The UK government considers that the NSI Act is going to result in far more regulatory scrutiny of transactions from an FDI standpoint. In June 2022, the then Department for Business, Energy and Industrial Strategy (BEIS) published a report setting out the notifications made in the first three months of the Act: officials received a total of 222 notifications during the three-month period between January and March, implying that around 1,000 notifications a year will be made. Increased intervention is also a clear trend: as of June 2023, five cases have been prohibited under the Act and a further 10 cleared subject to remedies.
The new regime creates notification requirements for certain transactions to the UK Investment Security Unit on either a mandatory or voluntary basis. The government has published guidance giving further detail on the process to expect.
Mandatory pre-notification requirements apply in respect of entities in ‘key sectors’. The requirements apply to transactions involving the acquisition of a 25% stake or more (or equivalent levels of voting rights, including certain ‘veto’ rights) in an entity, as well as certain acquisitions involving the acquirer moving from one level of interest (e.g. 25%) to a higher level of interest (e.g. over 50%). The entity must carry on activities in the UK or supply goods or services to people in the UK. There are no turnover or share of supply thresholds.
There are 17 sectors of the economy to which the mandatory regime applies. These are largely focussed on companies whose activities have a close link to UK government activities (for example entities in the defence sector supply chain or who supply products subject to UK export control); companies who are active in critical industries (for example energy asset operators, communications network operators); and companies operational in particularly sensitive industries (including advanced materials, artificial intelligence and cryptographic authentication). The full list is:
Where the mandatory notification requirements under the NSI Act apply to a transaction, the transaction will require approval from the UK secretary of state in the Cabinet Office (Secretary of State). Otherwise, a transaction closed without clearance will be void, and failure to notify can result in fines of up to 5% of global revenues or £10m (whichever is greater) and failure to notify is also a criminal offence.
Paul Williams
Senior Associate
The UK government considers that the NSI Act is going to result in far more regulatory scrutiny of transactions from an FDI standpoint
On 10 November 2021, the final form regulations were published specifying the ‘key sectors’ and defining activities falling within each of these sectors for NSI purposes. As the regulations are technical in nature, the Investment Security Unit published further guidance to assist businesses in interpretation of their practical application. This guidance explains when activities are caught by the regulations and circumstances in which activities fall outside of its scope.
By way of example, under the regulations, one of the activities included in the artificial intelligence sector is those activities carried out with the purpose of “identification or tracking of objects, people or events”. The new guidance assists in providing detail on what is meant, for example, by “identification”: it explains that this can include three different categories of identification including human identification, object identification and event identification.
The guidance further expands this by providing illustrative examples for each of the three categories. For example, “human identification” can consist of audio and speech recognition, emotion recognition and facial recognition amongst others, whilst “object identification” can include the likes of automated vehicle parking systems, object detection and human or object surveillance systems. The latest guidance provides some much-needed assistance for businesses in how to apply their activities, services and products to the key sectors prescribed in the regulations.
Where transactions are not notifiable acquisitions, a voluntary regime applies (the ‘call-in’ regime). A transaction may be notified voluntarily if the parties are concerned about national security issues arising or, where a transaction is not notified, it can be 'called-in' for a national security review by the Secretary of State.
The range of transactions potentially caught under the ‘call-in’ regime is wide, and much wider than that for mandatory notification. As with the mandatory regime, it includes acquisitions of more than 25% of the shares or voting rights, or material influence, in an entity, as well as certain acquisitions involving the acquirer moving from one level of interest to a higher level of interest. The voluntary regime also applies to the acquisition of certain rights or interests in “qualifying assets” giving control/use in relation to the asset. The provisions relating to qualifying assets are potentially wide and include land; tangible (moveable) property; and ideas, information or techniques which have economic value. Examples could include: acquisitions of land containing, or located next to, an asset of importance (e.g. next to a terminal, pipeline, storage facility); transfer of IP/knowhow related to critical or novel technologies; and plans of future key UK assets.
Unlike the mandatory notification provisions, the 'call-in' regime is sector agnostic. However, ‘call-ins’ are much more likely in transactions closely related to the mandatory notification sectors (e.g. asset acquisitions in one of the sectors).
