Photo of Caroline BrownPhoto of Jana del-CerroPhoto of Adelicia R. CliffePhoto of Nimrah Najeeb

On Monday, November 18, 2024, the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) announced that it had finalized the regulatory changes previewed in April that will enhance certain CFIUS procedures and sharpen its penalty and enforcement authorities.[1]  The changes go into effect on December 26, 2024 and as described in more detail below: (a) expand the types of information that CFIUS can require transaction parties and other persons (i.e., third-parties) submit when engaging with them on transactions that were not filed with CFIUS; (b) broaden the instances in which CFIUS may use its subpoena authority, including when seeking to obtain information from third persons not party to a transaction notified to CFIUS and in connection with assessing national security risk associated with non-notified transactions; and (c) substantially increase monetary penalties for violations of CFIUS regulations from a maximum of U.S. $250,000 to U.S. $5 million per violation, or the value of the transaction, whichever is greater.

When announcing the final text of the revised regulations, CFIUS noted that these changes are the “first substantive update to the monitoring and enforcement provisions of the CFIUS regulations”[2] since the enactment of the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA), which amended CFIUS’s governing statute and significantly overhauled the CFIUS process to introduce key features such as mandatory filings for certain transactions, authority to review specific minority investments, and filing fees for notices.

Summary of Changes Effective on December 26, 2024:

1. Expanding the types of information CFIUS can require transaction parties and other persons to submit when engaging with them on transactions that were not filed with CFIUS;

At Present: Authority to request from the parties to a non-notified transaction information necessary to determine whether the transaction is a “covered transaction” (i.e., if CFIUS has jurisdiction).

On or after December 26, 2024: Expanded authority to request information not just from transaction parties but also “other parties” (i.e., third-parties), as well as expanded authority to request additional types of information to determine if a transaction triggers the mandatory filing requirement or raises national security concerns beyond just jurisdictional inquiries.

2. Allowing the CFIUS Staff Chairperson to set, as appropriate, a timeline for transaction parties to respond to risk mitigation proposals for matters under active review to assist CFIUS in concluding its reviews and investigations within the time frame required by statute;

At Present: No requirement for the parties to respond to risk mitigation proposals from CFIUS within a specific time frame, and no explicit authority for CFIUS to impose any deadlines with respect to responses to proposed mitigation terms.

On or after December 26, 2024: CFIUS may, in its discretion, impose a 3-business day deadline for the parties to respond to proposed mitigation proposals (for initial and subsequent drafts).  If CFIUS does impose a response deadline, and the parties fail to respond in the specified time frame, CFIUS can reject the notice entirely.  CFIUS can also implement interim or final national security measures on pending transactions (for example, CFIUS rejects a notice because the parties do not respond to mitigation proposals in a timely fashion, but because of the national security concerns identified, CFIUS imposes interim restrictive measures preventing the parties from closing because CFIUS was not able to finish its review). 

3. Expanding the circumstances in which a civil monetary penalty may be imposed due to a party’s material misstatement and omission, including when the material misstatement or omission occurs outside a review or investigation of a transaction and when it occurs in the context of CFIUS’s monitoring and compliance functions;

At Present: Currently, the regulations provide for penalties to be imposed in the following situations: (a) submitting a declaration or notice with a material misstatement or omission, or making a false certification; (b) failing to submit a timely declaration or notice in the certain circumstances in which submission is mandatory; and (c) violating a material provision of a mitigation agreement, material condition imposed, or order issued.

On or after December 26, 2024: Effective December 26, 2024, CFIUS penalties also would apply to material misstatements or omissions in contexts outside of declarations and notices—in particular, responses to the Committee’s requests for information related to non-notified transactions, certain responses to the Committee’s requests for information related to monitoring or enforcing compliance, and other responses to the Committee’s requests for information, such as for agency notices. 

4. Substantially increasing the maximum civil monetary penalty available for violations of obligations under the CFIUS statute and regulations, as well as agreements, orders, and conditions authorized by the statute and regulations, and introducing a new method for determining the maximum possible penalty for a breach of a mitigation agreement, condition, or order imposed;

At Present: The current penalty amount for making a material misstatement or omission in a notice or a declaration, or submitting a false certification with respect to a notice or declaration is a maximum of U.S. $250,000 per violation.  The penalty for failing to submit a notice or a declaration when mandatory, or non-compliance with material provisions of mitigation agreements, orders, or material conditions imposed by CFIUS, is the greater of U.S. $250,000 or the value of the transaction, per violation.

