Skip to main content

Trade Compliance Flash: Congress Seeks to Update CFIUS in Response to Chinese Investment Threat: A Primer on Potential Big Changes

International Alert

On November 8, 2017, a bipartisan group of U.S. senators lead by John Cornyn (R-TX), Diane Feinstein (D-CA), and Richard Burr (R-NC) introduced a bill—the Foreign Investment Risk Review Modernization Act (FIRRMA)—that would expand the jurisdiction of the Committee on Foreign Investment in the United States (CFIUS or the Committee) in an effort to modernize the interagency body, update its processes and tools, and improve its ability to combat current and future national security threats. A companion bill was introduced in the House on the same day by Representative Rob Pittinger (R-NC).    

FIRRMA's sponsors, especially Senator Cornyn, have made clear that this bill is aimed squarely at China. According to the sponsors and other administration officials, foreign investment is being "weaponized" and used to erode the United States' military advantage by transferring sensitive military and dual-use technology overseas. All indications are that Congress believes this problem has grown into a full-fledged crisis and is intent on doing something about it.

It may be months before FIRRMA is ready for serious consideration on the Senate floor, but the proposed updates to CFIUS are worth further scrutiny because they would bring significant changes to a process that has been relatively static for the past decade, since the current regulations were finalized in 2008 following the passage of the Foreign Investment and National Security Act of 2007 (FINSA). These proposed changes also reflect the way CFIUS is working today and highlight the national security threats that are of great interest to the Committee right now. Although the final details of the bill are likely to change, the most important proposals would:

  • Significantly expand the scope of transactions that CFIUS could review;
  • Heighten scrutiny on transactions from "countries of special concern," such as China; 
  • Increase the number of factors that can be considered by CFIUS in its national security risk analysis, including several related to sensitive personal data and cybersecurity; and
  • Formalize a mechanism for CFIUS to scrutinize transactions even when parties decide not to file a voluntary notice. 

These proposals, along with several others, are summarized below along with some preliminary analysis of their potential impact on the CFIUS process and on companies around the world that may eventually be subject to CFIUS's broader reach.

Expanded Scope

The most significant proposed change to the current CFIUS regime is an expansion of the Committee's jurisdiction to review far more than just traditional merger and acquisition activity. The Committee currently has authority to review and investigate "covered transactions," which means any "merger, acquisition, or takeover . . . by or with a foreign person which could result in foreign control of any person engaged in interstate commerce in the United States." The key threshold concept of "control" is limited to majority owners or dominant minority shareholders with the power "to determine, direct, or decide important matters affecting an entity."  

Under FIRRMA, the Committee would expand the definition of "covered transaction" to include five new types of transactions resulting in foreign "control":

  • Purchase or lease of real estate in close proximity to a military installation or U.S. government facility or property that is sensitive for national security reasons. Currently, CFIUS is unable to review and investigate so-called Greenfield investments (i.e., foreign direct investment where the foreign parent builds a U.S. business from the ground up). Rather than a comprehensive change, this provision targets one high-priority category of such investments that have clear national security implications. 
  • Non-passive investments in a U.S. critical technology or critical infrastructure company. This category is designed primarily to limit the types of sensitive technology transfers that prompted the legislation. Critical technology (i.e., technology essential to national security) includes items on the U.S. Munitions List and the Commerce Control List, as well as "emerging technologies" that could be essential to national security in the future. The new concept of "emerging technologies" is particularly important because it would allow the Committee to review investments in technologies the U.S. export control regimes have not yet regulated. Investments in critical infrastructure (i.e., systems or assets so vital that incapacity or destruction would have a debilitating impact on national security) also would be subject to review more readily outside the context of mergers and acquisitions.  
  • Contributions by a U.S. critical technology company to a foreign entity of both intellectual property and associated support through any type of arrangement, such as a joint venture. In many ways, this may be the most significant proposed expansion because it would allow CFIUS to review joint ventures designed to transfer significant U.S. intellectual property and human capital outside of the United States. This, too, seems directed largely at China, as the arrangements covered by this provision mirror the requirements that many U.S. businesses are subjected to in gaining access to the Chinese market. If adopted, this provision would allow the Committee to assess whether sensitive U.S. intellectual property is too high a price to pay for foreign market entry in certain cases.  
  • Any change in a foreign investors' rights that would result in control of a U.S. business or a non-passive investment in a critical technology or critical infrastructure company. This broad category seems intended to capture corporate maneuvering of virtually any kind that could result in foreign control of a U.S. business or foreign influence over certain sensitive U.S. technology, systems, or assets. In short, this appears to be an attempt to curtail the perceived problem of parties seeking to evade CFIUS's jurisdiction through creative deal structuring.      
  • Other types of transactions or arrangements designed to avoid CFIUS review. Continuing with the theme of evasion, this would serve as a catch-all to allow CFIUS review of just about any transaction it deems concerning, regardless of its structure. As seasoned cross-border transactional attorneys know, the careful consideration of deal structure and financing arrangements viewed through the lens of potential CFIUS regulatory risk is an integral part of any comprehensive diligence process. If adopted, this provision could make such forward-looking assessments very murky.   

