cfius and ecra
TRANSCRIPT
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS and ECRAOctober 26, 2021
3:15pm-4:45pm
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
SPEAKER INTRODUCTIONS
Speakers:
Thomas Feddo, The Rubicon Advisors, LLC
John Isbell, Bureau of Industry and Security
Tongele N. Tongele, Ph.D., Bureau of Industry and Security
Moderator: Nicholas Klein, DLA Piper LLP
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
The Committee on Foreign Investment in the United States
(CFIUS)
Thomas FeddoThe Rubicon Advisors, LLC
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: WHAT IS IT AND WHAT’S ITS MISSION?
• Operational Authorities: - Section 721 of the Defense Production Act of 1950, as amended
- Executive Order 11858 of May 7, 1975, as amended
- Code of Federal Regulations (Title 31, Chapter VIII)
• Chaired by Secretary of the Treasury
• Cabinet-level heads of nine member agencies:
• Treasury/State/Commerce/DOD/DOJ/DOE/DHS/USTR/OSTP
• DNI/IC (no vote, but key statutory role)
• Several elements of Executive Office of the President (observer status)
• Any other agency head invited by POTUS or Treasury Secretary (e.g., Ag, HHS)
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: WHAT IS IT AND WHAT’S ITS MISSION?
• Strict focus: 1) national security; 2) risk arising from the transaction
• Consensus-based interagency process/decision-making
• Overhauled by Foreign Investment Risk Review Modernization Act (FIRRMA)
• Sees ~ 300 transactions annually
• Deadline-driven:- Notice: 45 days “review”/45 days “investigation”/15 days for “extraordinary circs.”
• Withdraw/refile . . .
- Declaration: 30 days
• Filing fees for notices (modeled after Hart-Scott-Rodino Act)
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: IMPORTANT PROCEDURAL DETAILS
• Most transactions filed voluntarily
• Incentivized by “safe harbor”
• Some mandatory filings (e.g., certain “critical technology” transactions)
• “Lead” agencies assigned to each transaction
• Concluding certifications made at senior-most political levels
• Strict confidentiality rules, and criminal penalties for disclosure
• Annual congressional reporting requirements
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: THE MECHANICS OF ITS DUE DILIGENCE
• “Risk-Based Analysis”: (Threat) x (Vulnerability) = (Consequences) - Threat DNI produces a “NSTA” or “BTI”
- Vulnerability Lead agency conducts an assessment
- Consequence Detailed, facts/circumstances articulation of risk
• Varying types of risk (e.g., technology transfer, cyber, proximity …)
• If risk is identified:
Can it be mitigated?
• CFIUS acts/responds to risk as a last resort (i.e., if no other authoritiesare appropriate … e.g., FOCI mitigation, export controls, TeamTelecom)
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: EMPOWERED TO RESPOND TO/DETER RISK
• Clear, suspend, or condition a deal
• Impose interim conditions during its review
• Impose and enforce any conditions it determines necessary
• Refer to POTUS for prohibition
• File a transaction sua sponte
• Oversee and enforce a “national security agreement”
• Assess substantial civil monetary penalties for failing to make arequired filing, or for violating a material mitigation provision
• Conduct “non-notified” investigations
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: JURISDICTION – PART 1 (PRE-FEB. 2020)
• a “foreign person”
• a “U.S. business”
• a transaction that “could result” in foreign “control” of the U.S. business
All Covered
“Control”
Transactions
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: JURISDICTION – PART 2 (POST-FEB. 2020)
• a “foreign person”
• a “U.S. business” that a) involves “critical infrastructure” (defined); b) collects “sensitive personaldata” (defined); or c) involves “critical technology” (defined)
• an investment into a), b), or c) that allows: i) board/observer seat; ii) access to “material non-public technical information”; or iii) “substantive decision-making”
All Covered
“Control”
Transactions
Non-control,
Critical
TechnologyNon-control,
Critical
Infrastructure
Non-Control,
Sensitive
Personal Data
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: JURISDICTION – PART 3 (POST-FEB. 2020)
• “foreign person”
• covered real estate:
• specified ports and airports
• specified proximities of identified military installations/facilities
• purchase/lease/concession that allows the foreign person certain rightsinvolving the covered real estate
• type of national security risk: proximity
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
CFIUS: CRITICAL TECHNOLOGY JURISDICTION
For a non-controlling “covered investment,”
“Critical Technology” means: • defense articles/services on the USML
• CCL items controlled pursuant to multilateral regimes for reasons involving nat’l security, chem/bio weapons proliferation, nuclear nonproliferation, or missile technology; or relating to regional stability or surreptitious listening
• specially designed nuclear equipment, parts, components
• nuclear facilities, equipment, etc.
