National Security Review in the UK: What Companies Need to Know

September 1, 2021 Click for PDF

In November 2020, we reported on the UK Government’s announcement to overhaul the UK’s approach to foreign investment review and the introduction of its National Security and Investment Bill. The Bill received Royal Assent in April to become the National Security and Investment Act 2021 (NSI Act).

The NSI Act will introduce a new standalone hybrid regime of mandatory and voluntary notifications for certain acquisitions that could harm the UK’s national security. The regime also includes a Government power to call in any deal which raises a “national security risk”.

In late July 2021, the UK Government confirmed that the NSI Act will take effect from 4 January 2022 and also published four new pieces of guidance[1] as well as an updated draft of sector definitions for the mandatory notification regime under the NSI Act and a statement on how it proposes to exercise its new call-in powers.

1.  Impact for companies

The introduction of the NSI Act forms part of a trend towards stricter control of foreign direct investments seen elsewhere in the world, including in the U.S. and in Europe. As far as foreign investment in the UK is concerned, the NSI Act will afford the UK Government one of the highest levels of scrutiny of any regime globally.

Although it is expected to be rare that a deal will be blocked (or require remedies) under the NSI Act, the impact for investors will be significant in terms of deal certainty and timeline.

The Government initially estimated that there will be 1,000-1,800 transactions notified each year, and 70 – 95 of those transactions are expected to be called in for a full national security assessment.

This compares to a total of less than 20 transactions which were reviewed by the Government since 2003 under the current Enterprise Act 2002 (EA2002) public interest regime.[2] Since these estimates were made, the Government has increased the threshold for mandatory notification from the acquisition of 15% of shares or voting rights to 25%. Nonetheless, given the broad nature of the regime and the current uncertainty around its application, we would anticipate that a high number of notifications will be made, at least initially.

Faced with mandatory notification obligations in many cases, as well as severe criminal and civil consequences for non-compliance, companies must pay close attention to national security risks when investing in the UK.

2.  What do companies need to consider right now?

Consider the existing public interest regime

Over the next four months, transactions which raise national security concerns are still subject to the existing public interest intervention regime under the EA2002 and, accordingly, parties should ensure their transaction documents adequately cater for both regimes. For example, in relation to conditions and the process and approach to preparing and securing relevant regulatory approvals.

The risk of intervention under the current regime is not theoretical.

In the last few years, the numbers and the nature of intervention in UK transactions on public interest grounds has increased. In December 2019, the CMA issued a Public Interest Intervention Notice (PIIN) in relation to the proposed acquisition of Mettis Aerospace by Aerostar following which the parties decided not to proceed with the acquisition. In that same month the CMA issued a PIIN in relation to Gardener Aerospace’s proposed acquisition of Impcross Limited which was subsequently blocked.

More recently, in April of this year, Digital Secretary Oliver Dowden issued instructions in relation to the proposed acquisition of ARM Limited by NVIDIA Corporation.

The Secretary of State for Business, Energy and Industrial Strategy (BEIS) is reported as taking an active interest in Parker-Hannafin’s proposed acquisition of British defence technology firm, Meggitt. In August of this year, Director of National Security & International, Jacqui Ward, issued a PIIN in relation to Cobham’s proposed acquisition of the defence aeorospace and security solutions provider, Ultra Electronics plc.

Once the NSI Act enters into force, the existing national security ground under the EA2002 will be repealed. However, the public health, media plurality and financial stability heads of intervention will remain in place and apply in parallel after commencement of the new NSI Act regime.

Make a jurisdictional assessment

Parties who are currently contemplating a deal that will not have completed by the commencement date (4 January 2022) need to assess whether their deal falls within the new mandatory notification regime. If so, the deal will need to be notified to the Investment Security Unit (ISU) of the Secretary of State for BEIS as of 4 January.

An acquisition which is subject to the mandatory notification regime will be void if it is completed without notifying and gaining approval from the Government.

In such cases, parties need to ensure that their transaction documents contain appropriate conditions and that the long stop date is sufficient. Parties will need to take account of the time-frames that the ISU has to (i) determine whether to accept or reject a notification, (ii) assess whether they wish to issue a call-in notice and (iii) make its substantive assessment of the transaction, if it decides to call-in or screen the transaction.

Assess the risk of retrospective call-in for deals between 12 November 2020 and 4 January 2022

The NSI Act affords BEIS the power to retrospectively call-in deals and carry out a full national security assessment. These retroactive call-in powers apply to deals closed between 12 November 2020 and commencement of the NSI Act on 4 January 2022 (the interim period).

They do not apply to deals closed before 12 November 2020.

This means that for deals contemplated now, even if they will close before 4 January 2022, parties have to carry out a risk assessment of the likelihood that BEIS will use its call-in powers post 4 January.

