CFIUS in 2026
August 2026 | BRIEFING ROOM | MERGERS & ACQUISITIONS
Financier Worldwide Magazine
FW discusses CFIUS in 2026 with Steve Klemencic at BRG, Ben Joseloff at Davis Polk, and Katie Clarke at Skadden, Arps, Slate, Meagher & Flom LLP.
FW: How do you see CFIUS’s intensified enforcement posture – particularly higher penalties, broader subpoena authority and the first‑ever judicial enforcement action – reshaping how organisations approach national‑security compliance?
Joseloff: Under the previous administration, the Committee on Foreign Investment in the United States (CFIUS) increased its monitoring and enforcement efforts in both word and deed. CFIUS personnel frequently referred to “sharpening” CFIUS’s investigation and enforcement tools, and in 2024 it imposed a $60m penalty for the violation of a mitigation agreement – by far the largest monetary penalty CFIUS has ever announced. This enhanced focus did not go unnoticed, and participants in the CFIUS process responded by heightening their own attention to compliance matters. We have seen less rhetorical focus on penalties and enforcement since the beginning of the new administration, but compliance clearly remains a priority and transaction parties would do well to continue their efforts in this area.
Klemencic: Broadly speaking, there has been a convergence with broader national security regimes. CFIUS enforcement increasingly aligns with export controls, sanctions and outbound investment restrictions. There has been a shift toward integrated geopolitical risk functions, including common data sources, unified screening models and coordinated decision making. In parallel with the shift toward integrated geopolitical risk functions, there has been an arguably more important cultural shift from reactive to predictive compliance. The old model was reactive and legalistic, and filing was seen as an administrative step. The new model is predictive, and intelligence driven with a focus on regulator perception and strategic risk anticipation. CFIUS and other foreign investment screening regimes can no longer be seen simply as an administrative step with little real potential for problems. CFIUS now carries real clout and can make life quite miserable for unprepared companies and executives. Executives need to understand that detection risk is high, intent matters, regulators will examine why decisions are made, not just outcomes, and national security risk now directly affects deal certainty, valuation and exit optionality.
Clarke: While it has always been important for companies to consider CFIUS issues early in any transaction, we are seeing increased awareness by parties about CFIUS and other foreign direct investment (FDI) regimes, as well as consideration of national security issues in a broader set of transactions. Parties are more aware today that national security extends beyond traditional aerospace and defence industries. With significantly higher penalty exposure and higher risk of detection through CFIUS’ non-notified process, boards and senior leadership are now incentivised to allocate meaningful resources to transaction screening, as well as monitoring and mitigation compliance as applicable post-close.
“Cross-regime interaction is increasingly defining the national security review environment. A transaction rarely sits within a single regulatory silo.”
FW: Could you highlight recent high‑profile CFIUS cases – both notified and non‑notified – and explain how they align with the Trump administration’s America First Investment Policy (AFIP)?
Clarke: Recent CFIUS matters illustrate how the Trump administration’s America First Investment Policy (AFIP) is influencing both notified and non-notified reviews. CFIUS’ latest block – HieFo Corporation’s acquisition of certain assets of EMCORE Corporation – is a prime example of the AFIP’s tough on China stance. The proposed acquisition of US Steel by Nippon Steel is the clearest notified example: despite Japan’s ally status, scrutiny centred on domestic industrial capacity, supply chain resilience and control of a strategically significant US asset. The common thread is a more selective approach to foreign investment – welcoming capital where risk is limited, while applying heightened scrutiny to transactions involving strategic sectors or potential foreign adversary exposure. That is consistent with AFIP priorities emphasising domestic control, resilience and long-term economic security.
FW: Given the increase in non‑notified transaction inquiries, what strategies should companies adopt to proactively identify and mitigate national security risks before they attract regulator attention?
