Insights
Treasury Announces CFIUS Enforcement Blitz
On August 14, 2024, the Department of the Treasury (“Treasury”) announced in a press release a revamped Committee on Foreign Investment in the United States (“CFIUS” or “the Committee”) enforcement webpage. Among other updates, the webpage provides information about six CFIUS penalty actions from 2023 and 2024. For the past several years, CFIUS’s webpage only included two enforcement actions, one from 2018 and another in 2019. The lack of enforcement action likely gave the casual observer the impression that the Committee was not actively enforcing the CFIUS regulations. Now, the Treasury press release touts, “In 2023 and to date in 2024, CFIUS has issued three times more penalties than it had in the previous nearly 50-years since its establishment.” Below, we provide a brief overview of the recent enforcement actions, including the headline-grabbing $60 million action against T-Mobile US, Inc. (“T-Mobile”):
- In 2024, CFIUS resolved an enforcement action against the telecommunications company T-Mobile for violations of a National Security Agreement (“NSA”) entered into with CFIUS. The NSA stemmed from T-Mobile’s merger with Sprint and the foreign ownership of the resulting entity. The violations involved T-Mobile’s failure to “take appropriate measures to prevent unauthorized access to certain sensitive data and [failure] to report some incidents of unauthorized access promptly to CFIUS.” The resulting $60 million penalty is by far the largest in CFIUS’s history.
- The Committee levied a $1.25 million penalty in 2024 against a transaction party for five material misstatements in a CFIUS notice filing and supplemental information. Specifically, the material misstatements related to “the source of funding for the transaction and related agreements.” Under the current regulations, the maximum penalty for each material misstatement is $250,000, so CFIUS imposed the maximum total penalty in this case. (As we have previously written, Treasury has proposed to increase maximum penalties for similar violations to $5 million per violation.) The transaction parties in this case abandoned the underlying transaction.
- In another 2024 enforcement action related to an NSA, CFIUS imposed an $8.5 million penalty against a company for causing the board of directors’ government security committee (“GSC”) to be defunct, which resulted in a breach of the NSA. As part of the enforcement action, CFIUS also investigated and resolved potential additional breaches of the NSA involving the company’s transfer of intellectual property to third parties.
- In 2023, the Committee penalized a transaction party for $990,000 for violations of a CFIUS Letter of Assurance (“LOA”). Specifically, CFIUS determined that the U.S. business failed to maintain a statement on its website regarding its foreign ownership as required by the LOA. In the announcement, CFIUS described aggravating factors, including the company’s failure to self-disclose the violations, and mitigating factors, including cooperation with CFIUS’s investigation.
- Also in 2023, CFIUS penalized a transaction party for $200,000 for “its failure to effect divestment of the foreign acquirer’s interest in the U.S. business” by the deadline outlined in the applicable NSA.
- The Committee penalized another transaction party in 2023 for failure to effect divestment of a foreign acquirer’s interest in breach of the relevant NSA deadline. In this case, the failure to effect divestment resulted in a $100,000 penalty. CFIUS listed as mitigating factors the company’s small size and lack of sophistication.
CFIUS’s new enforcement page also provides information about Determination of Noncompliance Transmittal (“DONT”) letters, which are issued by Treasury or another CFIUS Monitoring Agency (“CMA”) in lieu of monetary penalties. The CMAs will generally issue a DONT letter in the context of “first-time, inadvertent, and limited-scope violations that did not harm national security and had little potential to do so.” Nevertheless, CFIUS explains that certain violations may result in a penalty even when relevant mitigating factors are present.
Foreign investors, U.S. businesses seeking investment, and the CFIUS bar will welcome the updated enforcement information as it provides valuable insight into the Committee’s enforcement strategy and priorities. The attorneys at Torres Trade Law have vast CFIUS experience, including preliminary CFIUS reviews, submissions of filings to the Committee, and ongoing assistance once a cleared transaction receives CFIUS mitigation. If you have any questions about CFIUS review trends or the CFIUS filing process, do not hesitate to contact us.