[Federal Register: December 8, 2008 (Volume 73, Number 236)] [Notices] [Page 74567-74572] From the Federal Register Online via GPO Access [wais.access.gpo.gov] [DOCID:fr08de08-115] ----------------------------------------------------------------------- DEPARTMENT OF THE TREASURY Office of Investment Security; Guidance Concerning the National Security Review Conducted by the Committee on Foreign Investment in the United States AGENCY: Department of the Treasury. ACTION: Notice. ----------------------------------------------------------------------- SUMMARY: This notice provides guidance to U.S. businesses and foreign persons that are parties to transactions that are [[Page 74568]] covered by section 721 of the Defense Production Act of 1950, as amended by the Foreign Investment and National Security Act of 2007, and the regulations at 31 CFR part 800. The guidance is issued pursuant to section 721(b)(2)(E), which requires the Chairperson of the Committee on Foreign Investment in the United States to publish guidance regarding the types of transactions that it has reviewed and that have presented national security considerations. FOR FURTHER INFORMATION CONTACT: Nova Daly, Deputy Assistant Secretary, U.S. Department of the Treasury, 1500 Pennsylvania Avenue, NW., Washington, DC 20220, telephone: (202) 622-2752, e-mail: Nova.Daly@do.treas.gov; or Welby Leaman, Senior Advisor, telephone: (202) 622-0099, e-mail: Welby.Leaman@do.treas.gov. I. Legislative Mandate for Guidance Consistent with section 721(b)(2)(E) of the Defense Production Act of 1950 (``section 721'') (50 U.S.C. App. 2170), as amended by the Foreign Investment and National Security Act of 2007 (``FINSA''), the U.S. Department of the Treasury, as the chair of the Committee on Foreign Investment in the United States (``CFIUS''), is issuing the following guidance regarding the types of transactions that CFIUS has reviewed and that have presented national security considerations.\1\ --------------------------------------------------------------------------- \1\ ``National security considerations'' are facts and circumstances, with respect to a transaction, that have potential national security implications and that therefore are relevant for CFIUS to analyze in determining whether a transaction threatens to impair U.S. national security, i.e., whether the transaction poses ``national security risk.'' The term ``national security concerns'' is used in this document to describe those circumstances where CFIUS (or any CFIUS member) has unresolved questions about whether the transaction poses national security risk or where CFIUS (or any CFIUS member) has identified national security risks and those risks have not yet been mitigated. --------------------------------------------------------------------------- To place this guidance in context, the following three sections provide an overview of the purpose and nature of the foreign investment review process that CFIUS administers. This guidance does not create any rights for, or confer any rights on, any person, nor operate to bind the U.S. Government. II. Purpose and Nature of the CFIUS Process A. Purpose of the CFIUS Process The United States has a longstanding commitment to welcoming foreign investment. In May 2007, the President's Statement on Open Economies reaffirmed that commitment, recognizing that ``our prosperity and security are founded on our country's openness.'' CFIUS carries out its responsibilities within the context of this open investment policy. In the preamble to FINSA, Congress states that the purpose of the Act is ``[t]o ensure national security while promoting foreign investment and the creation and maintenance of jobs [and] to reform the process by which such investments are examined for any effect they may have on national security.'' The rules governing the CFIUS process are set forth in section 721; in Executive Order 11858, as amended most recently by Executive Order 13456 of January 23, 2008 (``Executive Order 11858''); and in regulations found at 31 CFR part 800, as amended most recently by the Final Rule published at 73 FR 70702 (Nov. 21, 2008) (``Regulations''). These provisions establish CFIUS and provide the President and CFIUS with the authority to review any ``covered transaction,'' defined in the Regulations as ``any transaction that is proposed or pending after August 23, 1988, by or with any foreign person, which could result in control of a U.S. business by a foreign person.'' \2\ The purpose of the national security reviews conducted by CFIUS is to allow CFIUS to identify and address any national security risk that arises as a result of a covered transaction, and, in the circumstances described in Sec. 800.506(b) of the Regulations, to request that the President determine whether to suspend or prohibit a covered transaction or take other action. --------------------------------------------------------------------------- \2\ The terms ``U.S. business'' and ``foreign person'' are defined at 31 CFR 800.226 and 800.216, respectively. --------------------------------------------------------------------------- B. Nature of the CFIUS Process 1. CFIUS Reviews Are Limited to National Security Considerations CFIUS focuses solely on any genuine national security concerns raised by a covered transaction, not on other national interests. The requirements, described below, that CFIUS or the President must satisfy in order to take action with respect to a covered transaction, demonstrate this narrow focus on national security alone. Section 721 requires CFIUS to complete a review of a covered transaction within a 30-day period. CFIUS concludes action on the vast majority of transactions within this initial 30-day review period. In limited cases, following