The UK National Security and Investment Act 2021 has introduced new FDI rules for foreign investors, with mandatory and/or voluntary notification requirements (by sector); and powers to block or unwind transactions.
The Act has received Royal assent and is expected to come into effect later in 2021. The UK Government has the power retroactively to call in transactions for review which took place after the Bill was introduced to Parliament.
The Department for Business, Energy and Industrial Strategy (“BEIS”) is preparing to administer the new FDI rules – including staffing up the new Investment Security Unit (“ICU”) – and finalising the sectors in which mandatory notification will arise. BEIS will publish guidance in the coming months.
Foreign investors considering material investment into the UK should seek early advice.
From the perspective of many overseas investors, the proposed new UK FDI rules could be regarded as relatively benign. Only 17 sectors are currently listed for mandatory screening and no sector is expressly prohibited.
By contrast, there are currently 123 sectors on the restricted list for foreign investors in China. Moreover, in many areas where foreign investment is ‘permitted’ in China, there are varying levels of control or limits on the percentage investment by foreign investors, e.g. Chinese companies must have a controlling stake in the construction and operation of civil airports and nuclear power plants; and in the publishing & printing industry. There are also many practical impediments to China FDI which do not exist for UK FDI.
However, one drawback of the new UK regime is that it is relatively opaque. FDI into other sectors can give rise to call in powers and voluntary notifications may be advisable. In fact, outside these 17 mandatory sectors, any transaction involving land, property, ideas, information or techniques which have industrial, commercial or other economic value (e.g. trade secrets, databases, source code, algorithms, formulae, designs, plans, drawings and specifications or software) can be investigated where there is, or could be, a risk to national security as a result of the acquisition of control.
Having said that, laws on FDI and national security are necessarily opaque as countries invariably need the process of screening to be confidential. In this regard, the proposed new UK FDI rules are quite similar to the rules that apply to foreign investors into countries like Australia, Japan, Canada and the USA; and those which are or have been introduced in many EU member states. In light of this, it is perhaps surprising to many observers (esp. those overseas) that the UK FDI rules are regarded as particularly controversial.
Until very recently, the UK Enterprise Act 2002 gave only limited powers to UK government ministers to block material transactions on non-competition law grounds.
These grounds were –
- National security
- Financial stability (introduced at the time of the 2008 GFC)
- To preserve media plurality and standards.
These assessments took place within the UK competition regulatory process rather than in a separate FDI regime (with significant transparency other than for national security).
Under this domestic merger control regime, the CMA could only intervene in transactions where the turnover of the target exceeded £70 million; or if the merger would result in the creation of a combined share of supply or purchases of any goods or services of 25% or more within the UK.
This was a very benign regime for FDI but as a result, the UK Government often resorted to non-statutory methods to influence how FDI took place. These methods were quite effective for high profile FDI but less so for smaller FDI.
Actual examples where the UK Government influenced significant FDI without formal powers to do so are –
- When Pfizer sought to acquire Astra Zeneca plc in 2014, there was a political outcry due to concerns R&D would be hollowed out of Astra Zeneca – a concern that looks well-founded given the prominent role Astra Zeneca has played in the development of the Oxford-Astra Zeneca Covid vaccine. Pfizer had been negotiating some kind of commitment with the UK Government when the transaction foundered on price.
- In 2016, the UK permitted China General Nuclear Corporation to take a 33% equity stake in Hinkley Point C alongside the majority controller EDF. However, since HPC was required to have a nuclear site licence; and needed a CFD power purchase agreement with the Low Carbon Contracts Company (a private limited owned by the UK government), the UK Government was in a position to influence the terms of the transaction, even without an express FDI right to do so. In particular, EDF was required to EDF confirm in writing that it would not to sell down its voting rights below the majority level (>50%) and to acknowledge that any such sell down would require the consent of the UK Government during construction. The was designed to prevent CGN from acquiring control, although this was not a statutory undertaking.
- When Softbank acquired ARM plc that same year, Softbank gave post-offer undertakings under the Takeover Code to keep the HQ in the UK, double the headcount in the UK; and maintain the proportion of technical employees to ensure R&D remained in the UK. Although the UK Government was not explicitly involved, there is no doubt that it influenced the board of ARM which required these undertakings as a condition of recommending the offer.
