CFIUS Proposes Enhanced Enforcement and Mitigation Rules and Steeper Penalties for Non-Compliance
What You Need to Know
Key takeaway #1
CFIUS remains a central focus of Congressional and public attention, particularly in the context of foreign investments involving sensitive U.S. industries or investors from jurisdictions of concern. This NPRM reflects CFIUS’s interests in bolstering its enforcement and monitoring authority, and expanding its ability to collect additional information from parties to non-notified transactions. With steeper penalties for non-compliance on the horizon, it remains essential that parties to a transaction involving foreign investment conduct a thorough CFIUS analysis.
Client Alert | 14 min read | 04.26.24
On April 11, 2024, the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) announced proposed amendments to its enforcement and mitigation regulations, marking the first substantive update to CFIUS’s mitigation and enforcement provisions since the enactment of the Foreign Investment Risk Review Modernization Act of 2018. The Committee issued a notice of proposed rulemaking ("NPRM”) that would modify the regulations that apply to certain investments and acquisitions, as well as real estate transactions, by foreign persons as follows:
- Expand the types of information that CFIUS can request from parties to non-notified transactions (i.e., transactions over which CFIUS has jurisdiction but for which the parties did not submit a notice to CFIUS seeking review);
- Institute a three (3) day timeline within which parties to a transaction must respond to CFIUS’s mitigation proposals (the timeline could be extended by mutual agreement);
- Increase the maximum civil penalties from $250,000 to $5 million per violation for material misstatements and omissions, violations of CFIUS mitigation agreements or orders, or failure to submit mandatory filings (control/investment transactions only); and
- Expand CFIUS’s subpoena authority to request additional information from parties to non-notified transactions and from third persons regarding notified transactions.
CFIUS is accepting comments on the proposed rulemaking until May 15, 2024. The proposed changes will not take effect unless and until CFIUS issues a final rule following the close of the comment period and the Committee’s subsequent consideration of any comments received.
I. Background
Chaired by the U.S. Department of the Treasury, CFIUS is an interagency committee that has the authority to review certain transactions involving foreign investment in the United States, as well as certain real estate transactions by foreign persons, to determine the effect of such transactions on the national security of the United States. CFIUS can impose civil monetary penalties for violations of certain CFIUS regulations, orders, and agreements.
Broadly speaking, CFIUS has jurisdiction over three types of transactions that involve inbound foreign investment:
- “Covered control transactions” where a foreign person acquires “control” over a U.S. business.
- “Covered investments” which are non-controlling investments by foreign persons that afford the foreign investor certain governance or access rights with respect to “TID U.S. businesses”, i.e., U.S. companies with critical technologies, critical infrastructure, or sensitive personal data.
- “Covered real estate transactions” where a foreign person acquires property rights for real estate located in proximity to specific military installations or sensitive U.S. government sites.
Although the decision to submit a notice to CFIUS remains largely voluntary, a filing is mandatory for “covered control transactions” or “covered investments” (together “covered transactions”) in two scenarios: (a) the U.S. business produces critical technologies (export-controlled items) that would require a license for export to the country of the foreign person; or (b) the foreign person is owned 49% or more by a foreign government and is acquiring a 25% or more stake in a TID U.S. business.
II. Overview of the Proposed Amendments
The chart below summarizes the proposed amendments to CFIUS regulations:
CFIUS remains a central focus of Congressional and public attention, particularly in the context of foreign investments involving sensitive U.S. industries or investors from jurisdictions of concern. This NPRM reflects CFIUS’s interests in bolstering its enforcement and monitoring authority, and expanding its ability to collect additional information from parties to non-notified transactions. With steeper penalties for non-compliance on the horizon, it remains essential that parties to a transaction involving foreign investment conduct a thorough CFIUS analysis.
We would like to thank Jacqueline Schaeffer, Associate, for her contribution to this alert.
Contacts
Insights
Client Alert | 8 min read | 09.24.25
The Transportation Security Administration (TSA) recently proposed an expanded role regulating unmanned aircraft systems (UAS), or drones. On August 7, 2025, the Federal Aviation Administration (FAA) and TSA published a joint Notice of Proposed Rulemaking (proposed rule), titled Normalizing Unmanned Aircraft Systems Beyond Visual Line of Sight Operations (BVLOS). Through this landmark proposed rule, the FAA and TSA aim to provide industry with a clear path forward for streamlined UAS operations for a variety of purposes, including package delivery, agriculture, aerial surveying, civic interest (public safety), and flight testing. Comments on the proposed rule are due October 6, 2025.
Client Alert | 14 min read | 09.24.25
The Middle East’s Big Bet on Artificial Intelligence and Data Security
Client Alert | 4 min read | 09.23.25
A Special Relationship Reboot? The US-UK Tech Prosperity Deal
Client Alert | 7 min read | 09.23.25