Key Takeaways for Dealmakers Navigating CFIUS and International Trade Issues

In many transactions, national security and international trade issues surface early in due diligence, shape negotiation of deal documents, and can determine whether a signing-to-closing timeline is at all realistic. In the United States, this often means assessing the potential for a review by the Committee on Foreign Investment in the United States (CFIUS), the interagency body that evaluates certain foreign investments for national security risks.

As cross-border capital, sensitive technologies, data, critical infrastructure, and regulated supply chains continue to converge, buyers and sellers alike need to treat these issues as a core deal workstream rather than a late-stage specialty review, particularly where potential liability may be allocated between the parties (e.g., if there is a requirement to notify CFIUS of a given transaction).

Effective diligence in this area begins with a risk-based approach. Parties seek to identify material compliance risks in a relatively short period of time, often with limited access to documents and personnel. They then translate those findings into informed contractual risk allocation, scoping necessary regulatory filings and developing a realistic path to closing and related post-closing planning, all while continuing to coordinate with and support the business on the key commercial terms of the agreement. The result is less about perfect information and more about asking the right threshold questions early enough in the diligence process to avoid surprises at the eleventh hour.

In a recent Morgan Lewis M&A Academy webinar, we discussed key issues and strategies for dealmakers navigating CFIUS and other national security and international trade regulations in M&A transactions. Some of the main issues discussed in that webinar are summarized below.

• Start diligence with a risk-based plan tailored to the transaction: The goal is to quickly identify material compliance risks using the information available. Long statutes of limitation coupled with significant potential liability enhances the importance of early issue spotting. Sellers can streamline the process through a pre-diligence self-assessment, while buyers should build in time for follow-up questions and avoid late-stage disclosures that affect filings or drafting.
• Proactively address national security and trade issues directly in transaction documents: Parties should expect these issues to shape representations and warranties, covenants on regulatory filings, cost allocation, and closing conditions. Discussions may also extend to materiality, purchase price adjustments, indemnification requirements, special escrows, and the division of responsibility for preparing and submitting filings.
• Expect CFIUS jurisdiction to arise in more transactions than many deal teams anticipate: CFIUS authority can extend beyond foreign acquisitions of US businesses to certain minority investments involving critical technology, critical infrastructure, or sensitive personal data. Even relatively small investments can trigger review if investor rights provide access to technical information, board participation, or involvement in key operational decisions.
• Determine early whether a CFIUS filing is mandatory or voluntary: Mandatory filings can arise in transactions involving critical technology businesses or certain foreign government interests in TID US businesses. Where filing is voluntary, the decision typically turns on a host of factors, including timing, sector/industry sensitivity, investor profile, and the risk that CFIUS may initiate a post-closing review of a non-notified transaction.
• Choose between a declaration and a joint voluntary notice based on timing and certainty: Declarations offer the possibility of a faster clearance but may also result in a request for a full filing or no action. A joint voluntary notice generally provides greater outcome certainty but typically requires a longer review period that should be reflected in the deal documents as well as the transaction timeline.
• Plan for the operational impact of potential CFIUS mitigation: Mitigation agreements may impose restrictions on access to technology, data, facilities, or governance rights. Some obligations are a relatively light touch, while others can require new compliance systems, additional personnel, outside advisors, and ongoing reporting obligations.
• Evaluate mitigation terms carefully before agreeing to broad regulatory commitments: The economic and operational impact of mitigation can vary significantly depending on the structure of the agreement and the business involved. Efforts clauses, drop dead dates, break fees, and other contractual provisions will determine whether the buyer must accept mitigation and how much flexibility the parties have in negotiations with regulators.
• Consider parallel national security regimes that may affect transaction execution: Classified businesses may trigger foreign ownership, control, or influence (FOCI) issues under the National Industrial Security Program, while outbound investment restrictions, export controls, and sanctions can shape diligence and contractual protections. Transactions involving telecommunications licenses or sensitive personal data may also face review under Team Telecom or require compliance with the US Department of Justice’s Data Security Program.
• Monitor ongoing regulatory developments that may reshape deal planning: As just one example, the outbound investment regime continues to evolve, including potential expansion of covered sectors, additional countries of concern, and new advisory mechanisms. At the same time, enforcement across export controls, import controls, sanctions regimes, and related programs underscores the importance of early diligence and clearly drafted compliance representations.

As cross-border investment and sensitive technologies continue to intersect, national security reviews, including potential CFIUS scrutiny, will remain a defining feature of many transactions. Deal teams that address these risks early and integrate them into diligence and negotiation are better positioned to avoid delays, preserve deal value, and execute deals with confidence.