Newly released government data and the recent publication of proposed regulations to implement transformative legislation enacted in 2018 confirm the contours of a fundamental paradigm shift in U.S. policy towards foreign investment: In the course of just the last few years, Washington has erected the most comprehensive—and activist—regime of national security regulation of inbound foreign direct investment (FDI) among the advanced economies.
This is a dramatic change for a country that for much of the last century was not only the global ideological champion for unhindered cross-border investment flows, but also the key architect of treaties and rules across the world aimed at steering the realization of such outcomes. Indeed, the U.S. had built a reputation for taking on governments whose policies contravened its liberal policy stance towards FDI. The United States is the largest recipient and the largest overseas investor of foreign direct investment.
Against the backdrop of a significant rise of populism in the U.S., coupled with an increasingly aggressive China, led by strongman Xi Jinping, who rules the country with unquestioned authority and determined to win the race for global technological domination, in part through overseas investments in advanced countries, particularly through high valued transactions in the U.S., both the Trump Administration and Capitol Hill have turned their sites on beefing up the statutory authority and animating the operations of the interagency Committee on Foreign Investment in the U.S. (CFIUS), a heretofore little known—and relatively inactive—agency that has its origins in the mid-1970s. CFIUS is empowered to investigate the national security implications of inbound FDI and recommend to the President to block such transactions where the committee deems such action is warranted. (For full disclosure, I was a member of CFIUS during my time serving in the White House in the early 1990s.)
To be sure, other industrialized countries, such as Australia, Canada, France, Germany, Japan Spain, and the United Kingdom, are in the throes of modernizing and expanding their own foreign investment control policy frameworks. But none has in place a regulatory regime as sweeping and forward leaning as the US.
As I have written in this space earlier, the watershed event in the history of CFIUS was the enactment in August 2018 of the Foreign Investment Risk Review Modernization Act (FIRRMA), which significantly enlarged the statutory and regulatory powers of the body compared to what previously existed, especially those stemming from the so-called ‘Exon Florio’ provision in the Omnibus Trade Act of 1988 and the enactment of the Foreign Investment and National Security Act (FINSA) in 2007. FIRRMA became effective in November 2018.
In general, FIRRMA expanded the scope and authority of CFIUS in numerous dimensions. One of the most salient of them pertains to broaden its coverage of transactions depending on: the foreign investor’s country of origin; the extent of noncontrolling investment in a U.S. business involved in a “critical technology”, “critical infrastructure”, or “collecting sensitive data” that may result in compromising personally identifiable information of U.S. citizens; if there is any change in foreign investor rights; if a foreign government has a direct or indirect substantial interest; or the transaction involves assets in close proximity to certain U.S. government facilities (including military installations and some airports).
Another relates to the nature of, and timing for, reviews and investigations, including shifting the filing process for foreign firms from voluntary to mandatory in certain cases, and lengthening most periods for CFIUS reviews and investigations. There are also new mandates for separate reforms related to export controls, with requirements to establish an interagency process to identify so-called “emerging and foundational technologies” and to establish controls on the export or transfer of such technologies. And CFIUS is empowered to address potential national security risks that may arise in a transaction prospectively by compelling parties to institute mitigation agreements that will be reviewed by CFIUS.
What makes FIRRMA so critical in altering U.S. policy towards FDI is not only the expanded scope of authority it vests in CFIUS. Equally important, which few observers both in the U.S. and abroad seem to fully appreciate, is that the law’s passage reflects a significant increase in the U.S. legislative branch’s buy-in on the obligations now vested in the executive branch’s authority to regulate foreign investment. Why do I say this? Because FIRRMA was a bona fide bipartisan effort—a real rarity on Capitol Hill these days. It passed the Senate by a vote of 87-10 and the House by a vote of 359-54.
In this regard, there should be little surprise to investors that in contrast to earlier years, U.S. legislators now have an intense interest in conducting oversight of CFIUS’ operations. And, it will likely do so proactively. Hence, the recent overtures by members of the U.S. Congress towards pushing CFIUS to assess the 2017 acquisition of the music video social media app firm Musical.ly Inc.—now merged with TikTok—by the Chinese news and information site Beijing Bytedance Technology Co.
Coupled with the enactment of FIRRMA have been the issuance of the law’s implementing regulations, which detail the specific the parameters as to how the law will be enforced. These are what matter the most to investors, whether U.S. or foreign.
The first set, was issued in October 2018 and established CFIUS’ “pilot program” for the regulation of foreign investor transactions pertaining to “critical technologies”. Among other provisions, this specifies 28 such products/process where a filing with, and formal review by, CFIUS is made mandatory.
At the same time, these regulations empower CFIUS to review transactions in such sectors even where foreign investors would not have a controlling interest.
Rather than the previous “controlling interest” standard—specified as a having at least 10% of voting shares—the new standard is defined as an investor having access to “material nonpublic technical information” in possession of the U.S. business; membership or observer rights on the board of directors; or any involvement in substantive decision-making.
