On September 15, 2020, the Committee on Foreign Investment in the United States (“CFIUS”) published a final rule, effective October 15, 2020, to refine its requirements for mandatory filings for certain transactions—in particular those involving foreign investments in “TID US businesses”1 dealing in “critical technologies.” The rule adds clarity to the standards for a mandatory filing requirement but enhances the need for parties to a potentially covered transaction to ensure appropriate due diligence on the US business’s classification of its technology under the export control laws. As summarized in our May 22 Legal Update, this action follows a proposed rule published on May 21, 2020, and a public comment period. The final rule is the latest in CFIUS’ rulemaking to implement the Foreign Investment Risk Review Modernization Act of 2018, known as “FIRRMA.” The rule eliminates the requirement that the critical technology be used in or designed for use in one of 27 sensitive industries identified by CFIUS. Instead, a filing will now be required for a covered transaction involving a TID US business that deals in critical technologies for which a “US regulatory authorization” would be required to export, re-export, transfer (in-country) or retransfer the technologies to a certain foreign person.

Specifically, a filing will be required for a covered transaction involving a TID US business that deals in critical technologies for which a US regulatory authorization would be required to export, re-export, transfer (in-country) or retransfer the technologies to a foreign person that (i) could directly control such TID US business as a result of the covered transaction; (ii) is directly acquiring an interest that is a covered investment in such TID US business; (iii) has a direct investment in such TID US business, and a change in rights involving such investment could result in a covered control transaction or a covered investment; (iv) is a party to any transaction, transfer, agreement or arrangement that is designed or intended to evade or circumvent the CFIUS regulations with respect to such TID US business; or (v) individually holds, or is part of a group of foreign persons that, in the aggregate, holds a voting interest 25 percent or more in a foreign person described (i) through (iv).

Thus, the final rule directly ties the mandatory filing requirement for critical technology transactions to established US export control regulations, as a US regulatory authorization would cover licenses or approvals granted under the International Traffic in Arms Regulations, the Export Administration Regulations (“EAR”) and Department of Energy and Nuclear Regulatory Commission authorizations related to atomic energy and nuclear equipment and material. Moreover, the rule establishes that this determination would generally be made without regard to whether a license exception applies, other than certain limited license exceptions under the EAR.

The final rule also clarifies that the mandatory filing requirement applies for transactions involving foreign governments indirectly investing through an entity whose activities are primarily directed, controlled or coordinated by or on behalf of a general partner, managing member or equivalent only if the government holds 49 percent or more of the interest in the general partner, managing member or equivalent of the entity (deemed a “substantial interest”). Previously, the regulations did not explicitly state that the general partner, managing member or equivalent must primarily direct, control or coordinate the activities of the entity. 

With the elimination of the connection to one of the 27 sensitive industries, the final rule will provide more clarity for investors and US businesses as they consider whether their transactions are subject to CFIUS’ mandatory filing requirement. At the same time, the final rule also makes it particularly important for the parties to ensure that the US business has properly classified its technology under the export control laws. Erroneous classifications can impact the analysis of whether a mandatory CFIUS filing is required for a transaction and expose the parties to potentially severe penalties for failure to make a filing. CFIUS may impose fines up to the size of the transaction and maintains the authority to require changes to or divestment of transactions post-closing.


1 “TID US businesses” are sensitive US businesses dealing in critical technologies, critical infrastructure and sensitive personal data.