The call-in powers may be exercised where the Government reasonably suspects that a “trigger event” (see below) has occurred and that the trigger event has given rise or may give rise to a national security risk. If a transaction that closed in the interim period would have fallen within the mandatory regime had the NSI Act been in force at the time, it could be a prime candidate for call-in by BEIS once the NSI Act commences.[3]

For deals which closed in the interim period but would not have been caught by the mandatory regime, parties will still need to consider whether their deal may reasonably be considered to raise national security concerns within the meaning of the NSI Act. And they will need to consider whether it is, therefore, a likely candidate for call-in by BEIS.

The period during which the Government can call-in a deal is five years from completion.

This period is reduced to six months from the date at which the BEIS becomes aware of the transaction. For deals that closed during the interim period, the call-in power will be available for a five year period from the date of closing, or six months from 4 January, if the parties informed BEIS of the transaction during the transitional period.

This is important because parties to a transaction which closed (or will close) during the interim period and which could reasonably be considered to give rise to a national security risk (within the context of either the mandatory or voluntary regimes), should consider whether to discuss the transaction informally with the ISU. Making BEIS aware through consultation with the ISU would have the effect of shortening the window for call-in to six months from commencement of the Act.

It may also help parties decide whether a voluntary notification would be prudent once the Act commences. Such an approach may be advantageous from a deal certainty view point, in particular in terms of mitigating buy-side transactional risk.

3.  A quick recap on the rules

3.1  What type of transactions does the NSI Act apply to?

The NSI Act applies to acquisitions of control over qualifying entities or assets – this is called a “trigger event” – where BEIS reasonably suspects that there is a risk to national security as a result of the acquisition.

The definition of control under the NSI Act is broad and applies to the acquisition of more than 25%, 50% and 75% of votes or shares in a qualifying entity (or the acquisition of voting rights that allow the acquirer to pass or block resolutions governing the affairs of the entity). In addition, outside of the mandatory regime, BEIS will also be able to call-in or accept voluntary notifications in relation to transactions falling below this 25% threshold where there is “material influence”.

This can mean acquisitions of shareholdings as low as 10-5%.[4]

A qualifying entity must be a legal person, that is not an individual. It must have a tie to the UK, either because it is registered in the UK or because it carries on activities in the UK or supplies goods or services to persons in the UK.

Acquisitions of qualifying assets such as land and IP may be subject to call-in or the voluntary regime (but not the mandatory regime).[5]

3.2  Mandatory notifications

Notifications will be mandatory for acquisitions of control over a qualifying entity active in 17 defined sectors designated as particularly sensitive for national security. These are wide-ranging: from energy, defence and transport to AI, quantum technologies, and satellite and space technologies.[6] In these sectors, such transactions must receive Government approval before completion and so the NSI Act has a suspensory effect.

The Government has engaged extensively with stakeholders on the mandatory sector definitions, since the publication of the first draft in November 2020.

Throughout this process, the Government has refined and developed the proposed definitions. The latest set of definitions were published on 20 July and are set out in the draft notifiable acquisition regulation.

One important point in the guidance issued in July[7] is that a qualifying entity falls within a description of the 17 mandatory sectors only if it carries on the activity specified in the UK or supplies relevant goods or services in the UK.[8]

Otherwise, the latest set of definitions of activities caught by the 17 mandatory sectors are broadly in line with what the Government has published previously. A number of the descriptions have been refined following engagement with stakeholders, for example, in relation to communications, data infrastructure, synthetic biology and energy.

The Government has indicated that it will continue to refine its definitions, even after commencement of the NSI Act in January.

Failure to notify under the mandatory regime will render completion of the acquisition void. There are also civil and criminal penalties for completing a notifiable acquisition without approval. Civil penalties can be up to 5% of the organization’s global turnover or GBP10 million (whichever is greater).

3.3  Call-in and voluntary notifications

Acquisitions of control over qualifying entities outside of the 17 mandatory regime sectors do not need to be notified.

But, if the Government reasonably suspects that an acquisition has given rise to, or may give rise to, a risk to national security, it can be scrutinized by the Government using its call-in powers.

Given these expansive call-in powers, parties may decide to voluntarily notify their transactions where there is a perceived risk of call-in and a desire for deal certainty. A voluntary notification forces BEIS to decide within 30 business days whether to proceed with a review.

As noted above, the voluntary regime may also apply to asset acquisitions and to transactions falling below this 25% threshold where there is “material influence”.[9]

4.  How to assess the call-in risk

The Government published a new draft statement in July, setting out how it expects to exercise the power to give a call-in notice. This is referred to as the draft statement for the purposes of section 3.

The Government again consulted on this statement, with the consultation closing on 30 August.

Whilst qualifying acquisitions across the whole economy are technically in scope, the call-in power will be focussed on acquisitions in the 17 areas of the economy subject to mandatory notification and areas of the economy which are closely linked to these 17 areas. Acquisitions which occur outside of these areas are unlikely to be called in, as national security risks are expected to occur less frequently in those areas. This is new compared to the previous statement of intent of policy, which split areas of the economy into three risk levels (core areas, core activities and the wider economy), and is a welcome clarification.

