Foreign Direct Investment (FDI) in the U.S.: The Ultimate Guide

LEGAL DISCLAIMER: This article provides general, informational content for educational purposes only. It is not a substitute for professional legal advice from a qualified attorney. Always consult with a lawyer for guidance on your specific legal situation.

Imagine your successful local manufacturing company needs a massive cash infusion to expand, develop new technology, and hire 200 more people. An established, well-respected company from Germany offers to buy a controlling stake, providing the capital, access to European markets, and advanced robotics you could only dream of. This is the essence of Foreign Direct Investment (FDI). It's not just a foreign person buying a few shares of stock; it's a significant, long-term investment where a foreign entity gains substantial influence or control over a U.S. business. This partnership can be a game-changer, fueling innovation and creating American jobs. But the U.S. government, like a watchful guardian, has a critical question: Does this partnership pose any risk to national security? Could that advanced robotics technology end up in the wrong hands? Does the U.S. factory produce a small component essential for military helicopters? To answer these questions, the government established a powerful gatekeeper, the committee_on_foreign_investment_in_the_united_states_(cfius). Understanding the balance between welcoming beneficial foreign capital and protecting national interests is the central drama of FDI in America.

• What It Is: Foreign Direct Investment (FDI) occurs when an individual or entity from another country makes a substantial investment to acquire a significant interest in or control of a U.S. business enterprise.
• Why It Matters to You: Foreign Direct Investment (FDI) can be a vital source of capital for your business, creating jobs and driving economic growth, but it also triggers complex legal reviews to protect U.S. national_security.
• The Critical Factor: The U.S. government, primarily through cfius, has the authority to review, impose conditions on, or even block any Foreign Direct Investment (FDI) that it believes could threaten the safety and security of the United States.

The United States has, for most of its history, maintained an “open door” policy toward foreign investment. Alexander Hamilton, the first Secretary of the Treasury, recognized that foreign capital was essential to building the young nation's economy. For nearly two centuries, this policy remained largely unchallenged. Foreign money helped build railroads, factories, and cities with minimal federal oversight. The modern era of FDI regulation began during the Cold War. The Exon-Florio Amendment, passed in 1988 as part of the defense_production_act_of_1950, was the first major legislative tool giving the President clear authority to block foreign mergers and acquisitions on national security grounds. This was a direct response to concerns that a Japanese company, Fujitsu, was attempting to acquire Fairchild Semiconductor, a key player in the U.S. defense industrial base. The September 11th attacks in 2001 dramatically reshaped the government's view of national security threats. The focus expanded beyond just military technology to include critical infrastructure—ports, power grids, and financial systems. The 2006 controversy over Dubai Ports World's attempt to take over operations at six major U.S. seaports ignited a political firestorm and led directly to the passage of the Foreign Investment and National Security Act of 2007 (FINSA), which codified and strengthened the role of CFIUS. Most recently, the rise of strategic competition with countries like China and Russia, coupled with fears over data security and technological supremacy, led to the most significant reform in decades: the foreign_investment_risk_review_modernization_act_(firrma) of 2018. FIRRMA dramatically expanded CFIUS's jurisdiction and power, making reviews mandatory for certain transactions and shining a spotlight on investments in critical technology, critical infrastructure, and businesses that handle sensitive personal data of U.S. citizens.

The legal framework for FDI is not one single law but a collection of statutes and regulations built over decades. Understanding these key pieces of legislation is crucial to grasping how the U.S. government regulates inbound investment.

• The Defense Production Act of 1950 (Section 721): This is the foundational statute. Originally a Korean War-era law to mobilize the domestic industry, Section 721 (as amended by Exon-Florio, FINSA, and FIRRMA) is the specific provision that grants the President the authority to review and take action on foreign investments. It states the President may “suspend or prohibit any covered transaction… when, in the President's judgment, there is credible evidence that leads the President to believe that the foreign person exercising control over a U.S. business might take action that threatens to impair the national security.” This broad authority is the bedrock of the entire review process.
• The Foreign Investment Risk Review Modernization Act (FIRRMA) of 2018: This is the modern engine of FDI regulation. Acknowledging that threats had evolved beyond just buying entire companies, FIRRMA expanded cfius jurisdiction to cover new types of transactions.
  • Non-Controlling Investments: Before FIRRMA, CFIUS could generally only review deals where a foreign entity gained “control” of a U.S. business. FIRRMA expanded this to include certain non-controlling investments in U.S. businesses involved with critical technology, critical infrastructure, or sensitive personal data (often called “TID U.S. Businesses”).
  • Mandatory Filings: Previously, filing a notice with CFIUS was voluntary. FIRRMA introduced mandatory filings for certain transactions, such as when a foreign government has a substantial interest in the acquirer of a TID U.S. Business. Failure to file can result in severe penalties.
  • Real Estate: FIRRMA explicitly granted CFIUS jurisdiction to review certain real estate transactions near sensitive government sites, like military bases or ports.

