Effective December 22, 2008, the U.S. Department of the Treasury (“Treasury”) issued new rules relating to the procedures that the Committee on Foreign Investment in the United States (“CFIUS” or “the Committee”) will use in reviewing foreign investments in U.S. companies.  See 73 Fed. Reg. 70702.  The revised, final rules continue to focus on the potential impact that a particular transaction may have on U.S. national security and retain many of the features of the proposed rules, which we have previously discussed here and here.

Background on the CFIUS Process

The final rules formalize a process by which certain "covered transactions" – transactions where foreign investors will obtain "control" over a U.S. business – are reviewed by the Committee to analyze the potential impact on U.S. national security.  Essentially, the CFIUS process proceeds as follows:

  • Parties to a transaction may decide to initiate a CFIUS review by filing a voluntary notice with the Committee.
  • Within 30 days after receiving the CFIUS filing, the Committee will conduct a standard review to verify the potential impact on national security.
  • If the transaction raises particular national security concerns, CFIUS is required by law to conduct an additional investigation into the transaction.  These investigations are expected to take no more than 45 days.
  • If CFIUS objects to a particular feature of the proposed transaction, it may recommend changes to the transaction or – more likely – require the parties to enter into mitigation agreements to mitigate the national security concerns.
  • Once CFIUS issues its final decision following its review and/or investigation, the parties are free to proceed with the transaction, as approved by the Committee.  A transaction approved by CFIUS qualifies for a “safe harbor” protection and may proceed without possibility of subsequent suspension or prohibition.

CFIUS hopes that this process sufficiently protects U.S. national security concerns, while simultaneously allowing foreign investment in the U.S. to continue with limited restriction. 


Following is a discussion of some of the key features of the new rules, as well as other areas where the final rules differ from the proposed ones:

1. The Meaning of “Control” and the Exercise of Minority Rights.  As to the threshold issue as to whether a CFIUS review is even required and whether a transaction qualifies as a "covered transaction," it is unsurprising that many of the public comments criticized the proposed definition of “control.”  However, recognizing that Treasury aimed to define the term loosely and to “eschew bright lines,” many of the public comments were rejected.  Treasury did, however, attempt to further illustrate the concept of “control” in the final rules by offering specific examples and by further clarifying this key term. 

  • Fact-Specific Inquiries.  Assessing whether a transaction will allow a foreign person to exercise “control” over a U.S. company is a highly fact-specific inquiry, focusing particularly on a party’s ability to exercise “control” over “important matters” within the U.S. company.  “All relevant factors are considered together in light of their potential impact on a foreign person’s ability to determine, direct, or decide important matters affecting an entity.”  The final rules, however, narrow the types of information that CFIUS will require to conduct this type of inquiry, when compared to the volume of information required under the proposed rules.
  • Solely For the Purpose of Investment.  The final rules reject the suggestion to set a threshold (e.g., 10% ownership) at which a determination of control will always be made.  The regulations do not provide, “and never have provided,” an exemption based solely on whether an investment is 10% or less in a U.S. business.  If a foreign person holds 10% or less of the voting interest in a U.S. business and does not hold that interest solely for the purpose of passive investment, then the transaction may be a “covered transaction.”  Under the new regulations, an interest is held solely for the purpose of passive investment if the foreign person has no plan or intent to control the entity, neither possesses nor develops any purpose other than passive investment, nor takes any action that is inconsistent with an intent to hold the interest solely for the purpose of passive investment.
  • Examples in the Regulations.  The final rules include modifications to clarify what constitutes "control" and add a number of examples of certain circumstances or types of transactions that may display the level of “control” required under the regulations, as well as other types of transactions that would fall beyond the regulations’ scope.  The goal of these examples is to add greater clarity through illustrations, while not necessarily limiting the Committee’s ability to review a transaction.
  • Minority Rights.  The final rules identify certain minority shareholder rights that will not necessarily trigger “control,” listing a number of positive and negative rights that minority shareholders may retain.  For example, veto rights over a voluntary bankruptcy filing of the company and the power to prevent the change of existing rights and preferences of classes of stock are specifically excluded as conferring "control" without more.  Beyond those listed rights, CFIUS observed that it will, “on a case-by-case basis,” consider whether certain minority protections confer “control” over an entity.  “Non-inclusion [in the regulations] of any particular right does not mean that the Committee has determined that such a right necessarily results in control and does not prejudge whether the Committee would determine … that such a right does not confer control in a particular transaction.”  In this respect, it seems that CFIUS is open to a conceptual distinction between minority “influence” and minority “control.”  Furthermore, the Committee specified that it will give favorable consideration to customary minority shareholder protections that are not otherwise specified in the rules (e.g., veto rights over changes in capital structure or over disposition of assets) while reserving the right to find that the existence or combination of such rights may confer "control" under specific facts and circumstances.  Companies submitting a notice to CFIUS should be sure that a minority investor’s rights are appropriately framed so that CFIUS can conclude, based on all relevant factors, that minority “control” does not exist.
  • Combinations of Foreign Investors.  The final rules also acknowledge that certain connections or combinations of foreign investors could give rise to “control” where more than one foreign investor has an ownership interest in an entity.  For example, a trustee arrangement whereby a trustee has the authority to vote shares of different or unrelated parties may give rise to a "control" scenario.  Again, this is part of the case-by-case analysis that CFIUS intends to conduct on each “covered transaction.”
  • Incremental Acquisitions.  The proposed rules did not specifically address what happens when a foreign entity invests in a U.S. company incrementally.  The new rules clarify that such transactions should be assessed at each step.  To the extent the initial transaction was previously the subject of a "covered transaction," subsequent investments are not considered “covered transactions” for which additional reporting is required.  Conversely, to the extent the initial transaction was not reported to CFIUS or if the Committee determined that the prior investment was not a "covered transaction," then the later transaction may be a "covered transaction," depending on the preliminary "control" analysis.
  • Loans and Lender Rights.  The final rules also address in greater detail whether certain loans may give rise to “control” over a subject entity.  While recognizing that loans themselves generally are not "transactions" that give rise to “control,” the Committee noted that certain loans may be considered a "covered transaction" if, for example, the foreign lender acquires economic or governance rights in the U.S. business characteristic of an equity investment but not a loan.  To the extent a lender may exercise “control” in the future (e.g., through control over certain securities or collateral, or by forcing repayment), such a remote possibility generally does not rise to the required level of "control" under the transactions, and the final rules expressly contemplate that the Committee may provide the foreign lender with the time needed to dispose of collateral so long as the foreign lender makes arrangements to transfer control to U.S. nationals in the interim.
  • Convertible Voting Instruments.  The final rules also revise the proposed rules to further clarify that CFIUS will consider the individual circumstances in determining whether the rights that a holder will obtain upon conversion using convertible voting instruments could give rise to "control."  Where conversion is reasonably certain, CFIUS may consider such rights; where conversion is speculative or remote, CFIUS may choose not to consider these rights.

