CFIUS Releases Guidance Concerning Enforcement and Penalty Actions
November 15, 2022
By Brett W. Johnson, Mary Colleen Fowler, and T. Troy Galan
On October 20, 2022, the Committee on Foreign Investment in the United States (“CFIUS”) issued the “CFIUS Enforcement and Penalty Guidelines” (the “Guidelines”).1 These are the first-ever Guidelines issued by CFIUS which is a strong indication to U.S. businesses of increased enforcement. The Guidelines provide previously unavailable insight into CFIUS’ enforcement priorities and how it determines penalties of regulations under its purview.
As a reminder, the CFIUS is authorized to conduct a risk-based analysis on national security implications of covered transactions that could result in foreign control of any U.S. business. In recent years, national security has also encompassed economic and data privacy security issues. Certain covered investments which afford foreign persons access to nonpublic information or decision-making power on U.S. business are also subject to CFIUS jurisdiction.
The Guidelines clarify that penalties could apply to the following conduct:
- Failure to File. While the CFIUS review process involves primarily voluntary fillings, the Guidelines serve as a reminder of the updated mandatary filling requirements that went into effect on October 15, 2020.
There are two primary circumstances which trigger the mandatory filling provisions. First, when an entity in which a foreign government holds a 49 percent or greater voting interest intends to acquire a voting interest of 25 percent or more in a TID U.S. business. Second, investment by a foreign entity in a TID U.S. business involved in critical technology, when a license or authorization is required, including Bureau of Industry and Security (“BIS”) and Directorate of Defense Trade Controls (“DDTC”) export licenses.2
- Non-Compliance with CFIUS Mitigation. CFIUS is empowered to “negotiate, enter into or impose, and enforce” mitigation agreements on any party of a covered transaction or investment to address the national security risk identified by its review.
The Guidance indicates CFIUS will increase enforcement of these agreements and pursue non-compliance.
- Material Misstatement, Omission, or False Certification. CFIUS has indicated a policy to pursue penalties and other remedies as appropriate as a result of “material misstatements or omissions” made in connection with representations to the CFIUS. Notably, this extends to assessments, reviews, investigations, or CFIUS mitigation agreements (even during informal consultations).
When assessing potential regulatory violations, CFIUS relies on a wide universe of information, including requests for information, self-disclosures, and tips. Moreover, the Guidelines reiterate the penalty process, directing entities to review the applicable regulations. If found in violation of the regulations, CFIUS provides the subject a notice of penalty, explaining the violating conduct and the corresponding monetary penalty. The subject can then submit a petition for reconsideration that CFIUS will consider, if filed timely, before issuing its final penalty determination.
CFIUS considers both aggravating and mitigating factors when administering penalties for regulatory violations, including:
- Accountability and Future Compliance
- Negligence, Awareness, and Intent
- Persistence and Timing
- Response and Remediation
- Sophistication and Record of Compliance
Finally, the Guidelines emphasize the importance of cooperation and the potential impact on the final penalty determinations of alleged misconduct. In particular, the Guidelines indicate the benefits of timely submissions of Voluntary Self-Disclosures (“VSD”). Similar to international trade compliance enforcing agencies, CFIUS will consider several factors when evaluating VSDs, including the degree of cooperation, whether discovery of the violation by U.S. officials was imminent, and compliance with the requirements of an existing CFIUS mitigation agreement. Nevertheless, VSDs are encouraged regardless of an affirmative disclosure obligation.
CFIUS highlights its newly released Guidelines are “non-binding and are not intended” to confer any rights. In light of the Guidelines, companies should consider taking the opportunity to update policies and procedures not only in regard to selling U.S. entities to foreigners, but also in regard to joint ventures or technology transfer arrangements. To the extent an issue arises, companies may consider consulting experienced counsel in CFIUS regulations for transactions or investments involving foreign ownership and export licensing requirements.
CFIUS Enforcement and Penalty Guidelines are available at https://home.treasury.gov/policy-issues/international/the-committee-on-foreign-investment-in-the-united-states-cfius/cfius-enforcement-and-penalty-guidelines
See 31 C.F.R. § 800.248 for the definition of a TID U.S. business.
©2022 Snell & Wilmer L.L.P. All rights reserved. The purpose of this publication is to provide readers with information on current topics of general interest and nothing herein shall be construed to create, offer, or memorialize the existence of an attorney-client relationship. The content should not be considered legal advice or opinion, because it may not apply to the specific facts of a particular matter. As guidance in areas is constantly changing and evolving, you should consider checking for updated guidance, or consult with legal counsel, before making any decisions.