The National Security and Investment Act 2021 (NSI Act) came into force fully on 4 January. With the recent publication of the Government's first annual report on the operation of the Act and the establishment of a framework for cooperation and information sharing in the operation of the NSI Act between BEIS and the CMA, we reflect on how the new regime has bedded in so far and our own experience of making notifications under the Act.
Background: the new regime
The NSI Act introduced new "call-in" powers for the Government to scrutinise investment transactions in the UK. The Act gives the Government the ability to reverse, block and impose remedies and sanctions in relation to investments that it considers a potential threat to national security. There are mandatory and voluntary notification and clearance regimes, with the mandatory regime applying to acquisitions of control or threshold interests in entities in 17 specified high-risk sections and the voluntary regime applying to other types of transactions. For an overview of the Act, see our long form report, The National Security and Investment Act: protecting UK assets and infrastructure.
Lessons from the first three months
On 16 June 2022, the Government published its first annual report regarding the operation of the NSI Act between its commencement and 31 March 2022.
Among the report's finding are that 222 notifications were submitted in the three-month reporting period. 196 of these notifications were mandatory notifications, one was a validation application (i.e. seeking retrospective approval) and the rest (25) were voluntary notifications.
The report's data does highlight the importance of making the right type of notification and that the notifications are sufficiently detailed. Several mandatory notifications were rejected because they should have been voluntary notifications and other notifications were rejected because they did not include enough information about the acquisition or parties to it.
In terms of areas of the economy that have been impacted most, while mandatory notifications have been received for acquisitions taking place in all 17 sensitive sectors, the five most common areas were defence, miliary and dual use, critical suppliers to Government, artificial intelligence and data infrastructure.
The report found that the average time to confirm acceptance of a mandatory notification was 3 working days and the average time taken to decide whether to call-in a transaction notified under the mandatory regime was 24 working days.
Our experience at Mishcon de Reya of the submission of notifications has so far been positive, with notifications being accepted and decisions being made on whether to call in a transaction both being taken well before the relevant deadlines in the Act.
How information will be shared and remedies implemented going forward: the memorandum of understanding between BEIS and the CMA
On 16 June 2022, a memorandum of understanding (MoU) between the Department for Business, Energy and Industrial Strategy (BEIS) and the Competition and Markets Authority (CMA) on the operation of the Act was published. The MoU establishes a framework for cooperation, coordination and information sharing in the operation of the NSI Act between the CMA and BEIS.
The Investment Security Unit (ISU) is the body that sits within BEIS and is responsible for the operation of the NSI Act. The MoU confirms that the ISU will be responsible for coordinating cross-government investment screen activity and will make use of existing expertise within all relevant organisations, drawing on input from relevant teams to inform recommendations.
The MoU sets out various circumstances in which BEIS and the CMA may consider disclosing information to each other, and the principles and processes that will usually apply.
The MoU also confirms that, prior to issuing any interim orders, final orders or final notifications under the NSIA Act, BEIS will seek to inform the CMA ahead of time and consider any representations from the CMA. Likewise, where the CMA plans to issue any interim orders or derogations, accept undertakings or issue final orders under the Enterprise Act in cases where BEIS is likely to have an interest under the NSI Act, the CMA will seek to inform BEIS in advance and consider representations.
Can we expect changes to the regime's scope and operation in the future?
The implementation of the new national security regime, and in particular the very broad scope of the legislation, has faced criticism from some practitioners and commentators. There are a number of areas in which the regime could be adjusted and it remains to be seen whether and how soon this might happen. The impact of the NSI Act is being scrutinised by a BEIS Committee.
More clarity and transparency?
On Tuesday 21 June 2022 at a BEIS Committee session with academic and legal experts, Dr Ashley Lenihan, Professor of the Practice of International Affairs and Deputy Director of the Master of Science in Foreign Service Program at Georgetown University, suggested that the regime might need more transparency about its process and make-up. She made the point that while other Government departments feed into the review process, it is difficult at the moment for an investor to see that. In other jurisdictions, such as the US and Australia, it is made public which other departments feed in and how they do so. Dr Lenihan's view was that investors need confidence that decisions are being made in a way that is not political and in a way that brings expertise to bear.
While the MoU mentioned above will be helpful to transaction parties in understanding how the CMA will feed into the ISU's processes during a national security review, perhaps there is scope for further transparency around process.
Tighter definitions of sensitive sectors?
When the current definitions of the 17 high-risk sectors were being consulted on, there was criticism that some of the definitions were too broad. The definition of "artificial intelligence", for example, was narrowed in response to these consultation responses. It was noted during the BEIS Committee session on 21 June that it will be important to monitor how the definitions are received and it was acknowledged that the Act allows for definitions to be updated and refined.
While the definitions may benefit from further consultation in the future, many of the areas of the economy covered by the definitions are fast-moving and evolving. The definitions will need to continue to be sufficiently broad to capture emerging sectors.
While the high-risk sectors of the economy are defined in detail, "national security" itself is not defined, in order to give the Government flexibility to intervene where appropriate. While some have been critical of the decision not to define "national security" in the legislation on the basis that there is a risk of politization of decisions, it seems unlikely that this aspect of the regime will change. That being the case, as Dr Lenihan pointed out during the Committee session, key will be the ability to monitor effectively transactions and to implement vetoes when needed in a way that is narrow and highly specific to national security concerns.
More help for micro-businesses?
One area of concern highlighted in the BEIS Committee's discussions was the fact that complying with the regime could be burdensome for micro-businesses, given they do not have the resources to navigate the Act in the way that bigger businesses do. It was suggested by some of those who gave feedback that in future the ISU might provide more help to those businesses with interpreting the Act and by providing guidance on transactions. The Government's annual report indicates that it intends to publish market guidance notes giving practical advice to help businesses and advisers when dealing with the NSI Act’s requirements, which may go some way to helping smaller businesses navigate the rules.
According to the Government's annual report on the NSI Act, no final orders (i.e. orders imposing conditions on an acquisition, unwinding the acquisition or blocking it from taking place) were issued under the NSI Act in the first three month period, nor were any penalties imposed or criminal prosecutions pursued under the NSI Act. We do not therefore yet have any data on the amount of time it will usually take between calling in a transaction and issuing a final order. Changes to the NSI regime or its implementation are unlikely to be made based on three months of data, but it will be interesting to see whether and how the regime evolves as more data is published in the future and the Government takes more feedback on how transaction parties are coping with the regime.
Our longform report, The National Security and Investment Act: protecting UK assets and infrastructure, provides an overview of the UK's new national security regime and puts it in context with the global trend towards greater scrutiny of foreign investments. This includes an examination of the NSI Act's mandatory and voluntary notification regimes and takes a closer look at some of the high-risk sectors within the mandatory regime which are likely to be relevant to tech businesses.
Our NSI checker, created in collaboration with Taylor Vinters, offers a series of simple questions to help you understand whether notification under the NSI Act is likely to be required or at least considered for your transaction.