“CFIUS’s Annual Report to Congress Details Longer Process, More Aggressive Risk Mitigation”

Key Developments

The Committee on Foreign Investment in the United States (CFIUS) is an interagency, Executive Branch organization charged with identifying potential national security risks posed by foreign acquisitions of U.S. businesses and mitigating those risks as necessary. If CFIUS determines that the national security risks cannot be mitigated adequately, it recommends that the U.S. president block the transaction. CFIUS’s authority extends both to proposed transactions and to transactions that have already been completed.

On February 26, 2015, CFIUS issued the unclassified version of its annual report to Congress. The report, which focuses mainly on CFIUS activity during calendar year 2013, identifies key developments relating to the CFIUS process and important considerations for parties contemplating cross-border acquisitions of U.S. businesses. During 2013, in a notable increase from past years, nearly half of all CFIUS cases required a second-stage investigation period. As in 2012, more CFIUS cases in 2013 involved purchasers from China than any other country. That said, Japan in 2013 made a strong return to the U.S. M&A market, while the number of cases involving purchasers from the United Kingdom continued to decline. The report also states that CFIUS has expanded its mitigation options to include ongoing participation in key business decisions. Finally, based on 2013 activity, the U.S. Intelligence Community (USIC) believes there may be a coordinated foreign strategy to acquire U.S. critical technology businesses.

Nearly Half of CFIUS Cases in 2013 Required Second-Stage Investigations

Each CFIUS case begins with the filing of a notice describing the parties and the transaction. CFIUS then has 30 days to review the transaction, but can extend the process for an additional 45-day “investigation” stage if necessary. By default, transactions involving foreign government-controlled entities must undergo a second-stage investigation unless the requirement is waived by agreement of the deputy secretaries of the nine voting CFIUS agencies. From 2009 (the first year under current CFIUS rules) until 2012, the number of CFIUS cases requiring second-stage investigations has increased, but consistently hovered just below 40 percent of all cases. In 2013, however, the number and percentage of cases undergoing investigations increased significantly, despite a 15 percent decline in CFIUS’s overall caseload.1 As a result, nearly half (49 percent) of all CFIUS cases went to investigation.





























Excluding the five investigations that were the direct result of the October 2013 U.S. government shutdown, CFIUS still would have investigated an unprecedented 44 percent of the cases filed in 2013.

Based on the countries of origin of the acquirers filing CFIUS notices, this increase does not appear to have resulted solely from an increase in foreign government-controlled transactions. The same five countries of origin have led CFIUS’s list from 2011-13, and are responsible for an increasing share of all CFIUS cases:





















United Kingdom








% of all cases




From these countries, China’s state-owned enterprises, Canada’s state pension funds, and companies in which France holds direct investments or “golden shares” are most likely to trigger the default investigation requirement for foreign government-controlled acquirers. However, the absolute number of CFIUS-reviewed transactions originating in these countries fell during 2013.

The increase in the number of CFIUS investigations therefore appears to represent a lengthening of the process generally. Factors that may contribute to this include:

  • Increasing complexity of the transactions filed with CFIUS,
  • Resource constraints limiting the capacity of CFIUS agencies to evaluate transactions, and
  • An expanding definition of national security issues requiring greater scrutiny by CFIUS.

With regard to the third factor, we note that CFIUS cases often result in mitigation not because of the origin of the foreign acquirer but because of national security vulnerabilities associated with the U.S. target. It is therefore prudent for any party filing a notice with CFIUS to anticipate the strong possibility that the CFIUS process will include a second-stage investigation period.

CFIUS Has Expanded Its Risk Mitigation Toolkit

CFIUS reported the use of mitigation measures in 11 transactions during 2013, or 11 percent of the cases reviewed. This represents an increase in both absolute and percentage terms from the eight transactions (7 percent) requiring mitigation in 2012.

The annual report also lists examples of measures used to mitigate national security risks. An important addition to the list in 2013 was “[p]roviding the [U.S. government] with the right to review certain business decisions and object if they raise national security concerns.” This condition may be intended to address the U.S. government’s well-publicized concern with the use of telecommunications equipment from certain non-U.S. vendors.

This sort of mitigation measure provides the U.S. government with ongoing oversight of the target business. This type of provision also confirms that mitigation terms have become more complicated and burdensome in recent years, requiring companies to dedicate significant resources and hire outside advisers and auditors to implement and monitor compliance. The U.S. government also will be required to devote adequate resources to mitigation and make decisions on a timely basis to minimize risk to the companies involved. Accordingly, we expect this type of measure to be applied rarely, and only in circumstances involving the most sensitive components of critical U.S. infrastructure.

This year’s CFIUS annual report appears to acknowledge the more aggressive approach to mitigation, including CFIUS’s willingness to impose mitigation measures and recognition that parties may not accept CFIUS’s terms. Past annual reports have noted that parties abandon transactions during the CFIUS process for commercial reasons (e.g., following the 2008 financial crisis) or to avoid a CFIUS recommendation that the president block the transaction. This year’s report adds the possibility that parties might abandon a transaction because they “do not want to abide by CFIUS’s proposed mitigation.”

The USIC Has Found New Indications of a Coordinated Strategy to Acquire U.S. Critical Technology Companies

A required component of CFIUS’s annual report to Congress is an evaluation of whether there is a coordinated strategy by one or more foreign countries or companies to acquire U.S. companies involved in research, development or production in “critical technologies for which the United States is a leading producer.”

CFIUS answers this question each year by identifying planned and completed acquisitions during the subject year that meet CFIUS’s definition of “critical technologies.” This definition generally includes certain export-controlled military, dual-use and nuclear technologies, as well as select agents and toxins. The USIC then reviews the identified transactions and assesses whether the specific transactions reflect a coordinated strategy.

Because of this methodology, the USIC’s response can change annually. In most years, the USIC, while acknowledging that foreign governments use a variety of means to collect sensitive technologies, did not find that the transactions identified by CFIUS reflected a coordinated strategy. In its report for 2011, the USIC deviated from this response, judging with moderate confidence that there was likely a coordinated strategy. For 2012, however, the USIC found that the transactions identified for that year were unlikely to reflect a coordinated strategy.

Based on the 2013 transaction list, the USIC “believes there may be an effort among foreign governments or companies” [emphasis added] to acquire U.S. critical technology companies. The USIC’s conclusion references supporting information available only in the classified version of the annual report. The response for 2013 is relatively noncommittal, but appears to fall somewhere in the middle of the continuum of past responses.

Notably, the subject transactions identified for this section of the annual report were not all reviewed by CFIUS. For example, France was the country of origin of 10 of the critical technology acquisitions identified by CFIUS for the annual report, but only seven of the CFIUS cases reviewed during 2013 originated in France. Because CFIUS has retroactive jurisdiction over transactions that have already closed, prospective buyers and sellers should recognize that transactions involving critical technologies may come to CFIUS’s attention during the preparation of this section of the annual report. As a result, the transactions may be subject to CFIUS procedures for reviewing nonnotified transactions.

*       *       *

Continuing attention to these and other issues relating to CFIUS, along with thorough due diligence, advance planning and a proactive approach to the CFIUS process, will remain vital to the success of cross-border investments targeting U.S. businesses.

1 The decline in CFIUS’s 2013 caseload appears to have been temporary, reflecting a general downturn in M&A activity during the year. Based on our direct experience with CFIUS, we believe the CFIUS caseload increased by approximately 50 percent during 2014.