Political risk ranks among the worst nightmares of international investors. Expropriation, nationalization, and other acts by host governments that deprive investors of rights of ownership and control are rare in the major industrial economies, but are not unheard of. In the United States unsettling tales about forced divestiture or the imposition of onerous terms that radically alter the business case for an investment after the fact on national security grounds occur rarely, but when they do, it could prove disastrous.

In this Q&A, CFIUS and Export Control Lawyer Brandt Pasco discusses the framework for national security reviews of foreign direct investment and provides valuable information on Committee on Foreign Investment in the US (CFIUS) trends — both a must for any foreign investor in the US.

Q. What is the current US policy on open investment and national treatment for foreign direct investment?

A. The long standing policy is one of broad support. Under international law, the US has undertaken to provide national treatment to foreign investors — with certain caveats. Article 3 of the OECD Codes of Liberalization provides that member states may withhold national treatment in the protection of their “essential security interests.” CFIUS’ role is to adjudicate these interests.

But there are numerous examples where the US may deny national treatment without relying on the Article 3 exception. Under the OECD Codes, countries may lodge a reservation, excluding certain industries from national treatment requirements. The US has lodged several such reservations, and may limit national treatment of foreign investment in various industries, including fishing, mining, oil and gas extraction, atomic energy, banking, air transport, maritime transport, broadcast communications and telecommunications. CFIUS reviews investments in these industries as well.

Q. Couldn’t these exceptions or “caveats” cause suspicion on the part of foreign investors?

A. Whenever a transaction is withdrawn during or after CFIUS review, or when CFIUS imposes a risk mitigation agreement on an investor, it always raises these concerns. It is easy to imagine that national security review of investments is just a cover for protectionist policies. But it simply isn’t true. Only in the rarest of instances does CFIUS close the door on foreign investment, and the bar for such a decision is high, involving lengthy debate at the highest levels of government, including the President.

Q. What does CFIUS want to see?

A. Getting actionable guidance from CFIUS has not historically been a simple matter. When assessing a transaction all issues are looked at in terms of “who” is the acquirer, and “what” is being acquired. With respect to “who,” it discloses no secrets to state that the government is more concerned about the activities of some countries and entities than others. But I’ll focus more here on “what” is being acquired, and how the government assesses the potential for harm associated with the acquired business. One or more CFIUS agencies will be interested in cases that involve: (1) Mandatory Reviews, (2) Classified Information, (3) Critical Technologies, (4) Inherently Dangerous or Sensitive Economic Activity, (5) Sensitive Government Contracts and (6) Critical Infrastructure. Although this list may appear to be generally rank ordered from highest to lowest levels of national security interest, CFIUS risk mitigation measures will actually likely be attracted to it in inverse order.

“It is easy to imagine that national security review of investments is just a cover for protectionist policies. But it simply isn’t true.”

Q. Starting at the top, what types of matters fall into the “Mandatory Review” category?

A. Acquisitions by entities controlled by a foreign government of US businesses performing as a prime contractor under Department of Defense or certain Department of Energy contracts with an aggregate value in excess of $500 million, or under a national security program that requires access to a proscribed category of classified information. Proscribed information includes all information classified above Secret and other discreet categories of classified information: Top Secret, Communications Security (COMSEC), Restricted Data, Special Access Programs and Sensitive Compartmented Information.

Q. What types of things are considered “Critical Technologies?”

A. Most export controlled items, such as US Munitions List defense articles, and most Commerce Control List items. Specific attention is also called to technologies and materials relevant to nuclear energy and biological warfare.

Q. What about “Inherently Dangerous or Sensitive Economic Activity?”

A. These are typically activities that are licensed or otherwise regulated. Some that have been of interest to CFIUS in the past include the operation of earth imaging satellites licensed by National Oceanic and Atmospheric Administration of the Department of Commerce, the shipping of hazardous materials, licensed by the Department of Transportation, and industrial operations involving toxic chemicals, involving regulation by the Department of Homeland Security or the Environmental Protection Agency.

“It discloses no secrets to state that the government is more concerned about the activities of some countries and entities than others.”

Q. Can you provide some examples of “Sensitive Government Contracts?”

A. This includes contracts with US government agencies or components with national defense, homeland security, or other national security responsibilities, including law enforcement responsibility as it relates to defense, homeland security or national security.

Q. What does “Critical Infrastructure” entail?

A. Critical infrastructure, in the context of a particular covered transaction, is “a system or asset, whether physical or virtual, that is so vital to the United States that the incapacity or destruction of the particular system or asset of the entity over which control is acquired pursuant to that covered transaction would have a debilitating impact on national security.” But it is very hard for an outside observer to discern how the definition of critical infrastructure is actually applied by agencies in practice. The lack of information required in the CFIUS filing regarding critical infrastructure frequently trips up lawyers practicing before CFIUS simply because the issue is not on their radar screen. But because critical infrastructure is the most common basis for the government to seek a risk mitigation measure, failure on the part of filers to identify critical infrastructure issues up-front and deal with them in a proactive way with the relevant agencies can cause a seemingly routine case to hit the wall, with no reasons given for the problem until the case blows past the 30-day review and is thrown into a 45-day investigation with mitigation measures looming. Not where you want to find yourself.

“Because critical infrastructure is the most common basis for the government to seek a risk mitigation measure, failure to identify critical infrastructure issues up-front and deal with them in a proactive way can cause a seemingly routine case to hit the wall.”

Q. In closing, can you provide some recommendations for people who may find themselves facing CFIUS review?

A. Find someone who knows all of the CFIUS agencies who will be the players in your particular transaction, who will be proactive about outreach (and not wait until questions and concerns filter back from the Treasury Department), who has relationships with the key people (and this includes staff, not just high-ranking Executive Branch officials), and who will understand the nature of any critical infrastructure in an acquisition.

This article originally appeared in Mergers & Acquisitions on September 24, 2012.