Lawyers Continuing to See CFIUS Outreaches Involving Non-Notified Deals

“They do it in a kind of scary way,” Valenstein said during a June 9 webinar hosted by the law firm. He said his client received an email from CFIUS saying “we have an important subject of national security to discuss with you. We recommend you have counsel on the phone.” The company took time to answer CFIUS’s questions, Valenstein said, and then CFIUS “went away.”

“Sometimes they’re just doing fact gathering on investment patterns,” Valenstein said. “But we're seeing an upturn in this.”

Although that case didn’t lead to a filing, others may, especially if a company “didn't file where they should have or they didn't manage” a filing properly, he said. “This could have a much more negative outcome,” Valenstein said, adding that CFIUS is regularly monitoring press releases and other open-source information to find mergers that may need to be reviewed. “We've seen a huge upturn because they have more resources to do this.”

Paul Rosen, who heads the Treasury Department’s foreign investment screening efforts as CFIUS chair, said during his nomination hearing that the committee’s non-notified process can be useful to catch investment deals that perhaps should have been declared (see 2204060059). But he also said he doesn’t want CFIUS to lean too heavily on that process and should instead encourage more companies to voluntarily disclose.

Valenstein said he is regularly asked by clients: “Will the government hold it against me if I don't file and they trigger a review?”

Although officials generally shouldn’t, “a lot of them do,” said David Plotinsky, a Morgan Lewis lawyer and the former acting chief of DOJ’s Foreign Investment Review Section. “I have personally witnessed, even at pretty high levels in the government, just some skepticism about a company just because they didn't file,” he said during the webinar.

Plotinsky, who left DOJ to join Morgan Lewis earlier this year, said CFIUS’s approach to a non-notified deal also may depend on when the transaction occurred. “If it was something where the transaction happened five years ago, I think it's legitimate to say that companies maybe five years ago” -- before Congress passed the Foreign Investment Risk Review Modernization Act (see 2002270049 and 2001140060) -- “didn't realize what the government cared about.”

But now companies should have a “decent sense” of what CFIUS is looking for, Plotinsky said. The committee has a “general profile” of companies it targets for filings, such as those that are dealing with high-risk countries or businesses that have faced a separate regulatory enforcement action. “Certainly if you have a company that's had a regulatory action taken against it by the FCC or by some other agency, and then a year later they come in front of CFIUS,” Plotinsky said, “that's going to get scrutinized especially closely.”

He also said CFIUS is likely to continue its focus on investments involving sensitive technologies, including artificial intelligence and semiconductors. A merger between Beijing’s Wise Road Capital and South Korea's Magnachip Semiconductor Corp., for example, was ultimately terminated last year after failing to acquire CFIUS approval (see 2112140011).

Companies that collect personal data may also fall within CFIUS’s crosshairs, Plotinsky said, even if they don’t deal with critical technologies. Even businesses that don’t identify as a data company -- such as Starbucks -- could be of interest to CFIUS because they may collect personal information, such as geolocation data, from a mobile app, he said.

“Even if you think you're not really a data company in the way CFIUS thinks you are, you may be wrong, and that's why it's a very fact-specific analysis,” Plotinsky said. “A lot of companies that are doing totally non-national security, non-sexy stuff may still collect data that, especially if you have a big enough dataset, can start to implicate national security.”