The Committee on Foreign Investment in the United States (CFIUS) has published its 2024 report, emphasizing the importance of protecting U.S. technology from risky foreign investments as national security concerns grow.
As tensions between the U.S. and China continue to escalate, reinforcing the scrutiny of investments is becoming even more critical to safeguarding national interests.
Upon taking office in January, President Donald Trump signed an executive order aimed at accelerating CFIUS reviews for investments from allied and partner countries, representing an effort to streamline funding for U.S. advanced technology sectors.
While there is merit to fast-tracking allied investments, CFIUS is currently facing a myriad of procedural challenges that hinder the effectiveness and transparency of its national security reviews.
These issues make the prospect of reforming CFIUS particularly timely, prompting policymakers to consider a more rigorous evaluation framework for foreign investments impacting U.S. technology.
The origins of CFIUS date back to 1975, established by President Gerald Ford through an executive order, and eventually authorized by Congress in 2007.
Its purpose was to assess whether non-U.S. investments pose risks such as allowing foreign adversaries to infiltrate supply chains, steal trade secrets, or sabotage American operations, potentially affecting critical infrastructures such as energy and defense sectors.
CFIUS has maintained a focus on technology since its inception, notably addressing concerns regarding Japanese investments in semiconductors in the 1980s.
Over the years, the committee’s mandate has expanded significantly; it was granted additional authority in 2018 to assess how foreign investments could affect sensitive U.S. data and technologies.
A notable example of CFIUS’s regulatory activity includes its requirement for the sale of the gay dating app Grindr to U.S. owners due to national security concerns.
Additionally, investigations were launched into TikTok to assess potential risks prior to any formal bans.
The most recent report underscores that the committee dedicates a substantial portion of its activities to evaluating technology-related investments.
In fact, 53% of the covered notices received by CFIUS in 2024 stemmed from companies in the “Finances, Information, and Services” sector, which includes telecommunications, computing, data processing, and professional services.
However, the number of technology-related filings might be even higher, as companies can submit shorter filings—termed “declarations”—for less risky investments, which are not included in the statistics.
Even non-tech companies may face CFIUS scrutiny for technology-related issues, such as a healthcare firm dealing with sensitive data and seeking foreign investment.
The report reveals that investments from China prompted more covered notices than any other nation in 2024, surpassing even adversarial states like Iran and Russia.
Interestingly, shorter declarations were predominantly filed by investors from allied countries such as Japan, Canada, France, and the United Kingdom.
The data indicates that Chinese investors tend to provide more comprehensive disclosures in their submissions, likely to streamline the U.S. security review timeline.
CFIUS wields authority over a vast range of investment activities, from acquisitions of major American companies to minority stakes in startups and transactions involving national security-critical technologies like artificial intelligence, biotechnology, and space communications systems.
An overwhelming focus on Chinese investments reflects concerns voiced by U.S. intelligence agencies regarding potential threats posed by Beijing to American technological advances.
Equally important, CFIUS must also scrutinize investments from U.S. allies and partners, as there may be risks linked to adversaries using these avenues to gain access to critical technologies or data.
Despite its extensive portfolio, CFIUS is often described as a “black box,” with many companies expressing difficulty in navigating the complex review process.
Members of Congress have conveyed a desire for more clarity regarding CFIUS’s activities, especially in relation to artificial intelligence, semiconductors, and actions involving China, to ensure it is adequately funded and staffed.
Unlike other regulatory frameworks concerning technology and national security, CFIUS appears to lack a standardized method for identifying and mitigating risks.
Establishing a rigorous and standardized risk assessment process could significantly improve CFIUS’s ability to pinpoint relevant threats, avoiding the pitfalls of becoming sidetracked by less likely scenarios while focusing on pressing risk factors.
The current administration or subsequent ones, along with Congress, should advocate for an overhaul of CFIUS that emphasizes standardized risk management practices.
This may involve orchestrating a White House-led initiative to synchronize risk mitigation strategies across various agencies involved in CFIUS reviews and developing frameworks around investor access to sensitive company data.
In a related vein, CFIUS should be cautious of the tendency within Washington to label every activity involving China as a security risk.
By adopting a more nuanced approach, the committee can distinguish between areas of minimal and mitigatable risks versus those classified as high-risk concerning U.S. technologies and data.
Lastly, enhancing transparency within CFIUS would benefit businesses, the public, and government oversight alike.
While it would be impractical for CFIUS to disclose every merger or funding consideration, Congress should mandate the committee to provide clearer insights into its operations beyond yearly statistical reports.
For instance, elucidating the general risk criteria CFIUS applies could assist companies in navigating compliance while not revealing overly sensitive information to U.S. adversaries.
Increased transparency could also empower congressional overseers to ensure that the committee focuses on critical issues related to technology and China while allowing them to receive briefings that protect proprietary information while addressing security concerns.
As CFIUS investigates matters affecting widely used technologies such as TikTok, fostering transparency into its review process stands as a democratic necessity and is also crucial for fostering informed public debate.
In a landscape characterized by escalating competition with China, effective investment security reviews will play an essential role in protecting innovation, securing supply chains, and fortifying long-term national security.
image source from:cyberscoop
