The U.S. is better off because of foreign direct investment. However, specific investments can raise security issues. Moreover, they can lead to public anxiety about security, and political opposition to foreign investment. Many security issues can be addressed through changes to the deals being negotiated; residual public anxiety can be addressed in part through a security-vetting process that inspires confidence.
The U.S. has an inter-agency committee to review foreign investments for security issues, and recommend fixes when these are possible. The committee can also prevent investment agreements that create unfixable security issues. This committee is the Committee on Foreign Investment in the U.S. (CFIUS).
The CFIUS process is built on a mix of presidential executive orders, legislation, and regulations. The process attempts to balance security concerns with the need to avoid damaging the U.S. economy by increasing the uncertainty and costs of foreign investments in the U.S. Details on the CFIUS process may be found at the committee's web site: Committee on Foreign Investments in the United States (CFIUS) . More details may be found in the links at the end of this post.
It is important to recognize that investment security doesn’t depend entirely on the CFIUS process. The U.S. has other statutes and processes to address security issues that may arise with foreign investments, independently of the CFIUS process. For example, as Graham and Marchick point out, “all DOD contractors must have a facility clearance to qualify for access to classified material or be awarded a classified contract…” in accordance with the procedures laid out in the National Industrial Security Program Operating Manual (NISPOM). (Graham and Marchick, pages 70-71)
The CFIUS has been subject to criticism and reform proposals in the past. At this time last year, the Dubai Ports World (DPW) controversy led to a lot of – in many cases bad – ideas for reforming the process of vetting foreign investments for security concerns. (Graham and Marchick look at a wide range of reform proposals, many bad, see pages 43-53)
But we may get lucky. HR 556, which passed under another number last year, and which has been introduced again in the current Congress, looks like a basically good bill - although it isn't perfect. HR 556 amends the Defense Production Act of 1950 which provides the basic legislative foundation for the CFIUS vetting process. It takes a number of procedures currently in executive orders and regulation, and incorporates them, with modification and elaboration, into statute. You can find the text here: HR 556 .
The comments below depend heavily on the House report on 5337 - a
2006 predecessor to HR 556, Graham and Marchick, Marchick, and
testimony at the committee hearing on February 7, 2007. Links to these
and more are at the end of this post. All references to HR 556 are to
the legislation as it was introduced in January. The existing process
is also called an Exon-Florio review, based on the name of the
amendment to the Defense Production Act of 1950 that authorized it.
I’ll refer to a CFIUS review here.
Organization of CFIUS
CFIUS is an inter-agency committee with representatives from 12 agencies. Some of these represent security interests (Defense, Homeland Security), some economic constituencies (Treasury, USTR). The committee is chaired by the Secretary of the Treasury.
HR 556 adds the Secretary of Energy to the existing membership, and keeps the Secretary of the Treasury as Chair. The President may add member(s) from the Executive Office of the President. In another change, the Secretaries of Commerce and Homeland Security are appointed Vice-Chairs.
The new Vice Chair positions, and their assignment to Homeland Security and Commerce , balance the pro-investment perspective of Treasury with the perspectives of more conservative agencies. As noted below, the Secretaries of Commerce and Homeland Security are given formal roles in the Committee’s approval processes. Past reform proposals would have made either the Secretary of Commerce or the Secretary of Defense the CFIUS chair; these have not been adopted in this proposal. (Graham and Marchick look at the pros and cons of other choices for Chair, see pages 169-171)
The original statute included a list of five factors that CFIUS might consider when evaluating security issues associated with a transaction. HR 556 specifically calls for CFIUS to consider whether a transaction raises security issues with respect to critical infrastructure, or whether the transaction is a foreign government controlled transaction. These new considerations are clearly a response to the Dubai Ports World controversy.
Review of transactions
The CFIUS review process starts formally when parties to a transaction notify the committee about a transaction (it often begins informally before this when parties to a transaction that may raise security concerns touch base with CFIUS or its agencies to begin to explore key issues).
Parties don’t have to notify CFIUS about a transaction. Most foreign direct investment doesn’t raise security concerns. Voluntary notification provides a screening mechanism that keeps CFIUS from getting bogged down in work, helps it maintain its focus on transactions that do raise interesting issues, and reduces costs to the private sector.
Voluntary notification works because CFIUS doesn’t need it to begin a review – it can start one on its own at any time. Parties that would like to avoid a review that leading to the modification or break-up of a concluded deal, have an incentive – in the interest of avoiding additional uncertainty – of notifying CFIUS if a deal raises security issues.