National security concerns and potential remedies
There is no definition of “national security” in the legislation and the UK government resisted attempts to include a definition during the parliamentary process as it wishes to retain flexibility. The government has, however, noted that it will initially be focused on the following potential national security risks:
In assessing these factors, the Secretary of State will consider the ‘acquirer’, ‘target’ and ‘control’ risk in relation to a particular transaction. Further detail on the types of transactions which could raise national security concerns and in which the Secretary of State expects to use its ‘call-in’ powers, are set out in a statement published by the UK government in November 2021 (and updated in April 2023)
If the Secretary of State does find national security concerns, it may ultimately impose remedies. These could include prohibition of transactions (if not completed) or unwinding (if completed); restrictions/controls on access to sensitive sites; restrictions on access to confidential information; supply chain remedies; intellectual property transfer remedies; and compliance, monitoring, and personnel remedies. The expectation is that less intrusive remedies will be preferred to the prohibition of acquisitions in most cases.
In November 2021, the UK Investment Security Unit published new guidance on how the Secretary of State intends to procedurally deal with notifiable acquisitions under the NSI Act. A further guidance note was published in July 2022 (and updated in April 2023).
NSI notifications can be made online.
There are three variations of the online notification form, depending on the type of notification application. These are:
The Investment Security Unit will only accept a valid notification form and commence review of the transaction once it is satisfied that all the prescribed information has been included in the application. In general, the Investment Security Unit declares a submitted notification 'complete' within 1-3 working days. Differing information is required depending on the nature of the notification being made, including:
Further guidance on completing a notification form was also published on 4 January 2022.
If the necessary information has not been provided with the notification form, the Investment Security Unit will reject the application “as soon as reasonably practicable after receiving it”. In these circumstances, the reasons for rejection will be outlined and the applicant may be required to submit a fresh notification form with the additional required information.
Once a valid application has been accepted, a ‘review period’ will commence which gives the Secretary of State 30 working days to assess the acquisition and reach a decision to either provide full clearance or to call-in the transaction for a full national security assessment. The 30 working day deadline commences only once the Investment Security Unit has confirmed by email that the notification has been accepted as valid.
If, following the expiry of the review period, the Secretary of State has decided to ‘call-in’ the transaction for a full national security assessment, a further assessment period will commence. This again lasts 30 working days but may be extended by up to 45 working days. During the assessment period, the Secretary of State has the power to issue one of the following measures:
Parties are not prohibited from progressing negotiations of the acquisition whilst the Investment Security Unit conducts its national security review, however, completion of the acquisition must not take place if it falls within the mandatory notification regime as it will be rendered legally avoid for lack of government clearance.
Even if the transaction falls outside of the mandatory regime, parties should still carefully consider whether to make a voluntary notification, and if not, whether to proceed with completion of an acquisition that has been ‘called-in’ for national security assessment by the Secretary of State given the acquisition can later be unwound with parties suffering the attendant time and cost consequences of complying with the decision. Additionally, parties must not complete an acquisition if an interim order has been served and must carefully consider how to proceed with negotiations whilst ensuring compliance with terms of the interim order.
The government has confirmed it will not be routinely publishing details of either when an acquisition has been called-in for review following the review period or when an interim order is issued to parties. The UK Cabinet Office will publish an annual report giving a general overview of cases reviewed under the new regime. Details of any national security assessments are only likely to become public once the Secretary of State has served a notice of ‘final order’ on the parties. The final order can consist of either:
All sensitive information will be removed by the Investment Security Unit prior to publication. At present, Investment Security Unit guidance suggests there will be no publication of so-called ‘final notifications’ that are issued for acquisitions that are fully cleared without any conditions.
The vast majority of cases under the Act are cleared without further action from the Secretary of State; however we are now seeing the first examples of use of powers under the Act to intervene in transactions. As of June 2023, a total of five cases have been prohibited under the Act, with a further 10 cases cleared subject to remedies. The cases drawing this type of scrutiny have been in the ‘military and dual-use’, ‘defence’, ‘energy’, ‘computing hardware’ and ‘communications’ sectors.
Certain trends have emerged from BEIS practice to date:
Nexperia’s purchase of Newport Water Fab has been particularly controversial. The Secretary of State has ordered that this acquisition by a Chinese investor be prohibited as it has identified a national security risk in relation to "technology and know-how that could result from a potential reintroduction of compound semiconductor activities at the Newport site, and the potential for those activities to undermine UK capabilities" and that "the location of the site could facilitate access to technological expertise and know-how in the South Wales Cluster ('the Cluster'), and the links between the site and the Cluster may prevent the Cluster being engaged in future projects relevant to national security".