[Senate Hearing 115-126] [From the U.S. Government Publishing Office] S. Hrg. 115-126 EXAMINING THE COMMITTEE ON FOREIGN INVESTMENT IN THE UNITED STATES ======================================================================= HEARING before the COMMITTEE ON BANKING,HOUSING,AND URBAN AFFAIRS UNITED STATES SENATE ONE HUNDRED FIFTEENTH CONGRESS FIRST SESSION ON EXAMINING THE ROLE OF THE COMMITTEE ON FOREIGN INVESTMENT IN THE UNITED STATES __________ SEPTEMBER 14, 2017 __________ Printed for the use of the Committee on Banking, Housing, and Urban Affairs [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] Available at: http: //www.govinfo.gov / _________ U.S. GOVERNMENT PUBLISHING OFFICE 28-033 PDF WASHINGTON : 2018 ____________________________________________________________________ For sale by the Superintendent of Documents, U.S. Government Publishing Office, Internet:bookstore.gpo.gov. Phone:toll free (866)512-1800;DC area (202)512-1800 Fax:(202) 512-2104 Mail:Stop IDCC,Washington,DC 20402-001 COMMITTEE ON BANKING, HOUSING, AND URBAN AFFAIRS MIKE CRAPO, Idaho, Chairman RICHARD C. SHELBY, Alabama SHERROD BROWN, Ohio BOB CORKER, Tennessee JACK REED, Rhode Island PATRICK J. TOOMEY, Pennsylvania ROBERT MENENDEZ, New Jersey DEAN HELLER, Nevada JON TESTER, Montana TIM SCOTT, South Carolina MARK R. WARNER, Virginia BEN SASSE, Nebraska ELIZABETH WARREN, Massachusetts TOM COTTON, Arkansas HEIDI HEITKAMP, North Dakota MIKE ROUNDS, South Dakota JOE DONNELLY, Indiana DAVID PERDUE, Georgia BRIAN SCHATZ, Hawaii THOM TILLIS, North Carolina CHRIS VAN HOLLEN, Maryland JOHN KENNEDY, Louisiana CATHERINE CORTEZ MASTO, Nevada Gregg Richard, Staff Director Mark Powden, Democratic Staff Director Elad Roisman, Chief Counsel John O'Hara, Chief Counsel for National Security Policy Kristine Johnson, Professional Staff Member Elisha Tuku, Democratic Chief Counsel Laura Swanson, Democratic Deputy Staff Director Dawn Ratliff, Chief Clerk Cameron Ricker, Deputy Clerk James Guiliano, Hearing Clerk Shelvin Simmons, IT Director Jim Crowell, Editor (ii) C O N T E N T S ---------- THURSDAY, SEPTEMBER 14, 2017 Page Opening statement of Chairman Crapo.............................. 1 Opening statements, comments, or prepared statements of: Senator Brown................................................ 2 WITNESSES Clay Lowery, Managing Director, Rock Creek Global Advisors, and Former Assistant Secretary for International Affairs, Department of the Treasury..................................... 4 Prepared statement........................................... 29 Responses to written questions of: Senator Brown............................................ 38 Senator Menendez......................................... 39 Kevin J. Wolf, Partner, Akin Gump Strauss Hauer & Feld LLP, and Former Assistant Secretary for Export Administration, Department of Commerce......................................... 6 Prepared statement........................................... 32 Responses to written questions of: Senator Brown............................................ 40 Senator Menendez......................................... 43 James A. Lewis, Senior Vice President, Center for Strategic and International Studies.......................................... 8 Prepared statement........................................... 34 Responses to written questions of: Senator Brown............................................ 45 Senator Menendez......................................... 46 Additional Material Supplied for the Record Statement submitted by the Rail Security Alliance................ 47 Letter submitted to the Trump administration on Chinese Equity Caps Financial Services Sector................................. 54 China's Technology Transfer Strategy............................. 57 (iii) EXAMINING THE COMMITTEE ON FOREIGN INVESTMENT IN THE UNITED STATES ---------- THURSDAY, SEPTEMBER 14, 2017 U.S. Senate, Committee on Banking, Housing, and Urban Affairs, Washington, DC. The Committee met at 10:02 a.m., in room SD-538, Dirksen Senate Office Building, Hon. Mike Crapo, Chairman of the Committee, presiding. OPENING STATEMENT OF CHAIRMAN MIKE CRAPO Chairman Crapo. This hearing will come to order. This morning, the Committee will receive testimony on the role of the Committee on Foreign Investment in the United States, or CFIUS, as it is known in the trade. The role of CFIUS is to review certain types of foreign investment transactions to determine if there is: a threat to impair U.S. national security; a foreign investor present which is controlled by a foreign Government, like a State-owned enterprise; or something that can affect homeland security or result in control of any critical infrastructure that might impair our national security. Yesterday's rejection of the acquisition of Lattice Semiconductor by a Chinese consortium with a U.S. presence provides a good example of that role. According to press reports, the CFIUS review of the deal revealed that Lattice had valuable intellectual property that, if somehow transferred, would impair U.S. national security. The purchaser was a Chinese consortium with strong ties to the Chinese Government and its space program. Additionally, the importance of the semiconductor supply chain integrity to homeland security and the use of Lattice's products by the U.S. Government was something that could further impair national security. The Lattice