The risk factors have stayed largely the same as in previous iterations, with some tweaks.

Essentially, to assess the likelihood of a risk to national security, the Secretary of State will consider three risk factors:

  • Target risk: whether the target is being used, or could be used, in a way that poses a risk to national security. BEIS will consider what the target does, is used for, or could be used for, and whether that could give rise to a risk to national security. BEIS will also consider any national security risks arising from the target’s proximity to sensitive sites.
  • Acquirer risk: whether the acquirer has characteristics that suggest there is, or may be, a risk to national security from the acquirer having control of the target.

    Characteristics include sector(s) of activity, technological capabilities and links to entities which may seek to undermine or threaten the interests of the UK. Threats to the interests of the UK include the integrity of democracy, public safety, military advantage and reputation or economic prosperity. Some characteristics, such as a history of passive or longer-term investments, may indicate low or no acquirer risk.

  • Control risk: whether the amount of control that has been, or will be, acquired poses a risk to national security.

    A higher level of control may increase the level of national security risk.

The risk factors will be considered together, but an acquisition may be called in if any one risk factor raises the possibility of a risk to national security.

The same risk factors will be applied to qualifying acquisitions of assets as to qualifying acquisitions of entities.

At present there are no turnover or market share safe-harbours for investors (below which transactions would fall outside the scope of the NSI Act). The Government has, to date, firmly rejected calls from industry professionals and practitioners to introduce such a safe-harbour or exemption.

We expect the Government to publish final regulations later this year. The Government continues to finesse the rules and guidance, including the scope of the 17 sensitive sectors.

In the meantime, parties should consider the possible impact of the new regime on any proposed divestments or acquisitions which are in the mandatory sectors or which are not in one of these designated sectors but which may nonetheless give rise to national security concerns.

The ISU has encouraged parties to contact them to discuss possible acquisitions and how the NSI Act may impact their transaction or their responsibilities.

More generally, the Government has emphasised that the UK remains open for investment and that the new regime aims to proportionately mitigate national security risks. It is keen to stress its ambition that the new regime will enable the fastest, most proportionate foreign investment screening in the world, while not undermining predictability and certainty.

________________________

   [1]   (i) How to Prepare for the New NSIA Rules on Acquisitions; (ii) Application of the NSIA to People or Acquisitions Outside the UK; (iii) Guidance for the Higher Education & Research Intensive Sectors; and (iv) NSIA and Interaction with Other UK Regulatory Regimes.

   [2]   The Government’s powers to review transactions on public interest grounds are currently set out in the Enterprise Act 2002. The Government can issue a Public Interest Intervention Notice (PIIN) on certain strictly defined public interest considerations.

It can only do so where a transaction meets the jurisdictional thresholds under the UK merger control rules (with limited exceptions).

   [3]   For such transactions, which were legitimately closed before commencement, the suspension obligation does not apply and there can be no fines for failing to notify.

   [4]   The Government has stated that any assessment of an acquisition of material influence under the NSI Act will follow the CMA’s guidance on material influence in a merger control context.

   [5]   The Government has indicated that investigations of asset acquisitions that are not linked to the 17 mandatory sectors are expected to be rare and, generally, the Secretary of State expects to call-in acquisitions of assets rarely and significantly less frequently than acquisitions of entities.

   [6]   The full list is: Advanced Materials, Advanced Robotics, Artificial Intelligence, Civil nuclear, Communications, Computing hardware, Critical suppliers to Government, Critical suppliers to the emergency services, Cryptographic Authentication, Data Infrastructure, Defence, Energy, Military and Dual-use, Quantum technologies, Satellite and space technologies, Synthetic biology, Transport.

   [7]   See guidance referred to in item (i) in footnote 1.

   [8]   The guidance also includes the proposed Section 3 statement (see section 4 of this alert below) which provides helpful examples and case studies of the types of entities and assets both in and outside of the UK which may fall within scope of the new regime.

   [9]   See footnote 4.


Gibson Dunn’s lawyers are available to assist in addressing any questions that you may have regarding the issues discussed in this update. For further information, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Antitrust and Competition, Mergers and Acquisitions, or International Trade practice groups, or the authors:

Ali Nikpay – Antitrust and Competition, London (+44 (0) 20 7071 4273, anikpay@gibsondunn.com)
Deirdre Taylor – Antitrust and Competition, London (+44 (0) 20 7071 4274, dtaylor2@gibsondunn.com)
Selina S. Sagayam – International Corporate, London (+44 (0) 20 7071 4263, ssagayam@gibsondunn.com)
Attila Borsos – Competition and Trade, Brussels (+32 2 554 72 11, aborsos@gibsondunn.com)
Mairi McMartin – Antitrust and Competition, Brussels (+32 2 554 72 29, mmcMartin@gibsondunn.com)

(C) 2021 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Leave a Reply

Your email address will not be published. Required fields are marked *