Mergers, acquisitions, divestitures, joint ventures, and other forms of investment have continued apace in the defense and high-tech industries for the last 20 years. During that time, the concept of national security and its tie to economic security has been confirmed, and that tie has been reflected, in part, through the Exon-Florio Amendments of 1988 ("Exon-Florio") and the updates to that legislation in 2007 through the Foreign Investment and National Security Act ("FINSA"). Exon-Florio and FINSA enhanced the authority of the Committee on Foreign Investment in the United States ("CFIUS" or "the Committee"), an executive branch organization originally formed to opine on the impact of certain economic activity on U.S. national security interests.
CFIUS, chaired by the Department of the Treasury, administers the CFIUS regulations, 31 CFR part 800, and comprises 15 executive agencies, as well as a number of consultative agencies that review transactions when appropriate. The CFIUS regulations describe a voluntary process through which economic or financial activities that are considered "covered transactions" are notified to the Committee for approval and/or clearance with conditions. In addition to the voluntary process, CFIUS may also reach out to transaction participants and "request" a submission in conformity with the regulations. Although a "request," the Committee believes it has subpoena authority and that it may require a filing if a submission is not made. In the alternative, if CFIUS does not exercise its perceived subpoena authority and no filing is made, the Committee could nonetheless review the transaction on the basis of information it collects from whatever sources are available. That review, whether based on the participation of the parties to the transaction or not, may affect the transaction.
As a long-established process, CFIUS has extensive experience in analyzing transactions and in determining, through an interagency review process, the impact of any activity on U.S. national security interests. In 2007, however, Congress broadened the authority of the Committee and expanded the areas in which "national security" issues may arise. Based on this expansion and the approach CFIUS has taken to reviewing transactions within the last few years, several misconceptions exist that would benefit from clarification. This Commentary outlines some, but not all, of the misconceptions and provides perspective when addressing whether to submit a CFIUS notification or wait for a reaction from the Committee.
Background: CFIUS Advice as Part of M&A Transaction Analysis
Transactional counsel advise clients on a range of financial, regulatory, and compliance requirements as part of any deal. The advice or approach that applies to most aspects of a transaction—e.g., antitrust filings, intellectual property assessments, litigation risks, employment issues, and environmental matters, among others—does not necessarily nor directly translate into how to address the national security aspects of a transaction. To ensure that deals progress smoothly and that little, if any, interruptions occur, it is essential to analyze the benefits of a CFIUS filing at the same time that other legal risk areas of a transaction are assessed. The CFIUS analyses that should be performed include, but are not limited, to:
- The structure of the deal;
- The assets involved;
- The contracts—both government (federal, state, and local) and commercial;
- The products, technology, and services provided;
- The export compliance posture of both the target and the investor/purchaser;
- The research and development funding provided—both internal and external;
- The international operations of both the target and the investor/purchaser, including agent, reseller, and distributor relationships; and
- The involvement—whether direct or indirect—of any non-U.S. government agency.
With this as background, what common misconceptions exist when deciding whether to file a CFIUS notification or not? Among the most common statements, we have heard:
- "This deal is too small." The value of the deal is small or inconsequential to the investor or purchaser.
- "This is not high-tech stuff that the U.S. government worries about." A determination is made that because the transaction does not involve missiles, military equipment, rockets, or classified information, it is not of interest to the U.S. government.
- "If CFIUS cared about this kind of stuff, why have we done [X] other deals and not heard from the Committee?" In other words, since this is a voluntary process and we have not heard from CFIUS on any of the other consummated deals, why should we notify this deal?
- "It's only an investment and the foreign investor/purchaser does not gain any rights until later." The rights the foreign purchaser gains are transitioned over time but are guaranteed as of the time the deal is executed.
- "There's nothing classified now and the classified stuff ended a year ago or more." An assumption is made that because there are no current classified U.S. government contracts, there are no concerns.
- "What the non-U.S. purchaser or investor does in other countries should not be of concern to CFIUS because it's not a direct U.S. transaction." If the non-U.S. purchaser or investor is not directly selling or servicing in countries of concern through any of its U.S. facilities, then CFIUS should not be concerned about the non-U.S. activities.
