Protecting the Crown Jewels: U.K. Introduces Expansive National Security & Investment Bill
1. Summary
- The United Kingdom (U.K.) government published the National Security and Investment Bill (“NSI Bill” or “Bill”) on November 11, 2020, the aim of which is to strengthen the government’s powers to scrutinize and intervene in U.K. investment activity on national security grounds.
- Acquisitions of 15 percent or more in qualifying entities active in one or more sensitive sectors will be subject to a mandatory notification obligation, underpinned by a voluntary regime for a broader range of investments that might also give rise to national security concerns. Penalties for non-compliance include fines of up to five percent of worldwide turnover (or ten million pounds sterling, whichever is the greater), and imprisonment of up to five years.
- The screening mechanism can be triggered by various forms of deal activity including full share acquisitions, material increases in shareholding or voting rights (e.g. crossing 25 percent, 50 percent and 75 percent), as well as material influence over policy. To counter potential circumvention of the measures, the acquisition of sensitive assets will also be subject to a voluntary notification requirement. The screening mechanism could significantly add to deal timetables, with full ‘call-in’ assessments taking 75 working days or more to conclude potentially. The government will also have broad powers in terms of remedies, which include the blocking or unwinding of deals.
- The NSI Bill includes a five-year retrospective power to call-in transactions that are not notified but raise national security concerns. Transactions completing prior to entry into force of the NSI Bill could be called in for review up to six months from entry into force. The government’s existing national security powers under the Enterprise Act 2002 (“EA 2002”) will continue to apply until the NSI Bill becomes law, and so only transactions that do not meet the thresholds of that legislation could be affected. It will therefore be critical to treat the NSI Bill as a gating issue when planning investment activity within sensitive sectors of the U.K. economy going forward.
2. Background
While the U.K. has a mature approach to protecting national security overall, the government lacks effective statutory powers in relation to the ownership and control of businesses and other entities that could be used to undermine national security. Successive recent governments have lamented its deficient intervention powers in relation to foreign U.K. takeovers. In 2016, the then May Conservative government publically acknowledged that the intervention mechanisms maintained within the EA 2002 were not sufficient to meet national security challenges created by the ownership and control of critical U.K. assets by overseas parties. This resulted in the publication of a Green Paper in 2017 (following an initial public consultation), which scrutinized the government’s existing powers under the EA 2002 and also proposed both short term and long term solutions to fixing the perceived legislative deficit.
The Green Paper determined that a voluntary investment screening mechanism, with expanded government call-in powers, would be the most appropriate long-term solution, and recommended that the government develop such proposals further. This culminated in the publication in 2018 of a comprehensive White Paper, which articulated in detail the creation of a voluntary screening mechanism that would review acquisitions of U.K. entities and assets in any sector on national security grounds, regardless of turnover or market share. Since those publications, the new Johnson government has further considered what powers are necessary. Finally, in December 2019 the government announced its intentions to bring the NSI Bill to Parliament in 2020 in its maiden Queen’s Speech, with publication occurring on November 11, 2020.
3. The National Security and Investment Bill
i. Policy Intent
The stated policy objective of the NSI Bill is to strengthen the government’s powers to scrutinize and intervene in business transactions in instances where it is necessary to protect national security, while providing businesses and investors with both the certainty and transparency they need to conduct business in the U.K..
In many respects the NSI Bill operates as framework legislation under which the government can introduce regulations and policy statements to help define further what activities should be caught and screened for national security risks. This is intentional, as the government wishes to futureproof the legislation to ensure that it can react quickly to the ever-changing risks to national security, without the need to introduce new primary legislation each time.