2. No Pre-Filings on the Threshold Issue of “Control,” But Pre-Coordination is Nonetheless Recommended.  One issue that was raised in the public comments was that CFIUS should allow pre-filing on the sole issue of “control” so that companies could definitively know whether their transaction was a “covered transaction” under CFIUS.  However, CFIUS declined to embrace any such rule, noting that there was no such “mid-level” review under the statute or the new rules.  Companies will be forced to address the threshold issue of control through informal discussions and pre-coordination prior to filing, rather than having a formal threshold review.  Whether this will result in additional costs and greater uncertainty for the proposed transaction remains to be seen.  Clearly, CFIUS is of the opinion that pre-coordination efforts will effectively answer the “threshold” question without complicating the process with a second type of burdensome review procedure.

Additionally, CFIUS has stated that it will not issue advisory opinions on what the potential "national security" concerns of a particular transaction might be.

3. Applicability and Retroactivity of the New Regulations.  In light of the fact that Exon-Florio and the Foreign Investment and National Security Act of 2007 (“FINSA”) give the Government the authority to review any consummated transaction, several comments requested clarification on the retroactive applicability of the new rules.  Responding to these requests, Treasury observed, “the Committee does not intend for this Final Rule to disrupt certain expectations created by the provisions of the regulations.”  Despite the fact that FINSA went into effect on October 24, 2007, the new, final regulations have an effective date of December 22, 2008.  Thus, it seems, “covered transactions” initiated in the 14 month period between October 2007 and December 2008 appear to get a “free pass” under FINSA, and the prior regulations appear to apply.  The new rules state that the provisions of the prior regulations continue to govern certain issues relating to past transactions, with CFIUS disrupting previously consummated transactions only under exceptional circumstances.

  • Applicability Determined Based on When Notice is Filed with CFIUS.  The new rules state that, regardless of when a transaction will occur, notices filed with CFIUS prior to December 22, 2008 (the effective date of the new rules) should contain the types of information included in the prior regulations.  Notices filed on December 22, 2008 or later must include the information specified in the new rules.
  • Applicability Determined Based on When the Material Terms of the Transaction Were Determined.  If the U.S. and foreign parties have entered into a substantive agreement prior to December 22, 2008, then the prior regulations generally will apply.  For example, if the parties executed a written Letter of Intent establishing the material terms of the transaction on December 21, 2008, then the prior regulations apply – even if the notice that is ultimately filed with CFIUS is submitted after December 22, 2008.  Note, however, that if the material terms of the Letter of Intent were to change after December 22, 2008, then the new regulations will apply.
  • Applicability of Penalties Based on When Wrongful Act Takes Place.  Any wrongful act under the regulations that takes place after December 22, 2008 will be subject to the new regulations.  This is true even if the notice was filed under the prior regulations, if the transaction preceded the new effective date, or even if there was a violation of a mitigation agreement that was executed under the prior regulations.  Any new, independent violation of the rules will be punished consistent with the new regulations.

4. Release of CFIUS Information.  Several comments requested that certain transactional information be made publicly available, while others requested assurances that certain private and confidential information be carefully maintained by CFIUS.  The final rules attempt to limit the release of sensitive information.

