U.S. Treasury Issues Final Rules Expanding the Investigative and Enforcement Powers of CFIUS

The United States Department of Treasury has issued final rules expanding the investigative and enforcement powers of CFIUS, along with its jurisdictional reach, including as to previously non-filed transactions. These rules took effect on December 26, 2024.

Background

The Committee on Foreign Investment in the United States (CFIUS) is an inter-agency panel led by the United States Department of Treasury, which is authorized to review covered transactions by non-U.S. investors into U.S. businesses.

The Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA) expanded the jurisdictional reach of CFIUS to include covered minority investments in addition to covered control transactions (based on a standard for “control” that is broad and overarching).

Transactions that reach certain thresholds, such as those involving “critical technology”, require a mandatory filing. Others, however, only require a voluntary filing, meaning the decision as to whether to file is left to the transaction parties themselves, giving due consideration for the factors set forth in FIRRMA. One such factor is the “national security” impact of the transaction, which is effectively undefined to create maximum flexibility for CFIUS.

This has created a market environment that relies on practitioners and the parties themselves to make judgments based on CFIUS standards, prior CFIUS enforcement, and other laws and executive documents pertaining to national security. For example, in practice, the risk dynamic for a voluntary filing will be markedly different if the ultimate beneficial owners controlling the non-U.S. investors are from the “excepted countries” of Canada, the U.K., Australia, and New Zealand, as compared to the primary “country of concern”, the PRC (including Hong Kong).

The existence of the voluntary filing dynamic for most transactions subject to CFIUS has led some transaction parties to make a strategic decision not to file, on the hopes that CFIUS will not discover the transaction. However, CFIUS has expended resources, including through its “SWAT” program targeting transactions with a transaction value of as little as US$500,000, to thoroughly investigate the U.S. venture capital and M&A ecosystem.

This has led to retroactive enforcement, which CFIUS is empowered to undertake, requiring parties who did not file to make a filing, and then be subject to CFIUS determination as to whether to approve the transaction, set conditions (e.g. requiring PRC parties to divest or become “entirely passive”, such as removing their board seats and veto rights), or to recommend to the President that the transaction be denied. 

Final Rules

To further its investigative powers to examine previously non-filed transactions, on April 15, 2024, the United States Department of Treasury issued a proposed rule “Amendments to Penalty Provisions, Provision of Information, Negotiation of Mitigation Agreements, and Other Procedures Pertaining to Certain Investments in the United States by Foreign Persons and Certain Transactions by Foreign Persons Involving Real Estate in the United States” (the “Proposed Rules”).

Based on public feedback of the Proposed Rules, on November 18, 2024, the United States Department of Treasury issued a final rule “Penalty Provisions, Provision of Information, Negotiation of Mitigation Agreements, and Other Procedures Pertaining to Certain Investments in the United States by Foreign Persons and Certain Transactions by Foreign Persons Involving Real Estate in the United States” (the “Final Rules”).

The Final Rules took effect on December 26, 2024.

As we previously predicted, the Final Rules are substantially similar to the Proposed Rules.

The Final Rules contain the following key provisions:

1. effectively denying a transaction if the transaction parties do not respond to mitigation terms proposed by CFIUS within a timeframe set forth by CFIUS.
2. providing CFIUS with the ability to request information from “other persons” who are not transaction parties about a particular transaction, including a non-filed transaction.
3. expanding the penalties for making a material misstatement from a base rate of US$250,000 to US$5,000,000 per violation, and
4. expanding the penalties for non-compliance of a mitigation agreement from a base rate of US$250,000 to the greater of:
   
       i. US$5,000,000

              ii. the value of the violator’s interest in the relevant U.S. business at the time the transaction closed.

             iii. the value of the violator’s interest in the relevant U.S. business at the time the violation occurred.

             iv. the value of the transaction when it was filed with CFIUS.

With respect to item (1) above, the ability to effectively deny a transaction if the transaction parties do not respond to mitigation terms proposed by CFIUS by a specified deadline, closes a loophole in existing practice whereby the transaction parties could engage in delay with the hopes of securing a more favorable outcome.

With respect to item (2) above, this includes the issuance of a subpoena on a discretionary basis, compared to a prior standard based on necessity. The ability to require information from “other persons” who are not transaction parties, including by way of legally binding subpoena, with a penalty of up to US$5,000,000 if such information is not provided or is misleading or contains material omission, is potentially significant in practice. It would allow CFIUS to make broad queries to market participants, instead of having to find information by itself and then focus on the transaction parties.

For example, it would allow CFIUS to broadly query the venture capital and private equity firms in Silicon Valley, New York, Boston, and other hubs about the shareholding structure of start-ups and established companies alike, along with information on the investors who have invested in them. Specifically, it could require an established Silicon Valley venture capital fund to reveal the capitalization table of all of its portfolio companies, allowing CFIUS to focus on the ones with shareholders from “countries of concern” (i.e. China).

The result may be CFIUS finding more investors from “countries of concern”, and the companies who have received their investment, leading to more investigations of transaction parties in previously non-filed transactions.

What remains to be seen is what happens when CFIUS, upon its examination of more transactions, discovers Chinese investors who are “entirely passive”, thereby theoretically excluding CFIUS from jurisdiction and/or investors or strategic acquirers whose ultimate controlling beneficial owners are not Chinese but who also have operations in China.

Much attention has been placed recently on CFIUS scrutiny of Japanese acquirers with significant operations in China, such as the ongoing CFIUS review of Nippon Steel’s proposed acquisition of U.S. Steel. CFIUS previously imposed mitigation terms on Softbank in respect of its significant investment in Cruise, where Softbank had to undertake not to share information it obtained about Cruise with its other portfolio companies in China.

In the related context of U.S. export controls, the United States Bureau of Industry and Security has recently scrutinized the Chinese activities of Middle Eastern technology companies when examining whether to grant export licenses to them for the sale of advanced semiconductors and quantum computing technology.

For more information on our U.S. corporate and compliance capabilities, please contact Charles Wu at Charles.Wu@clydeco.com