CFIUS

CFIUS, an interagency committee chaired by the US Department of the Treasury, conducts national security reviews of certain foreign investments in US businesses and, perhaps soon, of certain offshore investments by US companies.  It sits at the center of this national security universe and includes the US Departments of Defense, Homeland Security, Commerce, Justice, State and Energy, as well as the Office of the United States Trade Representative and the White House Office of Science and Technology Policy. Congress recently added the US Department of Agriculture as a member of CFIUS on a case-by-case basis in covered transactions involving agricultural land, agricultural biotechnology or the agriculture industry. The Department of Labor and the Director of National Intelligence have non-voting roles. Additional observers include the White House Office of Management and Budget, Council of Economic Advisors, National Security Council, National Economic Council and Homeland Security Council.

CFIUS’s power primarily stems from its statutory authority to recommend that the US President block or unwind foreign acquisitions of and investments in US businesses when they pose unresolved threats to US national security, following the Committee’s assessment of the threat, vulnerabilities and consequences to national security posed by a transaction. CFIUS also has the authority to negotiate mitigation agreements to resolve identified national security threats presented by a transaction. Elements of such mitigation agreements range from prohibitions on transfers of sensitive technologies to protections for US customer data and restrictions on physical and logical access to sensitive US facilities, networks and systems. 

Although presidential orders blocking or unwinding transactions are rare, they increased under the Obama and Trump administrations and the Biden administration has issued a number of executive orders that increase scrutiny of certain transactions.  The numbers alone do not tell the entire story, as parties will usually terminate a doomed transaction before CFIUS’s formal recommendation to block it gets to the president’s desk. Moreover, the president’s decision is, by statute, not subject to judicial review or other appeal. Although CFIUS is chaired by the Treasury Department, which would seem to be any administration’s champion for foreign investment, the national security agencies often co-lead CFIUS reviews, and opposition to a transaction by a single agency can send the matter to the president. 

Originally conceived as a narrow check on defense-related foreign investments, the jurisdiction and scope of CFIUS has evolved significantly during the last two decades in response to ever-broadening US national security concerns, such as the 2001 terror attacks on the World Trade Center, the emergence of China as a technological competitor and the threats associated with state-sponsored cyber espionage. The 2018 congressional overhaul of CFIUS, which was codified in Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA), was intended to protect the technological edge held by the United States by preventing companies from China and other perceived geopolitical adversaries from gaining access to next-generation technologies.  Executive orders and new regulations from the Biden Administration have further sharpened the focus on certain national security risk factors, established enforcement and penalty guidelines and tightened export controls on certain technology.

Risk Factors

CFIUS is especially interested in transactions involving US businesses that:

• Have contracts with the federal government or state and local authorities that have functions that are relevant to national security;

• Could create vulnerability to sabotage or espionage, including potential cyber security concerns or position in the supply chain;

• May have implications for US national security, including infrastructure, energy production, and the national transportation, telecommunications, information technology and financial systems;

• Have access to classified information or sensitive government or government contract information, including information about employees;

• Participate in the defense, security and national security-related law enforcement sectors, including activities related to weapons and munitions manufacturing, aerospace, satellite, and radar systems;

• Produce certain types of advanced technologies that may be useful in defending – or in seeking to impair – US national security, including cybersecurity, network and data security, semiconductors, integrated circuits and biotechnology;

• Involve anything subject to US export controls;

• Maintain access or insight into sensitive systems, networks or databases that could be subject to cyber-attack or exploitation;

• Are in a field with significant national security implications where there are few alternative suppliers or where a loss in US technological competitiveness would be detrimental to national security; 

• Have the ability to transfer the various technologies described above to third parties to the detriment of national security;

• Have operations or facilities, or are foreign acquisitions of real estate that are in proximity to military or other sensitive US Government facilities, or airports or maritime ports;

• Have access to potentially sensitive data about US persons, such as health or biological data that could be exploited in a manner that threatens US national security or have access to data about businesses that have national security importance; 

• Otherwise facilitate foreign intelligence collection against US targets.

CFIUS is also interested in transactions involving foreign persons who :

• Are controlled by a foreign government;

• Are from a country with a record on nonproliferation and other national security-related matters that raises concern; 

• Make multiple acquisitions or investments in a single sector or in a supply chain with national security implications, including raw materials, technology and manufacturing capabilities; 

• Have demonstrated intent and capability to impair US national security;  

• Have significant ties to third parties that might take actions that could impair US national security; 

• Have a history of doing business in sanctioned countries.

