On Sept. 15, 2022, President Biden issued Executive Order 14083 (EO 14083 or EO) to the Committee on Foreign Investment in the United States (CFIUS or the Committee). Through this EO, the President directed CFIUS to consider five risk factors in determining whether a given transaction under its review passes legal muster.

CFIUS, of course, is a federal interagency working group to regulate investment inflow into the United States if that inflow carries a national security risk. The Committee is housed in the Department of the Treasury, but various other agencies and offices within the Executive Branch count as its decision-makers and stakeholders.

Covered Transactions Under CFIUS Statute

Ordinarily, even if a national security risk exists, CFIUS typically chooses to impose mitigation agreements to minimize that risk instead of blocking the transaction altogether. That said, the president of the United States may block a transaction if the president deems such risk to be unmitigable. When a transaction falls within CFIUS’ remit under federal law, it is regarded as a “covered transaction.” In fact, federal law commands the Committee to consider the following national security factors when determining the fate of a covered transaction:

1. Domestic production necessary for national defense;
2. Capability and capacity of domestic industries for national defense purposes;
3. Control of domestic industries and commercial activity by foreign citizens as it implicates the United States’ national security;
4. Possible effects of the transaction in question on sales of military goods, equipment, or technology to certain nations;
5. Possible effects of the transaction in question on the United States’ international technological leadership insofar as national security is concerned;
6. Possible national security-related effects on the United States’ critical infrastructure;
7. Possible national security-related effects on the United States’ critical technologies;
8. The status of the covered transaction as a foreign government-controlled transaction;
9. Non-proliferation, counter-terrorism, and military uses of technology-related considerations;
10. Sources of energy and other critical resources and material that the United States may need in the long run; and
11. Catch-all considerations as deemed by the president or CFIUS.¹

EO 14083’s Five Risk Factors

This EO commanded the Committee to consider these five risk factors when reviewing covered transactions:

1. Resilience and Security of Supply Chains: Whether a covered transaction has an adverse impact on the “resilience of certain critical United States supply chains” carrying “national security implications.” Some of the supply chains at issue concern the United States defense industrial base, namely “manufacturing …, services, critical mineral resources, or technologies that are fundamental to national security, including: microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy (such as battery storage and hydrogen), climate adaptation technologies, critical materials (such as lithium and rare earth elements), elements of the agriculture industrial base that have implications for food security.”

In fact, EO 14083 observes that “[t]hese vulnerabilities may occur if an investment shifts ownership, rights, or control with respect to certain manufacturing capabilities, services, critical mineral resources, or technologies that are fundamental to national security … to a foreign person” who might threaten the national security of this country.²

2. United States’ Technological Leadership: A covered transaction implicating “manufacturing capabilities, services, critical mineral resources, or technologies” key to the United States’ technological leadership and, thus, its national security. This includes microelectronics, artificial intelligence, biotechnology and biomanufacturing, quantum computing, advanced clean energy, and climate adaptation technologies. CFIUS is also instructed to consider the acquirer’s third-party ties.

3. Cumulative Effect of Transactions: Taken in aggregate, certain acquisitions may “giv[e] rise to a national security risk.” They “may facilitate harmful technology transfer in key industries or otherwise harm national security through the cumulative effect of these investments.” Indeed, “[c]ontextualizing the Committee’s review of an individual transaction in light of the aggregate or series of related transactions could reveal national security risks arising from the covered transaction that were not otherwise apparent.” In its latest annual report, CFIUS has explained that a foreign entity’s “multiple acquisitions or investments [made] in a single sector or in a supply chain with national security implications, including raw materials, research and development for relevant technologies, tools and equipment, and manufacturing capabilities” might trigger national-security risk for CFIUS review purposes.

4. Cybersecurity Risks: Foreign investors “with the capability and intent to conduct cyber intrusions or other malicious cyber-enabled activity … may pose a risk to national security.” Accordingly, cybersecurity-related CFIUS review is “an important tool as part of broader United States efforts to ensure the cybersecurity of the United States.”

5. Data Vulnerability: CFIUS must consider whether the United States business that the foreign acquirer is trying to purchase “has access to [American entities’] sensitive data, including United States persons’ health, digital identity, or other biological data and any data that could be identifiable or de?anonymized, that could be exploited to distinguish or trace an individual’s identity in a manner that threatens national security; or has access to data on sub-populations in the United States” that could threaten the United States’ national security.

*          *          *

EO 14083 reiterates that the United States is “commit[ted] to open investment” as “a cornerstone of our economic policy and provides the United States with substantial economic benefits” — just as long as such investment is consistent with the United States’ national-security imperatives. It is the reason, this EO notes, that “the United States maintains a robust foreign investment review process focused on identifying and addressing such risks.” 

It is also the reason for the EO’s devising of five risk factors for CFIUS to consider when considering covered transactions. Although this EO does not, at least in any manifest or known respects, substantively change how CFIUS operates, it does publicize what is important to the Committee. Consequently, regulated parties, business stakeholders, and other interested entities should take note of this EO’s contents — its five risk factors.

---

¹50 U.S.C. § 4565(f)(1)—(11).
²A contemporary example might be illustrative. Recently, even though CFIUS said it has no jurisdiction to review a transaction — the Chinese-owned Fufeng USA’s purchase of a vacant lot about 12 miles away from a United States military base in North Dakota — U.S. Senator Kevin Cramer has insisted that the United States food supply chain is at stake in this transaction.