CFIUS Update: FIRRMA Finalized, Nears Passage

CFIUS Update: FIRRMA Finalized, Nears Passage

July 25, 2018, Covington Alert

Summary 

For over a year, we have reported to our clients as the U.S. government considered and developed legislation that would fundamentally reform the operations of the Committee on Foreign Investment in the United States (CFIUS). That effort has been driven by concerns about risks arising from evolving foreign investment composition and business relationships, particularly involving leading-edge technologies—and the ability of U.S. law to keep pace with these developing risks. That work culminated earlier this week, when the Congress agreed on a final version of the Foreign Investment Risk Review Modernization Act (FIRRMA). FIRRMA is now expected to pass the House of Representatives this week, and then the Senate in the next few weeks—in each case as part of the National Defense Authorization Act (NDAA), a must-pass piece of legislation that provides funding for the U.S. Department of Defense.

FIRRMA will be transformational for CFIUS in ways that prior legislation, including the Foreign Investment and National Security Act of 2007 (FINSA), was not; when the dust settles on the implementation of FIRRMA, CFIUS 2.0 will be a different animal than its predecessor. But not all transaction parties will face the same impact. At its core, FIRRMA seeks to broaden CFIUS’s visibility into transactions that are more likely to touch on U.S. national security, while also allowing the Committee to dispose of non-sensitive transactions more quickly. Thus, for many experienced transaction parties, particularly those from close U.S. allies, FIRRMA will codify existing practices and even raises the prospect of process improvements (for example, by allowing for an earlier, less burdensome approval through a lighter filing process). For many others, however, FIRRMA will thrust CFIUS into transactions, both in and outside the United States, where it has never been a significant consideration.

We see eight key aspects of the legislation:

