Historic Executive Order Requires CFIUS to Assess the Impact of Foreign Investment on Supply Chain Resiliency, U.S. Technology Leadership, Industry Concentration, Cybersecurity, and Sensitive Personal Data, including Risks Posed by Third Country Entanglements

On September 15, President Biden issued the first Executive Order since the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) was established that provides “formal Presidential direction on the risks that the Committee should consider when reviewing a covered transaction.”  We believe that this Executive Order is the most significant non-statutory development in CFIUS reviews in decades. 

The Executive Order 14083 (the “EO”) does not give CFIUS any new powers or expand upon its already well-defined jurisdictional limits.  What is does do is mandate that the Committee, during its review of notified transactions, consider certain factors that previously fell within the discretion of the Committee and its staff, including but not limited to, the relationships, if any, between the foreign acquirer and other foreign persons.  As always, the purpose of the assessment is to determine whether such relationships could pose a threat to U.S. national security that warrants blocking or fencing in the transaction.  In doing so, the EO makes clear the potentially far-reaching factors that foreign investors must now consider in conducting due diligence and assessing CFIUS risk.  In the process, due diligence just got a whole lot harder. 

In an off-the-record briefing – embargoed prior to the release of the EO – senior administration officials emphasized that the EO’s “sharpened guidance” is intended to send a “very clear message” to the private sector concerning the Administration’s specific concerns about the national security threats posed by foreign investment.  Without identifying any specific matter, the officials noted that the order was prompted by “certain cases” considered by the Committee. 

The EO is intended to ferret our national security issues in transactions from allied as well as unallied countries.  Nevertheless, although no specific “countries of concern” are cited in the EO, the areas of focus all correspond to areas of focus in China’s “Made in China 2025” plan.  Indeed, it is widely viewed that the concerns behind the EO center on Chinese investments in the United States – and on investments by non-Chinese investors that nonetheless implicate China.  In an address to London business leaders earlier this year, FBI Director Christopher Wray noted that “the Chinese government … poses the biggest long-term threat to our economic and national security …. an even more serious threat to Western businesses than even many sophisticated businesspeople realize.”[1]

The bottom line is that preparing for and completing the CFIUS review process just got more complicated for both foreign investors as well as their U.S. targets.  Not every case will involve the factors identified in the EO.  Nevertheless, every case will require consideration of the EO factors; failure to do so will risk derailing the review and the transaction itself. In this regard, it is important to note that the Committee has its own sources of information concerning both the parties and the transaction, including U.S. and foreign government intelligence sources.  Transparency is key.

We have reviewed the EO and highlighted key issues below. Because the EO is highly nuanced, we have elected to provide actual excerpts from the text, with our emphasis added to highlight what we see as the most significant language.  We then note our views on some of the EO’s specific provisions.  At a later date we will provide a “deeper dive” on specific elements of the EO.

“It is important to national security that the Committee continues to assess the effect of foreign investment on domestic capacity to meet national security requirements, including those requirements that fall outside of the defense industrial base.  In particular, the resilience of certain critical United States supply chains may have national security implications…. [C]ertain foreign investment may undermine supply chain resilience efforts and therefore national security by making the United States vulnerable to future supply disruptions.  These vulnerabilities may occur if an investment shifts ownership, rights, or control with respect to certain manufacturing capabilities, services, critical mineral resources, or technologies that are fundamental to national security — including because they are critical to United States supply chain resilience — to a foreign person who might take actions that threaten to impair the national security of the United States as a result of the transaction, or to other foreign persons, including foreign governments, to whom the foreign person has commercial, investment, non-economic, or other ties (relevant third-party ties) that might cause the transaction to pose a threat to national security.  

The Committee shall consider, as appropriate, the covered transaction’s effect on supply chain resilience and security, both within and outside of the defense industrial base, in manufacturing capabilities, services, critical mineral resources, or technologies that are fundamental to national security, including:  microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy (such as battery storage and hydrogen), climate adaptation technologies, critical materials (such as lithium and rare earth elements), elements of the agriculture industrial base that have implications for food security, and any other sectors identified in section 3(b) or section 4(a) of Executive Order 14017 of February 24, 2021 (America’s Supply Chains). [For example, high capacity batteries, including electrical vehicle batteries.]

(A)  The Committee shall consider, as appropriate, the degree of involvement in the United States supply chain by a foreign person who is a party to the covered transaction and who might take actions that threaten to impair the national security of the United States as a result of the transaction, or who might have relevant third-party ties that might cause the transaction to pose such a threat.

(B)  The Committee shall consider, as appropriate, the United States capability with respect to manufacturing capabilities, services, critical mineral resources, or technologies, including those described[above] ; the degree of diversification through alternative suppliers across the supply chain, including suppliers located in allied or partner economies; whether the United States business that is party to the covered transaction supplies, directly or indirectly, the United States Government, the energy sector industrial base, or the defense industrial base; and the concentration of ownership or control by the foreign person in a given supply chain, among other factors that the Committee determines to be appropriate in considering whether the covered transaction may undermine the resilience and security of supply chains critical to national security.”

