Critical U.S. Businesses
One of the ways that other countries (including adversaries)
gain access to key U.S. technology and know-how is through
investment in U.S. businesses (including startups).
There has been an ongoing effort to address this
issue with the establishment of the Committee on Foreign
Investment in the United States (CFIUS).
However, more changes were needed in order to close
On August 3, 2018 a new law was implemented to strengthen
CFIUS. The new
law is called
Foreign Investment Risk Review Modernization Act (FIRRMA).
FIRRMA significantly expands CFIUS jurisdiction.
It extends CFIUS jurisdiction to non-passive
investment by a foreign person in any U.S. business involved
in critical infrastructure or the production of critical
technologies or that maintains sensitive personal data that,
if exploited, could threaten national security.
The CFIUS jurisdiction further extends to the purchase,
lease or concession by or to a foreign person of certain
real estate in close proximity to military or other
sensitive national security facilities. FIRRMA also provides
CFIUS with additional time to review transactions and
requires mandatory declarations (a short-form notification
of a transaction) in certain cases.
CFIUS has jurisdiction to review any transaction, by or with
any foreign person, that could result in control of a U.S.
business by a foreign person, in order to identify and
address any national security concerns that may be presented
as a result of the transaction.
Such threats include, in particular, those presented by
foreign-government investment that is part of a strategy to
neutralize or surpass the United States’ advantages in
technology and gain access to technologies with current or
future military applications, including developing
commercial technologies that may also have defense or
intelligence applications, such as robotics, artificial
intelligence and automation.
Upon enactment, certain provisions of FIRRMA will go into
CFIUS will have to develop regulations to implement
FIRRMA added the following transactions that to be covered
-Real Estate Transactions
-Non-controlling Investments in Companies that Deal in
Critical Technology, Critical Infrastructure and Personal
Data of U.S. Citizens.
-Changes in Rights of a Foreign Person with Respect to its
Investment in a U.S. Business.
-Transactions Structured to Evade CFIUS Review.
Another potentially significant jurisdictional expansion
relates to the definition of “U.S. business.” FIRRMA defines
“U.S. business” to mean “a person engaged in interstate
commerce in the United States.”
Any party or parties to any covered transaction may initiate
CFIUS review of the transaction by submitting a written
notice of the transaction to the CFIUS chairperson.
The CFIUS review process currently consists of a 30-day
review period, potentially followed by a 45-day
The core CFIUS review process currently lasts for up
to 75 days.
FIRRMA extends the initial review period to 45 days and
authorizes CFIUS to extend the investigation period by an
additional 15 days in “extraordinary circumstances,” With
these modifications, the CFIUS review process could take as
long as 105 days, as opposed to 75 days under current law.
Currently, there is no filing fee associated with any
notification to CFIUS. FIRRMA authorizes CFIUS to impose a
fee of no more than one percent of the value of the
transaction or $300,000 (adjusted annually for inflation
pursuant to regulations prescribed by the Committee),
whichever is less.
FIRRMA retains CFIUS’s authority to initiate a review of a
transaction for which action had been completed if any party
to the transaction submitted false or misleading material
information to the Committee.
The Foreign Investment Risk Review Modernization Act
of 2018 [FIRRMA]