On or after December 26, 2024: The penalties for material misstatements or omissions, and false certifications, will increase to a maximum of U.S. $5 million per violation.  Similarly, the penalty for failing to file a declaration or notice when mandatory will also increase to U.S. $5 million, or the value of the transaction, whichever is greater, per violation.  Moreover, CFIUS can also impose a maximum penalty of U.S. $5 million per violation for material misstatements or omissions in responses to the Committee’s requests for information related to non-notified transactions or otherwise.

With respect to non-compliance with CFIUS mitigation agreements, material conditions or orders, these penalties will also increase to be the greatest, per violation, of (i) U.S. $5 million (ii) the value of the violating party’s interest in the U.S. business (or covered real estate) at the time of the transaction, (iii) the value of the violating party’s interest in the U.S. business (or covered real estate) at the time of the violation or the most proximate time to the violation for which assessing such value is practicable, or (iv) the value of the transaction. 

The new rules will apply to any mitigation agreements or orders entered into after December 26, 2024.  For mitigation agreements or orders issued on or after October 11, 2018 but before December 26, 2024, the maximum penalty will remain U.S. $250,000 or the value of the transaction, whichever is greater per violation.  However, for any mitigation agreements or orders issued between December 22, 2008 and October 11, 2018, only if the relevant parties commit a violation intentionally or through gross negligence could they be subject to a maximum penalty of U.S. $250,000 or the value of the transaction, whichever is greater.  For all violations after October 11, 2018, while the penalty amounts will vary, depending on whether the conduct occurred before or after December 26, 2024, there is no intentionality or gross negligence qualifier that would limit the scope of liability.

5. Expanding the instances in which CFIUS may use its subpoena authority, including in connection with assessing national security risk associated with non-notified transactions; and

At Present: If deemed “necessary”, CFIUS currently has the authority to compel a response from the transaction parties via a subpoena regarding submitted notices or declarations, or with respect to non-notified transactions for CFIUS to determine whether it has jurisdiction. 

On or after December 26, 2024: The standard for issuing a subpoena will change from “necessary” to whenever CFIUS deems it “appropriate”, which is a lower threshold and grants CFIUS more flexibility in its ability to press for a response.  Further, the circumstances under which CFIUS can exercise its subpoena authority will expand from pertaining just to jurisdictional issues or with respect to already submitted filings, to information requests for third parties and information needed for the purposes of monitoring compliance with CFIUS agreements or orders.

6. Extending the time frame for submission of a petition for reconsideration of a penalty to CFIUS and the number of days for CFIUS to respond to such a petition.

At Present: Under current regulations, upon receiving notice of a penalty to be imposed, the subject person may submit a petition within 15 business days of receipt of such notice, subject to an extension through written agreement with the Committee. Similarly, the Committee has 15 business days to assess the petition and issue a final penalty determination.

On or after December 26, 2024: Both time frames will extend to 20 business days, and CFIUS can grant an extension based on “compelling circumstances.”

Key Takeaways

  • CFIUS remains focused on identifying non-notified transactions that may pose a risk to national security, so parties to a transaction where the buyer or minority investor is a foreign person, as well as third-party advisors and consultants, can expect an increase in requests for information from CFIUS.
  • CFIUS has doubled the size of its monitoring team and thus will continue to vigorously enforce mitigation agreements, conditions or orders.[3] The increased penalties for violations of these agreements reflects how seriously CFIUS expects parties to take their obligations under any agreement or arrangement with CFIUS.
  • In the last year, CFIUS has for the first time utilized its subpoena authority “in support of its national security mission,”[4] so in addition to increased requests for information, we can also expect CFIUS to rely on its expanded subpoena authority to elicit timely responses from parties to the transaction and relevant third-parties.

