CFIUS Outreach on Non-Notified Transactions: What it Means, What to Expect, and How to Successfully Navigate the Process

The Committee on Foreign Investment in the United States ("CFIUS") has substantially increased its efforts to identify and review non-notified transactions of interest—both new deals and ones that have previously closed, sometimes years ago. An array of US companies have been contacted by the Treasury Department’s Office of Investment Security in connection with foreign investment transactions. Such outreach means that CFIUS has learned of a foreign investment transaction, believes it may raise national security considerations, and is interested in conducting a full review. CFIUS may also reach out regarding certain real estate transactions. CFIUS’s efforts to identify and review non-notified transactions, including long-closed deals, are increasing and present new considerations for parties in cross-border transactions. Since the very nature of non-notified outreach indicates the transaction may raise national security considerations, it is critical for parties to carefully and proactively manage the process from the outset.

What Is Happening and What Has Changed

Prior to the enactment of the Foreign Investment Risk Review Modernization Act (“FIRRMA”), CFIUS’s search for non-notified transactions of interest would occasionally result in a request to the parties to "voluntarily" submit a transaction for review, even if it was completed years before. In practice, however, due to limited resources, CFIUS would call in only a very small number of the many non-notified transactions subject to its jurisdiction, even though more might have been potentially concerning to CFIUS. 

Enacted in 2018, FIRRMA sought to fill gaps in the CFIUS review regime and made numerous changes to the CFIUS process (see, for example, prior alerts here and here). Among these changes were a significant increase in resources allocated for monitoring and enforcement and the establishment of a formal process to identify non-notified transactions. FIRRMA also enabled the centralization of CFIUS’s non-notified identification process within the Treasury Department “for the purpose of enhancing interagency coordination and collaboration in carrying out the functions of the Committee.” 

CFIUS is utilizing its new resources aggressively. The Office of Investment Security—including its monitoring and enforcement staff—is growing and CFIUS’s pursuit of non-notified transactions is accelerating. CFIUS member agencies such as the Department of Defense have also been increasing their non-notified teams and actively coordinate with the Treasury Department regarding identified transactions. Recently, the Acting Assistant Secretary of the Treasury for Investment Security reported that in 2020 CFIUS called in twice as many non-notified transactions as in 2018 and 2019 combined—and that CFIUS is on pace for a 50% increase in non-notifieds in 2021 compared to 2020. He also confirmed that “nothing is off limits” if there is a potential risk to national security, meaning that no transaction will be deemed too old or too small for CFIUS to take an interest.

This is consistent with our experience—we have advised clients on a variety of non-notified transactions of differing sizes ranging from deals that closed nearly a decade ago to ones that have only recently signed and not yet closed. It is clear that CFIUS is developing a substantial backlog of transactions that previously closed but that still raise potential concerns, particularly those involving Chinese or Russian investors. It is equally apparent that CFIUS is looking for new transactions and reaching out regarding current deals that might not otherwise be notified, including small, non-controlling investments such as venture capital funding in "TID US businesses," which are certain businesses involved with critical technologies, critical infrastructure, and sensitive personal data over which CFIUS has expanded authorities. CFIUS can also reach out for certain non-notified real estate transactions (i.e., purchases, leases, or concessions) by foreign persons with respect to “covered real estate".

What the Non-Notified Process Looks Like

CFIUS researches an array of databases to identify transactions that it is interested in pursuing. When CFIUS decides to reach out on a non-notified transaction, the process typically begins with an official from the Treasury Department’s Office of Investment Security sending an email to a senior representative of the US business that is (or was) the subject of the transaction CFIUS has identified.¹ This email will request a phone call with the company to discuss a “confidential and time-sensitive” matter involving the company and recommend the participation of the company’s outside counsel in the call. Such initial calls are typically process oriented and provide the business with background on CFIUS, its jurisdiction, and next steps. 

Following this initial outreach, CFIUS will typically send a series of questions to help it determine whether it has jurisdiction to review the non-notified transaction. These questions ask for certain details regarding the transaction, the foreign investor and its owners, and the US business. The requested information can be quite extensive, and even though the outreach is initially directed at the US business, the foreign investor will often need to participate to provide relevant information. After the initial submission, CFIUS may also ask follow-up questions to assist in its analysis. 

CFIUS will then review the submitted information to determine whether it has jurisdiction to review the transaction and, if so, may request a filing. In our experience, which is consistent with unofficial statements from CFIUS officials, if CFIUS determines that it has jurisdiction, it will typically request the parties to submit a joint voluntary notice. There is no set time for CFIUS to request a filing after the parties submit the requested information, but it often takes at least several weeks. 

