The National Security and Investment Act 2021 (the “NSI Act”) received Royal Assent becoming law on 29 April 2021. However, due to the volume of secondary legislation in connection with the NSI Act, it is not expected to be fully implemented in full until later this year. There are a number of lessons that can be learned from the well-established US regime under the Committee on Foreign Investment (“CFIUS”) which we discuss in more detail below.
The NSI Act incorporates several amendments introduced to address criticisms raised during its progress through Parliament that the scope of the new law was too wide and likely to result in excessive increased costs and delays for future transactions. The amendments include an increased threshold for mandatory notification. Previously the threshold at which a transaction is a “Notifiable Acquisition” included where a person acquires a right or interest in a qualifying entity of 15% which has now been removed leaving the thresholds as only those transactions exceeding 25%, 50% or 75% of the votes or shares in the qualifying entity.
The amendments to some degree address business concerns and provide more certainty regarding the impact the NSI Act may have on transaction timelines and costs. Notwithstanding, it is clear that a significant amount of secondary legislation is required to provide for and clarify the detailed implementation of the NSI Act.
In any event, the Government’s power to intervene in covered transactions remains very broad. We have included below a number of practical considerations to assist UK market participants who may be transacting under the NSI Act regime.
More detailed summaries of the background of the NSI Act regime and the equivalent investment security regimes in the EU under the FDI Regulation and in the US under CFIUS are set out below.
- Key Points for Consideration
UK market participants should consider:
- Start discussions early with advisors and counterparties
- Establish early on whether a transaction will fall under the NSI Act’s jurisdiction. Such discussions should involve a thorough assessment of whether the investor or company will acquire “material influence” in the target company.
- Seek advice to fully understand the risks and implications before committing to transactions. The earlier problems are identified, the lower the likely cost of unwinding what’s been set in motion.
- Widen due diligence to include NSI Act considerations
- Thorough due diligence must be conducted by the investing party and its legal advisors in respect of the target entity in order to understand any specific national security risks presented by its business, especially insofar as that business relates to the specified sectors set out in the NSI Act.
- Decide whether to make a voluntary filing
- Seek legal advice on whether to make a voluntary filing where a transaction does not fall within the mandatory notification requirements. A deal can be ‘called in’ by the Investment Security Unit (“ISU”) (a new operational unit within the Department for Business, Energy and Industrial Strategy (“BEIS”) responsible for identifying, addressing and mitigating national security risks to the UK posed under the NSI Act) and stopped in its tracks further down the line, which can lead to further costs and delays, so you may be better off making a voluntary filing in the early stages.
- Consider whether the need to make a mandatory notification will be a deal breaker
- Estimate the time and cost and decide how costs will be shared
- Time should be factored into the deal timetable to specifically allow for the process of obtaining clearance under the NSI Act, including collation of any information required to obtain clearance.
- Early on in the process, the parties should agree on how the risk/costs should be shared in the event that clearance is not granted.
- Consider alternative deal structures that could mitigate any potential threat to national security
- Consideration may be given to structuring the transaction to lessen national security concerns. This could involve adjustment of the transaction perimeter to carve out any problematic areas of the target business or a decision to not appoint a director to the board of the target company so as not to acquire a “material influence”.
- Summary of the NSI Act
In broad terms, any acquisition of “material influence” in a company, or control over assets or intellectual property which has the potential to give rise to a national security issue will fall within the jurisdiction of NSI Act controls.
The NSI Act introduces mandatory notification for any notifiable acquisition involving a qualifying entity in one of 17 specified sectors where that transaction involves:
- an acquisition of or increase in control over shares or voting rights resulting in breaching the 25%, 50% or 75% threshold; or
- acquisition of voting rights (whether alone or together with voting rights already held) that enable the acquirer to secure or prevent any class of resolution governing the entity.
Where a mandatory notification is required, completion of the transaction is prohibited by law until clearance is granted. Any breach of this prohibition will result in that transaction being automatically void.
In addition to the mandatory notification process, the Secretary of State will have the power to call in a transaction where they reasonably suspect there is, or could be, a risk to national security posed by the transaction.
Parties are also free to make a voluntary notification to seek clearance to prevent the subsequent risk of a call in notice from the Secretary of State.
In all instances, the Secretary of State’s powers to intervene in a transaction are extensive and include:
- interim remedies (e.g. prohibiting completion until a review is conducted);
- final orders imposing conditions on the transaction to prevent, remedy or mitigate assessed risks; and
- the power to block the transaction.
Sanctions for parties failing to comply with the NSI Act will be severe. As well as voidance of the transaction, non-compliance may result in a fine of up to 5% of worldwide group turnover or £10m (whichever is greater) and/or up to five years’ imprisonment.
