On September 15, 2022, President Biden issued a new Executive Order (EO) entitled “Executive Order on Ensuring Robust Consideration of Evolving National Security Risks by the Committee on Foreign Investment in the United States,” directing CFIUS to consider certain risk factors when reviewing Covered Transactions. CFIUS-related executive orders are rare and have typically been used to establish procedures and processes rather than provide substantive guidance to the committee. President Biden’s order is unusual in that it goes beyond process considerations and directs the committee to consider certain material risks as part of its reviews. According to a White House fact sheet, this is the first EO “since CFIUS was established in 1975 to provide formal direction from the President regarding the risks that the Committee should consider when considering a covered transaction.”
The EO does not change the legal powers granted to the CFIUS, including the scope of transactions it can inspect. It also does not include foreign investment provisions (sometimes referred to as “reverse CFIUS”), which were recently proposed in Congress and on which the administration is considering taking executive action in the near future.
However, it provides important insights into how the US government thinks about national security issues related to foreign investment and alerts both US companies and foreign investors involved in specific industries or activities that CFIUS may take a closer look at their businesses.
Justification for the order
The Defense Production Act of 1950 (DPA), as amended, establishes the legal basis for CFIUS’ powers and provides a number of general factors for the Committee to consider when reviewing transactions for national security concerns. In fact, the DPA states that the committee “may consider other factors that the President or the committee may deem appropriate generally or in connection with a particular review or investigation.” Some of the factors set out in the EO, such as Information such as sensitive data is also expressly included in the DPA through recent legislative changes under the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA). Thus, CFIUS already has significant discretion to consider a variety of factors related to national security. Therefore, the EO was not strictly required for CFIUS to consider the risks described below, as CFIUS has routinely considered many of these risks when reviewing transactions in recent years.
However, some of the risks outlined below appear to be capturing new thinking and priorities on the part of the Biden administration regarding inbound foreign investment. In particular, clean energy and climate change adaptation technologies have not been particularly salient national security risks under previous governments. Biotechnology and biomanufacturing have been areas of interest for CFIUS for some time, but these risks have undoubtedly been amplified by the COVID-19 pandemic. On the other hand, some national security risks that have been much debated over the past 20 years, such as proximity to sensitive defense and national security assets, do not appear in the EO.
The EO may also serve, in part, to better coordinate and streamline the risk assessments of the various CFIUS agencies and provide them with more detailed guidance to reference in inter-agency consultations on specific transactions. Each CFIUS agency has its own expertise and set of issues to which it is most sensitive. The Agency’s priorities are of course also colored by the Agency’s broader mission. For example, certain CFIUS agencies with broader responsibilities for promoting international trade or commerce have historically been viewed as friendlier to foreign investors; Agencies with explicit national security or law enforcement responsibilities, on the other hand, are seen as more hostile. Clear White House guidance can help to better align the respective roles of CFIUS agencies and provide more predictability in the committee’s decision-making process.
Risk factors identified in the order
The EO instructs the committee to consider five additional and more detailed risk factors, including:
- The impact of a particular transaction on the resilience of critical U.S. supply chains that may have national security implications, including those off-base of the defense industry
These include foreign investment that impacts US manufacturing capabilities, services, critical mineral resources and technology that are fundamental to national security and could leave the US vulnerable to future supply disruptions. The order directs CFIUS to consider supply chain issues both inside and outside the defense industry, considering factors such as the degree of supply chain diversification (including from partner or allied countries), existing supply relationships with the U.S. government, and the degree of Concentration by a foreign person in a specific supply chain.
- The impact of a particular transaction on U.S. technological leadership in areas affecting U.S. national security, including but not limited to microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy, and climate change adaptation technologies
The order identifies certain sectors as fundamental to US technological leadership, including microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy, climate adaptation technologies and portions of the agricultural industrial base focused on food security, among others can affect. As part of the engagement, CFIUS should assess whether a transaction involves manufacturing capacity, services, critical mineral resources or technology in the identified areas.
- Industry investment trends that may impact the U.S. national security implications of a particular transaction
The EO instructs CFIUS to take a holistic view when reviewing the transactions covered and to focus not only on the transaction at hand but also to place that transaction in the broader context of recent transactions by the same country or foreign entity in the same sector or a to ask related sector. The White House fact sheet explains: “Certain investments by a foreign person in a sector or technology appear to pose a limited threat in isolation, but when considered in the context of previous transactions, such investments may reveal the potential for sensitive technology transfers in.” Facilitate key industries or otherwise jeopardize national security.”
- Cybersecurity risks that threaten to compromise national security
The order directs CFIUS to assess whether an affected transaction could enable a foreign person or related third party to conduct cyber intrusion or other malicious cyber activity that could pose a risk to national security. It also directs CFIUS to consider the cybersecurity “attitude, practices, capabilities and access” of all parties to a Covered Transaction.
- Risks to Sensitive Data of US Persons.
Finally, the EO directs the committee to consider whether an affected transaction involves a US company with access to sensitive information of US persons and whether the foreign investor has the ability and intention to allocate such information to the detriment of US national security use, including “through the use of commercial or other means.”
Impact on the industry
The order provides an important window on the risks that are at the forefront of the administration and likely to be considered even more carefully by the Committee given the EO. It also serves to alert the industry that CFIUS will be particularly interested in transactions involving any of the above categories. While CFIUS filings may be mandatory in certain situations, CFIUS operates under a largely voluntary regime where parties to Covered Transactions who believe that CFIUS may have an interest in their transaction elect to file with CFIUS and seek approval from CFIUS closing, including, in the most serious cases, the rollback of the transaction. As part of FIRRMA, CFIUS has recently received additional resources to identify and review so-called “undeclared” transactions (ie covered transactions where the parties have chosen not to make a voluntary declaration). Parties to transactions affecting any of the newly highlighted priority risk areas should carefully consider how the EO impacts the desirability of a voluntary submission to the Committee and the prospects of CFIUS requiring mitigation as a condition of approval, or potentially seeking suspension Transaction.
A new precedent?
While the EO reflects a number of risks that have been known to CFIUS practitioners for years, it also reflects some shifts in priorities that reflect both the specific perspective of the Biden administration and the ever-changing nature of U.S. national security risks. For example, the risk landscape has changed in just four years since FIRRMA came into force, noting a number of differences between the risks identified in FIRRMA (which were primarily motivated by Chinese investments in certain critical US technology and infrastructure) and the EO. The EO is expected to become obsolete at some point, either because a new government takes office in 2025 or because national security risks continue to shift. Given the inevitable need for updates, it is possible that future administrations will issue their own implementing regulations, thereby starting a new trend in the CFIUS area.
