CFIUS Plans to Enhance and Expand Monitoring and Enforcement Authorities

In another sign the Biden Administration is focusing on enforcing laws to protect U.S. national security, the Treasury Department has announced plans to enhance the monitoring authorities of the Committee on Foreign Investment in the United States (“CFIUS”) and to significantly increase penalties for violations of the national security regulations governing foreign investments. CFIUS issued a Notice of Proposed Rulemaking (NPRM) that would expand the Committee’s authority to make requests for information in connection with transactions that are not notified to CFIUS and that would increase the maximum penalties for certain violations from $250,000 per violation to $5 million per violation. The proposed rules would also implement a critical timing requirement for responding to CFIUS proposals during mitigation negotiations that could shift the leverage in such negotiations to CFIUS. The NPRM follows CFIUS’s issuance of Enforcement and Penalty Guidelines in 2022 (discussed in our prior alert). Comments on the NPRM are due by May 15, 2024, and final rules are expected to be published later this year.

The new rules proposed in the NPRM are unlikely to impact the majority of transactions subject to CFIUS jurisdiction and review, particularly in cases where parties comply with the regulations and terms of mitigation agreements. However, the NPRM indicates the seriousness with which CFIUS is focusing on implementing and enforcing its monitoring, compliance, and penalty authorities. 

Proposed Rule Changes

The NPRM proposes changes to three areas of the CFIUS regulations in 31 C.F.R. Parts 800 and 802.

1. Requests for Information

CFIUS has broad authority to request information from parties to transactions not notified to the Committee necessary to determine whether such transactions are subject to CFIUS jurisdiction. The current regulations do not specify other types of authorized information requests. The NPRM proposes to amend the regulations to expressly authorize requests for information related to whether transactions meet the criteria for a mandatory CFIUS filing and whether transactions may raise national security considerations. The stated purpose of such revisions is for such information requests to prevent unnecessary filings and increase efficiency in connection with transactions that may pose risk, and are not intended to substitute for a CFIUS review.

2. Civil Monetary Penalties

Under the current rules, CFIUS may issue a civil penalty of up to $250,000 for the submission of a filing to CFIUS with a material misstatement or omission, or with a false certification. The NPRM would expand the list of circumstances under which penalties could be imposed to include material misstatements or omissions in the context of other communications with CFIUS, such as responses to CFIUS requests for information related to non-notified transactions, and responses to CFIUS requests for information related to monitoring or enforcing compliance. The NPRM would also increase the penalty from $250,000 per violation to $5 million per violation. (Penalties for failure to file a mandatory declaration and material violation of mitigation agreements are currently a maximum of $250,000 or the value of the transaction. The NPRM would also revise the $250,000 to $5 million, but maintain the value of the transaction as the maximum penalty. The proposed rule would, therefore, only have an impact on transactions valued at less than $5 million.)

3. Timing of Responses during Mitigation Negotiations

The current CFIUS rules do not require transaction parties negotiating mitigation with the Committee to respond to Committee proposals within a specific time frame. Ostensibly in an effort to conclude CFIUS reviews in a timely manner, the NPRM proposes to require parties to respond to proposed mitigation terms (both initial and subsequent proposals and revisions) within three business days, unless the Committee grants an extension. Failure to do so could result in the rejection of the filing. Notably, the NPRM would not impose a similar requirement on the Committee in responding to parties’ counter-proposals or revisions.

Implications

The NPRM changes to the CFIUS rules related to requests for information and civil penalty increases reflect CFIUS’s ongoing focus on its monitoring and compliance functions and implementing its enforcement authorities. Traditionally, CFIUS has not exercised its authorities to impose civil penalties, but seems poised to use those authorities more actively to punish violations as part of the Committee’s efforts to protect U.S. national security.

The imposition of a three business day response requirement during mitigation negotiations is unlikely to affect most parties seeking CFIUS clearance. In 2022, only 52 of 440 total filings had mitigation conditions imposed, of which there were 44 mitigation agreements. That said, for parties negotiating mitigation agreements, the proposed rule could have a significant impact on their negotiating leverage. Three business days, particularly when foreign investors are located in time zones many hours ahead of the United States, is a very short amount of time to respond. While such turnaround time may be possible in the latter stages of negotiations when revisions may be more limited, it is very unlikely to be sufficient to respond to an initial mitigation proposal. CFIUS couches this rule change as being for the purpose of concluding CFIUS reviews in a timely manner. However, since the NPRM would not subject CFIUS to the same response time and failure to respond could result in a rejection of the filing, the proposed rule could also result in providing CFIUS with additional negotiating leverage by pressuring parties to hastily agree to mitigation terms without the benefit of time to fully assess the impact. Commenters on this element of the NPRM are likely to push back on the three business day requirement and we will need to await the final rule for the ultimate determination.

This memorandum is a summary for general information and discussion only and may be considered an advertisement for certain purposes. It is not a full analysis of the matters presented, may not be relied upon as legal advice, and does not purport to represent the views of our clients or the Firm. Greta L. Nightingale, an O’Melveny partner licensed to practice law in the District of Columbia; and David J. Ribner, an O’Melveny partner licensed to practice law in the District of Columbia and New York, contributed to the content of this newsletter. The views expressed in this newsletter are the views of the authors except as otherwise noted.

© 2024 O’Melveny & Myers LLP. All Rights Reserved. Portions of this communication may contain attorney advertising. Prior results do not guarantee a similar outcome. Please direct all inquiries regarding New York’s Rules of Professional Conduct to O’Melveny & Myers LLP, Times Square Tower, 7 Times Square, New York, NY, 10036, T: +1 212 326 2000.