The 2020 unclassified report published by the Committee on Foreign Investment in the United States (CFIUS) provides investors with information regarding the approval rate for the streamlined declarations review process and the number of non-notified transactions reviewed by the Committee. The 2020 annual report is the first report following publication of the updated CFIUS regulations in February 2020. CFIUS reviewed fewer “full” notices in 2020 compared to prior years but considered an increased number of declarations, which have a shorter review timeframe. Notably, CFIUS was willing to conclude action on a greater percentage of declarations than expected, which may provide a helpful avenue for parties to a transaction to obtain CFIUS approval in an expedited manner, particularly if the transactions are from partner or allied countries.
CFIUS continued to mitigate a similar number of transactions as in 2019 and the President blocked one transaction. CFIUS required mitigation terms in 2020 at a rate comparable to 2019, which indicates that CFIUS is adhering to its mandate to protect U.S. national security while maintaining an open foreign investment environment. Of note, seven transactions were abandoned as a result of CFIUS national security concerns, and the President blocked one transaction, the TikTok transaction.
Summary
- Full notices reviewed by CFIUS declined by 20 percent in 2020 (187) compared to 2019 (231). The decrease in reviewed notices likely was due to economic conditions and the investment environment as well as the availability of declarations as an option for notifiable transactions. It does not appear that a pandemic bump in activity—due to consolidation or economic stress arising from the pandemic— occurred. CFIUS nonetheless had a full docket as a result of transactions considered through the declaration and non-notified transactions processes. CFIUS assessed and took action on 126 declarations in 2020; of these, CFIUS completed action on 81 of them. CFIUS also considered an additional 117 transactions that were not filed with CFIUS and ultimately asked the parties for 17 of those transactions to file a notice.
- An expected increase in mitigation agreements following the passage and implementation of the Foreign Investment Risk Review Modernization Act (FIRRMA) did not materialize. CFIUS mitigated roughly the same percentage of transactions in 2020 (23, or about 12 percent) as in 2019 (33, or about 14 percent). The report does not specify the frequency with which types of mitigation conditions (e.g., cybersecurity, data access, supply assurances) were used and so it is difficult to assess trends in focus on data, cybersecurity, or other national security concerns.
- The Biden administration is expected to increasingly focus on targeted policy tools to identify and address national security risks and CFIUS will continue to play an important role. Risks stemming from trade and investment are at the forefront of U.S. national security policy and targeted tools and expertise are needed to address complex issues such as data security, cybersecurity, and supply chain vulnerabilities. For example, National Security Adviser Jake Sullivan has noted further consideration of the impact of outbound investment flows on export controls and national security risks.1 As the Biden administration takes a whole-of-government approach and enhances targeted tools and processes, CFIUS will nonetheless continue to serve as an important catch-all process for identifying and addressing emerging or unidentified risk.
Findings from the Annual Report
- The number of declarations assessed by CFIUS rose by 34 percent in 2020 over 2019 and will likely increase over time as investors, counsel, and CFIUS gain greater experience and comfort with the declaration process.
Importantly, in 2020, CFIUS completed action on 64 percent of the declarations filed compared to 37 percent in 2019.
If this trend continues, counsel and investors may consider this streamlined process as a more effective clearance mechanism for low-risk investment transactions. Some caution is nonetheless required for time-sensitive or higher-risk transactions given that CFIUS requested that parties file a notice for 22 percent of declarations. Counsel and investors should continue to carefully vet transactions for the full range of national security risks prior to investment to determine the most appropriate avenue.
- The report shows that CFIUS casts a wide net when searching for historical transactions through its non-notified transactions process, but it only requested filings for a small subset of the identified transactions.
CFIUS has aggressively used its new non-notified transaction process to search for historical transactions, yet this appears to have resulted in more limited requests for filing notices (17 out of 117).
Transactions that are identified through the non-notified process for CFIUS consideration—even if no request for a notice is ultimately filed—can result in costs for parties as they respond to CFIUS inquiries. Parties may wish to consider lookbacks to identify transactions that are lower risk that could elicit CFIUS attention and proactively seek a safe harbor through the declaration process.
- CFIUS reviews of Chinese-origin investment transactions have declined substantially from 2017 to 2020. The heightened scrutiny of Chinese investment in the context of FIRRMA passage and implementation likely resulted in reduced investment appetite in national security sensitive sectors. CFIUS reviews of Chinese-origin notices declined from a high of 60 notices, or 25 percent of notices in 2017, to 17, or 9 percent of notices in 2020. Japanese investors accounted for the highest number of notices in 2020, filing 19 notices, followed by China and the United Kingdom with 14 notices. In 2019, investors from Japan, China, and Canada filed the highest number of notices, accounting for 46, 25, and 23 notices, respectively. In 2020, Japan was again the top acquirer of U.S. critical technology, with 18 of its 19 notices relating to the acquisition of critical technology.