HR 556 keeps this screening process intact. CFIUS, acting on behalf of the President, reviews transactions when notified in writing by either party to the transaction. Requests can be withdrawn on application by either party, and with the approval of the Chair, after consulting with the Vice-chairs. Requests that are withdrawn can be resubmitted.
Under HR 556, the President, CFIUS, or any member of CFIUS, may also take the initiative to start a review it the parties to a transaction don’t request one. They can also start a new review if they find that a party submitted false or misleading information in an earlier review, or that a party committed an intentional, material, breach of mitigation conditions laid down in an earlier review, and there is no other remedy or enforcement tool available to address that breach.
HR 556 maintains the existing 30-day review requirement. A 2005 Government Accountability Office (GAO) review of the CFIUS process indicated that some member agencies were critical of this time frame. In order to meet the 30-day time limit, CFIUS guidelines require agencies to identify concerns to CFIUS by the 23rd day of the review. So the effective time for review is not a full 30 days. Some agencies indicated to the GAO that this 23-30 day time frame was sometimes not enough to complete reviews of deals with complex security implications. (GAO, 2005, page 15)
In practice, there are several ways to deal with this. First, parties to a transaction often let concerned agencies know about a pending deal well in advance of formal notification, and analysis begins prior to the formal notification. Second, if 30 days is not enough, the CFIUS process provides for an additional 45-day investigation (essentially an extended review. This procedure is kept in HR 556 – see below) . Third, CFIUS will often recommend that parties to a transaction withdraw and resubmit their notifications. This can restart the review clock at 30 days, and the work already done is still available.
In testimony on February 7, industry representatives pointed to the importance of the 30-day initial review period. Predictability and timeliness are important in closing business deals. The 30-day period, which also duplicates the 30 period provided for antitrust reviews, apparently provides these. (see testimony by Malan and Marchick during the House Financial Services Committee hearing on Feb 7)
HR 556 takes steps to institutionalize and govern the withdrawal-resubmission process. If a notification is withdrawn before a review or investigation (see below) is completed, CFIUS will set up procedures to keep track of any issues that have already been identified and of actions that may be taken by parties to the transaction, prior to resubmission, and will create a time frame for resubmission.
CFIUS may identify insuperable obstacles during a review. More often it will see problems that can be taken care of by getting the parties to agree to add mitigating elements in their contracts. HR 556 includes language allowing CFIUS to negotiate, enter into, impose, and/or enforce agreements to mitigate potential impacts to security. CFIUS may designate a lead agency to monitor, modify, and enforce mitigation agreements.
In his testimony on February 7, Marchick encouraged the House to incorporate language directing CFIUS to focus on marginal or incremental security issues, and to limit mitigation agreements to situations that aren’t covered by other statutes.
...that the principle established in the statute for presidential action – that the President can only block a transaction if no other law or regulation other than Exon-Florio or the International Emergency Economic Powers Act enables the President to protect national security – extends to negotiation of mitigation agreements. In other words, mitigation agreements should address the marginal increase in national risk associated with a foreign acquisition as opposed to general security concerns that exist regardless of the ownership of a particular company. (Marchick, page 13)
HR 556 directs the Director of National Intelligence (DNI) to carry out an analysis of any threat to security associated with any covered transaction. This review is supposed to take at least 30-days. The Director himself is not to be a member of CFIUS.
DNI reviews are a part of the current CFIUS process. CFIUS routinely requests DNI reviews, often before formal notification by the parties about the transaction. In the Dubai Ports World case, CFIUS requested a DNI review in early November 2005, and received it on December 5, 2005. Formal notification of the transaction came on December 16 2005. (Lowery)
In the House Financial Services committee hearings on Feb 7, concerns were expressed about the 30-day minimum DNI review. The CFIUS review period is a maximum of 30-days, while the DNI review must be given a minimum of 30-days. Both Malam and Marchick point to what appears to be a disconnect here. Perhaps, in practice, it would be resolved with DNI reviews that begin before notification, or perhaps parties will withdraw and resubmit their notifications, extending the CFIUS review period, without triggering the second stage investigation. (see testimony by Malan and Marchick during the House Financial Services Committee hearing on Feb 7)
A review or investigation is not complete until the findings and report are approved by a majority of the membership in a roll call vote, and signed by the Secretaries of the Treasury, Homeland Security, and Commerce (or their Deputies, but not others). This provision addresses concerns raised during the Dubai Ports World controversy, when senior political appointees in the administration were unaware of the CFIUS decision. Signature by the Secretaries ensures awareness of CFIUS decisions by high-level political appointees within the administration.