- When defence company Cobham plc was acquired by Advent in 2019, similar undertakings were given under the Code to those given by Softbank and additional undertakings were given to the UK Government to secure its consent for clearance under the Enterprise Act 2002 after a national security intervention notice was issued.
To enable the UK Government to monitor and influence less conspicuous FDI particularly in nascent technology the UK implemented three temporary measures whilst it developed its new FDI regime.
In 2018, the UK lowered the £70m turnover threshold for intervention to £1m where the target operated in the military and dual use (civilian and military) sector; certain segments of the advanced technology sector, esp. quantum computing; and the design and maintenance aspects of computing hardware, and introduced an additional share of supply test where the relevant enterprise had an existing share of supply of at least 25% of the goods or services (which could be satisfied even if the combined group’s share of supply did not increase as a result of the merger).
In 2020, the list of activities was expanded to include the development, production and research into advanced materials (and materials used to manufacture advanced materials), cryptographic authentication and AI.
Also in 2020, in response to concerns over the pandemic, the UK Government specified a new public interest consideration citing the need to maintain UK based capability to meet public health emergencies. Under these emergency powers, the UK government took powers to review transactions involving UK companies involved in combating Covid 19, esp. those active in vaccine development, PPE production, internet services and the food supply chain.
The new UK FDI Rules are designed to put the recently expanded powers into new legislation, expand the FDI regime and introduce an entirely new notification and approval regime.
Further detail on how the UK proposes to define the 17 sectors where mandatory FDI screening will take place is set out in the appendix. It should be noted that this list is provisional and is still being finalised.
Trigger events – voluntary notification regime
The UK Government will have the power to call in acquisitions of control over entities or assets where it is reasonably suspected that there is, or could be, a risk to national security as a result of the acquisition of control. The UK Government will then carry out a full assessment of the potential risks and can impose remedies to address the risks.
The following transactions will constitute trigger events that the UK Government can examine:
- the acquisition of more than 25% of the votes or shares in a ‘qualifying entity’;
- the acquisition of more than 50% of the votes or shares in a ‘qualifying entity’;
- the acquisition of 75% or more of the votes or shares in a ‘qualifying entity’;
- the acquisition of voting rights that enable or prevent the passage of any class of resolution governing the affairs of the ‘qualifying entity’;
- the acquisition of material influence over a qualifying entity’s policy. The Government is proposing to adopt the existing ‘material influence’ concept referred to in the Enterprise Act 2002;
- the acquisition of a right or interest in, or in relation to, a ‘qualifying asset’ providing the ability to:
- use the asset, or use it to a greater extent than prior to the acquisition; or
- direct or control how the asset is used, or direct or control how the asset is used to a greater extent than prior to the acquisition.
To understand the scope of the new UK FDI rules, it is necessary to examine how the legislations defines a ‘qualifying entity’ and ‘qualifying asset’;
- A “qualifying entity” is any entity, whether or not a legal person, that is not an individual. A non-UK entity is a ‘qualifying entity’ if it carries on activities in the UK, or supplies goods or services to persons in the UK.
- A ‘qualifying asset’ comprises land, tangible moveable property, ideas, information or techniques which have industrial, commercial or other economic value (e.g. trade secrets, databases, source code, algorithms, formulae, designs, plans, drawings and specifications or software). Land or moveable property situated outside the UK or its territorial seas, is a ‘qualifying asset’ only if it is used in connection with activities carried on in the UK, or the supply of goods or services to persons in the UK.
The Secretary of State for Business, Energy and Industrial Strategy will be the decision-maker with regard to the use of this call-in power. They must have regard to the BEIS statement updated as of 21 March 2021 when exercising the call-in power, and will consider:
- The ‘target risk’. The government considers that the economy, broadly speaking, can be split into 3 levels of risk:
- Headline sectors in which national security risks are most likely to arise, e.g. national infrastructure sectors, advanced technology, military and dual-use technologies, and direct suppliers to Government and the Emergency Services. These are subject to mandatory notifications.