case sounds like it should be considered textbook CFIUS, and it is reassuring that the President made this decision based on the careful due diligence of the various Government entities that comprise CFIUS. Nonetheless, there are some congressional and Administration concerns over a broad-based set of potential risks arising from China's steadily increasing use of foreign direct investment, or FDI, to acquire companies and their sensitive technology in the United States. We need to have a general discussion of whether or not the CFIUS process is functioning appropriately, to the extent that it has sufficient authority to look at the transactions that are affected most by today's evolving national security considerations. I look forward to hearing from the witnesses to what extent this concern is based on China's 2025 strategy and if there are any specific instances where this strategy has threatened to impair U.S. national security. In that regard, I will be looking for the witnesses to identify and articulate the potential national security considerations at issue and their relevance to any attempt to address them through reform of CFIUS legislative or regulatory authorities. If CFIUS is not looking at or is somehow missing transactions worthy of its national security review, I would also be interested in learning how many and what types of cases it is missing beyond the 250 or so CFIUS filings this year and what human financial resources would be necessary to review such new cases. We should also discuss whether CFIUS is even the right agency to reform in order to address various complaints associated with China's investment strategies today. The magnitude of any problem with CFIUS is defined by the intersection of U.S. national security with huge inflows of foreign capital supported by a world-renowned U.S. open investment policy. The United States--with $7 trillion in total outward FDI and $6.5 trillion in inward FDI--is the world's number one investor overseas and the world's number one recipient of foreign investment. FDI plays an essential role in increasing U.S. economic growth, creating highly compensated jobs, and spurring innovation and promoting exports. Generally, it is in the national interest of the United States to sustain an open investment policy. The administrations of Presidents Reagan, Bush, Clinton, Bush again, and Obama have all reaffirmed the open investment policy of the United States. Likewise, Congress is a firm believer, on a bipartisan basis, in an open investment policy. But with this unique position that the United States enjoys in the world comes a responsibility to assure that the national security of the United States is maintained against investments that may seek to undermine it. CFIUS plays a critical role and it is important to have a Senate-confirmed individual to set policy and work with Congress. The Senate needs to quickly confirm Heath Tarbert as the Assistant Secretary of the Treasury for International Markets and Development. Mr. Tarbert, who was voice-voted out of the Banking Committee in May, is the President's key person to oversee national security policy at CFIUS and also maintain a healthy, robust investment environment for the United States. Senator Brown. OPENING STATEMENT OF SENATOR SHERROD BROWN Senator Brown. Thank you, Mr. Chairman, and I appreciate your comments always, and this panel will be very helpful to us. Thank you. As you know, Mr. Chairman, I supported, as almost every Member of this Committee did, Mr. Tarbert out of the Committee. I hope, too, he can be confirmed quickly. I do want to remind my colleagues, especially Senators like Senator Perdue and Senator Schatz, who are newer to this Committee, that so far this year the full Senate has already confirmed 11 times the number of nominees from the Banking Committee as this Committee confirmed in the last Congress. So we have confirmed 11 times the number of nominees from this President than this Committee did last session. Senator Tester remembers that well. Senator Crapo remembers that. So just a note to make. Mr. Chairman, as is evidenced by the Committee's focus on Russia, Iran, and North Korea sanctions already this year, national security issues are more important than ever. It makes sense that we should take a look at other national security issues in this Committee's jurisdiction, like CFIUS. CFIUS is charged with reviewing certain foreign acquisitions of U.S. companies that potentially pose national security threats. It has been a decade since we have had a hearing, so I am particularly grateful to Chairman Crapo on this topic. The U.S. continues to be one of the most attractive markets for foreign investment. We know that. Our country welcomes investment when it is part of a straightforward business deal. When they are done right, these deals can create jobs; they can grow American industries. But we know it is not always that simple. Some transactions have national security as well as commercial implications. CFIUS has seen an increase in its reviews of Chinese acquisitions of U.S. companies. In the three most recent reported years, CFIUS reviews of Chinese acquisitions topped the list every single time. In 2016, Chinese companies invested a total of $51 billion into the U.S. through 65 deals, a 360-percent surge from 2015. This year, it is already clear that CFIUS's workload has increased--with