Countries of Special Concern

The bill introduces a brand new concept into the CFIUS lexicon—country of special concern—which is defined as "a country that poses a significant national security threat to the national security of the United States." Based on its prominence throughout FIRRMA, transactions involving a country of special concern would receive heightened scrutiny from the Committee. 

The clear intention here—although left unspecified in the bill itself—is to target the perceived threat posed by Chinese investment and provide the Committee with the ability to address that threat more effectively. In introducing the bill, Senator Cornyn made no secret of that fact by calling out China's push to acquire sensitive U.S. technology as a motivating factor behind the proposal. Earlier this year, Senator Cornyn also mentioned Russia as another potential country of special concern. Notably, however, the bill does not attempt to define or list such countries and it explicitly disclaims any responsibility for the Committee to do the same via regulation. Thus, CFIUS would retain flexibility to respond to nation-state threats to U.S. national security as they evolve over time. 

Exempt Countries

On the opposite end of the spectrum, the bill also proposes to exempt certain transactions originating in low-risk countries from the scope of CFIUS's review. Again, no list of countries has been included, but the legislation states that countries with which the United States has a mutual defense treaty or mutual arrangement to safeguard national security as it pertains to foreign investment may be exempted by regulation. 

New National Security Factors for CFIUS Consideration

There are nine new factors that the Committee may consider in assessing the national security risks posed by a particular transaction. In sum, those factors are:  

  • The potential increased cost to the U.S. government of acquiring or maintaining equipment and systems necessary for defense, intelligence, or national security; 
  • The potential effects of the cumulative market share of any one type of infrastructure, energy asset, critical material or technology by foreign persons; 
  • Whether the foreign acquirer has a history of complying with U.S. export control, intellectual property, and immigration laws and adhering to contracts with the U.S. government; 
  • The extent to which a transaction is likely to expose personally identifiable information, genetic information, or other sensitive data of U.S. citizens to a foreign government or person that may exploit the information in a manner that threatens national security; 
  • Whether the transaction is likely to create any new cybersecurity vulnerabilities in the United States or exacerbate existing cybersecurity vulnerabilities; 
  • Whether the transaction is likely to result in a foreign government gaining new capabilities to engage in malicious cyber-enabled activities against the United States, including election tampering; 
  • Whether a transaction involves a country of special concern that has a demonstrated goal of acquiring the type of critical technology possessed by the U.S. party to the deal; 
  • Whether the transaction is likely to facilitate criminal or fraudulent activity affecting U.S. national security; and 
  • Whether the transaction is likely to expose information regarding sensitive national security matters or sensitive procedures or operations of certain federal law enforcement agencies to an unauthorized foreign person.       

These new factors reflect significant perceived gaps in the current scope of the Committee's national security analytical toolkit. The prominence of factors related to sensitive personal data and cybersecurity demonstrates that those issues are now seen as essential to protecting U.S. national security even though they were barely on Congress's radar when FINSA was enacted a decade ago.  

Streamlined Filings

FIRRMA contemplates a potential new first step in the CFIUS process that allows parties to file a declaration of generally no more than five pages in length. Submitting a declaration would be voluntary with the exception of transactions involving state-owned enterprises, which would be mandatory, and other types of transactions that could be made mandatory at the discretion of the Committee. After receiving the declaration, CFIUS would have the option of requesting a full notice from the parties to initiate the review process, initiating such a review unilaterally, or notifying the parties that the Committee has completed all action with respect to the transaction. Although filing a declaration may ultimately prolong the wait for a CFIUS clearance if a formal notice is requested thereafter, the prospect of receiving a clearance for a non-controversial deal without filing a formal notice may be too enticing for certain parties to pass up.  

Increased Scrutiny for Non-Notified Transactions

Apart from the possibility of mandatory declarations in some cases, CFIUS would remain a voluntary process under FIRRMA. This is significant because many observers expected that mandatory filings in certain circumstances could be part of any CFIUS legislative reforms. However, a mechanism would be created to identify covered transactions that have failed to file a notice or declaration with the Committee. The risks of failing to seek CFIUS approval have always been high, but this emphasis on identifying non-notified transactions means that costs could increase significantly in the future if the Committee is more proactive in examining transactions of concern. 

Filing Fees

To enhance the resources of the Committee, FIRRMA proposes to create a CFIUS Fund that would be funded in part by new filing fees capped at the lesser of $300,000 or one percent of the transaction's value. Although transactions before CFIUS are often valued in the hundreds of millions of dollars or more, this is a significant cost that parties could have to factor in to their future deal plans.     


Despite bipartisan support for FIRRMA, the current environment in Congress and elsewhere in the U.S. political landscape means that its ultimate passage is anything but certain. Nevertheless, if even a handful of the measures described above are enacted, then the Committee will significantly expand its reach and companies around the globe should be prepared to contend with greater CFIUS scrutiny any time there is a cross-border transaction, investment, or corporate restructuring that involves the United States. Miller & Chevalier will be closely monitoring the progress of FIRRMA and any related legislation affecting CFIUS over the next several months and will provide further updates as necessary.  

For more information, please contact:

Brian J. Fleming,, 202-626-5871

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.