Congress has moved closer to expanding the jurisdiction and powers of the Committee on Foreign Investment in the United States (CFIUS), the U.S. interagency committee that conducts national security reviews of foreign investment. The Foreign Investment Risk Review Modernization Act (FIRRMA), which will involve a lengthy rulemaking process, could be signed by President Trump as soon as next week.

A priority of the 115th Congress has been to reform CFIUS's review process for foreign direct investment in the United States, and in 2017, the House and Senate introduced competing versions of FIRRMA. The House and Senate later incorporated FIRRMA into their versions of the National Defense Authorization Act (NDAA) for Fiscal Year 2019. The House and Senate reconciled their versions of FIRMMA during the NDAA Conference and released the agreed upon Conference Report language on 23 July 2018. The House passed the Conference Report on 26 July 2018, and we expect the Senate to follow suit next week. The bill will likely reach President Trump's desk by mid-August or sooner. The White House has voiced support for the reconciled bill.

FIRRMA, driven by concerns of China's acquisition of advanced U.S. technologies, will result in the most significant reform to CFIUS in over a decade. Once implemented through regulations, the changes would expand the kinds of transactions subject to CFIUS review, place greater scrutiny on inbound investments and outbound transfers of critical and emerging technologies, and make CFIUS filings mandatory for certain transactions.

FIRRMA's key amendments to the Defense Production Act (DPA), which provides the underlying legal authority for CFIUS, include the following:

1. Covered transactions

Current law: CFIUS can review any transaction that could result in "control" of a U.S. business by a foreign person. "Control" of a U.S. business is broadly defined as the power to "determine, direct, or decide important matters affecting an entity." 31 C.F.R. 800.204(a).

New changes: FIRRMA expands the definition of a "covered transaction" to include:

  • certain non-controlling investments by a foreign person in a U.S. business that produces critical technologies, is involved in critical infrastructure, or maintains sensitive personal data that, if compromised, could imperil national security;
  • certain changes in a foreign investor's existing rights with respect to a U.S. business;
  • the purchase or lease by, or a concession to, a foreign person of certain real estate in close proximity to air or maritime ports, military installations, or other sensitive national security facilities; and
  • any other transaction, transfer, agreement, or arrangement that is designed or intended to circumvent or evade CFIUS jurisdiction.

Significance: FIRRMA explicitly expands coverage to many non-controlling investments that are arguably within the scope of current law. The expansion of CFIUS jurisdiction to cover transactions involving investment in U.S. businesses that hold sensitive personal data is in keeping with CFIUS's recent emphasis on scrutinizing such transactions. We expect increased scrutiny of a variety of transactions including in the health care, insurance, financial, and consumer/retail industries. FIRRMA also grants CFIUS the authority to conduct new reviews of investment in a U.S. company if a foreign person's rights change such that the foreign person acquires control of the business.

2. Passive investments

Current law: CFIUS regulations exclude from CFIUS's review foreign investments in which the foreign person holds 10 percent or less of the outstanding voting interest in the U.S. business if the investment is "solely for the purpose of passive investment." 31 C.F.R. 800.302(b).

New changes: The Conference Report, by implication, describes certain passive foreign investments that would not fall within CFIUS's jurisdiction.

Significance: The Conference Report does not define passive investments, but it sets forth specific criteria for determining whether certain foreign investments, including ones made through investment funds, are subject to CFIUS's review. (Stay tuned for our forthcoming client alert on how FIRRMA will affect the private equity world.)

3. Export controls on emerging and foundational technologies

Current law: The U.S. Department of Commerce administers the Export Administration Regulations, which control the export and re-export of dual-use (i.e., items having both civilian and military applications) and commercial technologies. The DPA does not govern technology transfers.

New changes: The original versions of FIRRMA included a provision that would have expanded CFIUS's jurisdiction to cover certain technology transfers to foreign persons. Under the Export Control Reform Act of the NDAA, this provision was transformed into an enhanced export control regime for "emerging and foundational technologies" to be identified by a White House-led interagency process. The legislative history reveals that Congress intends this regime to enable the regulation of emergent technologies, such as artificial intelligence and robotics. The associated export licensing regime permits the Commerce Department to consider national security threat information supplied by the Director of National Intelligence and to request from the applicant ownership information related to the foreign person involved in the export transaction.