acquisitions from China and other Nations. I have serious concerns about many of China's economic and industrial policies. That is not to say that every Chinese investment poses national security threats. Fuyao Glass invested in Moraine, Ohio, where there was once a GM plant. It is an example of a project which poses no such threat and is creating jobs. Some foreign investments pose national security threats, such as intellectual property theft and espionage from U.S. industries crucial to our Nation's defense, as well as threats to the intellectual property of seeds potentially impacting the global food supply, and transfers of critical technologies. We have seen an increase in smaller private investments to obtain access to new technological know-how. We do not know yet who perpetrated the hack of Equifax-- exposing the personal information of 143 million Americans, essentially half our population. It could be domestic, it could be foreign criminals. But we do know that some foreign Governments and companies have tried to gain access to sensitive information about Americans and pose other cybersecurity concerns. That has to be considered as well. I will not even go into all the discussion about the Russians last year. These are the types of threats we hear about from the national security agencies and others. Today we have three people before the Committee who have extensive experience with CFIUS, with export controls, and with the other tools our Government uses to address national security threats. I look forward to their assessment how CFIUS is working, if its scope is appropriate--considering shifting national security threats--and if it has enough resources to review an increasing number of transactions and thoroughly investigate possible national security threats. I would like the witnesses' opinions on the national security risks that I highlighted earlier, whether they believe it is, in fact, CFIUS's responsibility to try to address these risks, or if there are programs at the other national security agencies--DOD, Commerce, State, and others--that are better able to do that. I do not think that CFIUS reform is the answer to addressing all of those national security risks, whether from China or elsewhere. But I am open to considering improvements to CFIUS if we believe there are resource concerns or gaps that are allowing certain investments that pose real threats to Americans to fall through the net, if you will. Any solution is likely to be multifaceted, involving trade, economic, and defense policies, export controls, some of that in this Committee's jurisdiction, some of it outside. Thank you, Mr. Chairman. Chairman Crapo. Thank you, Senator Brown. And we will now turn to our panel for their testimony. We will hear from two former CFIUS officials: first, Mr. Clay Lowery from the Treasury Department, and then Mr. Kevin Wolf from the export control side of the Commerce Department. We will then turn to Mr. Lewis, who has long studied technology issues in the context of the CFIUS process at the Center for Strategic and International Studies, which published its 2-year review of the CFIUS process last December. I remind our witnesses that we would like you to keep your oral comments to 5 minutes so we have plenty of time for questioning from the Senators, and your full written statements are already made a part of the record. With that, Mr. Lowery, please begin. STATEMENT OF CLAY LOWERY, MANAGING DIRECTOR, ROCK CREEK GLOBAL ADVISORS, AND FORMER ASSISTANT SECRETARY FOR INTERNATIONAL AFFAIRS, DEPARTMENT OF THE TREASURY Mr. Lowery. Thank you, Chairman Crapo, Ranking Member Brown, and Members of the Committee. Thank you for letting me testify today on examining CFIUS. In my testimony, I hope to briefly just touch on the nature of CFIUS and its processes, its performance over time, and some thoughts on CFIUS reform. The easiest way to understand CFIUS is to know its mandate: ensure national security while promoting foreign investment. That is actually what the legislative language says. So when we read news stories about CFIUS, as will be the case today because of President Trump's blocking of a transaction yesterday, we only hear about protecting national security. But that is only part of the objective of CFIUS. Promoting foreign investment is a part of our national security. It is core to our economic growth. It is core to our increasing productivity and for creating jobs. Thus, any reforms to CFIUS that are being considered should be thought about in that context. CFIUS is an interagency Committee, chaired by Treasury, that includes a variety of members, including Defense, Justice, Commerce, the Intelligence Committee. It investigates cross- border mergers and acquisitions that could put our national security at risk. M&A parties file with CFIUS, and CFIUS determines whether the acquirer will gain control of a U.S. business. If control is determined, CFIUS does a three-part analysis: First, does the acquirer pose a national security threat? Second, does the asset that is being purchased make our national security more vulnerable? And, third, the consequences of permitting these threats and vulnerabilities to come together through this transaction, do they promote a specific risk to our national security? CFIUS investigates this question for about 30 days. If at the end of those 30 days CFIUS is not