- "Even if the target or seller supplies the U.S. government or exports, it's all EAR99 or NLR." Generally on the basis of representations by the target or seller, the non-U.S. purchaser or investor concludes that there are no U.S. national security interests because of how the target or seller treats its products, technology, or services for export purposes.
Other issues exist, but for purposes of this Commentary, we examine these seven statements under FINSA and the CFIUS regulations to outline where misconceptions exist and why submitting a notification to the Committee would be beneficial to any transaction.
- "This deal is too small." Some believe that the value of a transaction is a determinative factor on whether to file a CFIUS notification. Neither FINSA nor the CFIUS regulations, however, limit notifications on the basis of dollar value. Unlike Hart-Scott-Rodino filings or other antitrust considerations, the actual dollar value invested or the purchase price alone are not driving factors. Elements of a deal that do affect any CFIUS assessment, however, include the rights the investor or purchaser obtains for the monies provided, the number of management or board seats allocated post-closing, the value of the intellectual property portfolio, and the technology transfer rights the purchaser/investor obtains post-closing. Ending the analysis of whether to file a CFIUS notification on the basis of the price paid for the investment would be incomplete at best and wrong at worst.
- "This is not high-tech stuff the U.S. government worries about." Since 1988 (and perhaps earlier), transaction participants, including deal counsel, predicated their assessment of whether to file a CFIUS notification, in part, on whether the U.S. entity or organization being bought was involved in military deals or made weapons, tanks, military products, or classified items. Counsel and transaction participants viewed voluntarily reportable deals as subject to CFIUS if these types of products or technologies were involved because they considered "national security" to require either military involvement or weapons and weapons-related items.
Neither FINSA nor the CFIUS regulations, however, define "national security" or "covered transactions" so narrowly. Both FINSA and the revisions to the CFIUS regulations completed in 2008 expanded the areas of interest to the U.S. to include "critical infrastructure," which includes not only classic defense or military items but telecommunications, energy, financial, and other systems upon which the United States relies for its day-to-day operations. With such a broad definition, the potential investment by a non-U.S. person in the smart grid structure of the United States or in any investments in the financial community that would result in non-U.S. operation, ownership, or control of the organization, could be considered part of a critical infrastructure. As with the dollar-value analysis, concluding that a CFIUS notification is neither required nor beneficial based on the fact that the U.S. target or seller does not make military items or weapons would be equally incomplete.
- "If CFIUS cares about this stuff, why have we done [X] deals and not heard from the Committee?" Simply because parties have not notified CFIUS of past deals or CFIUS has not reached out to request a filing does not mean that the deal is not of interest to CFIUS or implicates U.S. national security interests. This conclusion, however, finds no support in the fact that the government has not acted.
First, the Committee has limited resources and relies on the parties to a transaction to understand their legal obligations and to file where the elements of FINSA and the regulations are met.
Second, CFIUS does not have access to nonpublic information that could bring transactions to its attention. For example, recent statements by political appointees at Treasury indicate that the Committee now reviews press releases, Securities and Exchange Commission filings, other public notifications, and other government filings to understand what transactions have occurred or are in process. But a transaction or investment consummated between two private parties for which no press releases or other announcements exist would not necessarily come to the Committee's attention.
Third, within the U.S. government, not all agencies share information with CFIUS, although more than 14 agencies are members of the Committee. For example, when non-U.S. purchasers or investors acquire U.S. entities or organizations, notifications regarding export license transfers must be filed with the Departments of Commerce and State. Both agencies are members of CFIUS, but whether each agency notifies Treasury as CFIUS chair of the export license transfers is unclear. The same applies to the Defense Security Service ("DSS"), which should receive notifications of any transactions by foreign parties of any U.S. organization or entity that holds facility clearances, maintains classified contracts, or manages personnel clearances. DSS is an organization within the Department of Defense, a member of CFIUS. Whether DSS notifies the Department of Defense representative to the Committee so that that representative may notify the CFIUS chair is unclear.
