1. What Is Cfius and When Does It Apply to Your Deal
CFIUS has jurisdiction over any foreign investment that results in foreign control of a U.S. .usiness or real property located near military installations or sensitive sites. Control does not always mean majority ownership; it can arise from board representation, veto rights, or other governance arrangements. The scope expanded significantly under the Foreign Investment Risk Review Modernization Act (CFIUS), and further clarifications emerged through executive orders and Treasury regulations.
Your transaction may trigger mandatory CFIUS filing if it involves a foreign person acquiring control of a U.S. .usiness in a sensitive sector (defense, critical infrastructure, semiconductors, artificial intelligence, telecommunications), or acquiring real property near a military facility. Voluntary filings are available even when a transaction falls outside mandatory thresholds, and many sophisticated acquirers use voluntary filing to obtain certainty and a formal CFIUS clearance letter.
From a practitioner's perspective, the distinction between mandatory and voluntary filing carries significant strategic weight. Mandatory transactions cannot close until CFIUS completes its review or explicitly waives the requirement. Voluntary filings, by contrast, allow parties to seek early clearance, but do not obligate CFIUS to act; however, once a voluntary declaration is filed, CFIUS may initiate an investigation even if parties later wish to abandon the process.
Identifying Sensitive Sectors and Real Property Triggers
CFIUS maintains a list of industries subject to mandatory filing: defense contracting, nuclear energy, critical infrastructure, semiconductors, artificial intelligence, biotechnology, and others. The definitions are broad and overlapping, and Treasury regulations provide guidance but leave room for interpretation. A company engaged in research, manufacturing, or service provision in these areas may fall within CFIUS scope even if it does not consider itself primarily a defense contractor.
Real property rules are similarly complex. Acquisition of land or buildings within specified distances of military installations, nuclear facilities, or other sensitive government sites triggers mandatory filing regardless of the buyer's industry. The geographic boundaries are defined by statute and regulation, and title searches should include CFIUS sensitivity mapping as part of due diligence.
Timing and Strategic Considerations for Filing Decisions
Mandatory filings must be made before closing; voluntary filings can be made before, during, or after closing, but are most effective when made pre-closing to allow deal restructuring if CFIUS raises concerns. The CFIUS review process typically takes 30 days for initial review and up to 45 additional days if a full investigation is initiated. Parties should budget 60 to 90 days for CFIUS clearance and build contingency time into transaction schedules.
The decision to make a voluntary filing when not legally required depends on deal structure, buyer identity, and risk tolerance. A foreign buyer with significant U.S. .overnment contracts may face higher scrutiny and benefit from early voluntary filing to address concerns transparently. Conversely, a foreign buyer of a non-sensitive U.S. .ompany may choose to proceed without filing if confident CFIUS jurisdiction does not apply.
2. The Cfius Review Process and Key Evidentiary Issues
Once a filing is made or CFIUS jurisdiction is triggered, the agency follows a structured review timeline. Initial review occurs over 30 days; if CFIUS has unresolved national security concerns, it may initiate a 45-day investigation. During this period, CFIUS may request additional information, conduct meetings with the parties, and coordinate with other agencies (Defense Department, State Department, Justice Department, and others).
CFIUS decisions typically result in one of four outcomes: clearance (unconditional approval), clearance with conditions (often called mitigation agreements), a request to restructure the deal to remove CFIUS jurisdiction, or a recommendation to the President to block the transaction on national security grounds. Presidential blocking is rare but has occurred in high-profile cases involving semiconductor companies and critical infrastructure.
| CFIUS Outcome | Timeline | Business Implication |
|---|---|---|
| Unconditional Clearance | 30 days (initial review) | Transaction may proceed without restrictions |
| Mitigation Agreement | 30–75 days (may extend) | Transaction proceeds subject to compliance conditions (board seats, data access limits, etc.) |
| Restructuring Request | 30–45 days | Parties must modify deal (e.g., divest sensitive assets or limit foreign control) to obtain clearance |
| Presidential Block | Rare; 75+ days possible | Transaction prohibited; foreign buyer must exit or restructure substantially |
Documentation and Information Submission Standards
CFIUS filings require detailed information about the foreign buyer, the U.S. .arget, deal structure, and the buyer's access to sensitive technology or data. Treasury provides a form and guidance, but the quality and completeness of submissions significantly influence review speed and outcomes. Incomplete filings trigger follow-up requests and extend the review timeline.
Key documentation includes corporate structure charts, financial information, board composition, the buyer's government relationships (particularly in the buyer's home country), and a detailed description of the U.S. .arget's business, products, and customer base. If the target has government contracts or handles classified information, additional security clearance and facility information is required.