The cornerstone of the NSI Bill is the creation of an independent investment screening mechanism, which is triggered by the notification by parties involved in transactions, or otherwise the government’s ability to call-in transactions, that could give rise to national security concerns. In a marked change to the 2018 White Paper, the NSI Bill introduces a mandatory notification requirement for certain transactions in specified sectors of the economy that pose greater national security risks. This mandatory notification system is complemented by a voluntary notification process for transactions in other non-listed sectors and for transactions involving sensitive assets. In addition, the NSI Bill also includes enhanced powers for the government to unilaterally ‘call in’ any transactions that it deems to be a potential national security risk.
ii. Notification Procedures
a. Mandatory Notification
The NSI Bill will require the person making a ‘notifiable acquisition’ (i.e. the acquirer) to submit a mandatory notification to the Secretary of State for Business, Energy and Industrial Strategy (hereafter referred to as the ‘government’ for ease) before they either gain control or acquire a right of interest in a ‘qualifying entity’ of a specified description.1A notifiable acquisition that is completed without government approval is void.2
i. Qualifying Entities
A ‘qualifying entity’ for the purposes of a notifiable acquisition is defined as any entity, whether or not a legal person, that is not an individual, and includes a company, a limited liability partnership, any other body corporate, a partnership, an unincorporated association and a trust.3 It also includes entities that are formed or recognized under the law of a country or territory outside the U.K. if it: (i) carries on activities in the U.K.; or (ii) supplies goods or services to persons in the U.K.4
The NSI Bill anticipates the introduction of secondary legislation (referred to as the ‘notifiable acquisition regulations’)5, which will provide more detail on what qualifying entities of a specified description will be subject to the mandatory notification regime.6 In the NSI Bill’s Impact Assessment, the government indicates that activities within 17 specific sectors will result in a mandatory notification, which are: communications, data infrastructure, defence, energy, transport, artificial intelligence, advanced robotics, computing, hardware, cryptographic authentication, advanced materials, quantum technologies, engineering, biology, critical suppliers to government, critical suppliers to the emergency services, military or dual-use technologies, and satellite and space technologies.7 The NSI Bill provides the notifiable acquisition regulations with the power to amend the circumstances in which a notifiable acquisition takes place.8 This includes, in particular, the provision for exemptions by reference to the characteristics of persons seeking to control qualifying entities.9 It also indicates that control of certain ‘qualifying assets’ may also result in a notifiable acquisition.10
ii. Control of Qualifying Entities
The NSI Bill sets out a number of instances as to how a person can gain control of a qualifying entity. In relation to shareholding or voting rights, a person can gain control of a qualifying entity in the following instances:11
-
- the acquisition of 15 percent or more of the shares or votes in an entity;
- the acquisition of more than 25 percent of the shares or votes in an entity;
- the acquisition of more than 50 percent of the shares or votes in an entity;
- the acquisition of 75 percent or more of the shares or votes in an entity; and
- the acquisition is of voting rights in an entity that (whether alone or together with other voting rights held by the person) enable the person to secure or prevent the passage of any class of resolution governing the affairs of the entity.12
The result is that most material changes in shareholding or voting rights in a qualifying entity will result in gaining control. Where the entity has share capital, then the reference to the holding a percentage of shares is to mean the issued capital of the entity at a nominal value (in aggregate) of that percentage of share capital.13In the case of a Limited Liability Partnership (“LLP”), the percentage of shares is to mean the percentage of any surplus assessment of the LLP on winding up.14 If the entity has no share capital nor is an LLP, then the percentage should be read as the percentage of the capital or profit entitlement of the entity.15
In addition, the NSI Bill states that control can be established through the acquisition of a material influence over an entity’s policy.16 This operates as a ‘catch-all’ provision to ensure that the wider involvement and influence of persons in a particular corporate group or sector are caught.
b. Voluntary Notification
In circumstances where the thresholds for a notifiable acquisition are not met, then the NSI Bill provides for a voluntary notification process for investments that might still give rise to national security concerns.17In such circumstances, the seller, acquirer, or qualifying entity itself may give notice to the government stating that a ‘trigger event’ either has taken place or is being contemplated in relation to a qualifying entity.18 Aside from capturing novel national security risks that occur outside those envisaged by the mandatory notification provisions, this also allows for persons other than the acquirer to notify a trigger event that should be subject to mandatory notification by the acquirer.