a review, CFIUS may initiate an investigation, which it must complete within a subsequent 45-day period. CFIUS initiates an investigation only where: (1) CFIUS or a member of CFIUS believes that the transaction threatens to impair the national security of the United States and that threat has not been mitigated; (2) an agency designated by the Department of the Treasury as a lead agency recommends, and CFIUS concurs, that an investigation be undertaken; (3) the transaction is a foreign government-controlled transaction; or (4) the transaction would result in foreign control of any critical infrastructure of or within the United States, if CFIUS determines that the transaction could impair national security and that risk has not been mitigated. With respect to transactions described in (3) and (4) above, CFIUS would not initiate an investigation if the Treasury Department and any lead agency it has designated determine, at the Deputy Secretary level or higher, that the transaction will not impair the national security of the United States.\3\ --------------------------------------------------------------------------- \3\ The terms ``foreign government-controlled transaction'' and ``critical infrastructure'' are defined at 31 CFR 800.214 and 800.208, respectively. --------------------------------------------------------------------------- CFIUS concludes action under section 721 on a covered transaction only if it has determined that there are no unresolved national security concerns. That determination must be certified to Congress after CFIUS concludes action. CFIUS is authorized to enter into or impose, and enforce, agreements or conditions to mitigate any national security risk posed by the covered transaction. Section 721 and Executive Order 11858, however, contain important conditions on CFIUS's exercise of this authority. First, before CFIUS may pursue a risk mitigation agreement or condition, the agreement or condition must be justified by a written analysis that identifies the national security risk posed by the covered transaction and sets forth the risk mitigation measures that the CFIUS member(s) preparing the analysis believe(s) are reasonably necessary to address the risk. CFIUS must agree that risk mitigation is appropriate and must approve the proposed mitigation measures. Second, CFIUS may pursue a risk mitigation measure intended to address a particular risk only if provisions of law other than section 721 do not adequately address the risk. Such other laws include, for example, the International Traffic in Arms Regulations (``ITAR''), Export Administration Regulations (``EAR''), and the National Industrial Security Program Operating Manual (``NISPOM''). Accordingly, for example, if the NISPOM provides adequate authority to address the risk posed by a transaction--e.g., the possibility in a [[Page 74569]] particular case that a foreign government may use a foreign company to obtain classified government information concerning systems critical to U.S. national defense--then CFIUS would not pursue its own risk mitigation measures under section 721 to address that risk.\4\ --------------------------------------------------------------------------- \4\ In addition, pursuant to section 7(c) of Executive Order 11858, CFIUS may not, except in extraordinary circumstances, require that a party to a transaction recognize, state its intent to comply with, or consent to the exercise of any authorities under existing provisions of law. --------------------------------------------------------------------------- Only the President has the authority to suspend or prohibit a covered transaction. Pursuant to section 6(c) of Executive Order 11858, CFIUS refers a covered transaction to the President if CFIUS or any member of CFIUS recommends suspension or prohibition of the transaction, or if CFIUS otherwise seeks a Presidential determination on the transaction. In order to exercise the authority to suspend or prohibit a covered transaction under section 721, the President is required to make two findings: (1) That there is credible evidence that leads the President to believe that the foreign interest exercising control might take action that threatens to impair the national security; and (2) that provisions of law, other than section 721 and the International Emergency Economic Powers Act (``IEEPA''), do not, in the judgment of the President, provide adequate and appropriate authority for the President to protect the national security. 2. The CFIUS Process Is Based on a Voluntary Notice System CFIUS administers a voluntary notice system, allowing parties to a transaction to decide whether to initiate a CFIUS review by filing a voluntary notice under section 721. This distinguishes the CFIUS process from investment screening used in some countries, where all transactions that meet specified value thresholds or other criteria are subject to mandatory review by government agencies. To reassure parties that choose to file voluntarily with CFIUS that the sensitive and proprietary business information that they submit to CFIUS will be protected, section 721(c) prohibits CFIUS from disclosing to the public any information filed with CFIUS under section 721, except in certain legal proceedings. This includes the identity of filers and details of a notified transaction, as well as information provided to CFIUS in connection with a transaction never formally notified to CFIUS. In making their decision about whether to submit a voluntary notice of a transaction to CFIUS, parties to a transaction may wish to consider whether their transaction could present national security considerations, since CFIUS focuses solely on national security. A covered transaction that has been notified