August 5, 2021
Chris Griner, Shannon Reaves, Gregory Jaeger, Christopher R. Brewster, Erin Bruce Iacobucci
Each year, CFIUS issues a report of the prior year’s activity. Since CFIUS filings are confidential, the report generates a frenzy of activity among commentators looking to divine changes in policy based on year-to-year comparisons of minute data.
It can get a bit confusing. Here’s our take:
- Chinese investments in key industry sectors get reviewed and get headlines, but most CFIUS reviews involve investments from friendly countries. The sheer number of Chinese reviews was down in 2020, but that was expected. U.S. policymakers are increasingly wary of Chinese investment and there are fewer Chinese deals to scrutinize. The important takeaway is that Japan, Canada, Australia, the United Kingdom, Israel, and a host of European countries, most of them NATO allies, collectively account for more than half of the reviews. All foreign investments are not alike – but covered foreign investments in key industry sectors will get reviewed regardless of the source.
- CFIUS has cranked up its reviews of non-notified transactions. Some CFIUS filings are mandatory. Most are voluntary. CFIUS now has a task force devoted to reviews of transactions that didn’t get filed. It monitors news reports, gets referrals from government agencies, and tips from competitors and others.
In 2020, CFIUS looked at 117 such transactions – 17 got “requests to file,” which are more than polite inquiries. The key message is not the number of requests – but the fact that these deals are getting looked at by CFIUS reviewers.
At a minimum, a CFIUS assessment should be part of any deal involving government contracts, critical technology, critical infrastructure (including health care), export-controlled technology, real estate in close proximity to sensitive government installations, and any case involving firms holding or dealing in personal data. The answers are not always obvious. Many companies, including retailers and insurance companies, hold the personal data of U.S. citizens. Some targets, especially smaller companies, may be unaware that their technology is export-controlled because they’ve never exported. Sensitive contracts may go undetected in due diligence because they account for a small percentage of the company’s sales. Even companies that make simple products can be key players in the national security supply chain or play an important role in critical infrastructure (think surgical masks).
Failure to file can have long-range costs. Deals that are not reviewed are open to review forever – even years after the fact. Transactions can be unwound. By contrast, deals that clear CFIUS review have a safe harbor against future reviews.
Not every covered transaction will warrant review – but the decision not to file should be based on a reasoned assessment. Some filings are mandatory, but if the parties elect to bypass a voluntary filing, they should be prepared to justify the decision. Where filings are not mandated by law, CFIUS can and will initiate its own review if it believes a transaction could threaten U.S. national security. For all of these reasons, when and if CFIUS comes knocking, the answer to the question “Why didn’t you file?” should not be “We never thought anyone would notice.”
- Short form declarations are getting popular. Over 120 declarations were filed in 2020. In appropriate cases, a short-form declaration can be a cost-effective approach to securing a safe harbor review. Better than 60% of the declarations CFIUS considered in 2020 were cleared. They can also result, however, in requests to file a formal written notice. In such cases, declarations only add to the time a transaction spends in review – so the decision to file a declaration should be carefully considered with counsel. A complex deal may be a bad candidate for a declaration. In such cases, full filings are the best way to go.
- Nearly half of the cases that CFIUS reviews go to full investigations, which are longer and costlier. Most deals – the great majority -- clear CFIUS intact – but some don’t. Twenty-nine notices were withdrawn in 2020 – better than 15%. Most were refiled, but 7 were abandoned because the risks identified by CFIUS either could not or would not be mitigated. Some 16 cases (which may have included refiled transactions) involved formal mitigation measures (e.g., divestment of sensitive contracts or properties, or appointment of government-approved corporate security officers).
All of this points to the critical need to do rigorous assessments of transactions – with the aid of counsel – well before a case is filed. The parties should know and understand the national security issues presented by the transaction and be prepared to address them – up front. Many companies adopt a “fix it first” approach – putting mitigation measures in place without formal agreements. Investigation is often unavoidable in larger or more complex transactions – but if the parties expect investigation at the outset they can plan accordingly. Trying to fix problems on the fly can lead to costly mistakes.
Several years ago, when a highway outside Atlanta was being rebuilt, the Department of Transportation posted a large sign that said “Warning: Next 15 miles. Dirt, noise, potholes, rough roads, uneven roadway, delays.” A few slow, noisy, rough, and dusty miles down the road, they posted another sign that read “Were we right?” The CFIUS process can be rough at times, but proper planning can make the difference.
For more information, please contact any of the professionals from Stroock & Stroock & Lavan LLP listed on this page.
This Stroock publication offers general information and should not be taken or used as legal advice for specific situations, which depend on the evaluation of precise factual circumstances. Please note that Stroock does not undertake to update its publications after their publication date to reflect subsequent developments. This Stroock publication may contain attorney advertising. Prior results do not guarantee a similar outcome.