“The U.S. government’s bouncer for foreign investment.” The Committee on Foreign Investment in the United States (CFIUS) is an interagency body chaired by the Treasury Secretary that reviews foreign acquisitions of, and investments in, U.S. companies to identify and mitigate national security risks.
Executive Summary
Created by executive order in 1975 and significantly expanded by the Foreign Investment Risk Review Modernization Act (FIRRMA) in 2018, CFIUS has become a central instrument of U.S. economic statecraft. Its mandate has grown from reviewing outright acquisitions to covering minority investments in companies involved with critical technology, critical infrastructure, and sensitive personal data. In the context of U.S.-China competition, CFIUS has blocked, conditioned, or unwound dozens of transactions involving Chinese acquirers since 2017, effectively closing significant portions of the U.S. technology sector to Chinese capital. The CFIUS framework has been widely replicated by allied nations.
The Strategic Mechanism
CFIUS operates through a structured review process with defined timelines and outcomes:
- Covered transactions: Any foreign acquisition of control over a U.S. business; FIRRMA expanded coverage to include non-controlling investments in TID (Technology, Infrastructure, Data) companies
- Mandatory filings: Required for foreign government-controlled investors acquiring any stake in TID businesses, and for acquisitions of control in critical technology businesses — no filing, no deal
- Voluntary notices: Parties may voluntarily file to obtain CFIUS clearance and safe harbor protection against future unilateral review
- Review timeline: 30-day review → 45-day investigation (if needed) → potential Presidential referral for prohibition or divestiture
- Mitigation agreements: CFIUS may clear transactions subject to national security agreements (NSAs) imposing operational restrictions — firewalled board access, data handling rules, security audits
- Retroactive review: CFIUS can investigate and unwind completed transactions that were never filed, with no statute of limitations
Market & Policy Impact
- Chinese acquirers have been effectively locked out of U.S. semiconductor, AI, biotech, telecom, and critical infrastructure investments since 2018
- CFIUS review has extended to real estate near military installations, triggering high-profile orders for Chinese-linked entities to divest farmland and properties
- The compliance infrastructure around CFIUS has generated a significant legal market; major law firms now have dedicated CFIUS practices
- Allied nations — UK, Germany, Australia, Japan, Canada — have enacted or strengthened CFIUS-equivalent foreign investment screening regimes since 2018, creating a coordinated allied architecture
- CFIUS has increasingly scrutinized transactions from other adversary-adjacent jurisdictions (Russia, Iran, North Korea) and is beginning to apply greater scrutiny to Gulf sovereign wealth fund investments in sensitive sectors
Modern Case Study: TikTok and the CFIUS Divestiture Order, 2020–2025
ByteDance’s ownership of TikTok — with its access to location data, behavioral data, and content recommendation algorithms touching 170 million U.S. users — became the highest-profile CFIUS proceeding in the committee’s history. After years of negotiation over a mitigation agreement (Project Texas), CFIUS determined that no structural remedy short of divestiture could adequately address the national security risk. Congress passed legislation in April 2024 requiring ByteDance to divest TikTok or face a U.S. ban within 270 days. The Supreme Court upheld the law in January 2025. The case established that CFIUS-style review could extend to the data practices of consumer technology platforms — not merely the hardware or supply chain implications — marking a significant expansion of the national security investment review perimeter.