When the Biden Administration released its Interim National Security Strategic Guidance in 2021, it asserted that “our policies must reflect a basic truth: in today’s world, economic security is national security.” This perspective is not new—the Trump Administration, too, made similar statements.

In a new paper, National Security Creep in Corporate Transactions, forthcoming in the Columbia Law Review, we explore how the fusion of economic and national security is playing out in the context of cross-border investment. In particular, we describe the phenomenon of “national security creep,” which we define as “the recent expansion of national security-related review and regulation of cross-border investments to allow government intervention in more transactions that ever before.” This “national security creep” has impacts for contract design, deal volume, and judicial review in national security-related matters.

Drivers of national security creep

The paper focuses on several drivers of national security creep, including the newly expanded jurisdiction of the Committee on Foreign Investment in the United States (CFIUS), the global diffusion of CFIUS-like processes to U.S. allies, and a new focus on restricting outbound investment.

CFIUS’s expansion

CFIUS is an interagency executive branch committee that is chaired by the Secretary of the Treasury and includes representatives from other departments, such as Commerce, Defense, Homeland Security, Justice, and State, among others. CFIUS has jurisdiction to review foreign investment into the United States to determine whether the investment would impair U.S. national security. If CFIUS determines that a deal poses a national security risk, it can negotiate with the deal parties to reach a mitigation agreement, and if mitigation measures would not suffice to address the national security risk, CFIUS can recommend that the President block a pending deal or unwind an already closed transaction.

CFIUS was once considered a relatively sleepy corner of regulatory policy. It reviewed a modest number of deals per year, usually ones with obvious national security concerns, such as where a foreign government-controlled entity invests in a U.S. defense contractor.

In the last few decades, however, Congress has expanded CFIUS’s authority repeatedly, and as a result, CFIUS has grown to be an active area of deal practice. In the last few years, it has reviewed hundreds of deals a year, and on CFIUS’s recommendation, Presidents have blocked several deals and ordered other completed deals to be unwound after closure.

Congress’s most recent expansion of CFIUS’s jurisdiction came in the Foreign Investment Risk Review Modernization Act (FIRRMA) in 2018. While CFIUS had traditionally focused on transactions that would give a foreign investor “control” over a U.S. business, FIRRMA broadened the definition of “covered transactions” subject to CFIUS review to include, among other things, certain real estate investments by foreign investors and non-controlling investments in U.S. businesses involved in critical technologies, critical infrastructure, and sensitive personal data of U.S. persons.

FIRRMA also allowed CFIUS to differentiate explicitly among states by offering benefits to “excepted foreign states”—states that have rigorous national security-based investment screening mechanisms and coordinate with the United States. The current list of excepted foreign states includes Australia, Canada, New Zealand, and the United Kingdom, which are all members, with the United States, of the Five Eyes intelligence sharing alliance.

Global diffusion of CFIUS-like processes

Importantly, national security creep isn’t just a U.S. phenomenon. Numerous countries around the world have adopted or strengthened their own CFIUS-like processes in recent years, some with encouragement from the United States. For example, the United Kingdom adopted the National Security and Investment Act (NSIA) in 2021 and began screening investments pursuant to the NSIA in 2022. Similar to the CFIUS process, the NSIA authorizes the UK government to impose mitigation measures, block pending deals, and order divestments of problematic foreign investments. In November, the UK government used its NSIA authority for the first time to unwind a closed transaction, ordering a Chinese-controlled company to unwind its acquisition of a UK computer chip company.

Focus on outbound investment

National security creep is also not limited to inbound foreign investment. The United States in particular is increasingly moving to restrict, or at least screen, outbound investment for national security concerns. The U.S. government has banned U.S. persons from investing in companies tied to China’s military and to China’s surveillance industry, and Congress and the executive branch are considering establishing a broader “outbound CFIUS” process to screen outbound investments from the United States for national security concerns. The European Commission recently announced that it, too, is considering controls on outbound investment.

Implications of national security creep

National security creep has a variety of theoretical and practical implications. We explore these in more depth in the paper and highlight a few here.

Reduction in deal volume due to uncertainty

While all regulatory review comes with a level of uncertainty, uncertainty is particularly high in the national security area.

In part, this is because national security review is often sensitive. CFIUS conducts reviews confidentially and does not reveal which deals it reviews, mitigation measures it orders, or even the nature of national security concerns at issue in particular transactions. Recent changes to the regulatory landscape—where even parties with nominal U.S ties might end up caught up in CFIUS review—also contribute to the uncertainty.

Moreover, CFIUS review, unlike many other types of regulatory review, can be—and often is—retroactive. In 2019, for example, CFIUS ordered Beijing-based Kunlun Technology to unwind its purchase of a 60% stake in American dating app Grindr. Unlike in other countries, there is no statutory limit on how long CFIUS has to initiate a review after a deal closes—one law firm reports that it has “advised clients on a variety of non-notified transactions of differing sizes ranging from deals that closed nearly a decade ago to ones that have only recently signed and not yet closed.”

These recent changes to CFIUS and the national security landscape set the stage for an empirical question—whether deal volume will be affected by recent CFIUS changes.

Impacts on deal transparency and securities disclosure

Another question is whether deal parties will change their disclosure practices in light of national security review’s long arm. As the paper discusses in more detail, deal parties have, in the past, shunted sensitive information into undisclosed side letters. This occurs against the backdrop of the much more predictable antitrust review process, where there is ample precedent about what kinds of transactions will be flagged for antitrust review, and how antitrust authorities will order mitigations and divestitures.

Because of national security review’s relative secrecy, there is little precedent (at least outside the government and a cadre of elite law firms) about how and why regulators review deals and issue mitigation or divestiture orders—perhaps creating an environment where companies report less in securities disclosures.

Other potential impacts

The paper explores several other potential impacts of national security creep. For example, will the diffusion of CFIUS-like processes lead to blowback for U.S. investors investing in other countries? Will the executive’s expanding claims about the nature of national security concerns cause judges to rein in the high levels of deference they typically afford to the executive on national security issues?

These questions make CFIUS an area to watch for dealmakers, regulators, and judges alike. A full version of this paper is available here. This paper builds on our previous work, including prior work about CFIUS and judicial deference and work about securities disclosure, ancillary agreements, and contract design.