Last week, President Trump issued an Executive Order declaring that threats to IT & telecom supply chain posed by “foreign adversaries” are a national emergency & granting broad authority to the Secretary of Commerce to prohibit a wide variety of transactions that might pose risks to U.S. national security.
In general, the Order prohibits companies from acquiring, importing, or otherwise using any “information and communications technology or services” in which a foreign adversary has any interest. That prohibition only kicks in if the Secretary of Commerce (after consulting with other agencies) determines both that the deal involves persons who are controlled by or under the jurisdiction of the bad guys, & that it presents risks to critical infrastructure or raises other national security concerns.
This recent blog from Steve Quinlivan notes that given how sweeping the prohibition is, people involved in M&A transactions need to take it into account in due diligence, but also points out that – at least for now – answers about its implications for a potential deal may be hard to come by:
The broad prohibition on acquisitions indicates the Executive Order merits consideration in pending or newly initiated M&A transactions involving information and communications technology and related services from foreign governments and persons. Unfortunately, the Executive Order does not appear to include a mechanism where questions of the applicability of the Executive Order can be speedily resolved at this time.
Further to Steve’s point, this Winston & Strawn memo says that the Order doesn’t impose immediate restrictions, but instead represents the “beginning of a new regulatory framework to address these concerns.” In terms of guidance, the memo says that we’re likely going to have to wait to see the regulations issued under the Order. This excerpt suggests those aren’t likely to be rolled out for several months:
The key developments to watch following issuance of this Executive Order are the procedures developed by the Commerce Department (in consultation with other agencies and departments) to make these critical determinations. The Order directs the Secretary of Commerce, within 150 days, to issue implementing regulations that may, but need not, include:
– determining that particular countries or persons are foreign adversaries for the purposes of this order;
– identifying persons owned by, controlled by, or subject to the jurisdiction or direction of foreign adversaries for the purposes of this order;
– identifying particular technologies or countries with respect to which transactions involving information and communications technology or services warrant particular scrutiny under the provisions of this order;
– establishing procedures to license transactions otherwise prohibited pursuant to this order;
– establishing criteria by which particular technologies or particular participants in the market for information and communications technology or services may be recognized as categorically included in or as categorically excluded from the prohibitions established by this order; and
– identifying a mechanism and relevant factors for the negotiation of agreements to mitigate concerns raised in connection with the Order.
The memo also says it’s likely that a multi-agency review panel of some form will take on a role in reviewing IT & telecom transactions that may present concerns, and that this panel’s jurisdiction may overlap with that of the CFIUS. But then again, until we see something from Commerce, who knows what we’re dealing with? In any event, we’re posting memos in our “National Security” Practice Area.