arms Regulations), licenses that were in the target business's asset base may not be able to transfer. Third, a misclassification of products, technology, or services could result in the transfer of these items to parties or countries with which the U.S. government has serious concerns. Fourth, a purchaser may not have been approved as an end user on an export license, but that same purchaser could buy the entire asset and thereby obtain the items or technologies that could not be exported to them under U.S. export laws. The purchase, therefore, circumvents the export denials and potentially adversely affects U.S. national security interests. A CFIUS filing will bring these issues to light.

A CFIUS assessment, therefore, solely on the basis of representations made by a target concerning the export classification and licensing of the target's products, technology, or services, would be equally incomplete. A decision not to file a CFIUS notification on the basis of these representations may not be considered reasonable should CFIUS "request" a submission.

  1. "This is just an asset deal." For a variety of reasons, including efforts to minimize the potential for successor liability, corporate transactions sometimes are structured as asset purchases. In such cases, parties may think that the transactions are not within the jurisdiction of CFIUS because a foreign person is not acquiring a U.S. business. Take, for example, the acquisition of a building adjacent to a sensitive military facility in the United States. Deals often involve more than just the building, including leases for current tenants, etc. Those additional aspects of the transaction cause the "asset" to look and feel more like a "business." In addition, those assets may have characteristics important for CFIUS review—such as access or proximity to sensitive U.S. facilities. In those cases, deciding not to make a CFIUS filing on the basis that the transaction is an asset deal would not be prudent.

As noted at the outset, FINSA and the CFIUS regulations expanded the areas of concern for the U.S. government. As a result, although the process remains voluntary, the analysis needed to make an informed decision on whether to file a notification should be conducted for every transaction.