While FDI law is primarily federal, its application varies dramatically depending on the industry of the U.S. target company. The level of scrutiny an investment receives is directly tied to the perceived national security risk associated with its sector.

Not all money from overseas is “Foreign Direct Investment.” This term has a specific legal meaning built on several core components.

This seems obvious, but the definition is broad. A “foreign person” can be:

• An individual who is not a U.S. citizen or lawful permanent resident.
• A government of another country.
• An entity organized under the laws of a foreign country (e.g., a German corporation).
• A U.S.-based entity that is ultimately controlled by a foreign person or government. For example, a Delaware LLC owned and controlled by a French parent company is considered a “foreign person” for CFIUS purposes. This “ultimate control” test is critical.

Relatable Example: A U.S. tech startup gets a funding offer. The investment vehicle is a fund based in the Cayman Islands, but its primary investors are from China. For the purposes of U.S. law, this is an investment by a foreign person.

This refers to any entity engaged in interstate commerce in the United States. It's an expansive definition that includes everything from a massive corporation to a small startup operating out of a garage, as long as it's doing business in the U.S.

This is the most complex element. CFIUS reviews “covered transactions,” which have expanded under FIRRMA.

• Control: This is the power, direct or indirect, to determine important matters affecting an entity. It doesn't require a 51% ownership stake. Control can be found through board representation, special voting rights, or contractual agreements that give a foreign investor veto power over major decisions like hiring executives, selling assets, or entering new lines of business.
• Non-Controlling “Access” (The FIRRMA Expansion): For businesses dealing in Technology, Infrastructure, or Data (TID U.S. Businesses), even a non-controlling investment can be a “covered transaction” if it gives the foreign investor:
  • Access to any “material nonpublic technical information.”
  • Membership or observer rights on the board of directors.
  • Any involvement, other than through voting of shares, in substantive decision-making.

Relatable Example: A Saudi Arabian sovereign wealth fund buys 15% of a U.S. artificial intelligence company. They don't have majority ownership, but the deal gives them one board seat and access to the company's source code. Because this is a TID U.S. Business, this non-controlling investment is a “covered transaction” and falls under CFIUS jurisdiction.

The CFIUS process is not a typical court case. It's a complex, inter-agency administrative review.

• The Parties:
  • The Foreign Investor (Acquirer): The entity providing the capital. Their motivations are typically financial return, market access, or acquiring technology. They must be transparent about their ownership structure and government ties.
  • The U.S. Business (Target): The recipient of the investment. Their motivation is to secure funding for growth. They are responsible for understanding their own business's potential national security sensitivities.
• The Gatekeeper: CFIUS
  • The committee_on_foreign_investment_in_the_united_states_(cfius) is not one single office but a committee comprised of nine voting members, plus other observers.
  • Chair: The Secretary of the Treasury. The Treasury Department runs the day-to-day operations of CFIUS.
  • Key Members: The heads of the Departments of Justice, Homeland Security, Commerce, Defense, State, and Energy, along with the U.S. Trade Representative and the Director of the Office of Science and Technology Policy.
  • The Mission: Each member agency reviews a transaction through the lens of its own expertise. The Department of Defense worries about military applications, while the Department of Homeland Security focuses on infrastructure, and the Department of Justice looks at it from a law enforcement perspective.
• The Ultimate Authority:
  • The President of the United States: CFIUS itself does not “block” deals. It conducts a review and, if it finds an unresolvable national security risk, it sends a recommendation to the President. Only the President has the final authority to prohibit a transaction. This authority is rarely used, as most problematic deals are abandoned or restructured long before they reach the President's desk.

Whether you are a U.S. business seeking foreign capital or a foreign investor looking to enter the U.S. market, the CFIUS process can be intimidating. Here is a simplified roadmap.

This is the most critical stage. Before any money changes hands, both parties must conduct a thorough self-assessment.

