Communications Litigation Today was a Warren News publication.

Expect More Penalties, On-Site Compliance Checks, CFIUS Head Says

The Committee on Foreign Investment in the U.S. already has issued two civil monetary penalties this year and plans to impose more before 2024, said Paul Rosen, the head of the Treasury Department’s Office of Investment and Security. Rosen also said CFIUS is increasing its on-site visits to monitor compliance with mitigation agreements and is preparing to formally “refine” regulations surrounding the committee's enforcement powers, case review functions and efforts to track own non-notified transactions.

Rosen, speaking during the second annual CFIUS conference in Washington last week, didn’t provide specific details about the two penalties it has issued so far this year, which is the same number CFIUS has issued since it was established in 1975. “We are on track to have more civil monetary penalties issued this year than we have in our entire history,” he said, adding that Treasury will “share more with the public when appropriate to promote transparency and advance our national security objectives.”

He also said the committee has recently sent “various warning letters” and “other actions” in response to CFIUS violations, and is “doubling down” on efforts to “improve our protocols and train our staff to focus on enforcement best practices.” The committee has 230 active mitigation agreements -- some involving “relatively straightforward” conditions while others are more “complex” -- and is more frequently sending officials to visit companies and check in on their compliance, Rosen said.

He added that some companies “may have noticed increased volume, attention, and follow-up in the last six months. Parties can expect more of that.” Those site visits may include interviews “at all levels, including of line-level staff,” Rosen said, and government officials may perform “spot checks on records” and “engage in other measures to actively monitor compliance of mitigation agreements.”

Rosen noted that, when CFIUS isn’t conducting its own compliance checks, it relies on third-party monitors and auditors and has recently “taken steps over the past year to sharpen the use of third-party providers.” He said the committee is expanding the number of monitor and auditor firms it uses -- including those who haven’t traditionally been active in the CFIUS space -- and has held meetings with vendors over the last year to discuss CFIUS standards and expectations.

He said the committee wants to better vet, select and monitor those third-party providers to make sure they’re right for the job. “We won’t hesitate to replace third-party providers if they are not meeting expectations,” Rosen said.

Treasury is also preparing to propose changes to CFIUS’ regulations in what could be the first major updates since the Foreign Investment Risk Review Modernization Act of 2018. Rosen said his office hopes to publish several notices of proposed rulemakings over the next year, including measures to “allow for increased efficiency and effectiveness in our case processing and review functions,” update the committee’s penalty and enforcement authorities, “sharpen and enhance” its “tools in the non-notified space” and other rules to “broadly ensure the Committee’s tools and processes are best aligned to the current landscape.”

“As you all know, FIRRMA modernized CFIUS and the legislation led to the issuance of detailed implementing regulations,” Rosen said. “It’s time to refine some of those regulations.”