New York Practice and Cfius Notification Timing
In practice, parties often discover CFIUS exposure late in the transaction process, particularly when deal counsel fails to conduct early CFIUS sensitivity analysis. This creates pressure to file hastily, submit incomplete information, or seek expedited review without adequate preparation. Courts and agencies have no power to extend transaction closing dates if CFIUS review remains pending, and parties are left to negotiate closing delays or risk deal termination. Early identification of CFIUS triggers and proactive filing strategy can prevent this exposure.
3. National Security Factors and Mitigation Agreements
CFIUS evaluates national security risk through a broad framework that includes the buyer's government ownership or influence, access to sensitive technology, control over critical infrastructure, and the potential for technology transfer to hostile nations. The statute explicitly authorizes CFIUS to consider foreign policy implications, not just direct military threat.
When CFIUS has concerns but does not recommend blocking, it typically negotiates a mitigation agreement. These agreements often restrict foreign ownership of sensitive business units, limit access to classified information or certain customer data, require board representation or observer rights for U.S. .overnment officials, and impose information-sharing or audit obligations. Compliance with mitigation agreements is ongoing and may require annual certification or government audits.
Structuring Transactions to Reduce Cfius Risk
Sophisticated acquirers work with counsel to restructure deals to minimize CFIUS exposure. Common strategies include acquiring only non-sensitive divisions of a target company, establishing governance structures that prevent foreign control (e.g., keeping U.S. .itizens in key operational roles), or obtaining U.S. .overnment commitments to purchase sensitive assets before closing. These structures require careful legal documentation and must be credible to CFIUS; cosmetic changes that do not genuinely limit foreign control will not reduce review risk.
Connection to Related U.S. Foreign Investment Compliance
CFIUS review often overlaps with other U.S. .oreign investment rules. Foreign buyers of U.S. .eal property may also face reporting obligations under the Foreign Investment in Real Property Tax Act (FIRPTA) and state real estate disclosure rules. Additionally, acquisitions in certain regulated industries (telecommunications, aviation, maritime) require separate approvals from sector-specific agencies. A comprehensive CFIUS lawyer will coordinate CFIUS strategy with these parallel compliance obligations. For detailed guidance on the broader foreign investment framework, see Non-U.S. Foreign Direct Investment Review and CFIUS Compliance.
4. Enforcement, Penalties, and Post-Closing Exposure
CFIUS violations are taken seriously. Parties that close a transaction subject to mandatory CFIUS review without filing or clearance face potential civil penalties, forced divestment (sale of the acquired company), and criminal liability in aggravated cases. The Committee has authority to unwind transactions after closing if it discovers jurisdiction was triggered but no filing was made.
Criminal violations can arise if a foreign buyer knowingly misrepresents facts in a CFIUS filing or deliberately conceals the transaction from CFIUS. These violations fall under the Foreign Investment in Real Property Tax Act and related statutes and carry penalties including imprisonment. Such cases are rare but underscore the importance of honest, complete disclosure.
Post-closing compliance with mitigation agreements is also subject to enforcement. Breach of board access restrictions, unauthorized technology transfer, or failure to comply with audit or information-sharing obligations can trigger CFIUS action, civil penalties, or referral to law enforcement. Parties should treat mitigation agreements as binding legal obligations, not aspirational guidelines.
When Cfius Investigation Reveals Criminal Conduct
CFIUS investigations occasionally uncover conduct that implicates criminal statutes beyond CFIUS jurisdiction itself. For example, if a foreign buyer's ownership structure involves bribery of government officials or sanctions violations, CFIUS may refer the matter to the Department of Justice or Treasury. Buyers should ensure their corporate structure and funding sources comply with all U.S. .anctions, anti-corruption, and export control laws. Counsel experienced in Bribery Defense Lawyer guidance can help assess whether a buyer's background or transaction structure creates collateral criminal exposure.
5. Strategic Next Steps for Your Cfius Analysis
Corporations planning foreign investment in U.S. .usinesses or real property should begin CFIUS assessment at the earliest stage of deal planning. This means conducting sensitivity analysis to determine whether the target company or property falls within CFIUS jurisdiction, identifying whether mandatory filing applies, and evaluating the buyer's profile (government ownership, home country, prior U.S. .nvestments) to assess likely CFIUS scrutiny level.
Document your CFIUS analysis and the basis for any conclusion that CFIUS review is not required. If filing is mandatory or voluntary, prepare comprehensive submission materials well in advance of the desired closing date, allowing time for CFIUS questions and potential mitigation negotiations. Establish a clear timeline that accounts for initial review, potential investigation, and any restructuring or mitigation discussions. Finally, ensure your transaction documents include appropriate representations about CFIUS compliance and post-closing obligations, and implement governance and compliance mechanisms to meet any mitigation agreement requirements after closing.
21 Apr, 2026