• For the U.S. Business: Do we handle critical technology? Do we operate critical infrastructure? Do we possess sensitive personal data on U.S. citizens? Do we have any contracts with the U.S. government, especially the military? Answering “yes” to any of these means you are highly likely to be of interest to CFIUS.
• For the Foreign Investor: Who are our ultimate owners? Do we have any ties to a foreign government? Are we from a country that is considered a strategic competitor to the U.S.? Be prepared for deep scrutiny of your corporate structure and history.

You must determine if your transaction requires a mandatory filing or if a voluntary filing is a good idea.

• Mandatory Filings: You MUST file if, for example, a foreign government is acquiring a “substantial interest” (25% or more) in a TID U.S. Business. The penalties for failing to file a mandatory declaration are severe—up to the entire value of the transaction.
• Voluntary Filings: Even if a filing isn't mandatory, it is often strategically wise to file voluntarily. Why? Because CFIUS has the power to review transactions even after they have closed. A voluntary filing and subsequent clearance from CFIUS provides a legal “safe harbor,” meaning the government cannot unwind your deal on national security grounds in the future.

The parties have two main ways to approach CFIUS.

• The Declaration: A shorter, 5-page form designed for less complex or lower-risk transactions. CFIUS has 30 days to review a declaration and will either clear it or ask the parties to file a full notice.
• The Notice: A much more detailed and extensive submission that provides a comprehensive overview of the transaction, the parties, and the potential national security risks.

Once a full notice is accepted, the clock starts.

• 45-Day Review Period: CFIUS member agencies review the submission, ask questions (known as “RFIs” or Requests for Information), and assess the risk. Most non-controversial cases are cleared during this period.
• 45-Day Investigation Period: If CFIUS cannot resolve its concerns within the initial review, it can initiate a formal investigation. This is a sign that there are significant national security issues. During this time, CFIUS may propose a mitigation_agreement.
• Mitigation: This is the most common outcome for complex cases. The parties agree to certain conditions to resolve the government's concerns. This could involve appointing a U.S. citizen to the board to oversee security, divesting a sensitive part of the U.S. business, or agreeing to regular government audits.

If no mitigation agreement can be reached at the end of the investigation, CFIUS sends a recommendation to the President, who has 15 days to make a final decision to either allow or block the transaction.

• CFIUS Declaration: This is the abbreviated filing option. Its main purpose is to provide CFIUS with enough basic information about the transaction and the parties to allow the Committee to make a quick assessment of whether a full-blown review is necessary. It is often used in lower-risk deals to seek a fast “safe harbor” approval. You can find guidance on the u.s._department_of_the_treasury website.
• CFIUS Notice: This is the full, traditional filing. It is a comprehensive document that can run for hundreds of pages with appendices. It requires in-depth information about the U.S. business's products, services, government contracts, locations, and data, as well as an exhaustive explanation of the foreign investor's corporate structure, ultimate beneficial owners, and business plans. This is a major undertaking that almost always requires the assistance of experienced legal counsel.

The evolution of FDI law is best understood through the high-profile transactions that tested its limits and forced policymakers to adapt.

• The Backstory: DP World, a state-owned company from the United Arab Emirates, sought to acquire a British firm that managed major operations at six U.S. seaports, including New York, Miami, and Baltimore.
• The Legal Question: Could a company owned by a foreign government be trusted to manage critical U.S. infrastructure, especially in a post-9/11 world? Although CFIUS initially approved the deal, a massive public and congressional backlash erupted over security concerns.
• The Outcome: Faced with overwhelming political pressure, DP World voluntarily divested the U.S. port operations.
• Impact on You Today: This case was a watershed moment. It demonstrated that “national security” was no longer just about military technology; it now included critical infrastructure. It led directly to the passage of FINSA in 2007, which gave Congress greater oversight and made the CFIUS process more transparent and rigorous.

• The Backstory: Broadcom, then headquartered in Singapore, launched a hostile takeover bid for Qualcomm, a San Diego-based world leader in semiconductor and wireless telecommunications technology, especially the development of 5G.
• The Legal Question: Would allowing this acquisition harm U.S. technological leadership in the global race for 5G, particularly in competition with China's Huawei? CFIUS took the unprecedented step of intervening in a deal before the parties had even finalized an agreement.
• The Outcome: Citing “credible evidence” of a national security threat, President Trump issued an executive order permanently blocking the transaction. The primary fear was that Broadcom, known for cutting R&D spending, would reduce Qualcomm's competitiveness, effectively ceding the future of 5G to China.
• Impact on You Today: This case established the principle of “economic security as national security.” It showed that CFIUS would act aggressively to protect not just existing military technology, but America's future technological dominance in critical fields.