It is therefore not helpful to a determination of whether to file a CFIUS notification to focus on whether prior filings were made or whether CFIUS reached out to purchasers or investors in the past.
- "It's only an investment and the foreign investor/purchaser does not gain any rights until later." Some transactions or investments reflect a long-term commitment by a foreign purchaser in the target or entity. Long-term commitments may be included in transaction documents that identify a current investment position and subsequent investment positions over time. For example, a non-U.S. purchaser may invest $100 million in a U.S. target and receive a 9.8 percent ownership interest and one board seat. Annex A to the investment documents, however, notes that for that $100 million investment, ownership increases each year for the next five years as long as certain targets are met—targets established in advance by a second Annex to the agreement. At the end of the five-year period, the investment documents state that the non-U.S. purchaser will own 59 percent of the U.S. target.
Depending upon one's perspective, some parties may decide that the transaction results in ownership of 10 percent or less, while others would look at the overall transaction and find that the $100 million investment buys a 59 percent ownership stake in the U.S. target. In one circumstance, no filing may be made, and in another circumstance, a filing could be deemed prudent. The definition of "covered transaction" does not include a temporal limitation—i.e., the regulations do not indicate that a covered transaction is defined solely at the point in time when the filing is made. In fact, the examples in the CFIUS regulations say the opposite. A careful analysis would be needed to determine whether the "slice-in-time" approach to defining the transaction for CFIUS purposes would be viewed as a potential circumvention of the CFIUS regulations.
- "There's nothing classified now and the classified stuff ended a few years ago." The CFIUS regulations ask that any filings include a complete listing of any classified contracts or subcontracts completed or handled within the last five years of the notification. Although the language of the regulations and the guidance posted on the Treasury Department's CFIUS web site appear clear, instances exist where parties may decide that because the classified work has ended, a CFIUS notification would not be appropriate. CFIUS notifications are voluntary, but a determination that the U.S. government would not be interested in a transaction involving the purchase by a foreign party of an organization or target that held classified contracts or subcontracts completed within the last five years, would not appear to comport with the intentions of the statute or the regulations. One of the quintessential national security concerns for the United States is improper access to classified information. By its nature, classified information or contracts are considered important, if not critical, to U.S. national security interests. That importance, and the concomitant damage that would arise to U.S. national security interests if the information is released improperly, forms the foundation for the security classification. Although at least three levels of classified information exist, each bears directly on U.S. national security interests. It would appear, therefore, that a purchase or investment in a U.S. target or organization that holds or held classified contracts or subcontracts would be the exact type of transaction that CFIUS would expect to review.
As noted in item number 3 above, parties to a transaction would expect that DSS, or any agency with whom the classified contracts or subcontracts were performed, would be aware of the anticipated foreign purchase or investment. But potential purchasers wait to notify government agencies of transactions for any number of reasons including, but not limited to, insider trading concerns, SEC requirements, or competitive concerns. Therefore, DSS or other agencies may not know of the potential purchase, or the U.S. government agency that issued the classified contracts may know but not share the information regarding closed classified activities or entities for whom facility or personnel clearances have been terminated. Unless the U.S. party maintains active facility clearances, manages personnel clearances, or employs people with clearances whom others manage, the fact that a foreign party has purchased or invested in a U.S. entity that previously held classified contracts or subcontracts may not come to the U.S. government's attention.
- "What the non-U.S. purchaser or investor does in other countries should not be of concern to CFIUS because it's not a direct U.S. transaction." Foreign governments and foreign companies have always bristled at the extraterritorial application of U.S. laws and regulations. These concerns have most frequently appeared in the antitrust and export arenas and have been long-standing complaints of both U.S. allies and U.S. foes. In the CFIUS context, this issue arises when a foreign purchaser or investor seeks to buy a U.S. business and the foreign party conducts business with countries of concern to the United States.
