Kirkland Alert

CFIUS Reform at the Finish Line

Last week, the U.S. Senate and House of Representatives released the agreed-upon text of the Foreign Investment Risk Review Modernization Act (“FIRRMA”) within the National Defense Authorization Act of 2019 (“NDAA”). Nearly nine months after its initial introduction, FIRRMA’s near-term passage appears inevitable, with ­­­­certain high-impact provisions becoming effective as soon as the president signs the bill into law. While many of the granular changes to the CFIUS review process remain to be worked out through implementing regulations, FIRRMA provides a new framework that will fundamentally transform how the U.S. assesses and manages national security risk arising from foreign direct investment.

The View from Washington


In the words of Sen. John Cornyn (R-TX), one of FIRRMA’s initial sponsors, FIRRMA aims to “take a carefully tailored approach” to modernizing CFIUS “without hamstringing our ability to meaningfully engage in trade with partners around the world.” In this connection, FIRRMA begins by reciting Congressional findings emphasizing the importance of foreign direct investment to the U.S. economy and making clear that the U.S. will continue to welcome investment from its allies and partners. However, FIRRMA filters this commitment through the establishment of new and different mechanisms that authorize CFIUS to review and take action regarding a much broader range of transactions, particularly if the U.S. business in question has a nexus to technologies deemed “critical,” in furtherance of preserving U.S. technological leadership and its contribution to U.S. defense overmatch capabilities.  

An otherwise U.S. private equity fund's investments in U.S. businesses may be subject to CFIUS' jurisdiction by virtue of foreign limited partners' participation in the fund's decision-making, receipt of certain information about investments, and/or other factors.

While much of the discourse around FIRRMA has focused on mitigating perceived threats arising from Chinese investments — and there is no question that FIRRMA will have an outsized impact on transactions with direct or indirect connections to China — FIRRMA is broadly drafted, empowering CFIUS to advance its national security mission largely irrespective of a foreign investor’s national pedigree. FIRRMA thereby lays a policy foundation on which to build a better-organized CFIUS apparatus with more substantial resources — a priority widely shared among Congress and the White House.

We discuss below eight impacts of FIRRMA and related key takeaways.

1.     Four additional types of transactions will be newly subject to CFIUS’ jurisdiction.

FIRRMA demonstrates an evolution in the U.S. government’s thinking about national security risk from a focus on “control” to an assessment of whether an investment is “non-passive.” Accordingly, FIRRMA broadens CFIUS’ jurisdictional ambit to cover four new types of transactions:

a.    Non-passive investment by a foreign person in “critical infrastructure” and “critical technology” companies, as well as companies that maintain or collect personal data of U.S. citizens.
b.    The purchase, lease, or concession by or to a foreign investor of real estate that is in “close proximity” to U.S. military sites or other sensitive facilities.
c.    Any change in a foreign investor’s rights regarding a U.S. business.
d.    Any transaction or arrangement designed to circumvent or evade CFIUS’ jurisdiction.

2.     Certain investments will trigger a mandatory notification to CFIUS.

While the CFIUS review process has historically been initiated voluntarily by transaction parties (absent an agency request to file), FIRRMA makes certain investments subject to mandatory notification requirements:

a.    FIRRMA will require transaction parties to submit “light” notifications of transactions that will result in the acquisition of a “substantial interest” in certain U.S. businesses by a foreign person in which a foreign government holds a “substantial interest.”  
b.    FIRRMA provides that CFIUS may prescribe regulations providing for mandatory notifications of non-passive investments by any foreign person in certain U.S. “critical technology” companies.  

3.     An otherwise U.S. private equity fund’s investments in U.S. businesses may be subject to CFIUS’ jurisdiction by virtue of foreign limited partners’ participation in the fund’s decision-making, receipt of certain information about investments, and/or other factors.

FIRRMA sets boundaries on the nature and scope of involvement that foreign investors may have in a U.S. private equity fund and its investments in order to avoid a judgment that CFIUS could review the fund’s investments. For example, while foreign limited partners may receive ordinary-course financial information about the performance of a U.S. target in connection with their investment, a foreign limited partner’s receipt of “material nonpublic technical information” about a U.S. business may create grounds for CFIUS to review the fund’s investment in such business.

