CFIUS Update: Congress Enacts the Foreign Investment Risk Review Modernization Act

The Foreign Investment Risk Review Modernization Act (FIRRMA) cleared Congress on August 1 and now awaits President Trump’s signature. Following action on July 26 by the House of Representatives, on August 1, the Senate approved the Conference Committee Report on the National Defense Authorization Act (NDAA) for Fiscal Year 2019, which incorporates the version of FIRRMA to which the Senate and House conferees agreed. 

As we described in prior alerts – Stricter Regulation of Foreign Investments Advances on Two Fronts: Congressional Committees Approve CFIUS Reform Legislation; and President Trump Announces Forthcoming Restrictions on Investments from China and Stricter Regulation of Foreign Investments and Exports Advances: An Update – FIRRMA will make important changes to the authority and the process by which the Committee on Foreign Investment in the United States (CFIUS) considers foreign acquisitions of or interests in US businesses. 

Resolution of Key Differences in Senate and House Versions

As adopted, the NDAA reconciles several key differences between the earlier Senate and House versions of FIRRMA (S. 2098 and H.R. 5841, respectively). These outcomes include:

• Codifying the US Export Control Regime: The Senate and House bills both proposed new export control provisions to address perceived gaps in the application of export control rules to critical, emerging technologies. A key point of difference was the Senate proposal to extend CFIUS jurisdiction to certain technology licensing transactions not involving a foreign investment in the US.

Instead of expanding CFIUS jurisdiction extraterritorially, the NDAA adopted the alternative approach of expanding export control authority. As proposed in the House bill, the NDAA includes the “Export Control Act of 2018,” which will establish a new, comprehensive statutory basis for the US dual-use export control regime. The prior basic authority, the Export Administration Act of 1979, expired in 1994, leaving successive Presidents to maintain the Export Administration Regulations through exercise of temporary emergency authorities.

The new law requires the President, through an inter-agency process led by the Secretary of Commerce, to identify and to control the export, re-export, and transfer of “emerging and foundational technologies” that are essential to national security and that are not currently defined in the Defense Production Act. These items will include “shipment[s] or transmission of [a controlled] item from a foreign country to another foreign country” even where the item does not have an intrinsic connection to the US.

• Elimination of Certain Statutory Review Criteria: The Senate bill included general criteria for CFIUS to take into account when evaluating foreign investment in US businesses that “own, operate, manufacture, supply, or service critical infrastructure,” including whether the prospective investor’s home country is a member of NATO and adheres to nonproliferation regimes. The NDAA removes these general criteria, instead requiring CFIUS to “enumerate specific types and examples” of critical infrastructure that are likely to be of “importance to national security.” 

• Removal of Designation of Countries of Special Concern: The Senate and House bills required CFIUS to exercise particular scrutiny over various types of transactions where the foreign investor is from a “country of special concern” – that is, “a country that poses a significant threat to the national security interests of the United States.” The House bill further listed specific definitions for “countries of special concern.” The NDAA removes the definition of “country of special concern” and adopts an approach similar to the Senate bill by providing only that CFIUS may consider whether a covered transaction involves a “country of special concern that has a demonstrated or declared strategic goal of acquiring a type of critical technology or critical infrastructure that would affect United States leadership in areas related to national security.”

• Definition of Critical Technologies: Both the Senate and House bills introduced a new category of “critical technologies” subject to review by CFIUS. The Senate bill defined “critical technologies” broadly, as “technology, components, or technology items that are essential or could be essential to national security.” In contrast, the House bill’s definition encompassed only items already controlled under existing export control regulations. The NDAA includes a version of the narrower definition from the House bill. 

• Extension of CFIUS Deadlines: Current law provides for an initial 30-day “review” by CFIUS following its acceptance of a notice. If CFIUS does not complete action at the end of that period, then it may initiate a second-stage “investigation,” which it must complete within 45 days. If CFIUS cannot conclude action by that deadline, the case goes to the President, who has another 15 days to act. (Cases rarely go to the President; rather, ordinarily the parties resolve the case with CFIUS or withdraw and refile their notice, starting a new review period.)

The NDAA extends the initial review deadline to 45 days, as provided in both the Senate and House bills. The legislation permits CFIUS to extend the investigation period by another 15 days in “extraordinary circumstances,” instead of the 30 days contemplated in the Senate bill. The NDAA will also provide the President an additional 15 days in extraordinary cases. Thus, relatively complex CFIUS cases may routinely begin to take 105 days following initiation, instead of 75 days (where the parties do not withdraw and refile their notice).

• Monitoring of Non-Declared Transactions: The NDAA includes a Senate provision requiring CFIUS to establish a process to identify covered transactions for which a notice or declaration was not submitted.