Once CFIUS requests a notice, the process is usually similar to the standard process: the parties will prepare a joint voluntary notice regarding the transaction, which they will “prefile” in draft form. CFIUS will review and comment on the draft notice, after which the parties will address the CFIUS comments and formally file. The statutory time frames for review (45 calendar days) and investigation (45 calendar days) are the same as for a standard CFIUS notice.

In connection with requesting a notice, CFIUS may also issue questions for the parties to address within their filing. This allows CFIUS to front-end requests based on their initial research and enables parties to prepare responses without the pressure of three-business-day deadlines that apply during the formal review process. Even if CFIUS provides initial substantive questions, parties should expect substantial Q&A during the formal review process. Once CFIUS has started a review, it is also possible for CFIUS to impose interim mitigation measures or suspend a proposed or pending transaction during the pendency of the CFIUS review if it determines that its concerns warrant such action. 

It is important to note that all aspects of the non-notified process—including the initial outreach, submissions, and exchanges—are subject to the same confidentiality protections that apply to the CFIUS process generally.

How to Effectively Manage the Non-Notified Process

If CFIUS reaches out on a non-notified transaction, it is critical to take a proactive approach from the very start because CFIUS has researched the transaction, made a preliminary determination that it may raise national security considerations, and is seeking to conduct a full review to assess and address any perceived national security risks. Parties should understand that CFIUS’s outreach regarding the transaction is very serious and deliberate. 

It is essential to engage with experienced CFIUS counsel from the outset who can develop a comprehensive strategy. This can include, for example, developing legal arguments in certain cases as to why the transaction is not subject to CFIUS’s jurisdiction, substantive arguments regarding the national-security risk based on the given facts, and a plan for engagement with CFIUS. Parties should start developing a strategy before the initial submission, and emphasize the key themes throughout both the initial responses as well as subsequent submissions and communications with CFIUS. 

Since CFIUS will only request a filing for a non-notified transaction if it believes the transaction may raise national security considerations, the dynamic is different than ordinary-course filings, since there is effectively a presumption that CFIUS is more likely to have concerns. This does not mean that CFIUS will ultimately determine it has jurisdiction or identify risks that it must address in every non-notified transaction it reviews—indeed, the goal of developing a clear strategy early in the process is to maximize the chances of getting the best outcome possible, ideally no request for a filing or simple clearance. But given the realities of non-notified transactions, parties should be prepared for CFIUS to find jurisdiction and require mitigation—or even potentially recommend that the president prohibit the transaction—and plan their strategy accordingly. Especially for deals that have already closed, it is important to think through potential mitigation measures relevant to the likely concerns for the given investment and how they will impact the company’s ongoing operations. It is also important to address practical issues with CFIUS in mitigation negotiations to ensure any mitigation requirements are workable, and meetings with CFIUS in connection with non-notified transactions can often prove particularly valuable. 

What This Means for Transaction Parties

Perhaps the most significant practical implication of CFIUS’s increased pursuit of non-notified transactions is the change to the overall risk equation for not voluntarily notifying CFIUS. For non-mandatory filings, the fundamental risk of not voluntarily notifying CFIUS of a transaction has not changed: the risk is that CFIUS could learn of the transaction, request a filing, and the parties would have little recourse if CFIUS determined the transaction presented national security concerns and either required mitigation measures to address those concerns or recommended the transaction be blocked or the buyer divest. What has changed is the likelihood of this risk becoming reality—it is simply getting harder for potentially sensitive transactions to "fly under the radar," and the odds of CFIUS reaching out on transactions that might be of interest have increased substantially.  

The adjusted risk dynamic should be factored into new transactions, such as when negotiating terms in transaction agreements to allocate CFIUS risks between the parties. For transactions that have closed, US businesses that have been the subject of foreign investment—including outright acquisitions or minority investments—and foreign investors for such transactions should be aware of the changing CFIUS landscape and be prepared to react effectively if CFIUS reaches out. 

_{1 For foreign-foreign transactions, such outreach may be to the foreign parent company of the US business.}

_{White & Case means the international legal practice comprising White & Case LLP, a New York State registered limited liability partnership, White & Case LLP, a limited liability partnership incorporated under English law and all other affiliated partnerships, companies and entities.}

_{This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.}

_{© 2021 White & Case LLP}