Following completion of the Trilogue process, the three main EU institutions have agreed on a compromise for a new Regulation that gives the EU a largely procedural and coordinating function in connection with foreign direct investment reviews conducted by EU Member States.

In September 2017 the European Commission ("Commission") had initially presented a proposal for a EU Regulation establishing a mechanism for a European screening of foreign direct investments (FDI) (see our previous Client Alert). This proposal was a response to increased foreign direct investments into European technology and infrastructure assets, in particular, from the People's Republic of China. After more than a year of negotiations, on 6 December 2018, the Commission, the European Parliament and the Council of the European Union (Trilogue) reached agreement on the final text for the new FDI Regulation ("Regulation") that will be formally adopted in early 2019. The first and final reading in the European Parliament is scheduled for 11 February 2019. The new EU framework will likely enter into force in May 2019 and will be fully applicable 18 months thereafter, i.e., in November 2020.

Framework for FDI reviews in Europe

As of today, only 13 out of 28 Member States1 have national security review mechanisms in place, differing widely in scope (e.g., review of intra- or extra-EU FDI, differing screening thresholds, breadth of sector coverage), process (e.g., pre-authorization vs. ex post screening of FDI), review timetables and enforcement. This illustrates the lack of harmonization in national security reviews within the EU, and has cast doubts on the EU's decentralized and fragmented system's ability to monitor FDI effectively, and to respond appropriately to perceived threats in an increasingly protectionist environment. Most recently, Germany and France broadened and strengthened their FDI review competences and the UK proposed a new investment screening law package. The latest CFIUS reform in the United States also shows the tendency to scrutinize foreign investments more closely.

Importantly, the proposed EU-Regulation falls short of delegating any veto or enforcement rights to the EU, which means that Member States will remain in the "driver’s seat" for FDI controls. There is also still no obligation for Member States to implement a national FDI review process. However, the Regulation introduces a coordinating mechanism whereby the Commission may issue non-binding opinions on FDI reviews performed in a Member State. Moreover, "non-reviewing" Member States may provide comments to the "reviewing" Member States. The practical impact will therefore be largely procedural, leading to more red tape, longer review processes and more "players" getting involved in investments by non EU-investors. The final "say" in relation to any FDI undergoing screening or any related measure remains the sole responsibility of the Member States conducting reviews pursuant to their national FDI screening procedures.

The new EU framework for FDI reviews

Review Criteria

The Regulation stipulates that investment reviews, where applicable, should revolve around the baseline substantive criteria of "security and public order" only. While these terms stem from the EU treaties, the European Court of Justice has clarified their meaning and the pertinent criteria only at a high level, with a substantial degree of discretion left to Member States as regards the terms' application. The Regulation now specifies certain factors that the Member States or the Commission may take into consideration in determining whether a foreign investment is likely to affect security or public order. More specifically, it provides a non-binding and non-exhaustive list of sector-specific assets and technologies with regard to which FDI may be problematic, and certain other critical effects FDI may have, including, inter alia:

  • critical infrastructure, whether physical or virtual, including energy, transport, water, health, communications, media, data processing or storage, aerospace, defense, electoral or financial infrastructure, as well as sensitive facilities and investments in land and real estate, crucial for the use of such infrastructure;
  • critical technologies and dual-use items as defined in Article 2.1 of Regulation (EC) No 428/2009, including artificial intelligence, robotics, semiconductors, cybersecurity, quantum technology, aerospace, defense, energy storage, nuclear technologies, nanotechnologies and biotechnologies;
  • supply of critical inputs, including energy or raw materials, as well as food security;
  • access to sensitive information, including personal data, or the ability to control such information; and
  • the freedom and pluralism of the media.

The Member States may also consider in their "threat assessment" whether a foreign government (including state bodies or armed forces) directly or indirectly – e.g., through ownership structures or "significant funding" – controls the acquirer (Article 4(2)(a)). This additional criterion is a response to the increased volume of investments backed by state-owned enterprises and state-supported funding, in particular from the PRC.

The Regulation does not specify the legal effects of the above criteria, in particular given that Member States will not be legally required to build those into their respective FDI review rules. The main effect is therefore likely to be that such criteria may be addressed by the Commission and / or other Member States as part of the new cooperation mechanism, and may be given due consideration by the reviewing Member States.

Cooperation Mechanism between the European Commission and Member States

One of the most significant changes to the existing national review mechanisms throughout the EU will be the new role of the Commission and of other Member States based on the cooperation mechanism under Art. 6 and 7. Member States will be required to inform the Commission and other Member States of any ongoing FDI review. The notification may include a list of other Member States whose security or public order is deemed likely to be affected.