1. Preservation of open investment policy. The legislation commences with “findings” that recite the benefits of foreign investment in the United States, and it operates to preserve those benefits. Read carefully, the legislation is consistent with, and embraces, well-recognized principles (developed and published by the OECD) that balance national security-based investment review regimes with the preservation of open investment environments: principles of non-discrimination, transparency of policies, predictability of outcomes, proportionality of measures, and accountability of implementing authorities. The significance of this dimension of FIRRMA cannot be overstated; it preserves the U.S. as a beacon for foreign investment and enables the United States, as a policy matter, to articulate this position credibly to other countries.
2. New horizons - broadening the aperture (widely) for CFIUS. As noted, a core principle in the legislation is to increase CFIUS’s visibility into a wider range of transactions. It accomplishes this through several novel mechanisms: it provides CFIUS with the authority to review a broad range of investments in certain potentially sensitive U.S. businesses that do not result in control by a foreign person; it confers authority to CFIUS to review certain greenfield investments (in real estate); it mandates certain notifications to CFIUS (including, at a minimum, certain transactions involving foreign government ownership); and it provides for potential penalties for the failure to file such mandatory notifications. As discussed below, it also potentially enables CFIUS to review acquisitions that occur entirely outside the United States.
3. A national security perspective for the 21st century. In clear statutory terms, FIRRMA disposes of the historical approach of evaluating national security implications within the four corners of a particular investment for the traditional (and obvious) indicia of national security: contracts with the government; protection of underlying core infrastructure; etc. Instead, FIRRMA views national security through a broader lens, where technologies enable ubiquitous digital connections and unprecedented transactional speed, create new opportunities and risks that overlap between the traditionally distinct commercial and governmental sectors, and can quickly increase or close capability gaps between competitor nations. With that perspective, FIRRMA acknowledges that the capability and know-how to develop those technologies is in turn fundamental to longer-term national security objectives. Thus, the availability of people with the know-how to develop technologies free from compromise; the personal data of U.S. citizens; the simple testing of certain technologies; or the supply of materials to critical infrastructure; are all viewed, for offensive and defensive reasons, as potentially relevant to U.S. national security and will be part of the CFIUS risk analysis henceforth.
4. No differential treatment for any countries, but a clear focus on China. The final bill does not expressly target investment from specifically identified countries, a point that was debated throughout FIRRMA’s maturation. Still, public commentary and debate regarding the bill, as well as the bill text itself, strongly signals that China, and Chinese technology transfer in particular, is a principal focus of concern. Though FIRRMA applies generally to foreign investors and does not expressly apply heightened scrutiny to investments from China, the bill does express the sense of Congress that CFIUS should give particular consideration to covered transactions involving “a country of special concern that has a demonstrated or declared strategic goal of acquiring a type of critical technology or critical infrastructure” that would be harmful to U.S. national security—a description that fits virtually no countries with significant U.S. investment other than China. As part of its enhanced reporting requirements, FIRRMA also directs the Secretary of Commerce to produce a biennial report on Chinese foreign direct investment (FDI) through 2026; the bill calls out no other country for such special reporting and assessment. The implication is clear—FIRRMA’s reforms are in significant part about increasing CFIUS’s ability to address perceived risks from China, even though the substantive provisions of the bill make no express distinction among investors.
5. Building the fence—a model for allies. FIRRMA also evidences a clear Congressional intent that the CFIUS regime be a model not only for U.S. investment security, but for allied countries as well. The bill expressly directs the CFIUS chairperson to establish a formal process for the exchange of information “important to the national security analysis or actions of the Committee” with both domestic (e.g., state) governments and foreign allies and partners. Further, the bill directs the chairperson to “harmoniz[e]” action with foreign allies concerning investment and technology trends that could threaten the national security of the United States or its allies. These provisions reflect a growing view that investment-related risks cross borders and that unilateral action by the United States is not sufficient to address concerns related to foreign investment, especially investments that advance coordinated industrial policies. In sum, if the United States has its way, FIRRMA will help launch a new era for global regulation of foreign investment.
6. A hydraulic interplay with export controls, especially involving the transfer of technology. As we have reported previously, early versions of FIRRMA would have conferred on CFIUS authority to review outbound transactions and other commercial relationships that involved the transfer of technologies. Those more aggressive expansions of CFIUS ultimately were removed from FIRRMA in favor of export control reform that includes an enhanced process for controlling certain emerging and foundational technologies. There remains, however, an explicit linkage between the CFIUS and export control processes; FIRRMA makes plain that the CFIUS process can be used to identify technologies to be considered for enhanced controls under the reformed export control process, and likewise that emerging and foundational technologies identified and controlled under that process will be deemed “critical technologies” for CFIUS purposes.
7. A framework for further refinement - much pencil sharpening remains for CFIUS. Notwithstanding the clear principles identified above, FIRRMA is really a framework bill, not a fully prescriptive solution. It expands the horizons of CFIUS and provides authorities for the Committee to address the contemporary risk environment, but in many important respects, the bill leaves it to CFIUS to address the details through regulation. For example, it identifies the categories of real estate and non-controlling “other investments” that could be subject to CFIUS jurisdiction, but then leaves it to CFIUS to define exactly which transactions within those broad categories will trip jurisdiction; it creates mandatory filings but gives the Committee significant discretion to determine what types of transactions will have to be filed; it defines U.S. business as any business engaged in interstate commerce (so, for example, a sole proprietorship in Europe that has Internet sales into the United States) and then allows CFIUS to define a more reasonable scope; and so on. Thus, with the passage of FIRRMA, Congress will pass the baton to the Executive Branch to craft the essential specifics that will define the true scope and nature of the Committee’s reform as it will affect foreign investors and the U.S. businesses that are their investment targets.
8. Betting on the adaptability of CFIUS. Perhaps the most fascinating and uncertain aspect of FIRRMA is whether CFIUS, with its horizons broadened and authority increased to address a more dynamic transactional environment, will muster the resources and deploy the operational flexibility that will be needed to manage the volume of matters that now will be within its purview, particularly in a timeframe that fits the speed of modern business. The legislation provides a number of mechanisms, including slightly longer timelines, the creation of new senior-level positions, and the provision of more resources for the Committee (including by authorizing the collection, for the first time, of filing fees), to help CFIUS fulfill its expanded role. But it is one thing for Congress to provide these authorizations; it is quite another for the Executive Branch to find the necessary personnel and manage the process in a way that accomplishes Congress’s intended goals. Congress and the Administration clearly have bet on CFIUS’s ability to adapt to the new world they have created. Time will tell whether that bet bears fruit.

