Read on Twitter
By popular demand (thanks @goodhouses) a thread on #natsecurity review of #FDI, #CFIUS, its expansion under Trump, and what we are likely to see from CFIUS during the #Biden administration:
CFIUS is the U.S. interagency committee that reviews acquisitions (and now certain investments that fall below this threshold) of U.S. businesses for potential national security risks. The process is mostly voluntary & provides legal safe harbor to cleared transactions.
CFIUS can only intervene in a transaction if the committee (Treasury, State, DoD, DHS, DOE, Commerce, USTR, Science & Tech Policy, DOJ) determines there is a natsec risk arising from the transaction. Natsec is not defined in statute, but see here: https://home.treasury.gov/system/files/206/GuidanceSummary-12012008.pdf
In determining a NatSec risk, CFIUS employs a rigorous risk-based analysis that considers the threat from the acquirer (using intelligence community info), vulnerabilities of the target, and consequences to natsec if the vulnerabilities are breeched.
CFIUS IS NOT EMPOWERED TO ACT FOR ECONOMIC COMPETITIVENESS, JUST NATSEC
CFIUS is also designed to be a tool of last resort. Legislatively, the President can only invoke CFIUS authorities when there are no other regulatory remedies available to mitigate the risk associated with the transaction.
CFIUS has reviewed 1000s of deals, with notices increasing substantially in recent years, but only 2-5% of cross-border M&A transactions into the US are affected by CFIUS review annually. In 2018, of 229 filings, 26 were abandoned, 29 were approved with mitigation, and 1 blocked.
Many argue that CFIUS under Trump is more protectionist, but support for CFIUS transcends party. We got a strengthened CFIUS process through the FIRRMA legislation of 2018. Trump blocked more deals than Obama, but that coincided with an influx of PRC-connected transactions.
The best source for US/China FDI and VC data is: https://rhg.com/research/twowaystreet-1h2020/ There’s a great article explaining why the decrease in Chinese FDI to the US is mainly due to Chinese policies, but I can’t see to find it right now.
CFIUS has been in the news recently especially due to its role in the high profile case of TikTok (see my writing on the natset risks of TikTok here: https://www.washingtonpost.com/politics/2020/09/23/us-government-thinks-tiktok-is-national-security-threat-so-why-cant-government-decide-what-do/)
Trump signed two executive orders regarding TikTok over the summer, one that invoked IEEPA to ban the app in the U.S. (this has run into serious legal challenges see https://www.docketalarm.com/cases/Pennsylvania_Eastern_District_Court/2--20-cv-04597/MARLAND_et_al_v._TRUMP_et_al/) and one that used CFIUS to order the Chinese parent company to divest.
Some quick thoughts on this: 1) TikTok represents a real risk. This isn’t just score settling from the Trump administration, nor is it reflexively anti-China; 2) While TikTok represents a risk, there is an open question as to what is the best way to deal with that risk.
The use of multiple EOs was confusing, and the admin’s chaotic approach may have done more harm than good
3) A Democratic admin would likely have also taken action against TikTok; 4) Data security + technological sophistication means that CFIUS will continue to look closely at all transactions involving data collection and tech development in a Biden admin
5) One of the biggest policy challenges is how to draw reasonable lines around what counts as dual-use tech. There are lots of concerns that anything AI can have a military use. This casts a very wide net. We have a pooling equilibrium and need to get some separation.
To hear more about the way I (and other smart people in the China and cyber security space) about the TikTok actions, watch this panel from a couple months ago: https://www.facebook.com/watch/live/?v=371047244068598&ref=watch_permalink
Watch out for an edited volume from Brookings on Weaponized Interdependence dropping in January that includes a chapter by me on CFIUS: https://www.brookings.edu/book/the-uses-and-abuses-of-weaponized-interdependence/
Here’s an earlier draft. Contact me if you want something a little cleaner: https://drive.google.com/file/d/1V9vkFB4OcbPQBAY5WLJ1BaT5B7SKIxli/view?usp=sharing
My take aways: CFIUS, when allowed to function at the working level, is a narrowly scoped process that works hard to balance openness with natset concerns. We should feel good about our bureaucrats. But, the tech stuff is getting harder to separate between benign and concerning
The Biden admin will have work to figure out how to differentiate problematic and safe tech, as well as find ways to pass legislation around areas of concern so that CFIUS doesn’t have to work so hard as a backstop. That’s simply not what it was designed to do.
That’s it for now, but happy to do another thread in a few days to follow up to questions.