- Activities primarily within the headline sectors. Where assets are closely related to those activities, or, in the case of land, the asset is in a sensitive location, their acquisition is more likely to be called in than other asset transactions
- Other sectors in the wider economy where transactions are only expected to be called in on an exceptional basis.
- The ‘trigger event risk’. The trigger event risk is the potential of the underlying acquisition of control to undermine national security. Trigger events may increase the ability of a hostile actor to undermine national security, or position themselves to do so. This might involve gaining control of a crucial supply chain, or obtaining access to sensitive sites, with the potential to exploit them. Further examples of trigger event risk include – but are not limited to – the potential for:
- disruptive or destructive actions: the ability to corrupt processes or systems
- espionage: the ability to have unauthorised access to sensitive information
- inappropriate leverage: the ability to exploit an investment to influence the UK
- The ‘acquirer risk’. National security risks are most likely to arise when acquirers are hostile to the UK’s national security, or when they owe allegiance to hostile states or organisations. According to the policy statement, when considering the acquirer risk, the Secretary of State will consider the entity’s affiliations to hostile parties, rather than the existence of a relationship with foreign states in principle, or their nationality.
Assessing the national security risk of a trigger event will be the responsibility of the Secretary of State. However, acquirers, sellers, and target entities are encouraged to formally notify the Secretary of State of trigger events which might give rise to a national security risk on the basis of the statement.
Mandatory trigger events
Notification is mandatory for notifiable acquisitions in the 17 specified sectors (detailed in the appendix) as the Government believes that acquiring such control over an entity may give rise to national security concerns. In these circumstances, the obligation will be on the acquirer to notify, with a penalty for completing a transaction without clearance.
Mandatory notification arises where the transaction involves:
- the acquisition of more than 25% of the votes or shares in an entity;
- the acquisition of more than 50% of the votes or shares in an entity;
- the acquisition of 75% or more of the votes or shares in an entity;
- the acquisition of voting rights that enable or prevent the passage of any class of resolution governing the affairs of the entity.
It was originally proposed that an acquisition of 15% or more of the votes or shares in an entity in one of the specified sectors would also require notification so that the Secretary of State could decide whether a trigger event (the acquisition of material influence over the policy of an entity) would take place. However, following lobbying pressure this requirement has been dropped.
Call-in powers
Whether or not the parties have given a voluntary notification, the Secretary of State has the power to call in a trigger event which has taken place up to 6 months after they became aware of it so long as it is done within 5 years of the trigger event occurring. Where the acquisition was subject to mandatory notification, the 5 year time limit does not apply.
According to the policy statement, the power to address national security risks will be governed by the principles of necessity and proportionality, and will not be used arbitrarily to interfere with investment and its use will not be designed to limit market access for individual countries.
Clearance process and expected timing
Once a notification has been made, the Government will have 30 working days to decide whether to call the transaction in for further investigation or give clearance for it to proceed.
If a transaction triggers a mandatory notification, the transaction cannot proceed without Government approval. Completing such a transaction would constitute a criminal offence or could result in a civil penalty; and could be rendered void.
Where a transaction has been called in, the Government would have a further 30 working days to decide whether to clear the transaction. That period can be extended by a further 45 working days if necessary. During the 45 working day period, the Government and the acquirer can agree an additional voluntary extension if the Government has concluded that there is a risk to national security and it needs additional time to consider the transaction.
The Government would be able to impose interim orders on the parties during the screening period, e.g. preventing completion or imposing confidentiality obligations.
If there has been a trigger event and a risk to national security has arisen, the Government can impose a “final order”. This might involve conditions being imposed for clearance (e.g. divestment) or the transaction might simply be blocked.
An example of conditions being used arose in 2017 under the current national security regime where a Chinese party (Hytera Communications Corporation) proposed to acquire Sepura (a company involved in manufacturing the telecommunications used by UK emergency services). The transaction was cleared when Hytera provided undertakings which required British citizens with security clearance being appointed to key positions and assurances regarding the protection of sensitive information and technology.
Conclusions
There are aspects to the new UK FDI rules which are opaque. In particular, careful judgment will be required when deciding whether or not to make a voluntary notification. It is likely that acquirors will be advised to take a conservative approach given the risks. It will also be necessary to pay close attention to the pronouncements of Government ministers and officials on sensitive sectors and hostile actors.
