Listen to this post

Key Takeaways: The Treasury Department is seeking to equip CFIUS with greater enforcement and oversight authority. These new powers include the ability to request more information from transaction parties and also to assess more significant penalties—in some cases, potentially greater than the transaction value—against companies who fail to comply with mandatory filing requirements or violate mitigation agreements.

These proposed changes demonstrate an increasing willingness by CFIUS to aggressively enforce its authority over transactions impacting U.S. national security. Transaction parties before CFIUS (and their investors) should carefully evaluate CFIUS risk early in the life cycle of any investment or strategic transaction.

Background. On April 11, 2024, the U.S. Treasury Department, as chair of the Committee on Foreign Investment in the United States (“CFIUS” or “the Committee”), issued a Notice of Promised Rulemaking (“NPRM”) to revise certain CFIUS procedures and strengthen the penalty and enforcement authorities of CFIUS. The proposed rule changes would (1) expand the categories of information the Committee may request from parties; (2) expand the Committee’s subpoena authority; (3) require transaction parties to respond to mitigation agreement drafts within three business days; and (4) significantly increase the civil monetary penalty for violations.

Expanded Authority to Request Information: The proposed rules would (i) expand the categories of information CFIUS can request transaction (and non-transaction) parties to submit with respect to non-notified transactions (i.e., transactions for which no notice or declaration was submitted to CFIUS) and (ii) require parties to provide information enabling CFIUS to monitor compliance with the terms of a mitigation agreement and to also determine whether transaction parties have made a material misstatement or omitted material information during the course of a previous review or investigation.

  • Although the current regulations permit CFIUS to request parties to a non-notified transaction to provide information necessary to determine whether the transaction is a “covered transaction” or a “covered real estate transaction,” other types of information are not specifically addressed by the current rules. For example, the current rules do not address requests for information that would enable CFIUS to determine whether a transaction meets the criteria for a “mandatory declaration” or may raise national security considerations.
  • While it is the existing practice of the Committee to make these sorts of requests, the proposed rules would make this authority explicit—which the Committee could rely on in the event that parties refuse to provide the requested information.
  • Similarly, CFIUS has recently begun more vigorously monitoring existing mitigation agreements. The proposed rules make this authority explicit and ensure CFIUS possesses the tools necessary to enforce mitigation agreements against transaction parties.

Expanded Subpoena Authority: Currently, CFIUS has subpoena authority “if deemed necessary. . . .” CFIUS is proposing to alter the rule to provide that “if deemed appropriate by the Committee,” CFIUS may issue a subpoena to obtain information. This relaxed standard more closely tracks the authority granted to other federal agencies (e.g., the SEC) and potentially signals a willingness by CFIUS to employ a more adversarial approach with transaction parties by Committee staff during the review process.

Timeline for Transaction Parties to Respond to Risk Mitigation Proposals: The proposed rules would specify a three business day period for transaction parties to respond to mitigation agreement drafts unless the parties request a longer time frame and the Staff Chairperson grants the request in writing. Current rules do not impose any specific time frame for responses of this nature, although ironically it is often the Committee itself—not transaction parties—that is the source of delays in the review process. Accordingly, we do not expect this requirement to meaningfully change the way transaction parties respond to draft mitigation proposals.

Increased Civil Monetary Penalties: The proposed rules would significantly increase the maximum civil monetary penalty available for violations of certain requirements imposed by the CFIUS regulations and mitigation agreements. Currently, a civil monetary penalty may not exceed $250,000 per violation or, in certain instances, the greater of $250,000 or the value of the transaction. The proposed rule would establish the following penalties:

  • For material misstatements or omissions in materials provided to CFIUS: a maximum of $5 million per violation.
  • For failure to submit a mandatory CFIUS filing: The greater of $5 million or the value of the underlying transaction.
  • For a violation of material provisions of mitigation agreements, material conditions imposed by the Committee, or orders issued by the Committee: The greater of (1) $5 million; (2) the value of the violating party’s interest in the U.S. business (or covered real estate); (3) the value of the violating party’s interest in the U.S. business (or covered real estate) at the time of the violation (or the most proximate time available); or (4) the value of the underlying transaction.


The NPRM invites comments on the proposed rule changes, which must be filed by May 15, 2024.

If you have any questions about this NPRM, or the potential changes to the CFIUS review process, please contact a member of Sheppard Mullin’s CFIUS Team.