The EU Regulation falls short of delegating any veto or enforcement rights to the EU, which means that Member States remain in the “driver’s seat” for FDI controls.
In response to increased foreign direct investments (FDI) into European technology assets and an increased call for the EU to take a more active role in scrutinizing investments, Jean-Claude Juncker, then President of the European Commission, presented in September 2017 a proposal for an EU Regulation establishing a framework for the screening of foreign direct investments into the EU.
After more than one year of negotiations, an agreement on the final text of the regulation had been reached in December 2018. The Regulation (EU) 2019/452 of the European Parliament and of the Council of 19 March 2019 establishing a framework for the screening of foreign direct investments into the Union entered into force in April 2019. The new rules will ultimately become applicable following a transition period of 18 months, i.e., in October 2020.
KEY OBJECTIVES OF THE PROPOSAL
As of today, only 15 out of 28 Member States have national security review mechanisms in place, differing widely in scope (e.g., review of intra- or extra-EU FDI, differing screening thresholds, breadth of sector coverage), process (e.g., pre-authorization vs. ex post screening of FDI), review timetables and enforcement. This illustrates the lack of harmonization towards national security reviews within the EU, a lacuna that the EU attempts to fill with the Regulation.
The EU Regulation falls short of delegating any veto or enforcement rights to the EU, which means that Member States remain in the “driver’s seat” for FDI controls. There is still no obligation for Member States to introduce a national FDI review process. However, the Regulation introduces a coordinating mechanism whereby the Commission may issue nonbinding opinions on FDI reviews performed in Member States.
Moreover, “non-reviewing” Member States may provide comments to the “reviewing” Member States. The practical impact will therefore be largely procedural, leading to more red tape, longer review processes and more “players” getting involved in investments by non-EU investors. The final “say” in relation to any FDI undergoing screening or any related measure remains the sole responsibility of the Member States conducting reviews pursuant to their national FDI screening procedures.
THE NEW EU FRAMEWORK FOR FDI REVIEWS
The Regulation stipulates that investment reviews, where applicable, should revolve around the baseline substantive criteria of “security and public order” only. In determining whether a foreign investment is likely to affect “security and public order,” the Member States or the Commission may take into consideration certain factors as specified in the Regulation. In particular, the Regulation provides a non-binding and non-exhaustive list of sectorspecific assets and technologies with regard to which FDI may be problematic, and certain other critical effects FDI may have, including, inter alia:
- Critical infrastructure, whether physical or virtual, including energy, transport, water, health, communications, media, data processing or storage, aerospace, defense, electoral or financial infrastructure, as well as sensitive facilities and investments in land and real estate, crucial for the use of such infrastructure
- Critical technologies and dual-use items,1 including artificial intelligence, robotics, semiconductors, cybersecurity, quantum technology, aerospace, defense, energy storage, nuclear technologies, nanotechnologies and biotechnologies
- Supply of critical inputs, including energy or raw materials, as well as food security
- Access to sensitive information, including personal data, or the ability to control such information
- The freedom and pluralism of the media
The Member States may also consider in their “threat assessment“ whether a foreign government (including state bodies or armed forces) directly or indirectly—e.g., through ownership structures or “significant funding”—controls the acquirer.2 This additional criterion is a response to the increased volume of investments backed by state-owned enterprises and state-supported funding, in particular from the PRC.
The Regulation does not specify the legal effects of the above criteria, in particular, that Member States are not legally required to build those criteria into their respective FDI review rules. The main effect is therefore likely to be that such criteria may be addressed by the Commission and/or other Member States as part of the new cooperation mechanism, and may be given due consideration by the reviewing Member States.
Cooperation mechanism between the Commission and Member States
One of the most significant changes to the existing national review mechanisms throughout the EU Member States is the new role of the Commission and of other Member States based on the implemented cooperation mechanism. Member States will be required to notify the Commission and other Member States of any ongoing FDI review, of which may include a list of other Member States whose security or public order are deemed likely to be affected.
Where the Commission considers that an FDI is likely to affect security or public order in more than one Member State, or has additional relevant information in relation to that FDI, it may issue an opinion addressed to the reviewing Member State, irrespective of whether other Member States have provided comments that they are entitled to provide under the Regulation as well. If at least one-third of the Member States consider that an FDI is likely to affect their security or public order, the Commission shall issue an opinion where justified. Any Member State may also request the Commission to issue an opinion if it duly considers that FDI is likely to affect its security or public order.
The same procedure should be implemented if an FDI is planned or completed in a Member State that is not conducting an FDI review, either because the relevant thresholds are not met or because it does not have an FDI regime. The Regulation implements the same rights for the other Member States and the Commission in those cases as well. This will be particularly relevant for holding company jurisdictions like Luxembourg, which has not adopted FDI review regimes at all. The FDI rules in other jurisdictions may still apply in the case of indirect investments by operation of national laws if assets held in those jurisdictions fulfill the relevant asset tests or other criteria that allow those Member States to perform their own review.