[1] Treasury Issues Final Regulations to Sharpen and Enhance CFIUS Procedures and Enforcement Authorities to Protect National Security, U.S. Department of the Treasury (Nov. 18, 2024), https://home.treasury.gov/news/press-releases/jy271; Penalty Provisions, Provision of Information, Negotiation of Mitigation Agreements, and Other Procedures Pertaining to Certain Investments in the United States by Foreign Persons and Certain Transactions by Foreign Persons Involving Real Estate in the United States, 89 Fed. Reg. 93179 (Nov. 26, 2024) (to be codified at 31 C.F.R. Parts 800 and 802).   

[2] Treasury Issues Final Regulations, supra note 1.

[3] Remarks by Assistant Secretary for Investment Security Paul Rosen at the Third Annual CFIUS Conference, U.S. Department of the Treasury (Nov. 19, 2024), https://home.treasury.gov/news/press-releases/jy2723.

[4] Id.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Caroline Brown Caroline Brown

Caroline E. Brown is a partner in Crowell & Moring’s Washington, D.C. office and a member of the firm’s White Collar & Regulatory Enforcement and International Trade groups and the steering committee of the firm’s National Security Practice. She provides strategic advice to…

Caroline E. Brown is a partner in Crowell & Moring’s Washington, D.C. office and a member of the firm’s White Collar & Regulatory Enforcement and International Trade groups and the steering committee of the firm’s National Security Practice. She provides strategic advice to clients on national security matters, including anti-money laundering (AML) and economic sanctions compliance and enforcement challenges, investigations, and cross border transactions, including review by the Committee on Foreign Investment in the United States (CFIUS) and the Committee on Foreign Investment in the U.S. Telecommunications Services Sector (Team Telecom).

Caroline brings over a decade of experience as a national security attorney at the U.S. Departments of Justice and the Treasury. At the U.S. Department of Justice’s National Security Division, she worked on counterespionage, cybersecurity, and counterterrorism matters and investigations, and gained unique insight into issues surrounding data privacy and cybersecurity. In that role, she also sat on both CFIUS and Team Telecom and made recommendations to DOJ senior leadership regarding whether to mitigate, block, or allow transactions under review by those interagency committees. She also negotiated, drafted, and reviewed mitigation agreements, monitored companies’ compliance with those agreements, and coordinated and supervised investigations of breaches of those agreements.

Photo of Jana del-Cerro Jana del-Cerro

Maria Alejandra (Jana) del-Cerro is a partner in Crowell & Moring’s Washington, D.C. office. She is a member of the firm’s International Trade Group. Jana’s practice focuses primarily on counseling and defending clients with respect to U.S. export controls, including the International Traffic…

Maria Alejandra (Jana) del-Cerro is a partner in Crowell & Moring’s Washington, D.C. office. She is a member of the firm’s International Trade Group. Jana’s practice focuses primarily on counseling and defending clients with respect to U.S. export controls, including the International Traffic in Arms Regulations (ITAR), the Export Administration Regulations (EAR), and the sanctions programs administered by the Office of Foreign Assets Controls (OFAC), as well as the U.S. Antiboycott Laws and the Helms-Burton Act.

Photo of Adelicia R. Cliffe Adelicia R. Cliffe

Adelicia Cliffe is a partner in the Washington, D.C. office, a member of the Steering Committee for the firm’s Government Contracts Group, and a member of the International Trade Group. Addie is also co-chair of the firm’s National Security practice. Addie has been…

Adelicia Cliffe is a partner in the Washington, D.C. office, a member of the Steering Committee for the firm’s Government Contracts Group, and a member of the International Trade Group. Addie is also co-chair of the firm’s National Security practice. Addie has been named as a nationally recognized practitioner in the government contracts field by Chambers USA.

Photo of Nimrah Najeeb Nimrah Najeeb

Nimrah Najeeb is a counsel in Crowell & Moring’s Washington, D.C. office and a member of the firm’s International Trade Group. Nimrah focuses her practice on transactions, investigations and compliance, and advisory matters involving economic sanctions, export controls, anti-money laundering, and other cross-border…

Nimrah Najeeb is a counsel in Crowell & Moring’s Washington, D.C. office and a member of the firm’s International Trade Group. Nimrah focuses her practice on transactions, investigations and compliance, and advisory matters involving economic sanctions, export controls, anti-money laundering, and other cross-border international regulatory regimes. She has also advised U.S. and foreign-based multinationals regarding public international law issues, mergers and acquisitions, government and internal investigations, and third-party diligence.