Investigations
CFIUS can currently add an additional 45-day “investigation” period to the 30-day review period. (Graham and Marchick note that this is just an extended “review” period – it might be described as a secondary review, or additional review period). Following a 45-day investigation, the President has 15-days to decide whether to disapprove an investment.
CFIUS is required to make a 45-day investigation “in any instance in which an entity controlled by or acting on behalf of a foreign government seeks to engage in any merger, acquisition, or takeover of a US entity that could affect the national security of the United States.” (Byrd Amendment of 1993).
CFIUS has treated this as a two-part test: (a) is it a foreign company, and (2) are there security issues. Under this interpretation, a foreign company may be exempted from the second stage investigation if there were no unresolved security issues after the 30-day review. This is why Dubai Ports World was exempted from this further investigation, although it had foreign government ownership.
HR 556 retains the 45-day investigation. This is triggered if CFIUS finds security issues it is unable to mitigate in the 30-day review, if a foreign government controlled entity acquires the assets, if one member of CFIUS votes against approving a transaction, or if the Director of National Intelligence sees particularly complex intelligence concerns that raise security issues, and the committee isn’t able to mitigate these in the 30-day review.
HR 556 makes the 45-day second stage review mandatory for all foreign government controlled investments. The period for this 45-day review can be extended another 45-days by the President, or by two-thirds of the CFIUS members. It retains the 15-day period for a Presidential decision.
People testifying at the February 7 hearing said that it would be desirable to make the second stage investigation for foreign owned firms optional, because in many instances there may be no security threat. Why encumber the process, and take valuable resources from other, possibly more productive, reviews and investigations? As Marchick asked, were serious security issues created when the Ontario Canada Teachers Pension Fund recently purchased port facilities in the U.S.? (see testimony during the House Financial Services Committee hearing on Feb 7)
An investigation is not complete until the findings and report are approved by a majority of the membership in a roll call vote, and signed by the chair and vice-chairs, or their deputies.
Follow up
As noted earlier, HR 556 requires CFIUS to designate a lead agency to negotiate, modify, monitor, and enforce any mitigation agreements. The ability of the lead agency to modify agreements entered into raised concerns in the February 7 testimony. Bartlett argued that, while the provision for monitoring is a good one, the authority for CFIUS to modify mitigation agreements, once reached, would increase the uncertainty associated with agreements, and reduce the attractiveness of investment in the U.S. Marchick noted the same thing, pointing out that there are other statutes available to deal with problems that might arise. (House Financial Services Committee hearing on Feb 7)
Congressional oversight
I’m not convinced that the CFIUS process failed in a technical sense in the Dubai Ports World acquisition. But, clearly, it failed in a political sense. A firm that did not want to see the deal go through saw how politically volatile a claim that “Arabs were taking over our ports” would be, and was able to press the correct Congressional buttons. The controversy exploded, and Dubai Ports World was forced to commit to disposing of the P&O U.S. port assets.
HR 556 addresses the political failure in several ways. It provides a more systematic framework for the process, clearly laid out in statute. It clearly requires acquisitions by firms with foreign government ownership to be subjected to the follow-up investigation (whether this is necessary or not, it addresses a potential source of concern). It ensures that high level political appointees in the Administration will sign off on any decision.
And it provides more information on the process for Congress. Under HR 556, CFIUS is expected to report to representatives of the majority and minority leadership in both the House and Senate on completed investigations, within five days. CFIUS is expected to explain its findings and factors considered. This reporting requirement explicitly refers to the 45-day investigations or secondary reviews, and not to the 30-day reviews. A congressional leaders may request a briefing on any transaction covered in one of these reports, and can expect to receive one classified briefing for leadership in a secure facility. Proprietary information can only be furnished to a committee of the Congress, and only after the committee provides assurances of confidentiality or the party providing the confidential information consents.
Moreover, CFIUS is to provide Congress with summary reports every six months. These reports are to:
- include details on the notifications during the period and their status,
- summary and trend information on the numbers of notifications, investigations, and so on,
- information on the mitigation measures used by the committee, and “detailed discussion of all perceived adverse effects of covered transactions on the national security or critical infrastructure of the United States that the Committee will take into account…” before the next six month report
- and information on evidence of coordinated strategy to acquire U.S. companies involved with critical technologies for which the U.S. is the leading producer, an evaluations of foreign government industrial espionage directed against U.S. companies.
