During an Oct. 2 online forum, the head of CFIUS provided a series of updates and insights on topics ranging from joint ventures to international coordination. The session, hosted by the Center for Strategic and Institutional Studies, featured Thomas Feddo, Assistant Secretary for Investment Security at the U.S. Department of Treasury, and other legal experts.
Among Tom’s more interesting and useful comments:
Over the last year, Feddo said that CFIUS has been able to “improvise and adapt,” implementing FIRRMA in a timely fashion and meeting statutory deadlines; Feddo said “we rocked and rolled” to get it done.
Feddo noted that CFIUS has also done a good job managing its process and the filing of transactions, “juggling that chainsaw” with efficiency. He noted that the extra 15 days on the review period has been “effective in making sure that benign transactions or easy transactions … get their safe harbor before having to go into the investigation phase.”
Feddo stated that his team is watching “what kinds of filings are coming in, where there may be gaps, where there’s not enough clarity for the bar and external stakeholders,” and will adapt accordingly. He said CFIUS would “continue to use our authority under FIRRMA to fine tune the legislation and to respond to evolving threats and commercial transactions.”
A repeated theme throughout the entire one-hour webinar was non-notified transactions.
Nova Daly of Wiley Rein, who previously served as Deputy Assistant Secretary for the Investment Security and Policy at Treasury, noted that the “achilles heel” of the national-security regime is transactions that are not filed because they are voluntary, cause national security vulnerabilities, and get discovered later and cause a “blow up.”
Feddo acknowledged this was critical and an “important focus” of his work. He also stated that he had retooled the team at Treasury to build out an independent office focused on enforcement, non-notified work, and mitigation agreements. He also made clear that non-notified transactions are indeed getting scrutiny. “When we identify a transaction of concern [to national security] that hasn’t voluntarily filed, we’re doing to pull the string a take a closer look.”
Feddo stated he also has a new international relations office that over the last two years has had “300 or so engagements with about 60 different allies and partners” on investment screening for national security purposes. He said he’s done “a lot of work with the EU” and has conducted both benchmarking and information sharing with other countries. We noted back in May that much of CFIUS’ hiring seemed focused on international coordination.
While Feddo said he wasn’t going to “tip our hand” regarding scope or jurisdictional analysis, he did say that “not all joint ventures are outside the scope of the Committee, and in fact we do with some frequency look at joint ventures” involving U.S. businesses and foreign control. He added that, “Any transaction where we find control by a foreign person over a U.S. business, the technology doesn’t need to be on a Commerce control list or otherwise controlled in order for us to address any national security risks.”
Feddo emphasized that mitigation is a tool CFIUS uses to resolve national security risk, noting that “with some level of frequency every year there are transactions that are cleared with mitigation, and the Committee [has] focused on the mitigation and enforcement piece of our team and building out the resources to ensure that monitoring of mitigation agreements is robust and that compliance is effective.” This should not be a surprise to Foreign Investment Watch readers, as we highlighted mitigation-agreement trends back in July, and provided subsequent guest columns focused on CFIUS mitigation measures and requirements in recent weeks.
Related to mitigation above, and as Foreign Investment Watch covered in July, Feddo also stated that Treasury is going to be publishing enforcement guidelines that will give stakeholders and the bar “greater clarity on how we intend to use those authorities.” He specifically stated that “we’ll be doing more on the enforcement side to ensure that parties are complying.”
Feddo made two predictions, neither of which were rocket science. First, over time and as FIRRMA matures, Feddo thinks you’ll see a “natural and continuing migration of clear, benign transactions to the Declaration process for a quick and efficient safe-harbor letter, and a migration of more complicated cases to the full Notice process.” Second, Feddo expects to see an increase with respect to real estate transactions.
BEYOND THE DATA
Regarding the enumerated list of 10 categories of sensitive personal data that CFIUS is concerned with, Feddo warned that “folks should be careful to construe or infer that that’s an exclusive list of data that the Committee might be concerned about.”
As a reminder, the 10 categories of sensitive personal data refer to an investment in a U.S. businesses that maintains or collects “identifiable data” of more than one million people (or whose customers are the U.S. executive branch or military personnel). The 10 categories include:
- Data that could be used to determine a person’s financial distress,
- Data contained in a consumer report (some exemptions apply though)
- Data contained in insurance applications
- Data related to health information (a person’s physical, mental or psychological well-being
- Non-public electronic communications (email, chat) in certain circumstances
- Geolocation data
- Biometric enrollment data (e.g., facial, voice, retina and fingerprints)
- Data used for generating state and federal identification cards
- Data concerning U.S. government personnel security clearance
- Data in an application for U.S. government security clearance.
The full hour-long webinar is available on YouTube.
If you’re interested in more information Tom, here is his official bio, as well as a speech he gave upon being nominated. An interesting Q&A with Feddo is also in our Guidance section. He can be reached at [email protected] or (202) 622-7222. A list of other contacts at CFIUS can be found here.