Klemencic: The increase in non-notified inquiries reflects a fundamental shift from rules-based compliance to discretionary, intelligence-driven enforcement. Companies that succeed will anticipate regulator perception and treat national security risk as a core transaction component. The rise in non-notified transaction inquiries signals a clear shift: regulators expect self-identification and pre-emptive risk governance, not reactive compliance. Companies that treat a national security review purely as a filing obligation are now exposed. A framework to identify and mitigate national security risks before regulator attention could include, for example, institutionalised ‘national security diligence’ to enable investors to surface risk at origination, mapping and monitoring sensitive assets, and developing a ‘self-escalation’ protocol because while not all filings are mandatory, non-filing is now scrutinised. It may also include integrating export controls, sanctions and investment screening, as these regimes are no longer siloed. Additional aspects include strengthening governance and board oversight, because firms with mature governance structures are less likely to face non-notified call-ins, and building response capabilities to provide faster, more credible engagement with the regulator and reduce the likelihood of escalation or punitive measures or remedies.
Joseloff: Any transaction that is – or potentially could be – within CFIUS’s jurisdiction should be carefully assessed for its effect on US national security. Transaction parties and their advisers should think broadly and creatively about what that effect may be. By law, CFIUS must focus solely on issues of national security, but the term “national security” is not defined in CFIUS’s statute or regulations, and each administration can interpret the term as it sees fit. The current administration has made clear that “economic security is national security”, and that it will use economic statecraft to enhance domestic capacity in a wide range of sectors. Given the broad scope of transactions that might be of interest to CFIUS, it is essential to identify a transaction’s nexus to US national security, and to try to understand how the transaction might help or hinder the US government’s national security priorities. Memorialising this assessment at the time of the transaction can be helpful if a non-notified inquiry later emerges.
Clarke: Organisations should consider building internal frameworks that evaluate every proposed investment, acquisition, joint venture or partnership involving a foreign person against CFIUS’s jurisdictional triggers. Many companies already have a fairly robust screening protocol for M&A transactions, but sophisticated investors will expand this to include a broader catalogue of transactions that can also trigger CFIUS issues. Ideally, it should encompass minority investments and partnerships that give a foreign party access to any additional insights into a US company, even informally. The earlier transactions of potential sensitivity are identified, more can be done to either modify structure or proactively implement mitigation to address national security concerns.
“Given the broad scope of transactions that might be of interest to CFIUS, it is essential to identify a transaction’s nexus to US national security, and to try to understand how the transaction might help or hinder the US government’s national security priorities.”
FW: How might the Known Investor Program (KIP) change incentives and behaviour among repeat foreign investors? Which elements of pre‑vetting appear most likely to influence CFIUS review timelines?
Clarke: The Known Investor Program (KIP) may shift incentives for repeat foreign investors by rewarding transparency and consistency – albeit at a potentially high cost of participation. Investors with a history of CFIUS engagement may have stronger incentives to centralise ownership disclosures, standardise governance documentation and maintain updated records on ultimate beneficial ownership. That preparation can reduce friction both internally and with regulators. The most meaningful pre-vetting factors are likely to be ownership transparency, clarity around state-linked interests, prior mitigation compliance and a demonstrated record of responsiveness during past reviews. Investors that can present a well-documented compliance posture and explain their structure clearly to regulators may shorten the time CFIUS spends validating threshold facts. While substantive national security concerns will still drive outcomes, reducing fact-finding on repeat investors should improve predictability and compress review timelines at the margin.
Joseloff: Many repeat foreign investors have a sophisticated understanding of CFIUS gleaned from navigating the process numerous times. Many of them also have deep, longstanding relationships with the committee. For these investors, it is unlikely that incentives or behaviour will change drastically due to the implementation of the KIP. To be sure, there will be some increased administrative efficiencies if the programme achieves its goals, but CFIUS will still engage in transaction-specific reviews using a risk-based methodology mandated by law. Because the review considers not only the identity of the foreign investor but also the characteristics of the target US business, there is only so much work CFIUS can do prior to the existence of an actual transaction. For this reason, I would be somewhat surprised if repeat investors see significant changes to CFIUS review timelines across all their filings.