Discussion: An In-Depth Look at the Final Bill

With the foregoing as background, the following is a more detailed summary of key aspects of FIRRMA and how they would affect the CFIUS process. Note that FIRRMA provides that many of its provisions, including those related to timing of CFIUS reviews, go into effect immediately upon enactment. Other provisions, however, including many of those expanding the Committee’s jurisdiction, do not go into effect until the earlier of 18 months from the date of enactment or a certification by the CFIUS Staff Chairperson that the “regulations, organizational structure, personnel, and other resources necessary to administer the new provisions are in place.” This delay recognizes that FIRRMA will transform CFIUS and dramatically increase its workload, and FIRRMA seeks to ensure that the Committee is prepared to shoulder that new burden.

Expansion of CFIUS Jurisdiction

FIRRMA retains CFIUS’s existing jurisdiction to review transactions that result in control of a U.S. business by a foreign person (explicitly clarifying that joint ventures that meet this criteria also qualify), while also expanding it in a number of ways:

• Jurisdiction to review certain non-controlling “investments.” FIRRMA provides CFIUS jurisdiction to review a broad category of “other investments,” which include non-controlling investments by a foreign person in companies that deal with critical infrastructure, critical technology, or personal data of U.S. citizens. CFIUS would have the authority to review any “other investment” in any “unaffiliated” U.S. business that (1) owns or operates, manufactures, supplies, or services critical infrastructure; (2) produces, designs, tests, manufactures, fabricates, or develops one or more critical technologies; or (3) maintains or collects sensitive personal data of United States citizens that may be exploited in a manner that threatens national security. “Other investment” in this context means any investment, regardless of size, that affords the foreign person: (1) access to any material non-public technical information in the possession of the U.S. business; (2) board membership or observer rights; or (3) any involvement in substantive decision making regarding critical infrastructure, critical technologies, or sensitive personal data of U.S. citizens.
• Greenfield investments—real estate. The bill also allows CFIUS to review certain real estate transactions (i.e., sales, leases, and concessions) in close proximity to sensitive U.S. government facilities or which involve air and maritime ports, except for real estate that is a “single housing unit” or that is in “urbanized areas” as defined by the Census Bureau.
• Changes in rights or attempts to circumvent CFIUS. The bill clarifies that the Committee has jurisdiction over changes in rights of an investor, if the change results in foreign control of the U.S. business or results in an “other investment,” as defined, as well as over transactions which are “designed or intended to evade or circumvent” CFIUS jurisdiction.
• Expansive “U.S. business” definition. The bill defines “U.S. business” very broadly to mean “a person engaged in interstate commerce in the United States.” This goes beyond the current regulatory definition, which includes a qualifier “but only to the extent of its activities in interstate commerce in the United States.” Without the qualifier (which could be reapplied during the regulations development process), the bill gives the Committee the authority to review an acquisition of any business anywhere in the world as long as that business provides goods or services into the United States.
• No specified requirement for “black” or “white lists,” but CFIUS empowered to implement regulations considering “Country Specification.” Earlier versions of the bill in both the Senate and House contained provisions for CFIUS to develop and maintain either a “black list” of “countries of special concern,” which would be subject to heightened scrutiny and jurisdiction, or a “white list” of countries, investments from which would be excepted from some jurisdictional categories. The final version of the bill contains neither, with a sole reference to "countries of special concern" in the “Sense of Congress" preamble, but not in any operative provision. In place of such lists, the final version of FIRRMA allows CFIUS to prescribe regulations, in a section titled “Country Specification,” that “specify criteria to limit the application of [the expanded jurisdiction to real estate and ‘other investments’] to the investment of certain categories of foreign persons.” The legislation further directs CFIUS, in the development of such criteria, to “take into consideration how a foreign person is connected to a foreign country or foreign government, and whether the connection may affect the national security of the United States.”
• Specific clarification for investment funds. The bill also recognizes and addresses the unique characteristics and governance of U.S. private equity investment funds, which, while receiving capital contributions from foreign limited partners (LPs), are controlled by U.S. general partners (GPs) or equivalents. The bill indicates that participation of those foreign LPs on an investment fund's advisory board or equivalent will not qualify the foreign LP's investment as an "other investment," as long as the fund is managed by a GP or equivalent, that GP is not a foreign person, the advisory board does not control the decisions of the fund or the GP, and the foreign LP does not otherwise control the fund, directly or indirectly.