A voluntary notification can also be made in relation to a ‘trigger event’ concerning a ‘qualifying asset’, which is defined as an asset of any of the following types: (i) land (including land located outside of the U.K. if used in connection with activities conducted in the U.K.); (ii) tangible movable property; or (iii) ideas, information or techniques which have industrial, commercial or other economic value (for example, trade secrets, databases, intellectual property rights and software).19
For the purposes of a qualifying entity, a ‘trigger event’ occurs when a person gains control of the qualifying entity as set out above (under ii. Control of Qualifying Entities) in respect of notifiable acquisitions requiring mandatory notification.20 In relation to ‘qualifying assets’, the trigger event occurs when a person gains control of the qualifying asset and is thus able to use it or direct its use (including prior to acquisition).21Persons will not be considered as gaining control of assets if the purpose for the asset’s acquisition is outside of the person’s trade or business.22However, this exemption does not apply to land or items listed on the U.K.’s consolidated list of strategic military and dual-use items that require export authorization.23
c. Government Call-in
The NSI Bill provides the government with the power to issue a call-in notice unilaterally if the government reasonably suspects that a trigger event has taken place, or that arrangements are in process or contemplation.24 This power applies to the U.K. economy as a whole (i.e. the government is not restricted to specific sectors). If the government decides to issue a call-in notice, then it must be provided to (i) the acquirer (ii) the qualifying entity (if applicable) and (iii) any other such persons the government deems appropriate.25 The call-in notice must include a description of the trigger event and state the names of the persons to whom the notice is provided.
iii. Initial Screening and ‘Trigger Event’ Assessment
a. Initial Screening
On receipt of either a mandatory or a voluntary notice, the government must first decide whether to accept or reject the notice.26 Rejection is likely to occur if the notice does not meet the applicable requirements or does not contain sufficient information from which the government can determine whether to issue a call-in notice.27
If the notice is accepted, then the government will notify the issuer of the notice as well as any other persons the government deems appropriate. This government action will then start a 30-working-day review period.28 The NSI Bill requires the government to have regard to a statement of policy intent (“Statement of Policy Intent”) when exercising the call-in power, but does not limit the government’s ability to use the call in power.29The Statement of Policy Intent will set out the factors the government should consider when determining whether a trigger event creates a material national security risk.30During this review period, the government can request the relevant parties to submit information or provide in-person evidence.31
Having conducted its initial screening, the government must either: (i) give a call-in notice in relation to the proposed acquisition to the acquirer; or (ii) inform the relevant parties that the government intends to take no further action.32 The government’s 2018 White Paper indicated that it expected around 200 notifications a year, half of which would progress to a full assessment. The government has now revised these figures in its Impact Assessment, indicating that it expects between 1,000 – 1,830 initial notifications, with approximately 70-95 being called-in for a full national security assessment.33
b. ‘Trigger Event’ Assessment
The government published a draft Statement of Policy Intent alongside the NSI Bill, which states that the government must consider the following factors when determining whether to exercise its call-in power as a result of becoming aware of a trigger event.
-
- The target risk: The nature of the target and whether it is in an area of the economy where the government considers risks more likely to arise. The government determines that the economy, generally, can be split into three levels of risk:
- Core areas: These are the main sectors in which national security risks are more likely to arise and where mandatory notification will apply for some types of trigger events. These are the national infrastructure sectors defined by the Centre for the Protection of National Infrastructure, advanced technology, military and dual-use technologies, and direct suppliers to government and the emergency services.
- Core activities: The government will identify in regulations the specific activities within the core areas where risks are most likely to arise and where the call-in power is therefore most likely to be used. Acquisitions of entities involved in these activities will be subject to mandatory notification. While asset acquisitions will not be subject to mandatory notification, where assets are closely related to those activities, their acquisition is more likely to be called in than other assets.
- The wider economy: The government generally considers that trigger events occurring in the remaining areas of the economy are unlikely to pose risks to national security, so such transactions are only expected to be called in on an exceptional basis.
- Core areas: These are the main sectors in which national security risks are more likely to arise and where mandatory notification will apply for some types of trigger events. These are the national infrastructure sectors defined by the Centre for the Protection of National Infrastructure, advanced technology, military and dual-use technologies, and direct suppliers to government and the emergency services.
