Skip to Main Content.
  • A screen displays a rising stock market graph with various global indexes, highlighting financial growth against a world map backdrop.

    The Newly Proposed Regulations on CFIUS Review over Foreign Investments in the U.S.

On September 17, 2019, the U.S. Department of Treasury published its proposed regulations for implementing the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA). Signed into law on August 13, 2018, FIRRMA authorizes the Committee on Foreign Investment in the United States (CFIUS), an interagency committee that reviews certain foreign investments in the U.S., to expand its scope of the review to include several other types of transactions, in addition to those traditionally involving a foreign person’s control over a U.S. business.

This article highlights some of the proposed regulations that may be worthy of attention. Though it’s not a final rule yet, the proposed regulations would provide the business community a glimpse of how a CFIUS review may impact their cross-border business transactions in the future.

TID U.S. Business

The proposed regulations include “TID U.S. business” (TID is an acronym for technology, infrastructure, and data), which means any U.S. business that (i) produces, designs, tests, manufactures, fabricates, or develops one or more critical technologies; (ii) performs the specific functions with respect to covered investment critical infrastructure; or (iii) maintains or collects sensitive personal data of U.S. citizens. A foreign investment in an unaffiliated TID U.S. business, even if such investment would not result in foreign control, may fall within the jurisdiction of CFIUS.

Covered Investment Involving Critical Technologies

The proposed regulations set forth a list of items that would qualify as “critical technologies,” including certain controlled items on the Commerce Control List, and the “emerging and foundational technologies” controlled pursuant to Section 1758 of the Export Control Reform Act of 2018, among others. The Bureau of Industry and Security (BIS) within the Department of Commerce has yet to identify the “emerging and foundational technologies.” In the future, once certain technologies are identified as “emerging and foundational technologies,” they will be automatically considered as critical technologies and, therefore, fall within the jurisdiction of CFIUS.

Covered Investment Involving Critical Infrastructure

Appendix A in the proposed regulations consists of (i) a list of the types of covered investment critical infrastructure and (ii) a list of the relevant functions (e.g., ownership, operation, manufacturing, supply, services) that apply to the particular type of covered investment critical infrastructure. Only a U.S. business that performs specific functions with respect to the corresponding type of covered investment critical infrastructure may be considered a TID U.S. business for purpose of critical infrastructure covered investments. Appendix A includes a variety of covered investment critical infrastructure, such as certain internet protocol networks, telecommunications services, manufacturing facilities for certain specialty metal and materials, electric generation/transmission facilities, refineries for oil and gas products, and interstate oil/natural gas pipelines.

Covered Investment Involving Sensitive Personal Data

Under the proposed regulations, with respect to the ten specified categories of data (e.g., certain financial, health, geolocation and biometric data), certain data may constitute sensitive personal data only if the U.S. business (i) targets or tailors its products or services to sensitive U.S. Government personnel or contractors; (ii) maintains or collects such data on greater than one million individuals; or (iii) has a demonstrated business objective to maintain or collect such data on greater than one million individuals, and such data is an integrated part of the U.S. business’s primary products or services. The proposed regulations also specify that all genetic information would constitute sensitive personal data, but generally excludes data pertaining to a U.S. business’s own employees.

Real Estate Transactions

Any purchase or lease by, or concession to, a foreign person of the “covered real estate” that would provide the foreign person the specific property rights (e.g., access, exclusion and improvement rights) may be subject to CFIUS review. The “covered real estate” generally includes any real estate that (i) is, is located within, or will function as part of, an airport or maritime port, or (ii) is located within close proximity of military installation or sensitive U.S. government facilities. The proposed regulations exclude from CFIUS jurisdiction certain real estate transactions, including those involving real estate in urbanized areas and urban clusters and single “housing units,” among others.

Excepted Investor

The proposed regulations exempt from CFIUS review certain non-controlling covered investments and real estate transactions by “excepted investors.” An “excepted investor” generally means a national of an “excepted foreign state” (which is yet to be identified by CFIUS), or a foreign entity (i) that is organized under the laws of an excepted foreign state or in the U.S., (ii) that has its principal place of business in an excepted foreign state or the U.S., (iii) each of whose board (or equivalent governing body) members is a U.S. national or a national of an excepted foreign state, and (iv) each of whose shareholders that owns at least 5% voting interest (or profit sharing/distribution rights) is a national of an excepted foreign state or an entity organized under the laws of an excepted foreign state and has its principal place of business in an excepted foreign state or in the U.S., among other requirements.

The proposed regulations were published today (September 24, 2019) in the Federal Register (click here and here). Interested parties may submit their written comments prior to the due dates. The final rules will become effective no later than February 13, 2020. The Pilot Program Interim Rule, which became effective on November 10, 2018 and addresses CFIUS review of certain transactions involving foreign person and critical technologies, will remain effective for the time being.