A federal agency that tries to shut out hostile foreign investors now can review more life and insurance deals.
New regulations give the Committee on Foreign Investments in the United States (CFIUS) jurisdiction over any proposed deal that could give a foreign entity influence over a sensitive U.S. business, even if the foreign entity would not end up with control over the sensitive U.S. business.
CFIUS now can review an insurance deal if it thinks a hostile foreign entity will end up with ”any involvement, other than through voting of shares,” in decisions about “sensitive personal data of U.S. citizens maintained or collected by the U.S. business.”
- A link to new foreign person’s investment regulation is available here.
- Links to more resources concerning the regulations, including a fact sheet, are available here.
- An article about Genworth Financial Inc.’s CFIUS process experience is available here.
In the past, CFIUS had jurisdiction only if a foreign investor would be getting control over a sensitive U.S. business.
The Office of Investment Security, an arm of the U.S. Treasury Department, published the new regulations in the Federal Register Friday. The regulations are set to take effect Feb. 13.
The Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA)
CFIUS was formed in 1975, when Gerald Ford was president.
The chair of CFIUS is the U.S. Treasury secretary. The Treasury secretary presides over 15 other voting and non-voting committee members.
CFIUS has jurisdiction over deals that could affect control over critical technology or critical infrastructure as well as control over personally sensitive information.
The Office of Investment Security developed the new regulations to implement the Foreign Investment Risk Review Modernization Act of 2018 (2018). Members of Congress developed FIRRMA in response to concerns that hostile foreign entities could use loopholes in the current CFIUS review rules to hurt U.S. national security.
FIRRMA amends rules given in Section 721 of the Defense Production Act of 1950. Former President George W. Bush issued an executive order asking the U.S. Treasury Department to develop Section 721 regulations in January 2008, according to the introduction to the regulations. The department has been using interim regulations. It released draft final regulations this past fall.
In the text of the regulations, which come with the title, “Provisions Pertaining to Certain Investments in the United States by Foreign Persons,” officials give a definition of “sensitive personal data” that includes “the set of data in an application for health insurance, long-term care insurance, professional liability insurance, mortgage insurance, or life insurance.”
The definition also includes the results of genetic tests, “data relating to the physical, mental, or psychological health condition of an individual,” and “financial data that could be used to analyze or determine an individual’s financial distress or hardship.”
Officials do not use the terms “annuity,” “pension” or “retirement” in the new regulation, but the sensitive data definition appears to include the kind of information that might be collected through a client needs analysis process.
But the expanded CFIUS deal review authority applies only to a deal involving a U.S. business that collects sensitive personal data, and has collected sensitive person data for 1 million or more individuals in the preceding 12 months.