What are the risks that CFIUS will block an acquisition?
Takeaway: For an A&D or deep-tech startup, the risk of CFIUS blocking a sale to a foreign buyer is very real; any deal involving a non-U.S. acquirer, particularly one from a country of concern like China, will face intense national security scrutiny.
The Committee on Foreign Investment in the United States (CFIUS) has become one of the most powerful and feared gatekeepers in the world of M&A. For a startup working on sensitive or "critical" technology, the risk that CFIUS will recommend that the President block your acquisition by a foreign company is no longer a remote, theoretical possibility—it is a central strategic consideration that must be evaluated from the moment you begin to consider a sale.
What Kind of Deals Attract CFIUS Scrutiny?
CFIUS has broad jurisdiction to review any transaction that could result in the control of a U.S. business by a foreign person. However, the committee focuses its most intense scrutiny on deals that involve two key factors:
A "TID U.S. Business": As we've discussed, this is a U.S. business that deals in critical Technology, critical Infrastructure, or sensitive personal Data. Nearly every venture-backed startup in the aerospace, defense, AI, semiconductor, and biotechnology sectors is a TID U.S. Business.
A Foreign Acquirer: The buyer is a "foreign person," which can be a foreign corporation, a fund with significant foreign investors, or a U.S. subsidiary of a foreign parent company.
The National Security Risk Analysis
When CFIUS reviews a deal, it is not concerned with the economic merits of the transaction. Its sole focus is on assessing the potential risk to U.S. national security. The analysis is based on two main questions:
The Threat: Does the foreign acquirer pose a threat? This is an assessment of the buyer itself. An acquisition by a company from a close U.S. ally like the UK or Australia is viewed very differently than an acquisition by a company with ties to a "country of concern" like China or Russia.
The Vulnerability: Does the U.S. business being acquired create a vulnerability? This is an assessment of your technology. The more critical your technology is to U.S. defense and technological leadership, the greater the vulnerability.
A deal where a Chinese state-owned enterprise attempts to buy a U.S. company that is the sole supplier of a critical component for a new fighter jet is a "high-threat, high-vulnerability" transaction that would almost certainly be blocked.
Mitigation vs. Blockage
CFIUS will only move to block a deal as a last resort. If it identifies a specific national security risk, its first preference is to negotiate a National Security Agreement with the buyer to "mitigate" that risk. This could involve requiring the buyer to operate the U.S. company through a U.S.-led subsidiary with a government-approved security plan.
However, if the committee determines that the risk cannot be mitigated—particularly if the acquirer is from a country of strategic concern—it will not hesitate to recommend that the President block the transaction.
For founders of deep-tech companies, this is a critical strategic reality. The universe of potential acquirers for your business may be limited by national security concerns. When considering offers, you must evaluate not just the price, but also the "CFIUS risk" associated with each potential buyer.
Disclaimer: This post is for general informational purposes only and does not constitute legal, tax, or financial advice. Reading or relying on this content does not create an attorney–client relationship. Every startup’s situation is unique, and you should consult qualified legal or tax professionals before making decisions that may affect your business.