Process Changes

• Establishment of new “light filing” or “declaration.” The bill creates a new type of filing, known as a “declaration.” The declaration, which would be no more than five pages, would be available to all parties and would be intended to enable CFIUS to ascertain, over a wider range of transactions than it currently sees, whether to require a full formal filing or determine that no further action is necessary, thereby providing the parties with a legal safe harbor. CFIUS must respond to such declarations within 30 days of receipt.
• Mandatory “light filings” or “declarations.” Filing would remain voluntary for most transactions, but FIRRMA requires that a declaration be submitted before consummation for some transactions and allows the Committee to identify through regulations other categories of transactions that will also require mandatory declarations, though it can only do so for investments that involve critical technologies (i.e., not critical infrastructure or sensitive data on U.S. citizens).
  • The final bill requires mandatory declaratory filings for transactions that involve the acquisition of a substantial interest, by a foreign person in which a foreign government has a substantial interest, in certain categories of U.S. business that relate to critical infrastructure, critical technology, and personal data of U.S. citizens that may be exploited in a manner that threatens national security.
  • “Substantial interest” is not defined in the bill, and would instead be defined through regulation. However, the bill provides that “substantial interest” shall not extend to investments that do not meet the criteria for “other investments” noted above, or interests below a ten percent voting interest.
  • Mandatory declaratory filings would not be required for investment funds if the fund is managed exclusively by a U.S. GP and foreign LPs do not control the GP or fund investments.
  • The Committee also has the ability to waive the requirement for a declaratory filing if the “Committee determines that the foreign person demonstrates that the investments of the foreign person are not directed by a foreign government and the foreign person has a history of cooperation with the Committee.”
• Altered timeframe for CFIUS reviews:
  • The bill includes a new requirement that the Committee provide comments on draft notices and accept formal filings within ten business days of submission, unless the Committee explains why the filing is incomplete. In order for these deadlines to apply, parties would be required to stipulate that the transaction is a “covered transaction” subject to CFIUS jurisdiction. These new requirements should provide more prompt and predictable starts to the official review periods after submission of a notice, which today can range from a couple weeks to well over a month.
  • The bill also expands the official review periods. CFIUS currently undertakes an initial 30- day review, with the option to undertake an additional 45-day investigation. FIRRMA (1) extends the review period to 45 days; (2) retains the optional second-stage 45-day investigation; and (3) authorizes CFIUS to extend an investigation for one 15-day period under “exceptional circumstances.” As a result, a single complete CFIUS review process potentially could take as long as 105 days, as opposed to 75 days under current law. That said, the 15-day extension also could shorten somewhat the overall timeframe for those transactions that currently must be withdrawn and refiled if CFIUS has not completed its review within the initial 75 days. Those transactions today generally are subject to a second full 75-day process, for a total of 150 days, whereas the 15-day extension could permit at least some such transactions to be completed without the need for a refiling.
• Filing fee. There currently is no fee to file with CFIUS. FIRRMA permits CFIUS to charge a fee of no more than one percent of the value of the transaction or $300,000, whichever is less.