Parties can be expected to include FDI conditions in private M&A transaction documents and in the terms of public takeover documents. Parties should also be prepared to consider in advance what undertakings might be offered in order to secure clearance in potentially sensitive transactions.
Appendix
Mandatory notification sectors | Executive summary (yet to be finalised by the UK Government) |
Advanced Materials | Advanced materials are defined as materials that provide targeted properties and include both completely new materials and those that are developments on traditional materials, such materials show advantageous and either or both outstanding structural or functional properties. |
Advanced Robotics | Advanced Robotics, particularly where capable of using sensors to carry out sophisticated surveillance and data collection in respect of any aspects of its environment in order to collect, store or communicate to the operator, significant volumes of high-fidelity data independent of human control and with AI characteristics, but excluding machines containing robotic systems that are readily available for purchase by consumers; industrial automation systems that use mechanical tools performing repetitive functions with very basic or no sensors or cognitive ability; or devices that are not independently mobile |
Artificial Intelligence | Research into AI; or developing or producing goods, software or technology that use AI for the identification or tracking of objects, people or events; advanced robotics; cyber security. |
Civil Nuclear | A qualifying entity that holds or is required to hold a nuclear site licence; is a tenant on a site in respect of which a nuclear site licence has been granted; holds Category I/II and/or Category III nuclear material; is a class A or B carrier of nuclear material; is in receipt of, or has submitted an application for development consent in relation to a nuclear reactor; holds equipment, software or information relating to uranium enrichment technology; or is a holder of sensitive nuclear information. See also Defence sector. |
Communications | Public communications
A qualifying entity which carries on activities in the UK which consist in or include providing a public electronic communications network; or providing a public electronic communications service where the turnover of the entity’s relevant business for the relevant period is £50,000,000. Infrastructure critical to public communications A qualifying entity carrying on activities in the UK which consist in or include making available facilities that are associated facilities by reference to a public electronic communications network or a public electronic communications service Physical infrastructure that hosts cables (including strands of optical fibre); providing an electronic communications network or service by means of a submarine cable system or making available a cable landing station used in connection with such a network or service. A qualifying entity supplying services to persons in the UK which consist in or include providing a top-level domain name registry, domain name system resolver services, domain name system authoritative hosting service or internet exchange point services (subject to certain volume and capacity thresholds). Supply chain for public communications An entity carrying on activities in the UK which consist in or include developing or producing or supplying, providing or making available goods or services used to directly make possible or directly support the provision of a public electronic communications network falling or the provision of a public electronic communications service (esp. electronic communications network by means of a submarine cable system; or the making available of a cable landing station used in connection with such a network or service) |
Computing Hardware | A qualifying entity whose activities consist of or include the ownership, creation or supply of IP relating to CPUs, architectural, logical and physical designs for CPUs, the instruction set architecture for CPUs, code, written in a low level language, that can control how CPUs operate, integrated circuits with the principal purpose of providing memory, the design, maintenance, or delivery of a service for the secure provisioning or management of the roots of trust of CPUs, code, written in a low level language, that can control how CPUs operate; and the fabrication or packaging of CPU’s and integrated circuits with the principal purpose of providing memory. |
Critical Suppliers to Government | A qualifying entity holding a public contract with government where the performance of the contract involves the processing or storage of material to which a security classification of SECRET or TOP SECRET has been applied by Government; a requirement for List X accreditation is required to fulfil the contract; a requirement for employees of the qualifying entity to be vetted at or above ‘Security Check’ level; the provision of services to facilitate the security of network and information systems; the guarding of premises to ensure against unauthorised access or occupation, against outbreaks of disorder or against damage. |
Critical Suppliers to the Emergency Services | Critical suppliers to the emergency services