• select agents and toxins
• emerging and foundational technologies controlled under ECRA
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
The Role of BIS in the CFIUS ProcessJohn Isbell
DirectorStrategic Analysis and Defense Programs Divisions
Bureau of Industry and [email protected]
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
BIS ROLE IN CFIUS
•Main elements of BIS’s review:•Assessment of export control implications as it relates to the BIS-administered Export Administration Regulations (EAR):• Licensing History;
• Product Classifications; and
• Compliance History.
•Assessment of defense industrial base issues.• Includes a review of the U.S. company’s Defense Priorities and Allocations System (DPAS) compliance.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
BIS ROLE IN CFIUS
•BIS Licensing Staff review the parties’ statements regarding product classification and determine the following:
•Whether the U.S. party classified its items correctly;
•Whether the controlled technology associated with the U.S. party’s items requires a license to export to the country of the foreign acquirer (and if there are license exceptions available);
• If the transaction raises any national security concerns.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
BIS ROLE IN CFIUS
BIS CFIUS Reviews: Compliance History:
•A list of corporate entities and corporate officers involved in the transaction is provided to the Office of Export Enforcement (EE) for vetting.
•EE reviews the list to determine whether there are current investigations or derogatory information
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
FIRRMA AND ECRA
• The passage of FIRRMA and the Export Control Reform Act (ECRA) emphasized the interaction and complementary nature of CFIUS and export controls
• For instance, FIRRMA contains a definition of “critical technologies” that is in part linked to the EAR
• If a U.S. company is involved in “critical technologies,” it can be subject to part of the expanded definition of a “covered transaction” – in particular the “other investment” provision which allows CFIUS to review certain non-controlling investments
• CFIUS published a final rule in October 2020 that amended the mandatory declaration process for investments into U.S. companies with “critical technologies” that links the requirement for a mandatory filing to whether the export of the technology at issue would require an export authorization to the investor(s)
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
FIRRMA AND ECRA
•FIRRMA’s definition of “critical technologies” (as it relates to the EAR) includes multi-lateral regime-controlled items
• It also includes any items that are controlled under the “emerging and foundational technologies” provision in ECRA
•CFIUS is also specifically identified as a source of information for BIS and export control agencies to identify “emerging and foundational technologies” for control evaluation purposes
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
BIS ROLE IN CFIUS
•CFIUS and export controls are important, complementary authorities utilized to protect U.S. national security
•FIRRMA and ECRA reemphasized this connection
•The review of “other investments” into U.S. companies with critical technologies is an example of this linkage
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
Emerging and Foundational TechnologiesTongele N. Tongele, Ph.D.
DFO, Emerging Technology Technical Advisory CommitteeNuclear and Missile Technology Controls DivisionOffice of Nonproliferation and Treaty Compliance
Bureau of Industry and Security US Department of Commerce
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
COMMERCE AUTHORITY TO ESTABLISH
EMERGING TECHNOLOGY (ET) CONTROLS
As part of the National Defense Authorization Act (NDAA) for Fiscal Year 2019, Public Law No: 115–232, Congress enacted the Export Control Reform Act of 2018 (the Act or ECRA).
Section 1758 of the Act authorizes Commerce to establish appropriate controls, including interim controls, on the export, reexport, or transfer (in-country) of emerging and foundational technologies.