In addition, the NDAA includes several provisions in FIRRMA that were not in either the Senate or House bills. These include:

• Definition of Covered Transaction: The NDAA modifies the definition for Covered Transaction to include “other investments” by a foreign person in a US business that owns, operates, manufactures, supplies, or services to critical infrastructure, produces critical technologies, or that maintains or collects sensitive personal data of US citizens. The apparent intent is to capture small investments that might not otherwise fall within CFIUS jurisdiction because they lack any indicia of “control.”

• Waiver of Declaration Requirements for Certain Investors: The NDAA institutes a new avenue for securing CFIUS clearance by filing short “declarations” for transactions involving acquisition of a substantial interest in a US business by a “foreign person in which a foreign government has, directly or indirectly, a substantial interest.” As approved in the NDAA, however, FIRRMA would allow CFIUS to waive the requirement for a declaration if the foreign investor “demonstrates that the investments of the foreign person are not directed by a foreign government and . . . [the investor] has a history of cooperation with the Committee.”

• Comments on Joint Voluntary Notices: The NDAA requires CFIUS to provide comments on a draft or formal written notice of a covered transaction within 10 business days of receipt. Currently, there is no deadline for comments; CFIUS will initiate a review only after it determines when a notice is “complete,” an assessment entirely within its discretion. The new law will at least ensure that the parties to a notice are given more prompt comments on matters to address so that CFIUS will deem a notice to be “complete.”

• New Administrative Positions: The NDAA requires the Department of the Treasury to establish a new position of Assistant Secretary for Investment Security, an organizational change that essentially will elevate the current Deputy Assistant Secretary for Investment Security to a Senate-confirmed position. In addition, the bill requires every other CFIUS agency to designate a Senate-confirmed Assistant Secretary or equivalent to carry out CFIUS-related duties.

Enactment of FIRRMA caps more than a year of vigorous debate over how to shape CFIUS to address continued advances in US technology, evolving cross-border business models, and most importantly, the emergence of China as both the world’s second largest economy and a strategic threat to the United States. Congress last radically amended CFIUS’s legal authority almost exactly 11 years ago.¹ The focus of legislation then was to put CFIUS on a sound legal footing with clear processes for managing cases. Congress strove to tailor CFIUS’s operational reach to serve a dedicated national security function while minimizing its regulatory impact. Though it ultimately reaffirmed long-standing US policy of welcoming foreign investment, FIRRMA reflects a new acceptance of more expansive federal oversight and regulation of cross-border movements of capital and technology.

As we previously reported in detail, the “reformed” CFIUS and export control regimes will deploy a broad array of clarified and new authorities to identify and to regulate previously under-the-radar transactions, particularly involving the tech sector. Because FIRRMA tosses to CFIUS the responsibility for self-defining its authority through rulemaking processes involving critical definitions and mandates, and because implementation ultimately depends on the policy choices made within the broad discretion exercised by the executive branch, much uncertainty about the impact of FIRRMA remains. We expect that early stage companies may especially encounter new hurdles in future fund-raising rounds.

Time will tell whether the new CFIUS becomes a security checkpoint that efficiently, effectively, and predictably monitors investment flows – or instead, a cause of lengthy delay and diversion of capital to other countries. It is important to recognize, however, the potential for significantly improved processes for investment transactions posing little obvious concern for national security. FIRRMA’s new short-form declaration process should afford investors from countries allied to the US an express lane to address CFIUS clearance, thus reducing cost and time to closing in many cases. The new export control process to identify foundational, emerging technologies will provide US companies with regulatory transparency and predictability as they design their global business strategies.

Investors and businesses seeking investment alike should continue to monitor the implementation of FIRRMA, and to consider taking an active part in the critical rulemaking process to come. CFIUS took about one year to promulgate new regulations following enactment of the 2007 reforms. This time, the process may well proceed on a much faster track – but with equally far-reaching consequences.

This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Theodore Kassinger, an O’Melveny partner licensed to practice law in the District of Columbia and Georgia, Greta Lichtenbaum, an O’Melveny partner licensed to practice law in the District of Columbia, David J. Ribner, an O’Melveny counsel licensed to practice law in the District of Columbia and New York, Mary Pat Dwyer, an O’Melveny associate licensed to practice law in the District of Columbia and Pennsylvania, Eric Goldstein, an O’Melveny associate licensed to practice law in Maryland, and McAllister Jimbo, an O’Melveny associate licensed to practice law in California and the District of Columbia, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.

© 2018 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising. Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, Times Square Tower, 7 Times Square, New York, NY, 10036, T: +1 212 326 2000.