Klemencic: The KIP will likely reshape incentives and investor behaviour by creating a ‘trusted tier’ in a two-tiered system. The first tier offers faster, more predictable reviews for known investors. The second tier includes unknown or higher risk investors that bring a higher level of deal uncertainty. Ultimate beneficial ownership is a primary concern for CFIUS. Investors will help themselves by providing a fully mapped ownership structure and the identification of sovereign wealth participation or state-linked investors. There will be a shift in deal structuring with pre-emptive elimination of red flags such as board seats in sensitive companies and access to intellectual property or other sensitive data. We will also see more frequent use of passive structures and limited governance rights for certain investors. For data, investors should present an accurate classification of sensitive data and clearly describe technology and policy controls to reduce time spent on technical diligence. Finally, maintaining KIP status is a strategic asset. The loss of trusted status carries time delays, higher deal uncertainty and a competitive disadvantage.
FW: As inbound and outbound investment controls increasingly converge, how should multinational investors rethink their capital allocation, structuring and long term portfolio strategies?
Joseloff: It is no secret that we are living in a world of increased geopolitical tension, and no secret that this tension is driving both the development of new regulatory tools and the novel application of old regulatory tools. Sophisticated multinational investors are constantly assessing both the risks and, importantly, the opportunities created by this dynamic policy and regulatory environment. To give just one example, both government and commercial actors are increasingly aware of economic chokepoints – that is, dangerous concentrations in supply chains that can be utilised by a competitor or adversary to exert strategic leverage. These chokepoints can create significant exposure for vulnerable parties, but also exceptional opportunities for parties that are well-positioned to take advantage of efforts to achieve supply chain resilience. Multinational investors should look for the opportunities and understand how the regulatory environment is shaping those opportunities.
Clarke: As inbound and outbound controls become more interconnected, multinational investors need to treat national security regulation as a core portfolio planning issue rather than a transaction-specific hurdle. Capital allocation decisions increasingly require jurisdiction by jurisdiction analysis of both where capital originates and where technology, data or strategic capabilities ultimately flow. That may favour structures with cleaner governance, clearer separation between sensitive and non-sensitive business lines and greater flexibility to ringfence assets if regulatory requirements change. Investors should also reassess concentration risk in sectors and geographies most exposed to strategic scrutiny, including in semiconductors, artificial intelligence, infrastructure and advanced manufacturing. Longer term, the emphasis is increasingly on resilience and optionality.
“The increase in non-notified inquiries reflects a fundamental shift from rules-based compliance to discretionary, intelligence-driven enforcement.”
FW: To what extent are cross‑regime interactions – CFIUS, export controls, sanctions, tariff policy and Team Telecom – shaping a more integrated national security review environment? What does this mean for deal predictability?
Clarke: Cross-regime interaction is increasingly defining the national security review environment. A transaction rarely sits within a single regulatory silo. Agencies are evaluating ownership, technology transfer, supply chain resilience, market access and geopolitical exposure through overlapping frameworks. CFIUS may focus on control or access rights, while export controls assess technology sensitivity, sanctions evaluate counterparty exposure, tariffs influence supply chain economics and Team Telecom addresses communications infrastructure and data routing. The result is a more integrated but also more complex review landscape. For dealmakers, predictability depends less on any one filing and more on coordinated regulatory diligence across regimes. Transactions with clear documentation and aligned cross-functional analysis can still move efficiently, but fragmented planning creates delays.
Klemencic: Cross-regime interaction is no longer an incidental feature of the system; it is the defining characteristic of modern national security review. What we are seeing is a transition from a CFIUS-centred process to a networked, multi-tool enforcement architecture in which CFIUS, export controls, sanctions, tariffs and Team Telecom operate as mutually reinforcing levers of economic statecraft. The practical reality is CFIUS is no longer the sole gatekeeper of national security risk in transactions. It is one node in a broader enforcement ecosystem. The implications for deal predictability can be significant. Two factors should be considered. First, there may be reduced predictability at the transaction level. Foreign investors may now be dealing with multiple regulators and multiple triggers. A deal can clear CFIUS but still be impaired by export restrictions, sanctions exposure or tariff shifts. Second, investors can be faced with increased timing uncertainty. Parallel reviews across different regimes create sequencing problems and will likely require different information being provided to different agencies.
