CFIUS Proposes Expanded Enforcement Authorities and Increased Penalties
Key Points
On April 15, 2024, the Treasury Department published a proposed rule that would amend the Committee on Foreign Investment in the United States (CFIUS) regulations to expand CFIUS’s enforcement authorities. Specifically, the proposal would:
- Broaden the types of information that CFIUS can request from parties to “non-notified transactions,” which will enable the Committee to assess not only its jurisdiction to review such transactions, but also potential national security concerns and mandatory filing requirements associated with the transactions.
- Implement a three-business-day deadline for transaction parties to respond to proposed mitigation terms. Although Treasury anticipates granting extensions in certain cases, this timeline may be challenging for transaction parties, particularly when they are spread across multiple time zones.
- Expand CFIUS’s authority to subpoena information from not only transaction parties but “other persons” more generally, which could include employees of transaction parties or even third parties.
- Raise the maximum monetary penalty for violating the regulations from $250,000 to $5 million. For some violations, the penalty can be up to the value of the transaction if it is greater than $5 million.
Comments on the proposed rule are due by May 15, 2024.
Background
This proposed rule underscores CFIUS’s current focus on enforcement under the leadership of Treasury Assistant Secretary for Investment Security Paul Rosen. CFIUS issued its first ever enforcement guidelines in October 2022, and these proposed rules build on the Committee’s experience operating under those guidelines and fill in perceived gaps in its authority. CFIUS also has begun issuing more penalties. Although CFIUS has not released specific details about these actions, officials have stated that the Committee has recently imposed penalties for failure to file mandatory declarations, material misstatements and violations of mitigation agreements. CFIUS officials have also stressed the importance of self-disclosure and taking responsibility for violations.
New Authority to Request Information
The proposed rule would expand both the types of persons that CFIUS can request information from and the types of information that CFIUS can request.
The CFIUS regulations currently authorize the Committee to request information from parties to a non-notified transaction to determine whether the transaction is a covered transaction, i.e., subject to its jurisdiction. The proposed revisions would expand this authority, allowing CFIUS to request more information from transaction parties and other persons, including with respect to whether a transaction raises national security concerns and whether a transaction was subject to a mandatory filing requirement. Under the proposed revisions, transaction parties and other persons would be required to respond to such requests. Notably, “other persons” could include both third parties and employees of the transaction parties. The proposed revisions also expressly require parties to respond to information requests from CFIUS related to monitoring compliance of a mitigation agreement, order or condition, as well as for purposes of determining whether a parties made a material misstatement during a previous review. CFIUS already has the authority to request information on these topics; the revisions make it explicit that parties are required to respond.
Finally, the current regulations state that the Committee may obtain information through a subpoena or otherwise, “if necessary.” The proposed regulations would revise this to read “if appropriate,” thereby expanding CFIUS’s ability to use subpoenas as a tool for collecting information by lowering the threshold for issuing a subpoena.
New Timeline for Responding to Proposed Mitigation Terms
In an effort to better ensure that cases are concluded within the requisite statutory time frame and to allow the Committee to move quickly to address national security risks in non-notified transactions, the proposed revisions would require parties to respond to proposed mitigation terms within three business days unless the Committee grants an extension. The Committee will expect substantive responses, consisting of an acceptance of the terms, a counterproposal or a detailed statement explaining why the parties cannot comply. Under the proposed changes, CFIUS will now be able to reject a filing for failure to provide a response within the time allotted. This timeline may be challenging to meet and will require advanced planning on the part of transaction parties.
Increased Penalties
Under the current regulations, the maximum monetary penalty for submitting a filing with a material misstatement or omission or submitting a false certification in a filing is $250,000 or, for certain types of violations, e.g., violating a mandatory filing requirement or material provision of a mitigation agreement, it is the greater of $250,000 or the value of the transaction. The proposed rule would raise this amount to $5 million, or where applicable, the greater of $5 million or the value of the transaction. According to the proposed rule, the Committee determined that the current penalty amount was not sufficient to deter or penalize certain violations.
Conclusion
This proposed rule reflects a clear effort by CFIUS to sharpen its enforcement tools and impose more severe penalties for parties that do not comply with these regulations. Once the rule becomes final, CFIUS will have more authority to request information and penalize parties for not closely analyzing the CFIUS implications of transactions and adhering to the requirements that it imposes on parties. It also will impose more rigid time constraints on the negotiation of mitigation terms. In sum, this action heightens the need for foreign investors and other transaction parties to closely consider the CFIUS risks in transactions when making investments in companies that operate in the United States.