“….The Committee shall consider, as appropriate, whether a covered transaction involves manufacturing capabilities, services, critical mineral resources, or technologies that are fundamental to United States technological leadership and therefore national security, such as microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy, and climate adaptation technologies.  The Committee shall also consider, as appropriate, relevant third-party ties that might cause the transaction to threaten to impair the national security of the United States.

The Committee shall consider, as appropriate, whether a covered transaction could reasonably result in future advancements and applications in technology that could undermine national security.

The Office of Science and Technology Policy (OSTP), in consultation with other members of the Committee, shall periodically publish a list of technology sectors, including those technologies listed in subsection (b)(ii) of this section, that it assesses are fundamental to United States technological leadership in areas relevant to national security….”

“.... A series of acquisitions in the same, similar, or related United States businesses involved in activities that are fundamental to national security or on terms that implicate national security may result in a particular covered transaction giving rise to a national security risk when considered in the context of transactions that preceded it.  In aggregate, these transactions may facilitate harmful technology transfer in key industries or otherwise harm national security through the cumulative effect of these investments….  

The Committee shall consider, as appropriate, as part of the Committee’s review of a covered transaction, the risks arising from the covered transaction in the context of multiple acquisitions or investments in a single sector or in related manufacturing capabilities, services, critical mineral resources, or technologies, by any foreign person who might take actions that threaten to impair the national security of the United States as a result of the transaction, or involving relevant third-party ties that might cause the transaction to pose such a threat.  The Committee may request, as part of the Committee’s review of a covered transaction, that the Department of Commerce’s International Trade Administration [“ITA”] provide the Committee an analysis of the industry or industries in which the United States business operates, and the cumulative control of, or pattern of recent transactions by, a foreign person, including, directly or indirectly, a foreign government, in that sector or industry.”[2]

“….Investments by foreign persons with the capability and intent to conduct cyber intrusions or other malicious cyber-enabled activity — such as activity designed to affect the outcome of any election for Federal, State, Tribal, local, or territorial office; the operation of United States critical infrastructure; or the confidentiality, integrity, or availability of United States communications — may pose a risk to national security. 

The Committee shall consider, as appropriate, whether a covered transaction may provide a foreign person who might take actions that threaten to impair the national security of the United States as a result of the transaction, or their relevant third-party ties that might cause the transaction to pose such a threat, with direct or indirect access to capabilities or information databases and systems on which threat actors could engage in malicious cyber‑enabled activities affecting the interests of the United States or United States persons, including:

(A)  activity designed to undermine the protection or integrity of data in storage or databases or systems housing sensitive data;

(B)  activity designed to interfere with United States elections, United States critical infrastructure, the defense industrial base, or other cybersecurity national security priorities set forth in Executive Order 14028 of May 12, 2021 (Improving the Nation’s Cybersecurity); and

(C)  the sabotage of critical energy infrastructure, including smart grids.

The Committee shall also consider, as appropriate, the cybersecurity posture, practices, capabilities, and access of both the foreign person and the United States business that could allow a foreign person who might take actions that threaten to impair the national security of the United States as a result of the transaction, or their relevant third-party ties that might cause the transaction to pose such a threat, to manifest cyber intrusion and other malicious cyber-enabled activity within the United States.”

“…[T]he Committee shall consider whether foreign investments in United States businesses that have access to or that store United States persons’ sensitive data, including health and biological data, involve a foreign person who might take actions that threaten to impair the national security of the United States as a result of the transaction, including whether the foreign person might have relevant third-party ties that might cause the transaction to pose such a threat.  

The Committee shall consider, as appropriate, whether a covered transaction involves a United States business that: 

(A) has access to United States persons’ sensitive data, including United States persons’ health, digital identity, or other biological data and any data that could be identifiable or de‑anonymized, that could be exploited to distinguish or trace an individual’s identity in a manner that threatens national security; or

(B) has access to data on sub-populations in the United States that could be used by a foreign person to target individuals or groups of individuals in the United States in a manner that threatens national security.  

The Committee shall also consider, as appropriate, whether a covered transaction involves the transfer of United States persons’ sensitive data to a foreign person who might take actions that threaten to impair the national security of the United States as a result of the transaction, and whether the foreign person has relevant third-party ties that have sought to exploit such information or have the ability to exploit such information to the detriment of national security, including through the use of commercial or other means.”

In future Client Alerts, we intend to explore more deeply the implications of the EO, including issue-spotting for deal counsel and acquisition teams, and potential strategies to help ensure successful reviews. 

[1] See FBI.gov: “Director's Remarks to Business Leaders in London,” July 6, 2022, available at: https://www.fbi.gov/news/speeches/directors-remarks-to-business-leaders-in-london-070622.

[2] In a prior Client Alert, we noted that the Department of Commerce was beefing up the ITA to address CFIUS issues, adding a dozen new professional staff members. See: “CFIUS Spills the Beans – and Commerce Staffs Up: Lessons for Foreign Investors and Their Targets,” July 25, 2022, available at: https://www.stroock.com/news-and-insights/cfius-spills-the-beans--and-commerce-staffs-up-lessons-for-foreign-investors-and-their-targets.  Clearly this action was taken in anticipation of the EO.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Stroock & Stroock & Lavan LLP | Attorney Advertising

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.

Copyright © JD Supra, LLC