4.     Foreign investments in “critical technology” companies will garner greater scrutiny.

The initial draft of FIRRMA provided for potential CFIUS review of non-U.S. licensing arrangements, joint ventures, and other arrangements involving transfer of U.S. technology to foreign investors. While those provisions have since been removed, FIRRMA retains as a clear focal point the objective of surfacing and addressing risks arising from investments in U.S. “critical technology” companies, providing that a broad range of investments in such companies could be subject to CFIUS’ review. Notably, FIRRMA’s provisions regarding such companies are not restricted to industry sectors historically considered “sensitive,” and the company may be positioned at virtually any point in the value chain (e.g., as a designer, manufacturer, developer, or provider of testing services).

5.     Information-sharing with non-U.S. regulators will increase.

FIRRMA provides that CFIUS may share information important to its national security analysis or CFIUS’ actions with foreign allies and partners, subject to appropriate confidentiality and classification requirements, in furtherance of “national security purposes.” As France, the United Kingdom, Germany, Canada, and other countries continue to strengthen their own national security review regimes, the likelihood that information from one regulator will be shared with another seems poised to increase.

6.     CFIUS filings will take longer.  

FIRRMA extends the current initial 30-day review period to 45 days, followed by a 45-day investigation phase. In “extraordinary circumstances,” CFIUS may extend an investigation by 15 days. Of note, this provision will apply with immediate effect after FIRRMA is signed into law.

7.     Non-notified deals will be subject to heightened attention.

To date, CFIUS member agencies have taken different approaches to evaluating and raising non-notified transactions that may touch on an agency’s equities.1 FIRRMA directs CFIUS to create a formal systematic process to identify non-notified transactions.

8.     Filing fees will attach to CFIUS’ reviews of joint voluntary notices.

As soon as FIRRMA becomes law, CFIUS will be authorized to collect filing fees from transaction parties. Importantly, these fees will not apply to “light” notifications and will be imposed only in connection with submission of a formal joint voluntary notice.

In many respects, FIRRMA simply codifies existing agency practice.

Key Points to Keep in Mind


  • U.S. equity sponsors must carefully assess whether, by virtue of their foreign limited partner base, any foreign participation in the carry, and other factors, FIRRMA would give CFIUS jurisdiction to review their funds’ investments in U.S. businesses. This analysis is highly fact-specific, and should be undertaken with assistance from qualified advisers.
  • U.S. national security regulators remain very interested in examining non-notified transactions, especially when the transaction involves technologies that may be considered “critical.” Buyers and sellers should presume that any information made public about a foreign investment in a U.S. business could be raised to regulators’ attention and prompt questions and/or government intervention.
  • Transaction parties should be thoughtful and consistent in preparing notifications and filings of investments, and should assume that national security regulators in the U.S. and its allies may share information.
  • While the ultimate impacts of FIRRMA will not be evident until after regulations are drafted and implemented, in many respects, FIRRMA simply codifies existing agency practice. In particular, U.S. and foreign investors should not assume that the provisions in FIRRMA with delayed applicability are not relevant to their near-term transactions or long-term enterprise strategy

*            *            *

Anchored in Washington, D.C., Kirkland & Ellis’ International Trade and National Security Practice, in coordination with the Firm’s global offices and related practice areas, serves as a trusted adviser to companies, private equity sponsors and financial institutions to identify, assess and mitigate the complex international risks of operating and investing across national borders.

We focus on U.S. and EU economic sanctions (OFAC, EU), export controls (ITAR, EAR), anti-money laundering (AML), national security investment reviews (CFIUS) and related areas. We regularly work with our clients on a global basis on transactional, regulatory counseling, and investigative and enforcement matters, providing seasoned, holistic and sound advice.

If this publication was forwarded to you and you would like to receive similar future client alerts directly, please subscribe here.


1. See, e.g., the discussion of potential inconsistencies in agencies’ approaches to identifying and raising non-notified transactions in GAO Report 18-494, Committee on Foreign Investment in the United States: Actions Needed to Address National Security Concerns Facing the Department of Defense (July 2018), p. 23-24.