Exon-Florio Alert: Regulations Implementing FINSA Take Effect

The U.S. Department of Treasury has issued final regulations to

implement Section 721 of the Defense Production Act of 1950, as

amended by the Foreign Investment and National Security Act of 2007

("Section 721"). The long-awaited regulations, which took

effect on December 22, 2008, govern investigations by the Committee

on Foreign Investment in the United States ("CFIUS"). The

final regulations declare a narrow focus on national security

alone, eschewing a broader application to economic security and

other national interests. Treasury officials also have published

additional guidance concerning the types of transactions and the

specific national security concerns that CFIUS has scrutinized in

recent years.

While the latest reforms have preserved the basic substance and

timelines for CFIUS review of foreign-investment transactions, the

implementing regulations effect significant changes to the scope of

submissions required of companies submitting to the process. As a

practical matter, the new regulations increase the burden of

submitting to the CFIUS review process, but most notified

transactions will clear CFIUS review within the initial 30-day

review period. Attentive planning for the CFIUS review process,

including early coordination with CFIUS's constituent agencies

that may engage in independent reviews of a notified transaction,

and organized collection of information for inclusion in the

voluntary notice are essential to an efficient review.

History

The Exon-Florio amendment to the Defense Production Act

("DPA"), enacted in 1988, authorized the President to

investigate the impact of foreign acquisitions of U.S. businesses

on national security and to suspend or prohibit acquisitions that

might threaten the national security. In 1988, President Reagan

delegated the investigative authority to CFIUS, an interagency

group established in 1975 to monitor and coordinate U.S. policy on

foreign investment in the United States. In 1991, the Treasury

Department, as chair of CFIUS, issued regulations to implement

Exon-Florio. In 1992, the so-called "Byrd amendment"

required CFIUS to investigate mergers, acquisitions, or takeovers

by persons controlled by or acting on behalf of a foreign

government if the transaction resulted in control of a person

engaged in interstate commerce in the U.S. that could affect

national security.

Prior to 2005, CFIUS remained generally unknown until it cleared

the Dubai Ports World/P&O transaction. The ensuing uproar

resulted in widespread calls for reforms of Exon-Florio and the

CFIUS review process. Since that time, the previously obscure

agency has received a comparative flood of voluntary notices.

The resulting uproar also increased congressional scrutiny of

the CFIUS review process. Thus, on July 11, 2007, Congress passed

the Foreign Investment and National Security Act of 2007

("FINSA"), which recognized CFIUS, directed it to review

the national security implications of foreign acquisitions of U.S.

assets, and reformed the CFIUS review process. Furthermore,

although the CFIUS review process remains voluntary, FINSA

authorized CFIUS to initiate reviews on its own, and CFIUS has been

increasingly proactive in requesting information or encouraging

notification from parties to covered transactions. President Bush

signed FINSA into law on July 26, 2007, and it became effective on

October 24, 2007. The Treasury Department issued proposed

regulations in April 2008 and received more than 30 comments

covering 200 substantive issues.

National Security and Critical Infrastructure

The preamble to the final regulations emphasizes that CFIUS will

maintain a narrow focus on potential risks to U.S. national

security and will not expand its purview to encompass broader

concerns of economic security or general national interests. The

DPA and related regulations have never defined the term

"national security," and the final regulations

implementing FINSA are no exception. Following publication of the

final regulations, the Department of the Treasury issued limited

guidance on how CFIUS conducts its analyses within the list of

national security factors contained within the DPA. CFIUS evaluates

national security risk as a function of two factors: (1) the

potential threat—the capability or intention to exploit

or cause harm—presented by the foreign person, and (2)

any vulnerability linked to the U.S. business to be acquired. CFIUS

will consider information provided by the parties, as well as

public and government sources.

The Treasury Department guidance also describes the types of

transactions that CFIUS in past years reviewed and determined to

have raised national security concerns. These include acquisitions

of U.S. businesses that:

Provide products and services to federal, state, and local

authorities, including specifically sole-source...