By: Elena F. Mitchell and Frank Schall. The U.S. Department of the Treasury recently published final regulations to further implement the Foreign Investment Risk Review Modernization Act of 2018 (“FIRRMA“) and to better address national security concerns resulting from certain investments and transactions in the U.S.
The Committee on Foreign Investment in the United States (“CFIUS”) is an interagency committee chaired by the U.S. Department of the Treasury and tasked with evaluating certain foreign investments and transactions for national security-related concerns. The new Treasury Department regulations become effective on February 13, 2020, and expand CFIUS’s authority to address risks arising from some types of investments and transactions formerly outside of CFIUS’s jurisdiction. Among other things, the new regulations implement CFIUS’s jurisdiction over non-controlling investments into certain U.S. businesses and over certain types of real estate transactions.
Even before the expansion of CFIUS’s authority, the interagency committee has had an impact deterring some significant potential investments and acquisitions. With CFIUS’s authority now covering certain non-controlling investments and real estate transactions, foreign individuals and companies seeking to invest in either area should seek advice to help navigate the potential pitfalls.
FIRRMA was enacted in August 2018. Prior to the enactment of FIRRMA, Section 721 of the Defense Production Act of 1950 (the “DFA”) authorized the President, acting through CFIUS, to review certain transactions which could result in foreign control of a U.S. business to determine the effects of such transactions on U.S. national security. FIRRMA maintains CFIUS’s jurisdiction over such transactions and broadens CFIUS’s authority to review other investments and transactions for national security concerns. In connection with these reviews, and as advised by CFIUS, the President may suspend or prohibit a transaction when there is credible evidence that the transaction may threaten national security. Thus, failing to file or receive CFIUS’s approval of a transaction can subject that transaction to substantial risk if national security concerns are determined to be involved. Once CFIUS approves a transaction, that transaction generally will not be subject to further review unless false, incomplete, or misleading information was provided to CFIUS during its initial review.
In October 2018, the Treasury issued regulations as the first part of a phased implementation of FIRRMA. Those regulations launched a pilot program implementing CFIUS’s expanded jurisdiction over certain non-controlling foreign investments in U.S. businesses involved with critical technology that did not take effect upon FIRRMA’s enactment.
The newest regulations were issued in two parts on January 13, 2020, are effective February 13, 2020, and implement changes to CFIUS’s jurisdiction and review process as follows:
- Provisions Pertaining to Certain Investments in the United States by Foreign Persons: These regulations replace the regulations formerly found in 31 C.F.R. § 800, and implement changes to CFIUS’s jurisdiction and process with respect to transactions that could result in foreign control of any U.S. business, as well as certain non-controlling other investments that give a foreign person certain access, rights, or involvement in certain types of U.S. businesses involving critical technology, critical infrastructure, and sensitive personal data.
- Provisions Pertaining to Certain Transactions by Foreign Persons Involving Real Estate in the United States: These regulations establish a new part 31 C.F.R. § 802, and implement CFIUS’s authority to review the purchase or lease by, or concession to, a foreign person of certain real estate in the U.S.
Provisions Pertaining to Certain Investments in the United States by Foreign Persons
Although CFIUS maintains jurisdiction over “covered control transactions,” i.e., transactions in a which a foreign person acquires control of a U.S. business, the new regulations also authorize CFIUS to review non-controlling “covered investments” involving a U.S. business that:
- Produces, designs, tests, manufactures, fabricates, or develops one or more critical technologies;
- Owns, operates, manufactures, supplies, or services critical infrastructure; or
- Maintains or collects sensitive personal data of U.S. citizens that may be exploited to threaten national security.
These businesses are referred to as “TID U.S. Businesses.”
A “covered investment” also must afford a foreign person:
- Access to material, nonpublic technical information;
- Membership or observer rights on, or the right to nominate an individual to a position on, the board of directors or equivalent governing body of the TID U.S. Business; or
- Any involvement other than through voting of shares, in substantive decision making of the TID U.S. Business regarding:
- Sensitive personal data of U.S. citizens;
- Critical technologies; or
- Critical infrastructure.
The definition of “sensitive personal data” covers genetic information, as well as categories of “identifiable data” maintained or collected by a U.S. business that: (1) targets or tailors its products or services to sensitive U.S. Government personnel or contractors; or (2) maintains or collects (or seeks to maintain or collect) such data on greater than 1 million individuals. The categories of data include types of financial, geolocation, and health data, among others. There are carve outs for data pertaining to a U.S. business’s own employees and data that is publicly available.
Under the new regulations, “critical technologies” are defined as including certain defense services, items subject to export controls, nuclear equipment, technology, and facilities. The term also includes a catch-all for “emerging and foundational technologies” under Section 1758 of the Export Control Reform Act of 2018 (the “ERCA”), which will be the subject of future rulemaking.
The definition of “critical infrastructure” includes systems and assets so vital to the U.S. that incapacity or destruction of such systems or assets would have a debilitating impact on national security.
The regulations relating to non-controlling “covered investments” contain an exception for indirect investments by a foreign person in an unaffiliated TID U.S. Business through an investment fund that affords the foreign person membership as a limited partner or on an advisory board or committee of the fund. Thus, such indirect investment by a foreign person in a TID U.S. Business through an investment fund will not constitute a “covered investment” provided the rights of the foreign person are sufficiently limited.