- The EU Regime
The NSI Act reflects a global trend towards tightening regulations around national security and investment. The EU established a similar framework for the screening of foreign direct investment into Member States on 19 March 2019 under Regulation 2019/452 (“FDI Regulation”). Member States retain full power to legislate for, screen and control foreign direct investment in their jurisdiction, however the FDI Regulation provides a list of factors they should take into account when assessing whether an investment affects their national security, including:
- whether the investor is directly or indirectly controlled by a non-Member State;
- whether the investor is involved in activities affecting security in a Member State; and
- any serious risk of the investor engaging in criminal activity.
Member States are required to submit annual reports to the European Commission covering foreign direct investment activities in the year, including any information in respect of the application of their screening mechanisms and/or control measures taken much like the NSI Act requires the Secretary of State to make annual reports and provide certain information. Member States are also required to notify the European Commission and any other relevant Member States of circumstances in which a foreign direct investment is subject to scrutiny. The European Commission and the other relevant Member States are entitled to provide comments which must be given due consideration, however there is no obligation that the Member State receiving the foreign direct investment must act upon such comments.
- The US Regime
Under CFIUS, there is mandatory notification requirement where a foreign person gains ‘control’ over a U.S. business, potentially capturing investments of any size regardless of the percentage of shares or voting interest being acquired. However, where the ‘foreign person’ is a national of Australia, Canada or U.K., they are an ‘excepted investor’ and a mandatory filing is unnecessary (though a voluntary one may be appropriate).
Outside of the mandatory requirements noted above, the process under CFIUS is predominantly voluntary. Where parties have a concern that a contemplated transaction may pose national security risks due to the nature of the business, they will often choose to notify CFIUS in advance to gain clearance of the transaction and obtain a “safe harbour” letter which, with limited exceptions, prevents CFIUS from later reviewing the transaction. In practice, unless such transactions involve obviously sensitive business sectors or countries which are considered high risk/ ‘bad actor’ countries like China and Russia, the parties undertake a costs and benefits analysis to determine whether making a voluntary declaration is worth the time and expense.
- Common Trend
Though differences between the NSI Act and the EU and US regimes render direct side-by-side comparisons unhelpful, it is clear that each exist in a trend against globalism generally. Hardening attitudes towards investment in domestic companies by perceived hostile states, such as China and Russia, have led to heightened scrutiny globally on transactions with a buy-side nexus to those states (whether directly or indirectly).
Between 2017 and 2019, 20% of all notices filed under CFIUS were in respect of acquisitions by Chinese investors. Although a complete block of a transaction has been rare, the breadth and impact of CFIUS’s powers were clear in the US Government’s efforts to force a sale of Tik Tok’s US business in 2020. Likewise, the UK Government’s decision in 2020 to exclude Huawei from participating in the UK’s 5G network suggests a hardening in attitudes even as the UK Government reiterates its commitment to staying open for business and attracting foreign investment.
A great deal still remains to be seen regarding what the NSI Act’s operation will look like in practice. Transacting parties should stay alert to further secondary legislation and commence discussions (if have not done so already) to identify potential risks and their solutions to pre-empt any unforeseen problems and facilitate smooth progress of any transactions.
 The Law Society President, Stephanie Boyce, described the draft bill as a “sledgehammer to crack a nut [which] will hinder global Britain’s growth” that is “completely out of step with the pace at which international business...moves” (https://www.lawsociety.org.uk/en/contact-or-visit-us/press-office/press-releases/new-security-law-risks-collateral-damage-to-the-economy-lawyers-warn#:~:text=The%20National%20Security%20and%20Investment%20Bill%20is%20a%20sledgehammer%20to,distinguishes%20it%20from%20national%20interest.)
 Note that the Secretary of State retains their extensive powers to call-in transactions which need not reach the 25% threshold where those transactions involve the acquisition of ‘material influence’.
 Though yet to be defined, the interpretation applied by the Competition and Markets Authority is likely to be helpful here. Under the UK merger control regime, a presumption of material influence exists with a shareholding of more than 25% but (depending on the specific circumstances) material influence can exist in shareholdings lower than 15%.
 The 17 sectors are: advanced materials; advanced robotics; artificial intelligence; civil nuclear; communications; computing hardware; critical suppliers to government; critical suppliers to the emergency services; cryptographic authentication; data infrastructure; defence; energy; military and dual-use technologies; quantum technologies; satellite and space technologies; synthetic biology; and transport.
 Broadly defined and includes (among others) the power, direct or indirect, whether or not exercised, through the ownership of a majority or a dominant minority of the total outstanding voting interest in an entity.
 President Trump’s block on the proposed $1.35bn acquisition of Lattice Semiconductor Corporation by Canon Bridge Capital Partners (reportedly funded by the Chinese government) was only the fourth time a US President has utilised their powers under CFIUS to block a transaction.