The Inspector General of the Department of the Treasury is required to report to Congress on all instances in which the Treasury has failed to make reports to Congress required by the Defense Production Act prior to this act.
Finally, the Secretary of the Treasury is to conduct a study within 120 days of enactment, of investments in critical infrastructure and industries affecting national security by foreign governments or their citizens, if those governments comply with any boycott of Israel, or if those governments do not ban organizations designated by the Secretary of State as foreign terrorist organizations. Thirty days after the study is finished, the Secretary is to transmit a report on its findings to congressional leaders, with an analysis of the effects of the investments on U.S. security.
Malan and Marchick, testifying on Feb 7, both noted that it is an attractive feature of HR 556 that Congress is notified following, rather than before or during, an investigation. Elsewhere, Alan and Marchick (Larson and Marchick, page 29) explained that a public notice requirement for CFIUS reviews would not be a good idea because,
CFIUS reviews should remain confidential. Notification of pending transactions only invites further politicization of the process and creates risks that the process could be used for competitive, as opposed to national security, reasons.
So...
This is in many respects a better approach than we might have hoped for. It protects much of what we've got in terms of cost effective evaluation, and it should provide more political credibility for the process. Nothing can prevent firms from using the political process to demonize foreign investors in order to get competitive advantages. The elements in this legislation should shift the margin at which this occurs.
The legislation does have parts that are unattractive, and it can be improved. Why the special attention to firms from countries boycotting Israel? It would also be better if the investigation phase was optional - even for firms owned by foreign governments. CFIUS should be able to handle this on a case by case basis, and Congress will be in a position to provide oversight. The CFIUS agencies won't want to run afoul of Congress. On the other hand, if this increases confidence in the process, that's a good thing.
Maybe the biggest concern about this legislation is the provision for authorizing a lead agency to modify mitigation agreements after they are reached. This creates open-ended uncertainty for firms involved in the transaction, and reduces the attractiveness of an investment in the US. The conditions under which an agreement may be modified don't appear to be spelled out. Elsewhere in HR 556 there are provisions to reinitiate a review if a party to the transaction submitted false or misleading material information, or if a party to the transaction or an entity created in the transaction materially breaches a mitigation agreement or imposed condition. Finally, as Marchick noted, there are other statutes available to deal with security issues that may come up.
More to read
- Graham and Marchick. U.S. National Security and Foreign Direct Investment. Institute for International Economics (Peterson Institute) 2005. Start here. Places the CFIUS review process in the context of the history of a history of security vetting going back to WWI. Describes the process, getting into some detail on the types of security issues examined and on the nature of mitigation agreements, and using information on telecommunications investments and Chinese investments for concrete details. Lays out a program for reform.
- David Marchick, "Swinging the Pendulum Too Far: An Analysis of the CFIUS Process Post-Dubai Ports World," January 2007. Marchick looks at how the administrative process tightened up in the months following the Dubai Ports World controversy. Maybe it tightened up too much.
- Alan Larson and David Marchick, "Foreign Investment and National Security. Getting the Balance Right. Council on Foreign Relations. July 2006. Reviews the debate on CFIUS reform following the Dubai Ports World controversy. Includes a list of things to include in reform, and a list of things to avoid.
- Government Accountability Office (GAO) Enhancements to the Implementation of Exon-Florio Could Strengthen the Law's Effectiveness. 2005. A review of the process and concerns about it prepared just prior to the Dubai Ports World controversy.
- Committee on Foreign Investments in the United States (CFIUS). The committee's web site describes CFIUS and its process, pointing back to the various pieces of legislation and executive orders that authorize different parts of the process.
- Craig Lowery, "Testimony of Clay Lowery, Assistant Secretary International Affairs U.S. Department of the Treasury Before the Committee on Armed Services, March 2, 2006. Lowery was defending the process during the Dubai Ports World debate. Good supplement to the CFIUS web site in terms of providing details on the practical operation of the process.
- Ben Muse, Countdown to Controversy: Dubai Ports World, March 6, 2006 . Last March, I traced the evolution of the Dubai Ports World (DPW) controversy. Provides an outline of the CFIUS process, and examines the timeline during DPW.
- HR 556 . The text.
- House Financial Services Committee hearing - testimony on CFIUS process - Feb 7, 2007). Written testimony on HR 556, and written statements by members of the committee.
Comments
You can follow this conversation by subscribing to the comment feed for this post.