CFIUS Proposes Enhanced Enforcement and Mitigation Rules and Steeper Penalties for Non-Compliance

On April 11, 2024, the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) announced proposed amendments to its enforcement and mitigation regulations, marking the first substantive update to CFIUS’s mitigation and enforcement provisions since the enactment of the Foreign Investment Risk Review Modernization Act of 2018.  The Committee issued a notice of proposed rulemaking ("NPRM”) that would modify the regulations that apply to certain investments and acquisitions, as well as real estate transactions, by foreign persons as follows:

• Expand the types of information that CFIUS can request from parties to non-notified transactions (i.e., transactions over which CFIUS has jurisdiction but for which the parties did not submit a notice to CFIUS seeking review);
• Institute a three (3) day timeline within which parties to a transaction must respond to CFIUS’s mitigation proposals (the timeline could be extended by mutual agreement);
• Increase the maximum civil penalties from $250,000 to $5 million per violation for material misstatements and omissions, violations of CFIUS mitigation agreements or orders, or failure to submit mandatory filings (control/investment transactions only); and
• Expand CFIUS’s subpoena authority to request additional information from parties to non-notified transactions and from third persons regarding notified transactions.

CFIUS is accepting comments on the proposed rulemaking until May 15, 2024.  The proposed changes will not take effect unless and until CFIUS issues a final rule following the close of the comment period and the Committee’s subsequent consideration of any comments received.

I. Background

Chaired by the U.S. Department of the Treasury, CFIUS is an interagency committee that has the authority to review certain transactions involving foreign investment in the United States, as well as certain real estate transactions by foreign persons, to determine the effect of such transactions on the national security of the United States. CFIUS can impose civil monetary penalties for violations of certain CFIUS regulations, orders, and agreements.

Broadly speaking, CFIUS has jurisdiction over three types of transactions that involve inbound foreign investment:

• “Covered control transactions” where a foreign person acquires “control” over a U.S. business.
• “Covered investments” which are non-controlling investments by foreign persons that afford the foreign investor certain governance or access rights with respect to “TID U.S. businesses”, i.e., U.S. companies with critical technologies, critical infrastructure, or sensitive personal data.
• “Covered real estate transactions” where a foreign person acquires property rights for real estate located in proximity to specific military installations or sensitive U.S. government sites.

Although the decision to submit a notice to CFIUS remains largely voluntary, a filing is mandatory for “covered control transactions” or “covered investments” (together “covered transactions”) in two scenarios: (a) the U.S. business produces critical technologies (export-controlled items) that would require a license for export to the country of the foreign person; or (b) the foreign person is owned 49% or more by a foreign government and is acquiring a 25% or more stake in a TID U.S. business.

II. Overview of the Proposed Amendments

The chart below summarizes the proposed amendments to CFIUS regulations:

CFIUS remains a central focus of Congressional and public attention, particularly in the context of foreign investments involving sensitive U.S. industries or investors from jurisdictions of concern.  This NPRM reflects CFIUS’s interests in bolstering its enforcement and monitoring authority, and expanding its ability to collect additional information from parties to non-notified transactions.  With steeper penalties for non-compliance on the horizon, it remains essential that parties to a transaction involving foreign investment conduct a thorough CFIUS analysis.