Compliance and CFIUS enforcement

July 2023  |  FEATURE | MERGERS & ACQUISITIONS

Financier Worldwide Magazine

July 2023 Issue

In recent years, the national security implications of foreign investment has become a hot topic in many jurisdictions. Regulators and policymakers are ever more aware of the potential risks that come with allowing foreign investors into critical sectors.

Governments and their regulatory bodies are more inclined to block deals on national security grounds. Last year, the UK government blocked a number of pending transactions under its new foreign investment regime which came into force in January 2022.

Many Western governments, including the US, have raised concerns about investments by large Chinese companies whose operations are controlled or influenced by the Chinese government. Policymakers in the US are increasingly sensitive to Chinese attempts to acquire critical technologies or advanced technologies deemed material to national security.

Tightening the net

Back in 2018, Congress passed the Foreign Investment Risk Review Modernisation Act (FIRRMA), which allows the Committee on Foreign Investment in the United States (CFIUS) to review a wider range of transactions, including any “non-passive” investment in US firms involved in critical technology or other sensitive sectors. In the two years following FIRRMA, transaction registrations from Chinese investors fell by 43 percent, according to CFIUS data.

In late 2022, CFIUS released the first-ever Enforcement and Penalty Guidelines, which emphasise the committee’s mandate to identify and mitigate the national security implications of foreign investments while upholding US openness to inbound capital. The Guidelines provide insight into how CFIUS will assess whether, and in what amount, to impose a penalty or undertake other enforcement action against a violating party. They also contain a non-exhaustive list of aggravating and mitigating factors that CFIUS takes into account.

Deciding not to notify CFIUS can present significant risk where meaningful national security issues are involved.

Paul Rosen, assistant secretary of the treasury for investment security, stated that the Guidelines send a clear message that compliance with CFIUS mitigation agreements is “not optional, and the Committee will not hesitate to use all of its tools and take enforcement action to ensure prompt compliance and remediation, including through the use of civil monetary penalties and other remedies”.

Also in 2022, President Biden signed an Executive Order introducing the first explicit articulation of specific risks that CFIUS must consider. The order established five criteria for reviewing a potential deal: (i) the effect on US supply chains, including those unrelated to defence; (ii) the effect on US leadership in advanced technologies; (iii) how the transaction is situated within industry investment trends; (iv) the cyber security risks that could emerge from the transaction; and (v) risks to the private data of people in the US.

Empowered

At present, the process is voluntary, meaning that parties to a covered transaction are not required to seek CFIUS approval before proceeding with their transaction. However, deciding not to notify CFIUS can present significant risk where meaningful national security issues are involved. Where parties to a covered transaction do not seek CFIUS pre-clearance, the committee is empowered to initiate its own review of the transaction, either before or after closing. Reviews usually involve disclosure of voluminous, detailed information to CFIUS.

If the committee determines that the foreign investment threatens to impair national security, it may require the parties to enter into a mitigation agreement or recommend that the US president blocks the transaction entirely. The committee is authorised to impose monetary penalties of up to $250,000 or, for non-compliance with a mandatory filing obligation or breach of a mitigation agreement, up to the value of the underlying transaction (if greater than $250,000), in addition to mitigation conditions.

When deciding on penalties, CFIUS will take into account the violators’ compliance resources, including legal counsel, consultants, auditors and monitors, as well as its compliance culture. It will also take into account whether the company came forward to disclose a potential violation.

According to the Guidelines, there are three types of conduct that may constitute a violation. The first is material misstatements or omissions in filings with CFIUS, or false or materially incomplete certifications delivered to CFIUS. The second is failure to file a mandatory declaration or notice. The third is non-compliance with CFIUS mitigation agreements, conditions or orders.

In nearly 50 years, CFIUS has publicly reported only two penalties, both of which were relatively modest in scope, at $1m and $750,000, and related to violations of mitigation requirements. However, the Executive Order and the publication of the Guidelines in short order suggest that there is a renewed commitment to use the CFIUS review process to address national security risks – a concept being scrutinised more broadly today than at any point in CFIUS’s history.

It is increasingly clear that CFIUS intends to revamp its enforcement approach and impose monetary penalties for non-compliance with its filing obligations and mitigation requirements. In light of the revised approach, and the high stakes associated with violating CFIUS rules, companies and investors should dedicate more resources to awareness of CFIUS-related obligations, particularly given that the committee’s role in the US economy looks set to expand.

© Financier Worldwide

BY

Richard Summerfield

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.