• The Backstory: The wildly popular social media app TikTok is owned by ByteDance, a Chinese technology company. Concerns grew within the U.S. government that the Chinese government could compel ByteDance to hand over the sensitive personal data of millions of American users or use the app's algorithm to spread propaganda.
• The Legal Question: Does foreign ownership of a social media app that collects vast amounts of user data constitute a national security threat?
• The Outcome: This is an ongoing case. The Trump administration used CFIUS authority to order ByteDance to divest its U.S. operations. The Biden administration has taken a different, more comprehensive approach, focusing on creating rules to protect U.S. data from being accessed by “countries of concern.” The saga continues to evolve, with potential bans or forced sales still on the table.
• Impact on You Today: The TikTok case is the frontline for the battle over data security. It proves that any U.S. business, even one not in a traditional defense industry, can fall under CFIUS jurisdiction if it handles the personal data of a large number of Americans.

The world of FDI regulation is more dynamic and contentious than ever before. The primary debate centers on finding the right balance between protecting the nation and promoting economic prosperity.

• Inbound Investment from China: The single biggest focus of CFIUS today is investment from the People's Republic of China (PRC). The U.S. government views the PRC as a strategic competitor and is deeply suspicious of any investment that could facilitate technology transfer or give Chinese entities access to sensitive data or infrastructure. This has created a “presumption of denial” for many Chinese investments in sensitive sectors.
• “Outbound” FDI Screening: A new and controversial idea is gaining traction: should the U.S. government also screen investments that *U.S. companies* make in other countries? Proponents argue that a U.S. firm investing in a Chinese AI company, for example, could inadvertently transfer capital and know-how that strengthens a competitor. An executive order has already established a pilot program for this, signaling a major potential expansion of government oversight.
• Defining “National Security”: Where is the line between legitimate national security and simple economic protectionism? Critics worry that the definition of national security is becoming so broad that it could be used to block any foreign investment that competes with a favored domestic industry, chilling the flow of beneficial capital into the U.S.

The legal landscape for FDI will continue to be shaped by rapid technological and geopolitical shifts.

• Artificial Intelligence and Quantum Computing: These technologies are seen as transformational for both economic and military power. Expect FDI regulations to become even stricter for any company involved in these fields. The U.S. will be determined to maintain its lead, and any foreign investment will be viewed with extreme skepticism.
• Green Technology and Supply Chains: The global push for clean energy creates a new FDI dynamic. The U.S. needs massive investment in battery manufacturing, solar panel production, and critical mineral processing. Much of this expertise and capital currently resides abroad. The challenge will be to attract this “good” FDI while ensuring that the U.S. does not become dependent on a foreign rival for its future energy supply chain.
• Data as Infrastructure: The law is catching up to the reality that massive datasets are a form of critical infrastructure. In the next 5-10 years, expect more explicit rules governing any foreign investment into companies whose primary asset is data, moving beyond the current framework to create a more comprehensive data security regime.

• committee_on_foreign_investment_in_the_united_states_(cfius): The inter-agency body authorized to review foreign investments for national security risks.
• covered_transaction: A transaction that falls within the legal jurisdiction of CFIUS.
• critical_infrastructure: Systems and assets, such as power grids and ports, so vital that their incapacitation would have a debilitating effect on security.
• critical_technology: Technologies identified on specific government control lists that are essential to U.S. national security.
• defense_production_act_of_1950: The U.S. statute that contains Section 721, the legal basis for CFIUS reviews.
• foreign_investment_risk_review_modernization_act_(firrma): The 2018 law that significantly expanded the powers and jurisdiction of CFIUS.
• greenfield_investment: A type of FDI where a parent company starts a new venture in a foreign country by constructing new operational facilities from the ground up.
• mitigation_agreement: A contract between the parties to a transaction and the U.S. government to impose conditions that resolve national security concerns.
• national_security: A broad and intentionally flexible term that includes not just military defense but also critical infrastructure, technological leadership, and protection of citizen data.
• safe_harbor: The legal protection granted to a transaction that has been cleared by CFIUS, preventing future review.
• sensitive_personal_data: Identifiable data that can be used to threaten national security, including health, financial, and genetic information.
• tid_u.s._business: A U.S. business that deals in Critical Technology, Critical Infrastructure, or Sensitive Personal Data.
• u.s._department_of_the_treasury: The government department that serves as the chair of CFIUS.

• committee_on_foreign_investment_in_the_united_states_(cfius)
• national_security_law
• international_trade_law
• mergers_and_acquisitions_(m&a)
• corporate_law
• export_controls
• securities_law