- The trigger event risk: The type and level of control being acquired and how this could be used in practice to undermine national security. This includes, for example, the disruption of a critical supply chain, the unauthorized surveillance of sensitive information, or inappropriate leverage with a view to influencing U.K. policy.
- The acquirer risk: The extent to which the acquirer raises national security concerns. Factors that the government will consider when deciding whether to exercise the call-in power will include: the ultimate owner of the acquiring entity, the track record of the acquirer (including criminal offenses), and the acquirer’s affiliations with hostile parties.
- The target risk: The nature of the target and whether it is in an area of the economy where the government considers risks more likely to arise. The government determines that the economy, generally, can be split into three levels of risk:
The government must review the Statement Policy of Intent at least once every five years.34 In addition, the government can amend or replace the Statement Policy of Intent at any time.35
iv. ‘Call-in’ Assessment Period
If the government decides to issue a call-in notice to the acquirer, then this starts a 30–working-day ‘initial period’, which can be extended by a 45-working-day ‘additional period’.36 If further time is required, then the government and the acquirer can agree a further ‘voluntary period’ to determine the potential national security risk of the transaction.37
During the call-in assessment period, the government may make an interim order to either prevent or reverse any action that might prejudice the government’s review of the proposed transaction.38The NSI Bill affords the government broad discretion as to what it is permitted to instruct as part of any interim order, allowing for the imposition of any remedies considered necessary to protect national security.
v. Potential Outcomes
Before the end of the call-in assessment period, the government must decide to either make a final order, or give a final notification that no further action is to be taken.
In the event that the government determines (on the balance of probabilities), that a particular acquisition raises material national security concerns, then it can impose any steps necessary to protect, remedy, or mitigate the national security risks.39 In practice, this is likely to result in one of three outcomes: (i) imposing conditions of approval for the deal to proceed; (ii) blocking the deal; or (iii) unwinding the deal in situations where the relevant trigger event has already occurred.
While the government expects to engage with the concerned parties throughout the process, the final decision on the form and detail of any remedy will be the government’s alone. We expect that conditions will typically be imposed on the acquirer and/or the asset or entity being acquired, but under the NSI Bill the government would have the power to impose conditions on any party.40 The 2018 White Paper stated that an exhaustive list of conditions would “unacceptably limit” the government’s ability to protect national security. Once the government determines that a transaction can proceed subject to certain conditions, the final order will be published with high-level details about any conditions attached to that approval.41
The NSI Bill affords the right to appeal any decisions taken by the government via judicial review, provided that the claim is filed within 28 days from the date upon which grounds for any claim first arose.42
vi. Retroactive Effect
The government has a five-year retrospective power to call-in transactions that were not notified but may raise national security concerns.43Once the government becomes aware of the transaction, it has six months to decide whether to call in the transaction.44
Transactions that occur from November 12, 2020 onwards will be in scope of this five-year look back.45 However, if the parties subject to a transaction make the government aware of it prior to the NSI Bill coming into force, then the government will only have six months from the Bill’s entry into force to call in the transaction.46The government’s existing national security powers under the EA 2002 will continue to apply until the NSI Bill becomes law, so only transactions that do not meet the thresholds of that legislation could be affected.47
4. Enforcement
The NSI Bill provides for a range of offenses, including the completion of a notifiable acquisition without approval, failing to comply with an order, and offenses relating to the failure to comply with an information notice or attendance notice.48
Penalties for non-compliance include fines of up to five percent of worldwide turnover or 10 million pounds sterling (whichever is the greater),49 and imprisonment of up to five years.50When determining a monetary penalty, the government will take into consideration the seriousness of the offense, the desirability of deterring both the person subject to the penalty and others and any mitigating steps taken by the person in question.
Transactions that are covered by mandatory notification and which take place without clearance will be void and have no legal effect.51 However, the NSI Bill does provide a mechanism through which a person can apply for retrospective validation of a notifiable acquisition.52A notifiable acquisition is also void where it has been completed in manner that is different to the stipulations of a final order.53
5. Key Takeaways
- The NSI Bill replaces the government’s ability to scrutinize mergers that give rise to a national security consideration under the EA 2002. Whilst it will often be the case that both market dominance and national security reviews will run in parallel, the NSI Bill separates both reviews in that national security assessments will occur when the relevant competition review thresholds are not met, given that entity and asset acquisitions could trigger national security concerns in any sector, regardless of turnover or market share.
