Confronting China through CFIUS Reform: Improved, But Still Problematic

Cindy Ponder-Budd

I n the last quarter century of China’s rise, few issues have stirred more anxiety in the United States than China’s increasing technological prowess and the evidence that state-backed strategic investments abroad and the exploitation or even theft of American technology by Chinese entities—including its government, private firms, and state-owned companies—are behind it. Republicans and Democrats in Congress have been deeply concerned with the issue, long before President Trump focused on it, and aimed last year to address it with new legislation. This summer, Congress appears poised to enact a major change to curb Chinese investment in the United States—and also to limit the ability of US companies to invest in China if such activities risk transferring sensitive technologies to their Chinese partners.

Lawmakers say that their approach, embodied in the Foreign Investment Risk Review Modernization Act (FIRRMA), has a good chance of passing this year. The legislation would strengthen the power of the Committee on Foreign Investment in the United States (CFIUS), the interagency executive branch body that reviews a foreign investment if it “threatens to impair the national security of the United States.”

No doubt the objectives of this legislation are laudable. Moreover, the authors have made changes that improved the bill’s earlier version, which would have been cumbersome to enact and dangerously intrusive into the affairs of private business while establishing opaque standards all but guaranteeing arbitrary and unfair government behavior. But for all these improvements, the legislation still embodies many risks, as outlined in this posting.


The Chinese government and Chinese firms have many ways to obtain technology developed by American firms:

  • Buying US firms that produce or own intellectual property for the desired technology
  • Buying technology from US firms
  • Demanding technology transfer for access to the Chinese market or subsidies
  • Stealing technology from US firms, including through cyber operations

While theft is the most problematic and likely pervasive method of transfer, it is a law enforcement and intelligence matter that CFIUS cannot effectively address.


Improved export control regime. In the latest version, Congress has opted to rely on an addition to the existing export control regime for the review of outbound transactions of US companies. With its experience limited to reviewing inbound investments on a case-by-case basis, CFIUS would have been ill-equipped to take on the responsibility of scrutinizing entire sets of technologies and how they are transferred abroad. By contrast, the export control regime has decades of experience regulating exports of sensitive technology like those for dual-use (military and civilian) purposes.

Increased resources. The bill also authorizes increased resources, currently limited to what individual agencies are willing to supply, to ensure that CFIUS has the staff and tools necessary for its reviews, crucially including the development of a mechanism to monitor transactions that are not voluntarily submitted for review.

Focuses the mission of CFIUS. The bill also includes a “sense of Congress” section to concentrate attention on the kind of practices CFIUS is aimed at preventing. The first point considers whether the country in question has a “strategic goal of acquiring a type of critical technology or critical infrastructure that would affect [U.S.]…leadership…in areas related to national security.”


Criteria and definitions still vague. A persistent criticism of the CFIUS process is that its evaluation criteria and explanations of its decisions are opaque. Yet even as amended FIRRMA would exacerbate this issue. The key terms “critical technology” and “countries of special concern” remain vague, and businesses cannot be sure if their potential investors’ country of origin will require a CFIUS review."

Proposed fees would further burden US firms. Another issue is the bill’s proposal to impose fees. Firms undergoing CFIUS review today already incur sizable fees retaining legal counsel to guide them through the process and take measures to mitigate national security risks that CFIUS identifies.


The recent amendments to FIRRMA make it less problematic than the original version, but the CFIUS process still risks taking a page out of Beijing’s playbook—opaque, broadly-worded regulations that combine national security with economic security. Ironically, it is this type of “black box” review in China’s cybersecurity law that foreign firms in China say deprives them of a level playing field. These complaints prompted the US Trade Representative to cite this law in its Section 301 report on China as “pressur[ing] unnecessary disclosure of companies’ most critical technologies.” And yet FIRRMA may end up requiring US firms to disclose their critical technologies to a new crop of US officials to get approval for foreign investment or even partnerships abroad, though there is less of a risk that these will be passed to other parties than there is in a country with state companies, such as China. In addition, executive action could further expand CFIUS authority to reintroduce scrutiny of outbound transactions or require “investment reciprocity.” Congress and the executive branch should carefully consider the implications and trade-offs of significantly raising the power of the state to intervene in markets, especially when these can be abused for political ends.

For full article, please see below.


The View