Joseloff: In some ways, the convergence of various regulatory regimes is both complicating and simplifying life for market participants. On the one hand, the ever-expanding landscape of national security regulatory regimes in the US means transaction parties must contend with more regulators, more requests for information, more uncertainty and more time. On the other hand, it is becoming increasingly clear that the various regulatory tools are, in many instances, simply different means to achieving the same end – advancing the government’s national security objectives. Therefore, it can be instructive to begin by considering a core question: will the government conclude that my transaction is consistent with its national security goals? Once that question is thoroughly assessed, the answer, whatever it may be, can guide and inform interactions with the various regulators.
FW: Looking ahead, how do you expect the CFIUS framework to develop in 2026 and beyond? What policy or regulatory changes are likely to drive process improvements?
Klemencic: Historically, major regulatory changes to CFIUS occur about every 10 years or so. In the meantime, the most likely trajectory for change will be incremental with no single overhaul in the foreseeable future. Rather, we will likely see continuous tightening and optimisation of the regulations. ‘Trusted capital’ will flow more easily, while high-risk capital will likely face greater scrutiny. Integrating reviews across regulatory regimes will increasingly become the norm. CFIUS decisions, for example, will likely become more intertwined with export controls, outbound investment rules, Team Telecom and sanctions. Process improvements will likely come from pre-vetting, data standardisation, enforcement-driven discipline and tiered review paths. There are a couple of other points for foreign investors to consider. First, CFIUS seems to be evolving toward a model where speed and predictability are earned upstream, through transparency, structure and credibility, not granted during the review itself. Second, organisations that invest in investor transparency, pre-cleared information architectures and repeatable low risk structures will benefit from the next generation of CFIUS process improvements.
Joseloff: Under its relatively new leadership, CFIUS has gone out of its way to communicate that America is “open for business”. This has been a very welcome message for both foreign investors and US businesses alike, as FDI has long supported growth and innovation in the US, including in sectors that strengthen US economic and national security. If the administration continues to prioritise welcoming constructive foreign capital, I expect we will see several changes meant to streamline the CFIUS process. These could range from more substantive pre-filing consultations, to updated written guidance regarding transactions that may raise national security considerations, to clearer advice on how to mitigate risks at the transaction planning phase. To its credit, CFIUS has asked for feedback from the investment community on how it can improve, and we have already begun to see signs that it is taking that feedback seriously.
Clarke: In 2026 and beyond, CFIUS is likely to continue prioritising efficiency while expanding scrutiny in strategically sensitive sectors. Process improvements will probably focus on better triage – distinguishing lower-risk filings from transactions requiring deeper interagency review. Programmes like the KIP could support that by reducing repetitive diligence on established investors and allowing resources to concentrate on novel or higher-risk structures. Increased coordination with export control and outbound investment authorities is also likely, creating a more consistent regulatory framework. The practical effect should be greater procedural clarity, though substantive review will remain rigorous where technology leadership or geopolitical exposure is implicated.
Steve Klemencic, a co-leader of BRG’s global trade and compliance group, is a managing director with deep Committee on Foreign Investment in the United States (CFIUS) expertise in evaluating, auditing, and monitoring foreign investments in the US as well as advising investors on the CFIUS review process. He has been accepted by several courts as a testifying expert and has been recognised by Foreign Investment Watch as a top advisor in national security and foreign direct investment from 2022-26. He can be contacted on +1 (571) 334 4602 or by email: sklemencic@thinkbrg.com.
Ben Joseloff is a former White House and US Treasury Department official. He advises US and non-US clients on the regulatory aspects of cross‑border mergers, acquisitions, dispositions, investments and other transactions. He is also known in particular for deep experience on matters relating to the Committee on Foreign Investment in the United States. He can be contacted on +1 (212) 450 4417 or by email: ben.joseloff@davispolk.com.
Katie Clarke focuses on cross-border investment and national security matters, primarily involving reviews conducted by the Committee on Foreign Investment in the United States (CFIUS) and related issues involving the Defense Counterintelligence Security Agency, export controls, cyber security and government contracting. She can be contacted on +1 (202) 371 7585 or by email: katherine.clarke@skadden.com.
© Financier Worldwide
THE PANELLISTS
BRG
Davis Polk
Skadden, Arps, Slate, Meagher & Flom LLP