to CFIUS, and on which CFIUS has concluded action under section 721 after determining that there were no unresolved national security concerns, qualifies for a ``safe harbor,'' as described in Sec. 800.601 of the Regulations and section 7(f) of Executive Order 11858. Thus, subject to the terms of the safe harbor and any mitigation agreement or conditions imposed by CFIUS, the transaction can proceed without the possibility of subsequent suspension or prohibition under section 721. A covered transaction that CFIUS has not reviewed and cleared without objection does not qualify for the safe harbor, and CFIUS has the authority to initiate review of the transaction on its own, even after the transaction has been concluded, which CFIUS may choose to do if it believes the transaction presents national security considerations. III. National Security Considerations A. The Process for Analyzing National Security Risk Section 721 requires CFIUS to review covered transactions notified to it ``to determine the effects of the transaction[s] on the national security of the United States,'' but does not define ``national security,'' other than to note that the term includes issues relating to homeland security. Instead, section 721 provides an illustrative list of factors, listed below, for CFIUS and the President to consider in assessing whether the transaction poses national security risks. CFIUS considers the national security factors identified in section 721 and all other national security factors that are relevant to a covered transaction it is reviewing. In the context of these factors, CFIUS identifies all national security considerations (i.e., facts and circumstances that have potential national security implications) in order to assess whether the transaction poses national security risk (i.e., whether the foreign person that exercises control over the U.S. business as a result of the transaction might take action that threatens to impair U.S. national security). In conducting its analysis of whether the transaction poses national security risk, CFIUS assesses whether a foreign person has the capability or intention to exploit or cause harm (i.e., whether there is a threat) and whether the nature of the U.S. business, or its relationship to a weakness or shortcoming in a system, entity, or structure, creates susceptibility to impairment of U.S. national security (i.e., whether there is a vulnerability). National security risk is a function of the interaction between threat and vulnerability, and the potential consequences of that interaction for U.S. national security. This national security risk assessment is conducted based on information provided by the parties, public sources, and government sources, including a classified National Security Threat Assessment that, as required by section 721, the Director of National Intelligence prepares for CFIUS within twenty days after a notice of a transaction is accepted. B. Statutory List of National Security Factors Section 721(f) provides the following illustrative list of factors for consideration by CFIUS and the President in determining whether a covered transaction poses national security risk:The potential effects of the transaction on the domestic production needed for projected national defense requirements. The potential effects of the transaction on the capability and capacity of domestic industries to meet national defense requirements, including the availability of human resources, products, technology, materials, and other supplies and services. The potential effects of a foreign person's control of domestic industries and commercial activity on the capability and capacity of the United States to meet the requirements of national security. The potential effects of the transaction on U.S. international technological leadership in areas affecting U.S. national security. The potential national security-related effects on U.S. critical technologies. The potential effects on the long-term projection of U.S. requirements for sources of energy and other critical resources and material. The potential national security-related effects of the transaction on U.S. critical infrastructure, including [physical critical infrastructure such as] major energy assets. The potential effects of the transaction on the sales of military goods, equipment, or technology to countries that present concerns related to terrorism; missile proliferation; [[Page 74570]] chemical, biological, or nuclear weapons proliferation; or regional military threats. The potential that the transaction presents for transshipment or diversion of technologies with military applications, including the relevant country's export control system. Whether the transaction could result in the control of a U.S. business by a foreign government or by an entity controlled by or acting on behalf of a foreign government. The relevant foreign country's record of adherence to nonproliferation control regimes and record of cooperating with U.S. counterterrorism efforts. Section 721 also provides that CFIUS may consider any other factors that the Committee finds appropriate in determining whether a transaction poses national security risk. IV. Types of Transactions That CFIUS Has Reviewed and That Have Presented National Security Considerations As discussed above, CFIUS analyzes the particular facts and circumstances of each transaction it reviews in order to identify what national security considerations, if any, are presented by the transaction. Thus, while the guidance provided in this section is drawn from CFIUS's extensive experience in reviewing voluntary notices regarding foreign investment transactions both prior and subsequent to the enactment of FINSA, it is necessarily