National Security–Related Considerations When Investing in US Companies

September 21, 2022

There are many international and Asia-based investors looking to invest in companies in the US for both strategic and commercial reasons, and in return they offer attractive sources of funding. Often, financial investments are coupled with strategic partnerships, including licensing, collaboration, and co-development agreements, and joint ventures with the aim of growing into a market and acquiring technology, products, and talent abroad.

US government examination of such investment has been on a steep rise, which seems unlikely to change in the near future. As part of Morgan Lewis’s Asia Technology Innovation Series, partners Carl Valenstein and David Plotinsky conducted a webinar on considerations for foreign investors doing deals in the United States. Among the topics covered by the webinar were the following.

Due Diligence

Against an increasingly complex US regulatory landscape, it is critically important for foreign investors and their counsel to carefully assess the multiple regulatory regimes that could potentially apply to a transaction. Foreign investors should also consider issues that are likely to be of interest to regulators, including an investment’s source of funding, financial and commercial resources, ownership and control, investment authority, reputation, and regulatory status—for example, whether it is subject to any US sanctions or export restrictions or a company of concern in prior CFIUS filings.

Export Control, Sanctions, and FCPA Compliance

It is key to understand the export control status of any technology or equipment that might be exported as part of a transaction. Note that exports can be made in the US by giving a non-US investor or its representatives access to certain technology in the United States. So-called “deemed exports” can occur with hiring non-US citizen or permanent resident alien employees. Sufficient lead time should be allowed for obtaining any required export licenses. As part of the assessment, a foreign investor should also confirm that it is not subject to US sanctions or export restrictions by reference to various US government lists (e.g., the Consolidated Screening Lists).

Because certain foreign investors are government-owned and controlled, and their representatives are considered foreign government officials, due diligence should also include an assessment of any FCPA risks in any transaction. With transactions that involve strategic partnerships that go beyond a straight investment by a foreign investor in the US company, care must be taken by the US company that no funds transferred to the foreign investor or its representatives violate the FCPA anti-bribery provisions or will be used by the foreign investor or its representatives in violation of the FCPA with respect to foreign government officials.

US Government Restrictions

If the US company has any grants, contracts, or other sources of funding from the US government, there may be further compliance obligations. US government rights under the Bayh-Dole Act may also require manufacturing in the United States, although waivers may be granted in certain situations.

The US government is increasingly using federal assistance as a means of ensuring domestic production and supply. One recent example is the CHIPS and Science Act, which requires that any US semiconductor company that receives federal financial assistance under the CHIPS Act must notify the Department of Commerce and seek clearance of any significant transactions involving the material expansion of semiconductor manufacturing capacity in China.

Committee on Foreign Investment in the United States (CFIUS)

A key focus of FIRRMA, the latest comprehensive amendment to national security reviews adopted in 2018, is Technology, Infrastructure, and Data (TID) businesses. It is important for international investors in US companies to determine if the US companies have “critical technology,” “critical infrastructure,” or “sensitive personal data” for CFIUS purposes. With respect to sensitive personal data in particular, even if not a core part of the business, data is an increasingly prevalent part of many businesses, and should be assessed to determine whether data, even if collected and maintained incidental to a company’s business activities, triggers CFIUS jurisdiction.

Recent statistics released by CFIUS suggest an increased use of the new, streamlined Declaration process for lower-profile, non-controversial cases, including ones for which a mandatory filing is required but the parties do not anticipate any national security concerns. In 2021, almost three-quarters of Declarations received CFIUS clearance.

Although CFIUS has reportedly been devoting increased resources to “non-notified” transactions, in 2021 CFIUS only reached out to parties in 135 transactions, and of those, only pulled eight in for review. However, companies still need to carefully consider their potential liability for not filing in a transaction subject to CFIUS jurisdiction, and assess both the risk of CFIUS pulling in the transaction and the potential remedies CFIUS might seek, which could include mitigation or divestment.

Contractual language can be included to address CFIUS issues. Post-FIRRMA, representations and warranties were developed to address triggering events for mandatory filings. Target companies are often asked to give representations and warranties that they do not have “critical technology,” “critical infrastructure,” or “sensitive personal data.” The National Venture Capital associated has also developed CFIUS screening language to keep foreign investors from triggering a mandatory CFIUS filing in noncontrolling venture capital investments.

Various strategies may be developed to address CFIUS concerns. For instance, it may be possible to structure a transaction so that it is not subject to the mandatory filing requirements or to be a covered transaction. Examples of this include a license/collaboration agreement with no equity investment or a passive investment with no board/observer rights or access to “critical technology,” “material non-public technical information,” or “substantive decisionmaking.” Parties can also consider potential mitigation strategies to address any national security concerns. These could include adopting special security agreements, proxy control or a voting trust structure, or spinning off certain assets/contracts/product lines that present national security issues.

Outbound Investment Review

Although the outbound investment review process contained in the America COMPETES Act was not ultimately included in the CHIPS and Science Act, both Congress and the executive branch remain interested in reviewing US outbound investment for national security risk. If Congress does not include outbound investment in other legislation, the White House may unilaterally establish such a regime through an executive order. Although we assess such a regime would be carefully scoped, it would still be a significant change, and would open up large numbers of transactions to new regulatory review.

These issues, and more, were discussed in the presentation CFIUS Considerations with Foreign Investors, which is part of our 2022 Asia Technology Innovation Series. For further details or to receive a copy of the recording, contact Bhavisha Arora.