On May 21, 2020, a proposed rule change brought the threat of a mandatory CFIUS filing to investments across all U.S. industries. The U.S. Department of Treasury proposed a rule[1] that removes a restriction formerly in the Foreign Risk Review Modernization Act’s (FIRRMA) that limited mandatory filings with the Committee on Foreign Investment in the United States (CFIUS) to only 27 industries.
The proposed rule is consistent with a series of changes by the Trump Administration aimed at decreasing Chinese access to U.S. technology (through export controls, FDI review, and other restrictions). However, the rule change may create complications for investments from a wide range of countries.
Before: Limited Mandatory Filings
In October 2018, the Treasury Department implemented an interim rule establishing a temporary Pilot Program. The Pilot Program represented a sea change in CFIUS enforcement. The program not only created filings that were required by CFIUS (to that point, all filings had been voluntary), the program also imposed penalties for failing to file a covered Pilot Program covered transaction with CFIUS. Although the change in CFIUS’s footing from passive to active regulator was a reinvention of U.S. foreign direct investment review, it was at least limited to 27 industries, identified by reference to their North American Industry Classification System (NAICS) code.
After: Mandatory Filings Unchained
Under the proposed rule, that mandatory declaration requirement is no longer limited to investments in one of those 27 industries. Rather, the bright line for covered investments is whether the target company has technology that would require an export license to the country of the investor. In shifting the focus from industries to established export controls, the proposed rule exponentially increases the transactions and territory covered by the mandatory declaration requirement.
The proposed rule states applies the mandatory declaration requirement to investments based on whether “U.S. government authorizations would be required to export, re-export, transfer (in country), or retransfer the critical technology or technologies produced, designed, tested, manufactured, fabricated, or developed by the U.S. business to certain transaction parties and foreign persons in the ownership chain.” [FN Citing Fed Reg]
The list of the export controlled items that are considered critical technologies fall into a couple of areas you would: defense and nuclear energy. First, technologies regulated under the International Traffic in Arms Regulations[2] (the ITAR, 22 CFR §120 – §130), which requires authorizations for security and defense technology to nearly every country. Then, controls implemented on nuclear technology by the U.S. Department of Energy (10 CFR Part 810) and by the Nuclear Regulatory Commission (10 CFR Part 110).
The Tricky Part – Dual Use Controls and License Exceptions
Warning: Here we enter the strange and slightly nerdy realm of export control regulation. If you’d like to preserve your sanity, you may want to discontinue reading, go outside, enjoy the day, maybe later call your export counsel and ask for the end result.
However, by far the greatest risk will be the critical technologies triggered by controls under the Export Administration Regulations[3] (EAR). The EAR controls the export of everyday items that may have a defense or security use, such as: Chemicals and microorganisms, high-end electronics, sensors and lasers, and avionic, marine, and aerospace equipment. Technology related to those broad categories, as well as technology related to computers, telecommunications and encryption may now trigger a mandatory CFIUS filing.
If a target company produces, designs, tests, manufactures, fabricates, or develops a technology that would require a license to export to the foreign investor’s principal place of business, or the foreign person’s nationality or nationalities, then a mandatory filing may be required. Many foreign persons may participate in an investment, so the question will arise of to which foreign person an export license requirement might apply such that it would trigger a mandatory CFIUS filing. The Proposed Rule states that an export authorization required to a foreign person will trigger a mandatory filing if that foreign person:
-
Could directly control the U.S. business as a result of the transaction;
-
Is directly acquiring an interest that constitutes a “covered investment” in the U.S. business (any equity interest along with certain rights, such as a board seat, board observer, or access to material nonpublic technical information);
-
Already holds an equity interest and is acquiring certain new rights with respect to the U.S. business;
-
Is involved in a transaction, transfer, agreement, or arrangement, designed or intended to evade or circumvent CFIUS jurisdiction; or
-
Individually holds, or is part of a group of foreign persons that, in the aggregate, holds, a voting interest (a 25% interest or, in the case of investment funds, a 25% interest in the general partner).
The Even Trickier Part: License Exceptions
However, the transaction may be excepted from a mandatory CFIUS filing if the foreign person would be eligible for one of EAR license exceptions: License Exception TSU (at 15 CFR 740.13); paragraph (b) of License Exception ENC (at 15 CFR 740.17(b)); or paragraph (c)(1) of License Exception STA (at 15 CFR 740.20(c)(1). The intricacies of these exceptions are a bit too voluminous for the cozy confines of this blog, so we will let it suffice to say that they will largely except from the regulations lower-end technologies and countries that are U.S. allies.
The License Exception ENC for encryption will likely be the most useful in eliminating technology from the mandatory filing requirement. The EAR threshold for export controls on encryption technology is extremely low (think original Game Boy level tech). However, license exception ENC carves out much of the commonly used mass market and open source encryption technology from license requirements. Therefore it would also eliminate that technology from triggering mandatory CFIUS requirements for investors.
What Comes Next
The Proposed Rule is not yet final. CFIUS has solicited public comments on its content and will be accepting written comments until June 22, 2020.
[1] 85 Fed. Reg. 30893 (May 21, 2020).
[2] 22 CFR Parts 120-130.
[3] 15 CFR Parts 730-780.