CFIUS, Export Controls, and National Security


Spurred by the rising presence of China as a foreign investor in United States firms, there is a renewed debate about how to better protect U.S. national security interests in business transactions between U.S. and foreign companies. Chinese investment in U.S. technology draws particular attention, sparking considerable interest in potential changes to the process by which these transactions are reviewed. Ideas for reform have centered around two current mechanisms for addressing these challenges: The Committee on Foreign Investment in the United States (CFIUS) and U.S. export control laws.

To reform CFIUS, Congressman Robert Pittenger and Senator John Cornyn introduced the Foreign Investment Risk Review Modernization Act (FIRRMA). Among its other provisions, the original bill would have empowered CFIUS for the first time to review outbound investment in addition to inbound investment. However, this language was recently eliminated in both the House and Senate bills after critics argued that outbound investment should be subject to traditional export controls and not CFIUS.

The House Financial Services Committee further altered FIRRMA by including the Export Control Reform Act (ECRA) in its text. The ECRA is a separate piece of legislation introduced by Congressman Ed Royce to expand the U.S. export control regime. Given these changes and the overall reform effort underway, it is important to understand the distinction between CFIUS and export controls as well as the purpose and abilities of each.

What is CFIUS?

CFIUS is an interagency committee headed by the Secretary of Treasury that is tasked with reviewing foreign mergers, acquisitions, and other foreign investments through the lens of preserving national security. That is, CFIUS is focused on transactions. The committee is made up of the heads of eight government agencies, including the Departments of Justice, Homeland Security, Defense, and Commerce. Specifically, CFIUS is authorized to review “covered transactions” – any transaction between U.S. and foreign companies that results in foreign ownership.

Before a merger takes place that would result in foreign ownership, U.S. companies have the option to voluntarily submit the transaction to CFIUS for review. CFIUS then considers multiple factors that can impact U.S. national security, including the transaction’s effect on U.S. technological leadership, the ability of domestic industry to meet national defense requirements, and whether it is a foreign government-controlled transaction. If CFIUS finds that the transaction poses a credible risk to national security, it can recommend to the president that it be blocked. It can also impose conditions that must be met before the merger or acquisition can go through to mitigate national security risks. If U.S. companies do not voluntarily submit their transactions for review, CFIUS has the authority to review covered transactions at a later date, sometimes years later, to ensure they do not threaten national security.

What are Export Controls?

Export controls are used to regulate the export of goods, services, technology, and software with the purpose of safeguarding U.S. national security and promoting foreign policy objectives abroad. In contrast to CFIUS, export controls center on technologies and not specific transactions. It is a multifaceted system governed by the Departments of Commerce, State, Treasury, Defense, and other agencies. These laws control the export of multiple types of products that could threaten national security, regardless of whether the exporting company is foreign-controlled.

In practice, export controls regulate outbound products based both on their end uses and their destinations. With regard to end uses, there are three main types of exports that are controlled: military equipment, commercial items that have possible dual uses as military equipment, and items that can be used in the development of nuclear, chemical, or biological weapons. Controls are also used to restrict exports in adherence to international arms embargoes or to countries of general concern, namely those on which the United States has imposed sanctions.

The majority of exports that fall under these controls are identified by either the Department of Commerce or the State Department. The Department of Commerce determines which products fall under the Commerce Control List (CCL), which regulates dual-use items such as chemicals, electronics, and computers. The State Department keeps the U.S. Munitions List (USML), which controls the export of defense articles, services, and related technologies. Examples of exports on the USML include firearms, missiles, nuclear technology, and other substances that can be weaponized. In most cases, businesses that wish to export products under either of these lists must first obtain licenses from the government.

If exporters do not adhere to export control laws, they can face civil penalties of up to $500,000 per violation for defense articles and up to $250,000 per violation for dual-use items. Additionally, criminal violations may result in fines of $1,000,000 and a 20-year prison sentence.

The Current Landscape

As China increases its investment footprint in the United States, Congress continues to debate ways to prevent intellectual property theft and forced technology transfer – the practice of mandating that U.S. firms share their technology with Chinese firms in order to gain market access. Concerns are especially prevalent over technology transfers that occur as a result of joint ventures between U.S. and Chinese firms.

FIRRMA attempted to address this concern by mandating that CFIUS review technology transfers as a result of joint ventures between U.S. and foreign companies. This was a substantial shift from CFIUS’s original role of reviewing inbound foreign investment and sparked significant debate, especially among individuals arguing that the existing export control regime was better suited to protect against an outbound sharing of intellectual property. With the provision now removed, there is growing consensus around FIRRMA as a way to increase national security protections for the United States.

At the same time, ECRA was added to FIRRMA in the House of Representatives. This would expand the definition of “technology” subject to export control laws, increasing the number and types of exports that fall under export control regulations. It would also expand export controls to cover foreign-made items in the United States that are re-exported and “foundational information” or “know how” related to the creation of technology. Notably, ECRA would for the first time subject the transfer of technology between two companies in the United States to export controls, as long as one company is majority foreign owned.


CFIUS and export controls are two unique tools at the United States’ disposal to help evaluate foreign transactions and technology transfer based on potential national security impact. Reforms to each are currently being considered, and thoughtful changes have been made to increase the likelihood that reform efforts are successful.