A qualifying entity that is contracted by an emergency service, to provide to one or more emergency service goods or services that are critical to the operational delivery of that emergency service, including services provided by a fire and rescue authority, all civil, military and nuclear police and border force services and ambulance services. Goods and services that are deemed critical to the operational delivery of one or more emergency service are non-PPE equipment used operationally, including but not limited to: uniforms, body worn video, lethal and non-lethal weapons, ammunition, drones, covert policing operations equipment, radios, handheld devices and associated software, control room and telephony hardware, and tasers; vehicles, vehicle software and vehicle hardware; forensic services, including forensic consumables, chemicals and digital forensics; IT and communications infrastructure, to cover software, systems and infrastructure such as radio towers, that are used operationally in respect of emergency service; and contractual services (those that are outsourced or provided by the private sector) that directly impact upon, or are essential to maintain, operational effectiveness and capability of emergency services. |
Cryptographic Authentication | A qualifying entity carrying out activities consisting of or including research into, developing or producing, any product which: has authentication as a primary function; employs cryptography in performing that function; and is not ordinarily supplied to or made available for acquisition by consumers. |
Data Infrastructure | A qualifying entity whose activities consist in or include: owning or operating relevant data infrastructure; managing relevant data infrastructure on behalf of other entities; managing facilities where relevant data infrastructure is located; providing specialist or technical services to such entities which gives the entity providing those specialist or technical services physical access to relevant data infrastructure; providing services where the provision of such services gives the entity providing those services administrative access to relevant data infrastructure; producing or developing software designed for use in the services which configures or manages the provision of administrative access. |
Defence | A qualifying entity that carries out activities that comprise or include the research, development, design, production, creation or application of goods or services which are used or provided for defence or national security purposes where that entity: is a government contractor or any sub-contractor in a chain of sub-contractors which begins with the government contractor who provides goods or services; or has been notified by or on behalf of the Secretary of State of information, documents or other articles of a classified nature which the entity or an employee of his may hold or receive relating to the activities within scope. |
Energy | A qualifying entity that carries out: the ownership or operation of terminals, upstream petroleum pipelines or infrastructure which is or will be necessary to a petroleum production project (subject to certain capacity thresholds); licensed “transmission” or “distribution” operators; gas or electricity interconnectors, long range gas storage and gas reception terminals, including LNG; (d) Authorised Electricity Operators in Great Britain, subject to certain capacity thresholds; aggregators that control assets in Great Britain, subject to certain capacity thresholds; entities that supply petroleum-based road, aviation or heating fuels (including liquefied petroleum gas) to the United Kingdom market, subject to certain capacity thresholds. |
Military and Dual-Use | A qualifying entity whose activities consist of or include researching, developing or producing restricted goods or restricted technology, i.e. goods and technology, including software or information, other than information in the public domain, the export or transfer of which is controlled by virtue of their being specified in the relevant export control legislation. |
Quantum Technologies | A qualifying entity carrying on activities that consists of developing or producing quantum technology (subject to detailed definitions of what comprises quantum technology, quantum communications etc) |
Satellite and Space Technologies | A qualifying entity carrying out activities that consist of or include operating, designing, producing, creating or utilising facilities for: space debris management; the provision of in-orbit servicing and robotics capabilities or inspection services; in-orbit maintenance and manoeuvring; the provision of inter-satellite communications links; operating and maintaining the capability of secure ground infrastructure and associated secure facilities and systems related to space activity or sub-orbital activity or to services derived from space activity to ensure the safe and secure access to capabilities derived from space-based services; the manufacture and testing of spacecraft and launch vehicles, satellites, planetary probes, orbital stations, manned space vehicles, ground segment equipment, and component parts of, and materials used in, any equipment set out in this sub-paragraph; the use of space-derived data for any military or national security purpose; the provision of space infrastructure operational control facilities; the provision and processing of space situational awareness data by activity on earth or by space activity or by means of infrastructure for orbital and sub-orbital activity, near-earth and space weather events, national security purposes or military purposes. |
Synthetic Biology | A qualifying entity carrying out activities that consist of or include: carrying out basic scientific research into synthetic biology; the development of synthetic biology; the production of goods using synthetic biology; the formulation of synthetic biology to enable the degradation of materials; the provision of services that enable these activities but excluding certain non-core associated services which are listed. |
Transport | A qualifying entity carrying on activities that consist of owning or operating a port or harbour or operating terminals, wharves or other infrastructure situated in a port or harbour situated in the UK United Kingdom subject to certain capacity thresholds. |