illustrative and does not purport to describe all national security considerations that CFIUS may identify and analyze in reviewing a transaction. Accordingly, this discussion does not provide comprehensive guidance on all types of covered transactions that have presented national security considerations. Furthermore, the fact that a transaction presents national security considerations does not mean that CFIUS will necessarily determine that the transaction poses national security risk. This guidance does not identify the types of transactions that pose national security risk, and it should not be used for that purpose. In addition, this guidance should not be interpreted to suggest that the U.S. Government encourages or discourages the types of transactions described in this section. The national security considerations presented by transactions that CFIUS has reviewed pertain to one or both of the following: (1) The nature of the U.S. business over which foreign control is being acquired, and (2) the nature of the foreign person that acquires control over a U.S. business. Again, this does not mean that a transaction that corresponds to one or the other, or both, of these categories was necessarily determined by CFIUS to pose national security risk, but it does mean that the facts and circumstances surrounding the transaction implicated national security factors that CFIUS considered. A. Transactions That Have Presented National Security Considerations Because of the Nature of the U.S. Business Over Which Control Is Being Acquired This section describes covered transactions that CFIUS has reviewed (having received voluntary notices regarding the transactions) and that have presented national security considerations because the transaction involves a U.S. business that provides goods or services that directly or indirectly contribute to U.S. national security. As noted above, CFIUS is focused on identifying and addressing national security risks posed by covered transactions, regardless of the industry of the parties to the transaction. Accordingly, CFIUS does not focus on any one U.S. business sector or group of sectors. Since its inception, CFIUS has received and reviewed voluntary notices regarding transactions across a broad spectrum of the U.S. economy. The following description of covered transactions that CFIUS has reviewed and that have presented national security considerations is illustrative only. A significant number of covered transactions that CFIUS has reviewed and that have presented national security considerations involve foreign control of U.S businesses that provide products and services--either as prime contractors or as subcontractors or suppliers to prime contractors--to agencies of the U.S. Government and state and local authorities, including, but not limited to, sole-source arrangements. These notices have sometimes involved companies with access to classified information, often included U.S. businesses in the defense, security, and national security-related law enforcement sectors, and covered such industry segments as weapons and munitions manufacturing, aerospace, and radar systems. They have also included U.S. businesses that supply goods and services with broader applicability to a variety of U.S. Government agencies that have functions that are relevant to national security. Such goods and services may involve information technology (consulting, hardware, or software), telecommunications, energy, natural resources, industrial products, and a range of goods and services that affect the national security-relevant functions of the U.S. Government agency or create vulnerability to sabotage or espionage. CFIUS has also reviewed numerous covered transactions that have presented national security considerations because of the nature of the U.S. businesses, but without regard to government contracts. The U.S. businesses in these cases have operations, or produce or supply products or services, the security of which may have implications for U.S. national security. For example, some of these transactions involved U.S. businesses in the energy sector at various stages of the value chain: The exploitation of natural resources, the transportation of these resources (e.g., by pipeline), the conversion of these resources to power, and the provision of power to U.S. Government and civilian customers. Other transactions have involved U.S. businesses that affect the nation's transportation system, including maritime shipping and port terminal operations and aviation maintenance, repair, and overhaul. Transactions involving U.S. businesses that could significantly and directly affect the U.S. financial system have also accounted for a number of covered transactions reviewed by CFIUS that have presented national security considerations. Some covered transactions that CFIUS has reviewed have presented national security considerations because they involve infrastructure that may constitute United States critical infrastructure, including major energy assets, which section 721 identifies as presenting national security considerations.