Recent developments in the CFIUS process



The Committee on Foreign Investment in the United States (CFIUS) kicked into high gear this spring with a number of notable cases and developments. CFIUS is an inter-agency group authorised to review the national security implications associated with foreign acquisitions of, or investments in, US businesses, and to block transactions or impose measures to mitigate any threats to US national security. Historically, CFIUS’ jurisdiction has been limited to transactions that could result in control of a US business by a foreign person. Recent legislation, the Foreign Investment Risk Review and Modernization Act (FIRRMA), expanded the scope of transactions subject to CFIUS review by granting it the authority to examine the national security implications of a foreign acquirer’s non-controlling investments in US businesses that deal with critical infrastructure, critical technology or the personal data of US citizens. FIRRMA also provided CFIUS with authority to review real estate transactions, including leases, sales and concessions, involving air or maritime ports or in close proximity to sensitive US government facilities.

Six key trends have emerged thus far in 2019. First, CFIUS has forced several companies to divest from US businesses involved in higher-risk sectors. Second, a pilot programme for mandatory filings of certain critical technology investments has yet to streamline the CFIUS review process. Third, CFIUS and its member agencies are increasing staff and resources, including a new office dedicated to detecting transactions that have not been notified. Fourth, mitigation strategies are of critical importance, and CFIUS is encouraging parties to think through such terms when negotiating a deal and to initiate a dialogue with CFIUS regarding proposed mitigation prior to the submission of a notice. Fifth, additional regulations to be published later this year will offer further guidance for investment funds with minority foreign investors, possibly including a ‘black’ and ‘white’ list of countries whose investors may be subject to different levels of scrutiny. Finally, large investors may tread carefully with respect to the new rules for non-controlling investments, refraining from appointing board members or exercising the types of governance rights which could trigger CFIUS scrutiny.

Emerging trends

Increasing number of forced divestitures. CFIUS has forced divestitures of several investments due to concerns regarding cyber security or access to sensitive personal data, suggesting that CFIUS will continue to scrutinise investments in higher-risk sectors under the authority granted to it by FIRRMA.

In late March 2019, CFIUS ordered Beijing Kunlun Tech Co to sell its interest in Grindr, a popular dating application focused on the LGBTQ+ community. Kunlun, a Chinese technology firm, acquired an approximately 60 percent interest in Grindr in January 2016, and subsequently completed a full buyout of the company in January 2018. Although CFIUS has not commented publicly, observers have speculated that the action was prompted by concerns over Kunlun’s access to sensitive personal data from Grindr users, such as location, sexual preferences, HIV status and messages exchanged via the Grindr app.

CFIUS also required the Shenzhen-based iCarbonX to divest its majority stake in PatientsLikeMe, an online service that helps patients find people with similar health conditions. In 2017, PatientsLikeMe raised $100m and sold a majority stake to iCarbonX, which was started by genomic scientist Jun Wang. About 700,000 people use the PatientsLikeMe website to report their experiences with medical conditions. The company claims to have tens of millions of ‘data points about disease’, and its partners range from large pharmaceutical companies to non-profit health organisations.

Not-so ‘expedited’ critical technology pilot programme reviews. In late 2018, CFIUS launched a pilot programme under which mandatory filings are required for certain types of investments in US critical technology companies. As of 10 November 2018, non-US companies seeking to acquire control, or in certain circumstances a non-controlling stake, in US companies involved in making or designing certain critical technologies related to 27 specific industries, must file a mandatory declaration with CFIUS. In lieu of the lengthy notice that is currently used in voluntary CFIUS filings, the pilot programme provides for the submission of ‘light’ or short-form declarations, a declaration which is not to exceed five pages. This filing must be submitted at least 45 days before the expected completion date of the transaction. The pilot programme aimed to provide a streamlined review process, as FIRRMA requires CFIUS to respond to a declaration within 30 days by approving the transaction, requesting that the parties file a full written notice, or initiating a further review.