Should the Commission qualify a transaction as likely to affect projects or programs with significant EU funding that are listed exhaustively in Annex 1 of the Regulation (e.g., Galileo, Copernicus, trans-European Networks, etc.), it may also issue an opinion.
The Member State in which the FDI screening takes place shall give due consideration to the other Member States’ comments and to the Commission’s opinion, even though neither of these are binding. The ultimate decision on the clearance of a transaction rests solely with the reviewing Member State. It is not yet clear whether the opinion or comments provided by Member States and the Commission may be disclosed to the parties of a transaction or even if they would be made aware that comments have been made or an opinion has been issued.
The Regulation provides that Member States and the Commission shall ensure that classified information provided or exchanged under the Regulation is not downgraded or declassified without the originator’s prior written consent.3 Recital 30 also links this confidentiality obligation with a series of instruments designed to ensure the security of the exchanges of information.4 However, it is still unclear who will determine the confidential nature of the information, once it has been circulated to the other Member States.
New Member State reporting obligations
Furthermore, the Regulation introduces annual reporting obligations for the Member States with respect to national security reviews on the basis of information made available to them. The final compromise on the Regulation extended the reporting obligation to requests received from other Member States pursuant to the cooperation mechanism described above. The intention of the new reporting obligation is to achieve a minimum degree of transparency in national review proceedings throughout the EU, as most Member States do not provide publicly available information on the domestic review processes or the decisions taken by the relevant authorities.
Given that Member States will be obliged to give the Commission’s opinion and other Member States’ comments due consideration, the duration for FDI national review procedures is likely to increase further.
If the FDI is reviewed at the Member State level, then the procedure is as follows:
- The Commission and other Member States have 15 calendar days upon notification from the recipient Member State to request additional information and indicate whether they wish to provide an opinion or comments, respectively. Any requests for additional information shall be duly justified and Member States have to notify the Commission in parallel of any request for information and replies
- If a Member State indicates that it will provide comments, it will have 35 days from the date of the notification to do so
- If additional information was requested, comments or opinions shall be issued no later than 20 calendar days following receipt of additional information
- The Commission may issue an opinion following comments from other Member States where possible within the deadline of 35 calendar days and in any case no later than five calendar days after this deadline expires
If the FDI has not been reviewed at the Member State level, and a Member State considers that the FDI is likely to affect its own security or its public order or it has relevant information about the investment, then it may provide comments to the Member State where the FDI takes place or request information from that Member State.
It may also request the Commission to issue an opinion. Once the requested information has been provided, the Member State asking for the information has 35 days to comment and the Commission has an additional 15 days to issue an opinion.
As Member States shall give due consideration to the comments made by other Member States as well as the Commission’s opinion, they will be reluctant to issue their final decision before the EU cooperation process has been completed. While there is no formal “stop-the-clock“ requirement, there is considerable risk that this may substantially delay the national review processes.
Another controversial element of the Regulation is that Article 7, paragraph 8, allows Members States and the Commission to provide comments and/or issue an opinion up to 15 months after the FDI has been completed.5 That said, the Regulation does not provide for a legal basis to challenge a transaction post-completion.
Overall, despite the fact that the status quo of Member States being responsible for any enforcement actions post-FDI screening still stands, the implementation of the Regulation will likely create an impetus for Member States to better align themselves with the Regulation. This alignment may prompt Member States to consider establishing a new national security review regime (where one does not already exist), or amend their current regimes to comply with the Regulation.
Furthermore, the new role of the European Commission and the other Member States will add an additional layer of complexity to the investment screening review process. At the same time, it is testimony to the increasing significance of national security reviews in the field of international M&A. While the Regulation is by and large an instrument of “soft law,” it does add substantial complexity and uncertainty to security reviews performed at the Member State level. It will also put additional pressure on Member States to consider a broader range of security interests, which is likely to facilitate “lobbying efforts“ from other stakeholders taking interest in a transaction.
However, it remains to be seen whether the new Regulation is an interim or a more definitive step in the course of harmonizing European investment controls.
1 As defined in Article 2(1) of Regulation (EC) No 428/2009.
2 Article 4(2)(a) of the Regulation.
3 Article 10 of the Regulation.
4 Commission Decision (EU, Euratom) 2015/4431 of 13 March 2015, on security in the Commission, Commission Decision (EU, Euratom) 2015/4442 of 13 March 2015, on the security rules for protecting EU classified information and the Agreement between the Member States of the European Union, meeting within the Council, regarding the protection of classified information exchanged in the interests of the European Union.
5 It should be noted that Article 7 of the Regulation does not apply to FDIs completed before April 10, 2019
This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.
© 2019 White & Case LLP