Significance: The new "emerging and foundational technologies" export licensing regime is designed to enable the U.S. Government to quickly identify and control sensitive and innovative U.S. technologies, possibly restricting U.S. companies' outbound transfers of certain technologies that the interagency committee deems important for commercial and economic security. Given the discretion granted to the executive branch to define and control the transfer of "emerging and foundational technologies," the legislation is also a leap into the unknown regarding new restrictions on the ability of U.S. companies to transfer key technologies to overseas joint ventures or through licensing agreements with foreign customers and business partners. Because this export licensing regime could hit certain industries harder than others, it will be important for companies to track and submit comments on the administration's efforts to identify and control the export of these technologies. Emerging technologies whose links to U.S. national security the administration and Congress previously have highlighted include the semiconductor, robotics, artificial intelligence, nanotechnology, and biotechnology sectors, among others.

4. Exemptions for allied countries removed

Current law: CFIUS has jurisdiction over all covered transactions, regardless of the nationality of the foreign investors.

Proposed changes: The Conference Report removed a provision in the Senate's version of FIRRMA that empowered CFIUS to create a "whitelist" for allied countries in order to exempt from CFIUS jurisdiction certain allied country investments.

Significance: Had the Senate bill's "whitelist" provision been included in the Conference Report, it would have provided significant regulatory relief to many allied country investors. As a result of the removal, the Conference Report maintains the status quo for allied country investors from NATO, Japan, South Korea, etc., many of whose transactions would likely have been exempted under the Senate-passed version of the bill.

5. From voluntary to mandatory (in some circumstances)

Current law: The DPA does not mandate that parties with covered transactions file with CFIUS, although CFIUS may request that the parties file or may review covered transactions on its own.

Proposed changes: FIRRMA mandates the filing of "declarations" (as distinct from notices) for certain transactions with foreign government backing. Under FIRRMA, CFIUS also has authority to promulgate regulations identifying further types of transactions subject to the mandatory declaration requirement. These mandatory declarations would be limited to five pages, and CFIUS would have 30 days to decide whether to clear the transaction, request that the parties file a full notice, or conduct its own review.

Significance: The mandatory declarations, with their linkage to foreign investors in which foreign governments have a "substantial interest," are also aimed squarely at Chinese investors, especially Chinese state-owned enterprises, among others. Many Chinese companies, including publicly traded ones, have Chinese government shareholders. In the past, foreign investors always had the option of foregoing a CFIUS filing, but under FIRRMA, that option will no longer be available for certain foreign investments.

6. Adjusted review timeline

Current law: CFIUS reviews transactions in two stages an initial 30-day review period, which is followed by a 45-day investigation period if warranted. CFIUS increasingly has advised parties to withdraw and refile notices when a review cannot be completed in the combined 75-day period.

Proposed changes: FIRRMA makes the following adjustments to the CFIUS review timeline:

  • extends the initial CFIUS review period to 45 days; and
  • authorizes CFIUS to extend the 45-day investigation period by 15 days in the event of "extraordinary circumstances," as defined by CFIUS in regulations.

Significance: Once enacted, FIRRMA will extend the combined review and investigation period from 75 to 90 days, and potentially to 105 days in the event of "extraordinary circumstances." In some cases, the extended timeline might enable CFIUS to complete its review in one cycle; in other cases, parties that have to withdraw and refile will be forced to endure a longer review period.

7. Authority to suspend transactions during review

Current law: The president has the sole power to suspend or prohibit a covered transaction. For transactions that CFIUS determines will compromise U.S. national security, it recommends that the president block the transaction.

Proposed changes: Under FIRRMA, CFIUS has the authority to suspend a proposed or pending covered transaction that may pose a risk to the U.S. national security while the transaction is under review or investigation.

Significance: If CFIUS believes that a covered transaction poses a grave threat to U.S. national security, it now can suspend the transaction without having to refer the matter to the president.