On October 20, 2022, the U.S. Department of the Treasury (Treasury) released the first-ever Committee on Foreign Investment in the United States (CFIUS or the Committee) Enforcement and Penalty Guidelines (Guidelines), which describe how the Committee assesses violations of CFIUS regulations and imposes penalties.
How will the Committee assess violations of applicable CFIUS regulations and impose penalties? And what does this mean for your business?
The Guidelines signal a strong commitment to the enforcement of the CFIUS regulations. Indeed, CFIUS has in recent years demonstrated an increased willingness to impose penalties. For example, CFIUS imposed a US $1 million civil penalty in 2018. CFIUS also imposed a US $750,000 civil penalty in 2019.
The focus on enforcement, coupled with the renewed CFIUS focus on identifying non-notified transactions and monitoring compliance, means that now more than ever, parties face serious penalties if they do not take their regulatory obligations seriously. As with all matters related to CFIUS, cooperation, transparency, and building trust are critical to any successful outcome or mitigation of any penalties. What this means:
- Parties should conduct proper and thorough diligence when they enter into a transaction to ensure they are complying with any CFIUS filing requirements.
- Parties should ensure that any CFIUS filings are complete and accurate and do not misstate or omit material information.
- Parties should put in place policies, procedures, and personnel training to ensure compliance with any applicable CFIUS mitigation agreement.
- Parties should cooperate fully with any inquiry from CFIUS.
- If parties identify any violation of the CFIUS regulations or a mitigation agreement, it is advisable to disclose the problem to CFIUS as soon as possible and take corrective action.
When engaging with CFIUS after a potential violation, it is important to explain fully the circumstances that led to the problem identified, and the party should include any exculpatory evidence, evidence that the party sought to report/mitigate the problem in a timely fashion, and evidence that the party adopted procedures and policies to prevent future violations. Below, we highlight the main points from the Guidelines.
What constitutes a violation, and what are the potential penalties?
The CFIUS regulations and Guidelines identify three types of violations and corresponding penalties:
- Material misstatement/omission or false certification in connection with a declaration or notice: a civil penalty of up to US $250,000 per violation.
- Failure to make a mandatory filing: a civil penalty not to exceed US $250,000 or the value of the transaction, whichever is greater.
- Noncompliance with CFIUS mitigation: subject to certain qualifications, a civil penalty not to exceed US $250,000 per violation or the value of the transaction, whichever is greater.
In addition, mitigation agreements may include liquidated damages clauses. These penalty provisions are without prejudice to other penalties, civil or criminal, available under law. The Guidelines do not change these rules but provide significant insights on how Treasury will determine appropriate penalties.
It is important to understand that a violation does not automatically lead to a penalty or other remedy. Rather, CFIUS will take into account the specific nature of the violation and the way in which parties respond to the violation. For example, if a party violates a mitigation agreement at the start of the agreement, and the party immediately self-reports the violation, has a history of compliance, and is fully transparent with the Committee, CFIUS may decide not to penalize the party. Conversely, if a party has violated a mitigation agreement multiple times, attempts to conceal the violation or delay reporting it, and is not cooperative with the Committee, CFIUS would likely penalize the party.
How does CFIUS discover a violation?
CFIUS relies on information from a variety of sources. For example, a third-party auditor/monitors might discover a violation of a mitigation agreement, or CFIUS might discover information about noncompliance with a mitigation agreement during a site visit. CFIUS might discover non-notified transactions through public information, including information submitted to other U.S. government agencies (e.g., Securities and Exchange Commission filings), publications, press releases, and other media sources, or litigation filings. CFIUS might also obtain classified information or may obtain information through tips via email or phone.
The Guidelines encourage self-disclosure and indicate that self-disclosure may be a mitigating factor when assessing penalties. CFIUS will consider the timeliness of any disclosure, whether disclosure occurred prior to discovery by the U.S. government, and compliance with any disclosure requirements in a mitigation agreement.
During Treasury’s Inaugural CFIUS Conference in June 2022, CFIUS staff noted that the Committee will increasingly seek proof of compliance (self-reporting of compliance will not be sufficient), there will be increased numbers of audits and site visits, and a “trust but verify” policy will be applied, including to third-party monitors.
How does the penalty process work?
The penalty process is as follows:
- CFIUS will send a notice of penalty, including a written explanation of the conduct to be penalized and the amount of any monetary penalty to be imposed.
- Within 15 business days of receipt of a notice of penalty, a party may submit a petition to CFIUS for reconsideration.
- If the party does not submit a petition for reconsideration, CFIUS may issue a final penalty determination.
- If a party files a timely petition for reconsideration, CFIUS will issue a final penalty determination 15 business days after receiving the petition.
How does CFIUS determine penalties?
CFIUS will determine the appropriate penalties to impose based on the specific facts of the violation and other potential aggravating or mitigating factors. The Guidelines provide the following nonexhaustive list of potential aggravating or mitigating factors:
- whether enforcement will protect national security or promote self-disclosure and compliance
- the harm caused by the violation to U.S. national security
- whether the violation was due to simple negligence, gross negligence, or intentional action or was willful
- any efforts to conceal or delay the sharing of relevant information
- the seniority of personnel involved in the violation
- the length of time between discovery of the violation and the disclosure to CFIUS
- the frequency and duration of the violative conduct
- the date of the transaction at issue if parties failed to file
- whether the party self-disclosed the violation and when it was disclosed
- how the parties attempted to remediate the violative conduct
- any internal review conducted to understand the violation
- the violating party’s history and familiarity with CFIUS
- any compliance programs, policies, trainings, and/or procedures related to compliance with CFIUS and mitigating measures
Further details
Treasury’s press release is linked here, the Guidelines are linked here, and examples of enforcement actions to date, which will be updated as appropriate, can be found here (for failure to comply with interim order) and here (for breaches of mitigation agreements).
Sidley Austin LLPはクライアントおよびその他関係者へのサービスの一環として本情報を教育上の目的に限定して提供します。本情報をリーガルアドバイスとして解釈または依拠したり、弁護士・顧客間の関係を結ぶために使用することはできません。
弁護士広告 - ニューヨーク州弁護士会規則の遵守のための当法律事務所の本店所在地は、Sidley Austin LLP ニューヨーク:787 Seventh Avenue, New York, NY 10019 (+212 839 5300)、シカゴ:One South Dearborn, Chicago, IL 60603、(+312 853 7000)、ワシントン:1501 K Street, N.W., Washington, D.C. 20005 (+202 736 8000)です。
