The Foreign Investment Risk Review and Modernization Act of 2018 (FIRRMA) became law on August 13, 2018. We previously provided background and discussed the driving motivations behind FIRRMA here, namely concern that existing foreign investment laws and regulations are too antiquated to address new national security concerns arising from foreign purchases of critical technologies and alternative investment strategies. Congress passed FIRRMA with an aim to revamp the process and authorities granted to the Committee on Foreign Investment in the United States (CFIUS), the U.S. government entity charged with reviewing transactions that may result in a foreign entity controlling a U.S. business. We have summarized FIRRMA’s key takeaways below.
Certain of the more significant changes will have a delayed effective date. The changes described below regarding the new definitions of covered transaction and 'other investments' and the new declarations filing procedures will not take effect until 18 months after enactment or 30 days after a federal register notice has been published, stating that CFIUS is ready to implement the new laws. The new period for review and filing fees are supposed to take immediate effect. According to CFIUS FAQs, CFIUS is holding off on applying the new filing fees.
1. National security remains sole concern
FIRRMA confirms that CFIUS should continue to review transactions for the purpose of protecting national security and should not consider issues of national interest absent a national security nexus. When considering national security risks, Congress provides guidance to CFIUS with the following factors that it “may” consider and which CFIUS has likely already been considering in practice:
- Countries of special concern. Whether a covered transaction involves a country of special concern that has demonstrated a declared strategic goal of acquiring a type of critical technology or critical infrastructure that would affect United States leadership in areas related to national security. FIRRMA does not explicitly list which countries are of special concern, but in light of the ongoing scrutiny that China transaction are receiving, this is most likely directed at China.
- Patterns of transactions. The potential national security-related effects of the cumulative control of, or pattern of recent transactions involving, any one type of critical infrastructure, energy asset, critical material, or critical technology by a foreign government or foreign person.
- Foreign persons’ history of cooperation. Whether any foreign person engaging in a covered transaction with a U.S. business has a history of complying with U.S. laws and regulations.
- United States’ capability to meet requirements of national security. Whether the control of U.S. industries and commercial activity by foreign persons affects the capability of the United States to meet the requirements of national security, including the availability of human resources, products, technology, materials, and other supplies and services.
- Exposing of personally identifiable information. Whether and the extent to which a covered transaction is likely to expose, either directly or indirectly, personally identifiable information, genetic information, or other sensitive data of U.S. citizens to access by a foreign government or foreign person that may exploit that information in a manner that threatens national security.
- Creating cybersecurity vulnerabilities. Whether a covered transaction is likely to have the effect of exacerbating or creating new cybersecurity vulnerabilities in the United States or is likely to result in a foreign government gaining a significant new capability to engage in malicious cyber-enabled activities against the United States, including such activities designed to affect the outcome of any election for federal office.