Definitional Changes

• “Passive” investments re-characterized. Under existing law, acquisitions of minority equity interests of a U.S. business are not subject to CFIUS jurisdiction provided that they are solely “for purposes of passive investment.” In practice, CFIUS has construed this requirement strictly in certain circumstances, narrowing it so that even very low minority ownership interests could constitute a covered transaction if coupled with other interests, such as board observer rights, other strategic partnerships (such as joint ventures abroad), or extensions of credit. FIRRMA does not include the term “passive investment,” but the bill preserves the basic parameters of the “passive investment” definition from the Senate version of the bill through incorporation of the substantive terms into the definition of “other investment,” including the “specific clarification for investment funds.” That is, rights, such as access to material nonpublic technical information, membership or observer rights on the board of directors, or involvement in substantive decision making of the U.S. business, that would have disqualified an investor from being deemed passive in the Senate version of the bill are now qualifying factors for being deemed an “other investment.”
• Limited “critical technology” definition. The bill establishes a definition of “critical technology” limited to a set of enumerated categories, which are mostly related to the export control regime. This includes “emerging and foundational technologies” that are controlled pursuant to the expanded export control regime also being enacted through the NDAA. That is, the Committee will not have discretion to identify independently other categories of technology that would constitute critical technology, except through the export control process.

Other Changes

• Weakening of safe harbor. Under current law, filing with CFIUS provides transaction parties with a “safe harbor”—once CFIUS has approved a transaction, neither the President nor CFIUS may later take action with respect to the transaction unless there has been an intentional material breach of a mitigation agreement or a material misrepresentation or omission to CFIUS. FIRRMA notably would lower the threshold for when CFIUS could unilaterally initiate a subsequent review of a previously cleared transaction that involved a mitigation agreement, by removing the requirement that material breaches of mitigation agreements be “intentional” before allowing CFIUS to revoke the safe harbor.
• Process for identifying non-notified, non-declared transactions. Some members of Congress raised concerns that some transactions that may present national security issues are not being filed, either because of a lack of understanding regarding the CFIUS process or an intention to avoid scrutiny. FIRRMA addresses this by, in addition to the mandatory declaratory filing requirement, requiring CFIUS to maintain a process to identify transactions for which information is “reasonably available” but for which the parties have not filed a notice or declaration.
• Expanded annual report requirements, including on Chinese investment. The bill expands CFIUS’s Congressional reporting obligations, including by requiring additional detail on the volume and outcome of CFIUS notices, reviews, and investigations. The final bill also requires the Secretary of Commerce to produce a report every two years, through 2026, that includes statistics regarding all Chinese FDI into the United States and an analysis of investment patterns, including their alignment with Made in China 2025. The report also calls for comparative analysis of the size of Chinese FDI in the United States, compared to other countries.
• Increased information sharing. FIRRMA requires the CFIUS chairperson to establish a formal process for the exchange of information important to national security with both domestic government partners (e.g., state governments) and foreign allies. FIRRMA designates the sharing of information “with respect to specific technologies and entities acquiring such technologies” as an area of emphasis.
• Clarifying CFIUS authorities to suspend transactions and refer transactions to the President. Under the current law, CFIUS has the authority to review and investigate any pending transaction, and to impose interim mitigation measures to address national security concerns in the event a transaction has closed without filing with CFIUS. FIRRMA confirms these authorities but also adds the ability for CFIUS to suspend a transaction during its review and investigation, as well as to cut short its investigation and refer the matter directly to the President for action (i.e., a formal prohibition or divestiture order). CFIUS will have expanded authority to impose interim mitigation measures in the period of time that a transaction is before the Committee.
• Increased role of third-parties for mitigation compliance. In recent practice, CFIUS has relied on the use of third-party businesses to monitor parties’ compliance with CFIUS under a mitigation agreement. FIRRMA explicitly sanctions this practice, while requiring CFIUS to maintain a compliance plan for each covered transaction requiring mitigation. Under the specified plan, CFIUS must designate whether an independent entity will conduct compliance reviews. Further, the Committee must develop monitoring procedures which “adequately ensure compliance without unnecessarily diverting Committee resources from assessing any new covered transaction.”
• Additional CFIUS staff—recusal procedures. The bill adds two additional positions of Assistant Secretary of the Treasury in order to help address the anticipated higher volumes of CFIUS reviews, given FIRRMA’s expansion of CFIUS jurisdiction. One of these new positions shall be the Assistant Secretary for Investment Security, whose duties will principally relate to the Committee. Further, FIRRMA gives CFIUS member agencies direct hiring authority (which should help facilitate the rapid hiring of staff that the implementation of FIRRMA will require) and tasks CFIUS with creating a recusal process for members with conflicts of interest for a covered transaction.