Skip to main content

On April 11, 2024, the U.S. Department of the Treasury, in its role as Chair of the Committee on Foreign Investment in the United States (CFIUS or the Committee), announced a Notice of Proposed Rulemaking that would revise CFIUS regulations to “enhance certain CFIUS procedures and sharpen its penalty and enforcement authorities.” The proposed rule includes expanding the types of information CFIUS may obtain from parties, enhancing CFIUS’ monitoring authority, and increasing the financial monetary penalty for violations of CFIUS regulations, among others.

The proposed key changes include:

  • Expanding the scope of information CFIUS can compel from parties regarding transactions not filed with CFIUS (i.e., non-notified transactions)
  • Instituting a three-business-day timeframe for transaction parties to respond to risk mitigation proposals
  • Expanding the circumstances in which a civil monetary penalty may be imposed due to a party’s material misstatement and omission, including when the material misstatement or omission occurs in the context of the Committee’s monitoring and compliance functions
  • Substantially increasing the maximum civil monetary penalty from US$250,000 to US$5 million
  • Expanding the instances in which CFIUS may use its subpoena authority, including when seeking to obtain information from third persons not a party to a transaction, to assess the national security risks associated with non-notified transactions
  • Extending the timeframe for a submission of a petition for reconsideration of a penalty to the Committee and the number of days for the Committee to respond to such a petition to 20 business days

Additional detail about the proposed changes is provided below.

New Enforcement Tools To Compel Information

Under the proposed rule, CFIUS would have greater authority to conduct preliminary fact-finding pertaining to national security concerns of a transaction before receiving a filing for the transaction. Under the current regulations, the Committee may request information related to non-notified transactions (i.e., a covered transaction for which no notice or declaration has been submitted) to assess whether it has jurisdiction. The proposed rule would expand this authority to allow the Committee to inquire about the associated “national security considerations” and if the transaction meets the criteria for a mandatory declaration. Furthermore, the proposed rule would make it mandatory for parties to the transaction to respond to such request. Therefore, while CFIUS may already be requesting this information, the amendment would provide the Committee with the means to compel such information.

In addition, the proposed rule would require parties to submit information to CFIUS upon request in two other circumstances: (1) when the Committee seeks information to monitor compliance with or enforce the terms of a mitigation agreement, order, or condition and (2) when it seeks information to determine whether the transaction parties made a material misstatement or omitted material information during the course of a previously concluded review or investigation (including a review or investigation that ended with rejection of the parties’ notice). Similar to the non-notified transactions described above, the Committee may already request this information, but parties are not obligated to respond. The proposed amendment would now obligate parties to respond to such requests, and should a party fail to comply, CFIUS may seek to compel a response through a subpoena.

Finally, under the current regulations, CFIUS has authority to issue subpoenas to third parties for requested information when the Committee determines it is “necessary.” The proposed rule would change the language to a broader “if deemed appropriate” standard, thus giving CFIUS greater authority to issue subpoenas to third parties.

Consolidated Timeframe To Respond To Proposed Terms in Mitigation Agreements

Under current regulations, there is no provision establishing a timeframe for parties to respond to a Committee proposal or revision of terms to mitigate identified national security risks. CFIUS states the absence of such a time requirement for responses can sometimes result in a prolonged process where parties take longer to respond, especially with regard to closed transactions. Under the proposed rule, the Committee would impose a three-business-day period for parties to respond to proposed mitigation terms (both initial and subsequent proposals or revisions) unless the parties request an extension and obtain permission in writing from the Staff Chairperson. These responses are expected to be substantive and consist of either (1) acceptance of the terms; (2) a counter proposal; or (3) a detailed statement of reasons that the parties cannot comply with the proposed terms (and may also include a counterproposal).

In anticipation that some parties will likely need longer than three business days, the Staff Chairperson may grant reasonable extension requests on a case-by-case basis based on the appropriateness of the extension request, views of the Committee, the statutory time remaining for the case, and if the transaction had been filed before closing. The proposed rule further provides if parties to the transaction fail to respond within the specified time frame, CFIUS may reject the notice. This mirrors the current practice for missed deadlines for responding to requests for follow-up information during a review or investigation.

Increased Maximum Monetary Penalties

Consistent with CFIUS’ Enforcement and Penalty Guidelines, the Committee has the discretion in determining the ultimate penalty to be issued. However, the proposed rule would increase the potential maximum penalty to be imposed from US$250,000 to US$5 million per violation. Therefore, parties failing to submit a timely mandatory declaration, submitting a filing with a material misstatement or omission, or making a false certification in a filing could face a monetary penalty of US$5 million. The proposed rule also modifies the potential penalty assessment for violations of a material provision of a mitigation agreement, condition imposed, or order to be the greatest of (1) US$5 million, (2) the value of a party’s interest in the U.S. business at the time of the transaction, or (3) the value of a party’s interest in the U.S. business at the time of the violation.

In addition, the proposed rule would also expand the circumstances in which a civil monetary penalty may be imposed to encompass providing material misstatements or omissions in response to CFIUS requests outside of the filing process. This includes “responses to the Committee’s requests for information related to non-notified transactions, certain responses to the Committee’s requests for information related to monitoring or enforcing compliance, and other responses to the Committee’s requests for information, such as for agency notices.” CFIUS cautions such penalties are not intended to apply to every material misstatement or omission between the parties and CFIUS. Rather, the Committee will notify parties to the extent a particular communication may be deemed a violation due to a material misstatement or omission.

While the proposed amendments would provide for the maximum penalty that may be imposed, it will not affect the Committee’s discretion in determining an appropriate penalty in individual cases. CFIUS will continue to take into account the specific circumstances and facts of a violation, as well as relevant mitigating and aggravating factors.

Finally, under current regulations, upon notice of an imposed penalty, the subjected party may submit a petition within 15 business days of receipt of notice, subject to an extension with the Committee in writing. Likewise, the Committee has 15 business days to review the petition and issue a final determination on the penalty. The proposed rule would extend both time frame requirements to 20 business days, and those subject to the penalty may still request an extension for reconsideration.


This proposed rule is the first substantive update to CFIUS’ mitigation and enforcement provisions since the passing of the Foreign Investment Risk Review Modernization Act of 2018 and underscores the increased scrutiny foreign investment into U.S. businesses may face from the U.S. government. If adopted, parties should consider the new timing requirements for responses, as well as the increased authority CFIUS may have in reviewing transactions and imposing possible penalties.

The U.S. Department of the Treasury has requested public comments on its proposed rule and will accept comments until May 15, 2024.

© Arnold & Porter Kaye Scholer LLP 2024 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.