Specific risk factors CFIUS considers in its analysis include:

• Domestic production needed for projected national defense requirements;

• The capability and capacity of domestic industries to meet national defense requirements, including the availability of human resources, products, technology, materials and other supplies and services;

• The control of domestic industries and commercial activity by foreign citizens as it affects the capability and capacity of the United States to meet the requirements of national security;

• The potential effects of the proposed or pending transaction on sales of military goods, equipment or technology to certain countries; 

• The potential effects of the proposed or pending transaction on US international technological leadership in areas affecting US national security;

• The potential national security-related effects on United States critical infrastructure, including major energy assets;

• The potential national security-related effects on United States critical technologies;

• Whether the covered transaction is a foreign government-controlled transaction, as defined under the law, and, especially, the potential for transshipment or diversion of technologies with military applications, including an analysis of national export control laws and regulations;

• The long-term projection of United States requirements for sources of energy and other critical resources and materials; 

• Any other factors the President or the Committee may determine to be appropriate, generally or in connection with a specific review or investigation.

Real Estate

The 2018 overhaul by Congress and the law’s implementing regulations provided new authority for CFIUS to review transactions involving the purchase of, lease by or concession to a foreign person of certain US real estate and to mitigate any risk to US national security that arises as a result of such transactions. As with other transactions, the President is authorized to suspend or prohibit any covered real estate transaction when, in the President's judgment, there is credible evidence that leads the President to believe that the foreign person engaging in a covered real estate transaction might take action that threatens to impair US national security and when provisions of other laws do not, in the judgment of the President, provide adequate and appropriate authority for the President to protect US national security.  

Covered real estate includes that which is located within, or will function as part of, a covered port; or, which is located within: 

• Close proximity (i.e., extending outward one mile from the boundary) of certain listed military installations; 

• Extended range (i.e., extending 99 miles outward from the outer boundary) of other listed military installations; 

• Any county or other geographic area identified in connection with any listed Air Force Base Missile Fields; or, 

• Any part of a listed military installation to the extent located within the limits of the territorial sea of the United States.

In 2023, CFIUS added eight additional locations to the extended-range list. In July 2024, CFIUS announced a significant expansion to its jurisdiction under the real estate regulations, proposing to add 59 military installations, across 30 states, to its existing list of covered real estate. CFIUS also proposes to expand its jurisdiction with respect to eight military installations already included on the covered real estate list.

Excepted Foreign States and Excepted Investors

To date, CFIUS has designated Australia, Canada, New Zealand and the United Kingdom of Great Britain and Northern Ireland as “excepted foreign states” and “excepted real estate foreign states,” which means that CFIUS does not have jurisdiction over certain otherwise covered investments  by qualified investors from these countries. “Excepted investors” and “excepted real estate investors” are determined, in part, based on their close ties to these “excepted foreign states” and “excepted real estate foreign states,” respectively. 

Outbound Investment

Pursuant to an executive order, issued by President Biden last year, in June 2024 CFIUS proposed new rules to address perceived threats by certain countries seeking to develop and exploit sensitive or advanced technologies or products critical for military, intelligence, surveillance, or cyber-enabled capabilities. This Outbound Investment Program will be implemented and administered by the Treasury Department, in consultation with other agencies, including the Commerce Department. Certain types of outbound investments by US persons, wherever located, into certain entities located in or subject to the jurisdiction of a country of concern (and certain other entities owned by persons of a country of concern), involved in specific categories of advanced technologies and products, would be prohibited or would require notification. Covered outbound investments would include a US person’s direct or indirect:

• Acquisition of an equity interest or contingent equity interest in a covered foreign person;

• Provision of debt financing to a covered foreign person where such debt financing is convertible to an equity interest;

• Conversion of a contingent equity interest or convertible debt in a covered foreign person;

• Greenfield investment that could result in the establishment of a covered foreign person;

• Establishment of a joint venture, wherever located, that is formed with a covered foreign person or could result in the establishment of a covered foreign person; or,

• Investment as a limited partner or equivalent into a non-U.S. person pooled investment fund that invests in a covered foreign person.

A “covered foreign person” is a person from a “country of concern,” as designated by the President in the Executive Order. To date, the President has designated the People’s Republic of China, along with the Special Administrative Regions of Hong Kong and Macau, as a country of concern. “Specific categories of advanced technologies and products” include semiconductors and microelectronics; quantum information technologies; and, certain artificial intelligence systems. The proposed rule lays out the scope of transactions that would be prohibited and those that would need to be notified. It also provides detail on certain types of transactions that would be accepted.