Where the Commission considers that an FDI is likely to affect security or public order in more than one Member State or has additional relevant information in relation to that FDI, it may issue an opinion addressed to the reviewing Member State irrespective of whether other Member States have provided comments which they are entitled to do under the Regulation as well. If at least one third of the Member States consider that an FDI is likely to affect their security or public order, the Commission shall issue an opinion where justified. Any Member State may also request the Commission to issue an opinion if it duly considers that FDI is likely to affect its security or public order.

The same procedure will be implemented if an FDI is planned or completed in a Member State that is not conducting an FDI review, either because the relevant thresholds are not met or because it does not have an FDI regime. The Regulation implements the same rights for the other Member States and the Commission in those cases as well. This will be particularly relevant for holding company jurisdictions like Luxembourg and the Netherlands which have not adopted FDI review regimes at all. The FDI rules in other jurisdictions may still apply in case of indirect investments by operation of national laws if assets held in those jurisdictions fulfill the relevant asset tests or other criteria which allow those Member States to perform their own review.

Should the Commission qualify a transaction as likely to affect projects or programs with significant EU funding that are listed exhaustively in Annex 1 of the Regulation (e.g., Galileo, Copernicus, trans-European Networks, etc.), it may also issue an opinion.

The Member State in which the FDI screening takes place shall give due consideration to the other Member States' comments and to the Commission’s opinion, even though neither of these are binding. The ultimate decision on the clearance of a transaction rests solely with the reviewing Member State. It is not yet clear whether the opinion or comments provided by a Member States and the Commission may be disclosed to the parties of a transaction or even if they would be made aware that comments have been made or an opinion has been issued.

Confidentiality

The Regulation provides in Article 10 that Member States and the Commission shall ensure that classified information provided or exchanged under the Regulation is not downgraded or declassified without the originator's prior written consent. Recital 30 also links this confidentiality obligation with a series of instruments designed to ensure the security of the exchanges of information.2 However, it is still unclear who will determine the confidential nature of the information, once it has been circulated to the other Member States.

New Member State Reporting Obligations

Furthermore, the Regulation introduces annual reporting obligations for the Member States with respect to national security reviews on the basis of information made available to them. The final compromise on the Regulation extended the reporting obligation to requests received from other Member States pursuant to the cooperation mechanism described above. The intention of the new reporting obligation is to achieve a minimum degree of transparency in national review proceedings throughout the EU, as most Member States do not provide publicly available information on the domestic review processes or the decisions taken by the relevant authorities.

Timing implications for FDI

Given that Member States will be obliged to give the Commission's opinion and other Member States' comments due consideration, the duration for FDI national review procedures is likely to increase further.

The procedure depends on whether the FDI is reviewed at Member State level or not:

The Commission and other Member States have 15 calendar days upon notification from the recipient Member State to request additional information and indicate whether they wish to provide an opinion or comments, respectively. Any requests for additional information shall be duly justified and Member States have to notify the Commission in parallel of any request for information and replies. If a Member State indicates that it will provide comments, it will have 35 days from the date of the notification to do so. If additional information was requested, comments or opinions shall be issued no later than 20 calendar days following receipt of additional information. The Commission may issue an opinion following comments from other Member States where possible within the deadline of 35 calendar days and in any case no later than 5 calendar days after this deadline expires.

If a planned or completed FDI has not been reviewed by any Member State, and a Member State considers that the FDI is likely to affect its own security or its public order or it has relevant information about the investment, it may provide comments to the Member State where the FDI takes place or request information from that Member State. It may also request the Commission to issue an opinion. Once the requested information has been provided, the Member State asking for the information has 35 days to comment and the Commission has additional 15 days to issue an opinion.

As Member States shall give due consideration to the comments made by other Member States as well as the Commission's opinion, they will be reluctant to issue their final decision before the EU cooperation process has been completed. While there is no formal "stop-the-clock" requirement, there is considerable risk that this may substantially delay the national review processes.

Another controversial element of the Regulation will be that Art. 7 para. 8 allows Members States and the Commission to provide comments and/or issue an opinion up to 15 months after the FDI has been completed if an FDI did not undergo any screening. That said, the Regulation does not provide for a legal basis to challenge a transaction post completion.

Takeaways and Outlook

The new role of the Commission and the other Member States will add another layer of complexity to the review process and is a testimony to the increasing significance of national security reviews in the field of international M&A. While the Regulation falls short of granting any veto rights to the Commission and – by and large – is an instrument of "soft law", it adds substantial complexity and uncertainty to security reviews performed at Member State level. It will also put additional pressure on Members States to consider a broader range of security interests, which is likely to facilitate "lobbying efforts" from other stakeholders taking interest in a transaction.

It remains to be seen whether the new Regulation is an interim or a more definitive step in the course of harmonizing European investment controls.