Under the Act, emerging and foundational technologies are those essential to the national security of the United States.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
2018 EMERGING TECHNOLOGIES ANPRM
• November of 2018 Advance Notice of Proposed Rulemaking (ANPRM) sought public comment on criteria for identifying emerging technologies.
• The ANPRM identified 14 general areas warranting review and noted anticipated Export Control Classification Numbers for emerging technologies determined to be essential to national security.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
2018 ET ANPRM TECHNOLOGY CATEGORIES LISTING
(1) Biotechnology
(2) Artificial intelligence (AI) and machine learning technology
(3) Position, Navigation, and Timing (PNT) technology
(4) Microprocessor technology
(5) Advanced computing technology
(6) Data analytics technology
(7) Quantum information and sensing technology
(8) Logistics technology
(9) Additive manufacturing.
(10) Robotics
(11) Brain-computer interfaces
(12) Hypersonics
(13) Advanced Materials
(14) Advanced surveillance technologies
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
EMERGING TECHNOLOGY CONTROL PROCESS
Emerging and foundational technologies, in keeping with ECRA, will be determined by an interagency process that will consider both public and classified information as well as information from the Emerging Technology Technical Advisory Committee and the Committee on Foreign Investment in the United States.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
EMERGING TECHNOLOGY CONTROL PROCESS (CONT.)
In identifying emerging and foundational technologies, the process must consider:
• The development of emerging and foundational technologies in foreign countries;
• The effect export controls may have on the development of such technologies in the United States; and
• The effectiveness of export controls on limiting the proliferation of emerging
and foundational technologies in foreign countries.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
EMERGING TECHNOLOGY CONTROLS TO DATE
• 37 emerging technology controls published, mostly in agreement with multilateral export control regimes (particularly the Wassennaar, the Australia group).
• There is no special section in the EAR where ET controls are enumerated/listed.
• ET controls are:
• Modification(s) of existing controls - ECCN (Export Control Classification Number),
• New subparagraph(s) added to existing controls - ECCN (Export Control Classification Number), or
• New controls - ECCN (Export Control Classification Number).
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
HOW TO FIND ET CONTROLS IN THE EAR?
• When an ET control is, or ET controls are, adopted/agreed upon at a multilateral export control regime, BIS publishes it/them in the Federal Register to make it/them official and part of the Export Administration Regulations (EAR).
• An ET control can also be unilaterally published by BIS if such control is urgently required to protect the national security of the United States.
• If you go to the Bureau of Industry and Security Website, this link:
Federal Register Notices (doc.gov)
will take you to rules BIS publishes every year, including emerging technology controls.
• You can then click on a year and view all rules polished (listed by date and title).
• You can also contact BIS and ask about a specific ET control, and you will be guided to find it in the EAR.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
• On August 27, 2020, Commerce/BIS published an Advance Notice of Proposed Rulemaking (ANPRM) on foundational technologies.
• Foundational technologies essential to the national security are those that may warrant stricter controls if a present or potential application or capability of that technology poses a national security threat. This ANPRM seeks public comment on the definition of, and criteria for, identifying foundational technologies.
• Several foundational technology controls are being worked on.
• Military end-users and end-uses controls CAN be considered as foundational technology controls (refer to Parts 744.17 and Part 744.21 of the EAR).
2020 FOUNDATIONAL TECHNOLOGIES ANPRM
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
ET AND FT EXPORT CONTROLS: WORK IN PROGRESS
• Continuous work of identifying areas for ET controls.
• Continuous intra-agency work with DOC Bureaus engaged in ET actitivities.
• Continuous work with Technical Advisory Committees (TACs) and especially the ETTAC.
• Continuous interagency work (DOD, DOE, DOS, Intelligence Communities).
• Continuous work with US academia, Industry, private research organizations.
• Continuous collaboration with multilateral export control regimes.
• Continuous exchanges and information sharing in conferences and seminars feed into this work in progress.
2021 SIA Fall Advanced Conference
Distribution Limited to SIA Members/Attendees and Subject to SIA Code of Conduct
2021 SIA Fall Advanced Conference