- Mitigation agreements often require significant data access restrictions or oversight mechanisms, which can be difficult and costly for businesses to implement. In 2020, CFIUS cleared 16 transactions with mitigation agreements and permitted transaction parties to abandon a transaction with mitigation conditions in six cases.2 As in 2019, CFIUS used a broad range of mitigation measures and conditions to address national security risks.3 Implementation can present challenging data separation requirements, communications restrictions, and ongoing monitorships and audits. Parties should work with counsel and oversight practitioners—and engage constructively with CFIUS agencies—to ensure a clear understanding of timeframes and practical and cost considerations.
- In 2020, CFIUS used similar mechanisms to oversee parties’ compliance with mitigation agreements as in 2019. CFIUS used a variety of mechanisms to oversee National Security Agreement (NSA) compliance, including periodic reporting to the USG by the companies, requiring on-site compliance reviews by the USG, mandating third-party audits or monitors, and requiring investigations and remedial actions to be taken upon discovery of a violation or suspected violation of the terms of the mitigation agreement. In 2020, CFIUS instituted remediation activities for three agreements following minor violations.
Broader Implications for Transaction Parties
- Parties will need to carefully evaluate national security risks arising from investment transactions in a systematic manner to understand how the CFIUS process may impact a potential deal. The CFIUS process can be costly on the front and back end of transactions. On the front end, decision points in the CFIUS process can add costs and time to investment transactions, including legal requirements to file mandatory declarations (with substantial enforcement penalties) and decision trees on voluntary declarations and full notices. On the back end, CFIUS can impose robust mitigation conditions that add delays or costs to transactions. As a result, parties and counsel should conduct pre-transaction diligence to uncover potential national security risks and to understand how the CFIUS process may impact them.
- As the Biden administration builds out new policy tools to address national security concerns, parties should be mindful of parallel national security processes focused on trade and investment that may cut across several agencies. In addition to the interplay between export controls, foreign ownership, control, and influence or team telecom requirements, new processes are being introduced around supply chain, personal data, and cybersecurity that increase regulatory complexities for transaction parties. For example, the Biden administration’s executive orders to address supply chain, cybersecurity, and personal data vulnerabilities increase the likelihood that cross-border transactions will be caught in cross-cutting review processes.
Endnotes
1 National Security Council. “Remarks by National Security Advisor Jake Sullivan at the National Security Commission on Artificial Intelligence Global Emerging Technology Summit,” July 13, 2021, https://www.whitehouse.gov/nsc/briefing-room/2021/07/13/remarks-by-national-security-advisor-jake-sullivan-at-the-national-security-commission-on-artificial-intelligence-global-emerging-technology-summit/. In addition, Senators Bob Casey and John Cornyn have introduced an amendment to the United States Innovation and Competition Act that would establish an interagency review process to screen outbound investments and the offshoring of critical capacities and supply chains to foreign adversaries. The interagency committee would be led by the Office of the United States Trade Representative along with the U.S. Departments of Commerce and Defense. Office of Senator Bob Casey. “Casey and Cornyn Release a Joint Statement on National Critical Capabilities Defense Act,” May 24, 2021. Casey and Cornyn Release a Joint Statement on National Critical Capabilities Defense Act | Senator Bob Casey (senate.gov)
2 Parties may request a withdrawal of a transaction for either commercial reasons or for CFIUS review-related reasons. The latter situation occurs when CFIUS informs the parties that it is unable to identify mitigation measures that would resolve the national security risk, or because the parties do not accept CFIUS’ proposed mitigation measures. Due diligence and early consideration of potential CFIUS mitigation options helps parties understand which mitigation terms are acceptable from a deal perspective.
3 In 2020, conditions included: prohibiting the transfer or sharing of certain IP or technical knowledge, establishing access controls to prevent foreign access to certain technology or sensitive information, establishing Security Committees to ensure compliance with the terms of the NSA, including appointing a Security Officer approved by the USG, requiring supply assurances to the USG for defined periods, notification and consultation periods prior to taking certain business decisions, limiting foreign acquirer’s ability to increase ownership or rights absent USG approval, and requiring that a foreign acquirer divest part or all of the U.S. business.