CFIUS and FIRRMA: National Security Review of Transactions June 2019
CFIUS And FIRRMA: National Security Review of Transactions June 2019
1. Introduction
In the last couple of months, the Committee on Foreign Investment in the United States (CFIUS), a US interagency, has effectively blocked several transactions involving Chinese companies and US entities, on grounds of national security.
In March 2019, Kunlun, a Chinese gaming company, was required to divest its 100% ownership of Grindr (a dating app), long after consummation of the deals in which Kunlun had purchased Grindr. In April 2019, CIFUS compelled iCarbonX, a Chinese
genome company, to divest of its majority ownership in HealthTell and PatientsLikeMe (again, after consummation of the deals); both of these US companies operate in the health care industry and handle sensitive health information.
These recent trends demonstrate the significance that the US government attaches to the storage of personally identifiable information as a potential national security concern, and its willingness to disturb, under certain circumstances, a foreign
investment transaction on grounds of ‘national security’ even after consummation of a deal.
Accordingly, this client alert reviews the instances when certain transactions may be susceptible to bans, suspensions, and qualifications by the US government.
2. Background
CFIUS is an interagency comprised of nine Cabinet members, who assist the President in reviewing the national security aspects of foreign direct investment in the US economy.
CFIUS is mandated to evaluate whether and to what degree ‘any merger, acquisition, or takeover … by or with any foreign person that could result in foreign control of any person engaged in interstate commerce in the United States’ could impact US national
CFIUS is mandated to evaluate whether and to what degree ‘any merger, acquisition, or takeover … by or with any foreign person that could result in foreign control of any person engaged in interstate commerce in the United States’ could impact US national
security. At the advice of CFIUS, the President of the US may ‘suspend or prohibit any covered transaction when, in the President’s judgment, there is credible evidence to believe that the foreign person exercising control over a US business might take action
that threatens to impair the national security’.
Until mid-2018, a CFIUS Review resulted in few blocked investments. The CFIUS national security review came to the fore with the introduction of The Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA) in late 2018. FIRMMA is the most comprehensive revision of the foreign investment review process under CFIUS since 2007 and it has significant implications for transactions involving US entities and foreign investment.
3. Who is subject to CFIUS’s National Security Review under FIRRMA?
Historically, CFIUS’s power to conduct national security review was limited to proposed or pending ‘transactions’ (mergers, acquisitions, JVs, leases, and other investments) with any ‘foreign person’ that could result in ‘control’ of a ‘US Business’
(any entity engaged in interstate commerce in the US) by a foreign person.
FIRRMA expanded the scope of transactions subject to the Committee’s review by conferring upon CFIUS the authority to examine the national security implications of a foreign acquirer’s non-controlling investments in US businesses.
FIRRMA explicitly includes for CFIUS’s national security review, certain real estate transactions in close proximity to a military installation or US Government facility or property of national security sensitivities; any noncontrolling investment in US
businesses involved in critical technology, critical infrastructure, or collecting sensitive data on US citizens; any change in foreign investor rights; transactions in which a foreign government has a direct or indirect substantial interest; and any transaction or
arrangement designed to evade CFIUS.
Under FIRRMA, in addition to traditionally ‘covered transactions’ that were subject to national security review and were required to submit a notice (voluntarily), today’s CFIUS requires mandatory declarations (45-day pre-closing) for particular transactions
as explained below.
4. The Pilot Program: ‘Other investments’ subject to mandatory filings to CFIUS
In late 2018, CFIUS issued interim regulations to conduct a FIRRMA ‘Pilot Program’ that addresses specific risks to US national security and expands the scope of transactions subject to review by CFIUS to include certain noncontrolling investments made by foreign persons in US businesses involved in critical technologies related to specific industries.
All foreign investments that fall within the specific scope of the pilot program are subject to the mandatory filing requirements.
A In lieu of the lengthy notice, as usually required under a voluntary CFIUS filings, the Pilot Program requires the submission of
short-form declarations at least 45 days before the expected completion date of the transaction. This Pilot is designed to provide a streamlined review process, whereby CFIUS will respond to a declaration faster.
For an investment to be covered under the Pilot Program, it would have to give the foreign investor:
1. Access to any material nonpublic technical information in the possession of the
target US business;
2. Membership or observer rights on the board of directors or equivalent governing body of the US business, or the right to nominate an individual to a position on
3. Any involvement, other than through voting of shares, in substantive decision-making of the US business regarding the use, development, acquisition, or the board of directors or equivalent governing body of the US business; or
3. Any involvement, other than through voting of shares, in substantive decisionmaking of the US business regarding the use, development, acquisition, or release of critical technology.
As regards other elements of the transaction, the Pilot Program encompasses:
1. All foreign persons from all countries.
2. Any US business that produces, designs, tests, manufactures, fabricates, or develops a critical technology that is utilized in connection with the US business’s activity in one or more Pilot Program Industries or designed by the US business specifically for use in one or more Pilot Program Industries.
3. All ‘critical technologies’, as defined by FIRRMA, including emerging and foundational technologies controlled pursuant to the Export Control Reform Act of 2018.
4. 27 industries, identified by their respective North American Industry Classification System (NAICS) code, in which ‘certain strategically motivated foreign investment’ could pose a threat to US technological superiority and national security.
5. What is a ‘national security’ concern and how is it assessed?
FIRRMA does not define ‘national security’. The concept was traditionally understood to comprise issues related to homeland security, critical infrastructure, and commercial and governmental espionage as well as traditional defence-related issues. This leaves
CFIUS with broad discretion to consider a range of factors when assessing the national security implications of ‘covered transactions.’ Because the notion of ‘national security’ is ever- evolving, reliance on past CFIUS recommendations would not necessarily result in an accurate predictor for the outcomes of future reviews.
CFIUS’s analysis of a specific investment will mostly focus on the interaction between the potential threat from the investment and whether the foreign person is capable of, or intends to, cause harm to US national security, on the one hand, and the vulnerability
of US national security as a result of the investment and whether control over the specific US business entails any potential harm for US national security, on the other. The review is conducted on a case-by-case basis.
6. Implications
In circumstances where foreign persons – including all types of business associations – are contemplating buying or making an investment in a US business, it is prudent to consider not only the merger control implications but also whether the proposed
transaction will be subject to the purview of CFIUS. It is useful to identify possible CFIUS-related risks, as well as opportunities to avoid delays and expenses associated with CFIUS review. Parties face significant mandatory penalties if they fail to recognize
that their transaction is a ‘covered transaction’ under the Pilot Program and fail to file a declaration.
As explained, the national security review process is not limited by industry and could potentially apply to any sector. Moreover, CFIUS practice demonstrates the importance that the US government is attaching to a US target company’s storage of personally identifiable information as a potential national security concern.
Recent trends also emphasize the need for US strategic technology, including biotechnology and healthcare, financial companies, and semiconductors to fully understand potential CFIUS or other regulatory risks in deals involving foreign investors, especially in China.
Tadmor Levy & Co.