- The NSI Bill is likely to affect a wide range of investment activity and could impact a range of firms that count foreign nationals and foreign governmental entities among their investors. It will therefore be critical for these players to treat the NSI Bill as a gating issue when planning investment activity within sensitive areas of the U.K. economy going forward. This is particularly the case for any investment activity that would trigger a mandatory notification under the Bill, which would be at an increased risk of a call in due to the government’s five-year retrospective look back power.
- As the NSI Bill targets the acquisition of tangible and intangible assets, it will also be critical for businesses to be aware of its impact on every day commercial transactions. This is especially the case where sensitive assets or business segments are sold or when intellectual property rights are transferred or licensed to foreign parties (on either a temporary or a permanent basis).
- The NSI Bill has only just started its legislative journey through Parliament and is likely to be the subject of intense cross-party scrutiny as both the Conservatives and Labour use the Bill as a proxy through which to further define the U.K.’s post-Brexit trade and investment objectives. In particular, we expect the provision for a five-year retrospective look back to receive close attention, as well as the use of a mandatory notification procedure. That said, we do not envisage that the current government will drop the NSI Bill and tentatively expect it to come into force in Q2 2021.
1 National Security and Investment Bill 2020 (NSI Bill), Section 14(1).
2 NSI Bill, S. 13(1).
3 NSI Bill, S. 7(2).
4 NSI Bill, S. 7(3).
5 The ‘notifiable acquisition regulations’ are yet to be published at the time of writing this alert.
6 NSI Bill, S. 6(1).
7 Impact Assessment: National Security and Investment Bill 9 November 2020 (Impact Assessment), pages 15-16.
8 NSI Bill, S. 6(5) (a).
9 NSI Bill, S. 6(5) (b).
10 NSI Bill, S. 6(6).
11 NSI Bill, S. 6(2) (b) and S. 8(2).
12 NSI Bill, S. 8(6).
13 NSI Bill, S. 8(3) (a).
14 NSI Bill, S. 8(3) (b).
15 NSI Bill, S. 8(3) (c).
16 NSI Bill, S. 8(8).
17 NSI Bill, S. 18(2).
18 NSI Bill, S. 18(2).
19 NSI Bill, S. 7(4).
20 NSI Bill, S. 5(1) (a) pertaining to S. 8.
21 NSI Bill, S. 5(1) (b) pertaining to S. 9.
22 NSI Bill, S. 11(1).
23 NSI Bill, S. 11(2).
24 NSI Bill, S. 1(1).
25 NSI Bill, S. 1(4).
26 NSI Bill, S. 14 (5) and S. 18 (5).
27 NSI Bill, S. 14 (6) and S. 18 (6).
28 NSI Bill, S. 14 (9) and S. 18 (9).
29 NSI Bill, S. 1 (7).
30 NSI Bill, S. 3 (3).
31 NSI Bill, S. 19 and S. 20.
32 NSI Bill, S. 14 (8) and S. 18 (8).
33 Impact Assessment, page 22.
34 NSI Bill, S. 3(4).
35 NSI Bill, S. 3(5).
36 NSI Bill, S. 23(3) (a) – (b).
37 NSI Bill, S. 23(3) (c).
38 NSI Bill, S. 25.
39 NSI Bill, S. 26(5).
40 NSI Bill, S. 26(5).
41 NSI Bill, S. 29(1).
42 NSI Bill, S. 49.
43 NSI Bill, S. 2(2) (b).
44 NSI Bill, S. 2(2) (a).
45 NSI Bill, S. 2(4).
46 NSI Bill, S. 2(4).
47 NSI Bill, S. 62.
48 NSI Bill, Ss. 32, 33, 34, and 35.
49 NSI Bill, S. 41 (a).
50 NSI Bill, S. 39 (d).
51 NSI Bill, S. 13(1).
52 NSI Bill, S. 16.
53 NSI Bill, S. 13(3).