\5\ As defined in section 721 and further explained in the regulations, CFIUS determines whether a transaction involves critical infrastructure on a case-by-basis, depending on the importance of the particular assets involved in the transaction. --------------------------------------------------------------------------- \5\ As described in Section II.B.1 above, section 721 also prescribes special procedural rules for certain covered transactions involving ``critical infrastructure of or within the United States.'' --------------------------------------------------------------------------- CFIUS has also reviewed numerous covered transactions that have presented national security considerations related to the U.S. businesses' production of certain types of advanced technologies that may be useful in defending, or in seeking to impair, U.S. national security. Many of these U.S. businesses are engaged in the design and production of semiconductors and other equipment or components that have both commercial [[Page 74571]] and military applications. Others are engaged in the production or supply of goods and services involving cryptography, data protection, Internet security, and network intrusion detection, and they may or may not have contracts with U.S. Government agencies. More generally, a significant portion of the covered transactions that CFIUS has reviewed and that have presented national security considerations have involved U.S. businesses that are engaged in the research and development, production, or sale of technology, goods, software, or services that are subject to U.S. export controls. The report that CFIUS is required to submit to Congress each year, consistent with section 721(m), contains further information regarding the types of transactions that CFIUS has reviewed. An unclassified version of this report is released publicly. B. Transactions That Have Presented National Security Considerations Because of the Identity of the Foreign Person That Is Acquiring Control of a U.S. Business 1. Generally Among the national security factors listed in section 721 for CFIUS's consideration are factors related to the identity of the foreign person that is acquiring control of a U.S. business. For example, the factors include whether a transaction is a foreign government-controlled transaction, and, particularly in the case of foreign government-controlled transactions, what the record of the country of the investor is with regard to nonproliferation and other national security-related matters. CFIUS has reviewed covered transactions that have presented this sort of national security consideration. CFIUS has also reviewed covered transactions that have presented national security considerations because of the track record or intentions of the foreign person and its personnel with regard to actions that could impair U.S. national security, including whether the foreign person acquiring control of the U.S. business had plans to terminate contracts between the U.S. business and U.S. Government agencies for goods and services relevant to national security. However, as emphasized previously, the fact that a transaction presents a national security consideration does not necessarily mean that it poses a national security risk. First, risk requires not only threat, but also a vulnerability in U.S. national security. Second, the applicability of laws other than section 721 has often resolved any national security concerns identified by CFIUS when considering relevant national security factors. 2. Foreign Government-Controlled Transactions Whether a covered transaction is a ``foreign government-controlled transaction'' is one of the national security factors listed in section 721 for consideration by CFIUS. The regulations define a foreign government-controlled transaction as ``any covered transaction that could result in control of a U.S. business by a foreign government or a person controlled by or acting on behalf of a foreign government.'' 31 CFR 800.214. Foreign government-controlled transactions may include transactions resulting in control of a U.S. business by, among others, foreign government agencies, state-owned enterprises, government pension funds, and sovereign wealth funds. Although foreign government control is clearly a national security factor to be considered, the fact that a transaction is a foreign government-controlled transaction does not, in itself, mean that it poses national security risk. In reviewing foreign government- controlled transactions, as with all other covered transactions, CFIUS considers all facts and circumstances relevant to national security in assessing whether the foreign person that could exercise control has the capability to use its control of a U.S. business to take action to impair U.S. national security and whether the foreign person may seek to do so. In reviewing foreign government-controlled transactions, CFIUS considers, among all other relevant facts and circumstances, the extent to which the basic investment management policies of the investor require investment decisions to be based solely on commercial grounds; the degree to which, in practice, the investor's management and investment decisions are exercised independently from the controlling government, including whether governance structures are in place to ensure independence; the degree of transparency and disclosure of the purpose, investment objectives, institutional arrangements, and financial information of the investor; and the degree to which the investor complies with applicable regulatory and disclosure requirements of the countries in which they invest. CFIUS has reviewed and concluded action on numerous foreign government-controlled transactions, determining that there were no unresolved national security concerns. These transactions varied significantly with regard to several of the facts and circumstances described above. 