In addition, the regulations relating to non-controlling “covered investments” create an exception for certain foreign persons defined as “excepted investors” based on ties to countries identified as “excepted foreign states.” CFIUS has identified Australia, Canada, and the United Kingdom as the initial excepted foreign states. The regulations define an “excepted investor” as:
- A foreign national (i.e., individual) who is a national of one or more excepted foreign states and is not also a national of any foreign state that is not an excepted foreign state;
- A foreign government of an excepted foreign state; or
- A foreign entity that meets a number of specific requirements with respect to itself and each of its parents.
- To qualify as a foreign entity under this prong:
- The entity must be organized under the laws of and have its principal place of business located in an excepted foreign state or the U.S.;
- Seventy-five percent (75%) or more of board members and observers must be U.S. nationals or be nationals of an excepted foreign state who are also not nationals of any foreign state that is not an excepted foreign state; and
- All persons holding a ten percent (10%) or greater voting, profit, or dissolution right must be nationals of, or entities incorporated and located in, an excepted foreign state and not also nationals of any foreign state that is not an excepted foreign state.
- In addition, entities must meet a certain threshold of ownership by nonforeign or excepted foreign state nationals, governments, or entities.
- An investor can be disqualified as an “excepted investor” for violation of certain U.S. laws, orders, or regulations, or if other criteria are met.
Importantly, CFIUS retains authority to review a transaction that could result in foreign control of any U.S. business, regardless of whether the foreign person is an “excepted investor.”
Provisions Pertaining to Certain Transactions by Foreign Persons Involving Real Estate in the United States
The second set of new regulations expand CFIUS’s jurisdiction over “covered real estate transactions,” or any purchase or lease by, or concession to, a foreign person of “covered real estate” that affords the person at least three of the following rights with respect to that real estate: (1) to physically access; (2) to exclude; (3) to improve or develop; or (4) to affix structures or objects.
The regulations define “covered real estate” as real estate:
- Located within or functioning as part of a port;
- Located within close proximity of any military installation listed in the regulations;
- Located within an extended range of any military installation listed in the regulations;
- Located within counties or geographic areas identified in connection with military installations listed in the regulations; and
- Located within any part of certain military installations listed in the regulations that is within the limits of the territorial sea of the U.S.
The regulations relating to “covered real estate transactions” similarly create an exception for certain foreign persons defined as “excepted real estate investors” based on ties to countries identified as “excepted real estate foreign states.” The definition of “excepted real estate investors” is substantially similar to that of “excepted investors” in the first set of new proposed regulations. CFIUS has also identified Australia, Canada, and the United Kingdom as the initial “excepted real estate foreign states.”
The purchase or lease by, or concession to, a single “housing unit,” as defined by the U.S. Census Bureau, also is outside the scope of CFIUS’s jurisdiction. Thus, CFIUS does not have jurisdiction to review the sale of residential houses, apartments, or condos to foreign citizens.
There are a number of other exclusions for certain types of real estate transactions, including real estate transactions in certain urbanized areas, leases by and concessions to qualifying foreign air carriers, and transactions relating to commercial office space that are subject to a sale, lease, or concession within a multi-unit building.
The new regulations are also intended to modernize CFIUS’s processes for reviewing investments and transactions for national security concerns. Parties to “covered investments” and “covered real estate transactions” now have the option of notifying CFIUS via a short-form declaration, rather than a lengthy Joint Voluntary Notification (“JVN”). Once accepted as complete by CFIUS, declarations will be subject to a maximum 30-day review period. While FIRRMA authorizes CFIUS to collect filing fees in connection with notifications, the Treasury Department is deferring this issue to a future rulemaking. For now, parties may submit notifications to CFIUS without paying filing fees.
The Treasury Department’s new regulations are a response to three major concerns: (1) that foreign acquisitions of U.S. technology companies may jeopardize the technological advantages of the U.S.; (2) that foreign actors may acquire U.S. companies possessing sensitive personal data to collect intelligence on U.S. citizens; and (3) that foreign actors may acquire real estate to gain physical proximity to sensitive U.S. government facilities.
As foreign companies and individuals seek to invest in the latest U.S. technology company or companies that collect, manage, or utilize personal data for marketing purposes or other uses, the expanded scope of CFIUS’s authority should be at the forefront of their analysis. While the new regulations constitute an important milestone in the implementation of FIRRMA, important milestones remain. For example, future rulemaking is required on “emerging and foundational technologies,” as well as on CFIUS filing fees. We will continue to track CFIUS-related developments.
Elena's practice focuses on complex litigation matters involving a wide variety of business torts, commercial contracts and mortgage loan disputes, estate litigation, and antitrust litigation. Elena regularly practices in ...
Frank has extensive experience conducting internal investigations for clients in the United States and abroad pertaining to a wide range of issues. He strives to develop creative solutions and strategic approaches when ...
About MVA White Collar Defense, Investigations, and Regulatory Advice Blog
As government authorities around the world conduct overlapping investigations and bring parallel proceedings in evolving regulatory environments, companies face challenging regulatory and criminal enforcement dynamics. We help keep our clients up to date in these fast-moving areas and to serve as a thought leader.
MVA White Collar Defense, Investigations, and Regulatory Advice Blog Updates
- The Consumer Financial Protection Bureau Stakes Out Its Enforcement Authority Over Unfair Information Security Practices
- FINRA’s Expansion of Safeguards to Prevent the Financial Exploitation of Specified Adults in Rule 2165
- Risks Associated with Cryptocurrency Activities Continue to be Top-of-Mind for Federal Banking Regulators
- Beyond “Security or Commodity”: Different Types of Digital Assets