Update: The New Law Governing CFIUS National Security Review of Foreign Investment

International Alert

In April 2006 we reported on the firestorm of legislation that followed the approval of a sale of U.S. port operations from a British company to Dubai Ports World (“DP World”), the largest port operator in the world and an entity owned by the United Arab Emirates (“UAE”), by the little-known U.S. government interagency committee, the Committee on Foreign Investment in the United States (“CFIUS”). (See Sweeping Legislative Changes Proposed for Foreign Investment in the United States, Miller & Chevalier International Alert, Volume 13, Issue 8, April 5, 2006.) CFIUS is charged with reviewing acquisitions of U.S. businesses by foreign entities to ensure that U.S. national security is not threatened by a particular transaction. Approximately two dozen bills were introduced to curb CFIUS’ independence, and to mandate that certain types of transactions receive more strict scrutiny.

When the dust settled this summer, CFIUS emerged relatively intact and now statutorily organized, in the form of the “Foreign Investment and National Security Act of 2007 (P.L. 110-49, July 26, 2007) (“FINSA”). As we discussed last year, DP World and CFIUS were caught in the perfect storm ‑‑ concerns over port security in a post-9/11 world and an election year. In addition, there was concern over the emerging superpower ‑‑ China, and its entities that had begun to flex their acquisitive muscle in the failed hostile bid by the Chinese National Offshore Oil Company (“CNOOC”) for some operations of Unocal, which had agreed to sell those operations to another U.S. company, Chevron (in the process of which CNOOC officials basically told Congress that the hostile bid was none of their business).


Established by President Ford in 1975, CFIUS is an interagency committee within the executive branch that initially was charged with monitoring the impact of and coordinating U.S. policy on foreign investment in the United States. In 1988 CFIUS’ role was expanded with Congressional passage of the Exon-Florio amendment to the Defense Production Act of 1950 (Exon-Florio), which authorized the president to investigate the effect of foreign acquisitions, mergers and takeovers on U.S. national security and to block or unwind transactions deemed a threat to national security. Four years later, Congress passed the Byrd Amendment modifying Exon-Florio to arguably require mandatory investigations for transactions that could result in a foreign government gaining control of a U.S. company that could affect U.S. national security.

Exon-Florio and the implementing regulations issued by the Treasury Department establish a multi-step process of voluntary notification, CFIUS review, CFIUS investigation and presidential decision for transactions by or with foreign persons that could result in foreign control of U.S. companies. A party to a proposed or completed transaction may submit a voluntary notice to CFIUS describing the acquisition and parties in detail. Alternatively, a CFIUS agency may submit a notice if it has reason to believe that the transaction may have adverse impacts on U.S. national security. CFIUS reviews and investigates transactions to ascertain if there is credible evidence that the foreign acquirer might take action that will threaten to impair national security, and that require action by the President if other laws cannot mitigate the identified threat to national security.

FINSA 2007

Much of the current process utilized today will remain unchanged under FINSA, but there will be a number of changes to the way CFIUS operates. FINSA takes effect at the end of October, and Treasury has 180 days to issue new regulations. Principal among these changes is the statutory establishment of CFIUS, with the authority to review and investigate transactions, as well to negotiate and enforce mitigation agreements.

Substantively, changes to manner in which CFIUS conducts reviews were not as onerous as the investment community feared. For example, the 30-day review and 45-day investigation periods have not been extended. The business community, however, breathed a sigh of relief as one of the main features of earlier versions of the legislation ‑‑ to require second-stage investigations of certain transactions ‑‑ was weakened with an exception provision. Investigations are not mandatory for transactions involving foreign government-controlled acquirers or critical infrastructure. In addition, “national security,” while expanded to specifically include “homeland security,” has not, as feared, expanded to include “economic security.” Rather, Treasury is instructed in regulations to consider critical infrastructure in the context of homeland security. Specifically, transactions involving energy assets and critical technologies now join those involving defense production and technology as important factors. Still unclear, however, is what scope “reopening” of transactions involving mitigation agreements will take.

In large part, the changes address Congress’s procedural grievances ‑‑ the apparent lack of accountability of a staff committee to political appointees and to Congress, as well the failure to provide annual reports to Congress. Now, reporting requirements to Congress have been clarified and in some cases expanded, including the requirements to report to Congress after each review and investigation, and annual reports of withdrawals.

Expanding Role of the Export Control Agencies in the CFIUS

While the focus over the last year has been on national security as defined in a homeland security context, the export control agencies have played a significant role in the CFIUS based upon technology controls and concerns; and more recently our lawyers have observed that both the U.S. State Department and the U.S. Commerce Department have stepped up their level of activity in connection with CFIUS reviews.

The State Department’s Directorate of Defense Trade Controls (DDTC) frequently makes inquiries of parties to determine whether the parties are in compliance with the International Traffic in Arms Regulations (ITAR). Target U.S. firms are often questioned as to why they have not registered as a munitions manufacturer under the ITAR. Acquiring firms are asked by DDTC to show evidence of training outside the U.S. to demonstrate a commitment to U.S. export controls in general and re-export controls in particular. DDTC will sometimes ask about the training of the board of directors on export control matters to determine whether CFIUS agencies should trust the acquiring firm to comply with U.S. export controls rules and refrain from causing a newly-acquired U.S. subsidiary from releasing controlled technology to the new parent and its officers without license approvals from the U.S. export control agencies.

In addition, the Commerce Department’s Bureau of Industry and Security (BIS) has begun asking some companies in the CFIUS process to submit all their products for classification. This often comes as a shock even to compliant companies, but BIS will generally waive this request if a firm explains its jurisdiction and classification process, explains that it has already performed jurisdiction and classification on its items (commodities, software, and technology), and perhaps offers BIS a matrix of the classification and jurisdiction conclusions.

Strategic Considerations

As is clear from the muted reaction to the recently-announced Borse Dubai/NASDAQ transaction, communicating with Congress (and CFIUS) regarding the national security implications of a transaction while it is being negotiated is the wisest course. The transaction should proceed smoothly through a review avoiding an investigation. The investment community can also be somewhat assured that a transaction involving financial services is not, in this instance, being branded as one involving “critical infrastructure” ‑‑ a possibility under the 2006 draft legislation. Nevertheless, if the transaction involves a critical sector - at a minimum infrastructure, energy, telecom, transportation, power generation ‑‑ the transaction should probably be teed up for CFIUS and Congress in a “pre-filing,” and notification is probably necessary. A public relations strategy is key. Be prepared for sore losers in a bidding situation to cause trouble. With Russia and European countries taking “critical sectors” off the foreign direct investment market, and talking of protecting their “economic security,” the new CFIUS is not bad at all.

The lesson from the recent developments is that acquiring firms, selling firms, and investment bankers should perform trade compliance due diligence before the agreement is finalized and well before presentation of the proposed transaction to the CFIUS.

For further information, please contact:

Larry Christensen, lchristensen@milchev.com, 202-626-1469

Related Files
Related Links

The information contained in this newsletter is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information about these issues, please contact the author(s) of this newsletter or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This newsletter is protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this newsletter without prior written consent of the copyright holder.