3. Exceptional Corporate Reorganizations in Which a New Foreign Person That Raises National Security Considerations Acquires Control of a U.S. Business A corporate reorganization normally involves the realignment of a company's structure to achieve some legal, financial, or other business objective. It is only in exceptional cases that a corporate reorganization would present national security considerations. Even where a corporate reorganization results in a new foreign person obtaining control over a U.S. business--by becoming, for example, an intermediate parent of the U.S. business--the corporate reorganization usually would not result in a change in the ultimate parent of the U.S. business and, therefore, generally would not present national security considerations. In considering whether a covered transaction that arises in the context of a corporate reorganization is an exceptional case that would present national security considerations, CFIUS considers all relevant national security factors, including those listed in section 721, with respect to any new foreign person that gains control of the U.S. business as a result of the transaction. In cases in which a corporate reorganization results in a new foreign person obtaining control of a U.S. business, the reorganization is unlikely to raise national security considerations if it does not result in any change in the relevant national security factors presented by the ownership structure of the U.S. business. One example of an exceptional corporate reorganization that would raise national security considerations would be the following: Control of a U.S. business is transferred from Corporation A, a foreign person, to Corporation B, another foreign person, both of which are wholly- owned subsidiaries of Corporation C. Although Corporation C continues to be the ultimate parent of the U.S. business, the facts and circumstances related to the actions, policies, and personnel of the new intermediate controlling entity, Corporation B, raise national security considerations that were not raised by the facts and circumstances related to control of the U.S. business by Corporation A, the previous intermediate controlling entity. [[Page 74572]] V. Information Regarding Transactions That May Present National Security Considerations CFIUS review of notified transactions is an intensive process, involving over a dozen U.S. Government agencies, departments, and offices. CFIUS reviews are limited to 30 days, absent the initiation of an investigation. Thus, it is important that, at the time of filing a voluntary notice, parties provide CFIUS with the information needed for its review, including regarding the parties' products, services, and business operations, and the transaction itself. Section 800.402 of the Regulations, as recently amended, requires parties to include in their notice certain information that CFIUS normally requires to complete its review of any transaction. This includes, for example, a listing of certain contracts with the U.S. Government, products that the parties produce or sell, the foreign person's plans with respect to the U.S. business, and the parties and individuals involved with the transaction. The regulations require parties to provide information regarding any other applicable national security-related regulatory authorities, such as the ITAR, EAR, and NISPOM. Some of the regulatory review processes under these authorities may have longer deadlines than the CFIUS process, and parties to transactions affected by these other reviews may wish to start or complete these processes prior to submitting a voluntary notice to CFIUS under section 721. In CFIUS's experience, the efficiency of reviews is also enhanced when parties to transactions voluntarily provide in their notice additional information that may be relevant to the notified transaction but which is not listed in Sec. 800.402 of the Regulations. A list of such information, which may be updated from time to time, is provided on the CFIUS Web site (http://www.ustreas.gov/offices/international- affairs/cfius/). Examples of such information include: Information regarding whether the U.S. business develops or provides cyber systems, products, or services (including business systems used to manage or support common business processes and operations, such as enterprise resource planning, e-commerce, e-mail, and database systems; telecommunications or Internet systems; control systems used to monitor, assess, and control sensitive processes and physical functions, such as supervisory control, data acquisition, and process and distributed control systems; or safety, security, support, and other specialty systems, such as fire, intrusion detection, access control, people mover, and heating, ventilation, and air conditioning systems); information regarding whether the U.S. business processes natural resources and material or produces and transports energy; and information on any required regulatory reviews, on-going dealings, or outstanding issues that the parties have with other U.S. Government agencies with national security responsibilities. Where CFIUS requires additional information to enable it to review a notified transaction, CFIUS may request such additional information of the parties. Section 800.403(a)(3) of the Regulations authorizes the Staff Chairperson to reject any voluntary notice if the parties do not provide follow-up information within three business days of the request, or within a longer time frame if the parties so request in writing and the Staff Chairperson grants that request in writing. VI. Conclusion CFIUS does not issue advisory opinions as to whether a covered transaction raises national security considerations. Rather, it conducts full reviews of specific covered transactions that are notified to CFIUS pursuant to Sec. 800.401 of the Regulations. This guidance may provide assistance to parties as they consider whether to file a voluntary notice with CFIUS. Additional information is available on the CFIUS Web site, http://www.ustreas.gov/offices/international- affairs/cfius/. Clay Lowery, Assistant Secretary (International Affairs). [FR Doc. E8-28791 Filed 12-5-08; 8:45 am] BILLING CODE 4810-25-P