  • Confidential Information.  The final rules expand the protections for personal information and make clear that the confidentiality provisions continue to apply even when the transaction is no longer before the Committee.  Such information should be clearly marked and provided as a separate document to facilitate limited distribution of this information.  The final rules also extend the protections on confidential information to pre-notice consultations and information filed in advance with CFIUS (even when companies do not ultimately file a formal notice), information relating to withdrawn applications, and information on any other transactions that are no longer before CFIUS.
  • Redacted Determinations.  One commenter requested CFIUS to issue publicly redacted versions of its determinations to help further clarify what types of transactions are “covered transactions.”  Treasury rejected this request, noting that such information is considered confidential, and that publishing such information also implicates national security concerns.

5. Guidance Relating to the Committee’s Assessment of National Security Concerns.  Despite Treasury’s reluctance to issue redacted decisions on specific types of "covered transactions," Treasury has published general guidance on the various types of transactions that CFIUS has reviewed in the past and that have raised national security concerns.  See 73 Federal Register 74567.  The guidance reiterates the Committee’s long-held position that it will continue to focus narrowly on genuine national security concerns and not on broader economic or other national interests.  Among the issues discussed in the Guidance are three key issues:

  • Transactions Raising National Security Concerns Because of the Nature of the Business Being Acquired.  The guidance indicates that CFIUS has reviewed transactions relating to, among things: (i) companies that deliver products or services to U.S. or local governments (covering such industries as aerospace and defense, law enforcement, and weapons and munitions providers); (ii) companies operating in key infrastructure areas (such as energy, transportation, and financial sectors); and (iii) the research and development of new and advanced technologies.
  • Transactions Raising National Security Concerns Because of the Identity of the Foreign Person Acquiring Control.  The guidance further indicates that, even if a covered transaction may raise a national security concern, that does not necessarily mean that it raises a national security risk.  Consequently, the identity of the foreign investor and the nature of the investment is critically important in determining whether a risk actually exists.  With regard to foreign government-controlled transactions, whether a foreign government-controlled entity operates on a purely commercial and market-driven basis is among the important factors that the Committee will take into consideration when assessing whether foreign government control in a particular transaction poses serious national security risks.
  • Types of Information Required by CFIUS to Assess National Security Concerns.  In addition to the types of information required in a CFIUS filing as detailed in the final rules, the guidance also specifies information that the Committee, based on past experience, considers useful for parties to provide when filing a notice, such as:
  • Information regarding whether the U.S. business develops or provides cyber systems, products, or services, including:
  • Business systems used to manage or support common business processes and operations, such as enterprise resource planning, e-commerce, e-mail, and database systems;
  • Telecommunications or Internet systems;
  • Control systems used to monitor, assess, and control sensitive processes and physical functions, such as supervisory control, data acquisition, and process and distributed control systems; 
  • Safety, security, support, and other specialty systems, such as fire, intrusion detection, access control, people mover, and heating, ventilation, and air conditioning systems;
  • Information regarding whether the U.S. business processes natural resources and material or produces and transports energy; and
  • Information on any required regulatory reviews, on-going dealings, or outstanding issues that the parties have with other U.S. Government agencies with national security responsibilities.

6. Civil Penalties and Damages.  As with the proposed rules, the final rules allow CFIUS to impose penalties if a company fails to comply with the requirements of the regulations or a mitigation agreement.  In particular, each violation may result in a civil penalty up to $250,000.  The decision to impose penalties must be made by the Committee.  Additionally, mitigation agreements can include liquidated damages or actual damage provisions determining in advance the "damage" that the Government will suffer if a party breaches its obligations under the mitigation agreement.


Treasury maintains that the CFIUS process remains voluntary and that these new rules are, essentially, “business as usual” for reviewing foreign investment in the U.S.  However, given the expanded scope of the review and investigation processes under FINSA, it seems clear that Treasury and CFIUS will inevitably be facing a more elaborate role in reviewing the foreign investment process.  Still, Treasury claims that the new rules merely give it increased flexibility to protect national security, and Treasury does not anticipate – over the long term – that FINSA and the new rules will materially affect the number of transactions that CFIUS reviews (noting that between 2005 and 2007, CFIUS reviewed less than 10% of foreign acquisitions).  Curiously, while Treasury has made this broad prediction of limited impact, Clay Lowery, the Assistant Secretary for International Affairs, has simultaneously stated that Treasury is expecting approximately 150-170 CFIUS cases to be filed in 2008 – a nearly 300% increase over the approximately 65 cases filed in 2006.  And Treasury is also predicting that up to 200 notices will be filed annually in 2009 and beyond.  Only time will tell whether Treasury’s prediction of “limited impact” will prove correct, but most of us agree that – barring political intrusions and armed with proper and experienced advisors – the new CFIUS rules provide predictability to the process and should not discourage foreign investors from investing in U.S. companies. 

Additional information can be located at the CFIUS website.

Authored by:

Lucantonio N. Salvi

(202) 218-0004



David S. Gallacher

(202) 218-0033