Notably, however, a majority of the declarations filed under the pilot programme have been pushed into the standard review process, meaning that the streamlined ‘light’ filing actually resulted in a longer review process for the parties involved. Anecdotal evidence suggests that fewer than 10 percent of cases filed under the pilot programme have been decided on the basis of the short-form declaration alone, despite a relatively low volume of filings. Numerous transactions have required the submission of the full notice, and it has been difficult for the intelligence community to complete their full assessment within the allocated 30 days. In light of these risks, parties who may qualify for the pilot programme should consider submitting the full notice at the outset of the process.

CFIUS is contemplating the imposition of filing fees for expedited reviews, and expects to publish proposed regulations later this year.

Increasing staff and resources. In late March 2019, the Department of Justice (DOJ) requested a significant budget increase for its national security division to review foreign investments, an effort to increase the resources available to CFIUS. In its proposal for the fiscal year 2020 budget, the DOJ requested an increase of $5m and 21 positions, including 16 attorneys, for its national security division to assist with reviewing CFIUS cases. At the current budget level, the DOJ employs 13 individuals, including nine attorneys, which means the national security division is asking to significantly increase its current staff working on CFIUS matters. Additionally, the DOJ requested an increase of $18.3m, part of which will cover six new positions, for the Federal Bureau of Investigation (FBI) to spend on counterintelligence matters, including work on CFIUS-related cases. The existing budget and number of positions allocated to this goal is classified, according to the DOJ. Last November, the DOJ unveiled its so-called ‘China Initiative’, which was created to reflect the DOJ’s efforts to counter Chinese national security threats. The initiative seeks to enforce a full range of laws against espionage, foreign agents and threats to supply chains, as well as to identify US Foreign Corrupt Practices Act (FCPA) cases that involve Chinese companies that compete with American businesses.

Furthermore, CFIUS has hired staff to lead an office responsible for monitoring the market for covered transactions that had not been notified.

The importance of mitigation. It is still critical to think about CFIUS mitigation strategies at the outset of any deal, and to reach out to CFIUS before filing the notice to begin a dialogue. Despite the growing concerns regarding Chinese investment, CFIUS has approved Chinese deals with appropriate mitigation.

More independent monitors are likely in longer term mitigation agreements, and the Treasury is working to build consistency between other US government agencies responsible for the oversight of CFIUS national security agreements. Last year, CFIUS imposed a $1m penalty related to repeated breaches of a 2016 mitigation agreement, including failure to establish requisite security policies and failure to provide adequate reports to CFIUS. Although the penalty was imposed in 2018, it was posted on CFIUS’ website in mid-April 2019.

More regulations are coming. Proposed regulations will be published later this year. CFIUS is taking lessons learned from the pilot programme and incorporating them into the new rules.

CFIUS expects to provide more guidance with regard to what it means to be a foreign person in the context of an investment fund, which may include ‘black’ and ‘white’ lists of countries whose investors will be subject to different levels of scrutiny. Notably, a Chinese investment in a US business through an investment vehicle with a US manager was recently approved by CFIUS, in keeping with the investment fund carve out set forth in FIRRMA.

Cautious investors. Finally, it is worth noting that a number of major foreign investors are treading cautiously with respect to CFIUS’ new rules, in some cases by refraining from appointing board seats, despite substantial investments.

Certain Chinese investors are abandoning transactions altogether. China’s ENN Ecological Holdings recently announced that it had withdrawn its offer for Toshiba’s US liquefied natural gas business because of failure to win approval from CFIUS and shareholders by a specified closing date. Toshiba announced that CFIUS approval had been delayed because of the US government shutdown in early 2019. Pursuant to FIRRMA, all pending CFIUS reviews were tolled for the duration of the government shutdown.


Judith Alison Lee is a partner and Stephanie L. Connor is a senior associate at Gibson Dunn. Ms Lee can be contacted on +1 (202) 887 3591 or by email: Ms Connor can be contacted on +1 (202) 955 8586 or by email:

© Financier Worldwide


Judith Alison Lee and Stephanie L. Connor

Gibson Dunn

©2001-2019 Financier Worldwide Ltd. All rights reserved.