In September 2019, CFIUS made public a proposed second tranche of implementing regulations, which, following receipt of public comments will come into force in February 2020.
Broadly speaking, these flesh out with great specificity definitions and criteria that serve to inform investors the types of foreign transactions CFIUS is likely to investigate and potentially impede with respect to real estate as well as non-controlling investments. The latter are defined as pertaining to “Technology, Infrastructure, and Data” (TID) activities, which covers (i) development, design, production, or testing of a “critical technology;” (2) owning, operating, manufacturing, supplying, or servicing “critical infrastructure”; or (3) the collecting or maintaining “sensitive personal data.”
Data on CFIUS Operations
By law, CFIUS is to issue annual reports to Congress that describe various facets of its operations over previous years (usually with more than a one-year lag). Thus in November 2019, CFIUS released its annual report for 2016-2017. (The preceding annual report was for 2015, which was published only in September 2017, but contained some elements of data for 2016).
Since the newest CFIUS annual report covers transactions filed in calendar years 2016 and 2017, it thus portrays the operations of CFIUS prior to the enactment of FIRRMA.
The data in the report reveal a striking increase in CFIUS activities across the board for both years compared to earlier periods—whether in terms of number of (i) filings (or “Notices”) made by investors with CFIUS; (ii) Notices withdrawn by investors following CFIUS’s Review (the initial step in the agency’s assessment process); (iii) Investigations undertaken by CFIUS; (iv) Notices withdrawn during the Investigation phase; or (v) Presidential Decisions.
In 2016 CFIUS received 172 Notices from investors, and in 2017 it received 237 Notices—a 38% increase between 2016 and 2017. (For comparison, CFIUS received 143 Notices in 2015).
Of the Notices received in 2016, during the CFIUS Review process, 6 (or 3%) were withdrawn by investors. In 2017, 7 Notices (or 4%) were withdrawn during the Review process. In most cases, withdrawal during the CFIUS Review process signifies investors will not proceed with the transaction. (In some instances, investors might re-file with CFIUS for another Review after altering the structure and/or composition of the transaction.)
Of the Notices filed in 2016, CFIUS conducted 79 Investigations, which accounts for 46% of the Notices that year. For 2017, of the Notices filed, 172 Investigation were conducted, which amounts to 73% of Notices.
During the Investigation phase, in 2016, 21 Notices were withdrawn, which is 27% of Notices under Investigation, and in 2017, 67 Notices were withdrawn, which is 39% of Notices under Investigation.
The data in the annual report also illustrate the sizeable increase in the share of CFIUS covered transactions in the Finance, Insurance and Services industries at the same time the share of such transactions in Manufacturing have sharply dropped. In 2015, Manufacturing accounted for 48% of CFIUS covered transactions. But in 2017, its share fell to 35%. In contrast, in 2015, 29% of such transactions involved Finance, Insurance and Services; by 2017, that share had risen to 46%.
The report also details that investors from China by far dominate the nationality of source countries for CFIUS covered transactions. The absolute number of China-related CFIUS covered transactions doubled over the 2015-2017 period (from 29 to 60). At the same time, the share of China-related deals of the total transactions under CFIUS’s purview was the largest of any country between 2015 and 2017, and China’s share of the total number of CFIUS covered transactions increased from 20% to 25% over the same period.
More often than not, for most of the transactions withdrawn, CFIUS will deliberately move slowly to extend its Investigation process beyond the parties’ transaction closing dates, thus avoiding having to make an affirmative finding to seek a Presidential decision to block a deal that CFIUS has determined will undermine U.S. national security.
In cases where such deals did progress to the Oval Office in 2016 and 2017, two transactions were blocked. President Obama prohibited a Chinese investment firm in 2016 from acquiring Aixtron, a Germany-based firm with assets in the United States, and in 2017, President Trump blocked the acquisition of Lattice Semiconductor Corp. by the Chinese investment firm Canyon Bridge Capital Partners.
While detail CFIUS data for its operations in 2018 and 2019 will be forthcoming, we do know that in 2018, President Trump blocked the acquisition of Qualcomm by Broadcom.
In addition, highlighting the Congressional intent behind the passage of FIRRMA to have CFIUS focus squarely on the national security implications of foreign parties’ access to personal data of U.S. citizens, in 2019, CFIUS made it clear to Beijing Kunlun Tech (BKT) to take steps to divest itself of Grindr, a U.S.-owned online dating site. BKT acquired Grindr between 2016 and 2018 through 2 separate transactions, but did so without going through the CFIUS Review process, which at the time was voluntary, not mandatory as it is under FIRRMA.
This action illustrates the power of CFIUS to be able to unwind prospectively transactions it deems run counter to U.S. national security interests. As the owners of Music.ly, Bytedance would do well to pay heed to such lessons.