Some argue that the purchase of a U.S. business (whether an organization or asset) by a foreign party should be reviewed in light of what the foreign party intends to do with the U.S. business and not in light of what type of business the foreign party conducts outside the United States. From a CFIUS perspective, however, the ability of a foreign party to purchase a U.S. business or asset and to determine how those assets will be used or that business will be conducted could result in transfers to those countries of concern simply because the foreign party already transacts with those countries. Absent restrictions in the purchase or investment documents, or other self-implementing limitations of law or regulation, CFIUS would not be incorrect in assuming that the purchase or investment could allow the investor to transfer assets or technologies to countries of concern to the U.S. Such follow-on or subsequent transfers could result in harm to U.S. national security.
Any CFIUS assessment, therefore, that does not examine the manner in which the foreign purchaser conducts its international activities and how that compares to the interest reflected in U.S. laws would be incomplete.
- "Even if the target or seller supplies the U.S. government or exports, it's all EAR99 or NLR." In line with item numbers 2 and 3 above, this statement is made in almost every transaction. Some aspect of the target's business is deemed to include EAR99 products or technology exported under the authority NLR or not subject to licensing or otherwise covered only by the Export Administration Regulations administered by the Department of Commerce. These statements, however, are not always well-researched or well-supported. In some instances, a U.S. target may be unsophisticated and believe that all of its activities are not subject to export regulations. Some targets are more sophisticated but have obtained inconsistent or inaccurate advice from either counsel or consultants. Other targets have decided not to review their activities and simply base their conclusions on whatever remains most expedient for maximizing business and share value. And others simply make mistakes, a not uncommon situation even for the most informed, given the complexity of the export laws not only within the United States but abroad. The likelihood of errors, therefore, is high.
Accepting the statements made regarding "EAR99" and "NLR" is fraught with risk. Some transaction counsel argue that deal documents include representations by the seller (and the purchaser) that the target (or seller) is in "full compliance with all U.S. laws and regulations." Other similar clauses note that the target "has obtained all licenses and permits to conduct its business." This language, however, is only as useful as the sophistication and knowledge of the target. If a target is unaware of the laws and regulations that apply to its business, then the representation that it is in compliance with all laws and regulations that apply to its business carries no substantive weight. Some counsel argue that clauses within deal documents that address material misrepresentations or false statements would apply to any inaccurate representations or certifications. But unless the deal can include an escrow to cover such inaccurate statements or other recourse if, after the deal closes, the purchaser or investor is pursued by the U.S. government for inaccuracies, the language does little to provide comfort. In instances where a foreign purchaser buys an entire business or merges completely with the target, the purchaser is responsible for all past and current violations. Escrows generally do not exist in public company deals, so "cleaning up" violations prior to deal closure is prudent. The same holds true for the purchaser obtaining mitigation through the CFIUS process.
From a CFIUS perspective, the export classification and licensing of products, technology and services is directly relevant to a national security assessment. First, the CFIUS regulations specifically request details of export classifications and licensing related to the target for at least the Departments of State, Commerce, and Energy. Second, in some circumstances, if a foreign purchaser or investor acquires a U.S. business that is subject to the Department of State regulations (the International Traffic in Arms Regulations), licenses that were in the target business' asset base may not be able to transfer. Third, a misclassification of products, technology, or services could result in the transfer of these items to parties or countries with which the U.S. government has serious concerns. Fourth, a purchaser may not have been approved as an end user on an export license but that same purchaser could buy the entire asset and thereby obtain the items or technologies that could not be exported to them under U.S. export laws. The purchase, therefore, circumvents the export denials and potentially adversely affects U.S. national security interests. A CFIUS filing will bring these issues to light.
A CFIUS assessment, therefore, solely on the basis of representations made by a target concerning the export classification and licensing of the target's products, technology, or services, would be equally incomplete. A decision not to file a CFIUS notification on the basis of these representations and any "rep" or "cert" language in transaction documents may not be considered reasonable should CFIUS "request" a submission.
As noted at the outset, FINSA and the CFIUS regulations expanded the areas of concern for the U.S. government, and although the process remains voluntary, the analysis needed to make an informed decision on whether to file a notification should be conducted for every transaction.