satisfied, they can go to a second stage of investigation, which is up to 45 days, an additional 45 days. If CFIUS is still not satisfied, it can take the case to the President, who is the only one, not CFIUS, that can actually prohibit an acquisition. In the past 30 years, this has happened only four times, including yesterday. Why is it so rare that the President blocks transactions? The first reason is most of these transactions do not raise national security risks. The second is, if they do, CFIUS has the ability to mitigate those risks. And the third is that if the President makes a decision like he did yesterday, it becomes public and puts the corporate reputation at risk, and so sometimes if you know that it is going to be a negative discussion by the President, you will withdraw and abandon your transaction. In terms of mitigation agreements, these were put in place by Congress, and I view them as the pressure valve that enables CFIUS to find solutions to much more difficult transactions and to meet its mandate: welcoming foreign investment and protecting national security. Since Congress strengthened CFIUS 10 years ago, it has performed in an exceptionally professional and thoughtful manner. Scrutiny of cases is thorough. CFIUS protects information as well as anyone in the U.S. Government. And they have preserved the reputation of the United States to being open to investment from around the world. That said, there is little question that the investment landscape has changed dramatically in 10 years. By far, the two most important changes have been the rise of China, as the Chairman said, and also the potential of new sensitive technology being transferred. Both Mr. Lewis and Mr. Wolf will elaborate on these issues. These developments suggest that a close, sober evaluation by Congress, the GAO, and the Administration are in order, and as with any analysis, it is best to think of the potential reforms in a cost-benefit analysis, including what are intended and unintended consequences. Beyond that, I would take three more steps. First, the CFIUS process, as Ranking Member Brown suggested, is currently under a lot of stress because of a significant increase in cases--many of them are complex-- without a commensurate increase in resources. Second, as Chairman Crapo mentioned, this Committee passed through in its bill back in 2007 a new Assistant Secretary for Treasury to oversee CFIUS. President Trump has nominated a highly qualified individual in Heath Tarbert. He was approved by this Committee with near unanimous support. He should be supported by the full Senate and let him get to work. And, third, we should adopt a set of guiding principles to make sure that any CFIUS reform both safeguards our national security and remains the destination--keeps the United States the destination of choice for investment. I have outlined a number of principles in my written testimony. I would just say three right now: minimize the opportunity for politicizing transactions; keep CFIUS narrowly focused on national security; and, third, increase the scrutiny of State-controlled cases. Thank you very much. Chairman Crapo. Thank you, Mr. Lowery. Mr. Wolf. STATEMENT OF KEVIN J. WOLF, PARTNER, AKIN GUMP STRAUSS HAUER & FELD LLP, AND FORMER ASSISTANT SECRETARY FOR EXPORT ADMINISTRATION, DEPARTMENT OF COMMERCE Mr. Wolf. Thank you, Chairman Crapo, Ranking Member Brown, and other Members of the Committee. Thank you also for convening this hearing to discuss an important national security topic. I was last before this Committee in January of 2010 when you confirmed me as the Assistant Secretary of Commerce for Export Administration, which is a role I served in until January 20, 2017. And in that role, I worked with my colleagues primarily at the Departments of Defense and State in shepherding the U.S. export control system. And I was also a representative to CFIUS during that time. Although I am now with a law firm, I am not speaking on behalf of any particular change or on behalf of anyone else. The views I discuss today are my own. Mr. Lowery described well CFIUS and the background, so I will get straight to my main point, which is that the U.S. export control system and CFIUS complement each other. CFIUS has the authority to regulate the transfer of technology when there is a transaction, however you define ``transaction.'' The export control rules have the authority to regulate the transfer of technology regardless of whether there is a transaction. This means that if there are specific concerns about particular types of technology or information, whether general or specific, whether as part or as a result of a CFIUS review or from any other source, then the focus, I respectfully submit, on addressing that national security issue should be on the transfer of the technology to the destination in question. The U.S. export control system is perfectly suited for doing exactly that. Yes, I recognize it can be complex, but it is specifically designed to constantly evolve to new threats as they are identified, to change as a result of commercialization of technology and realizations about the effectiveness of other controls. Now, in general, the most effective export controls are those that are multilateral--those that our allies impose to the same degree to accomplish a common objective. Unilateral controls--controls that only one country imposes--tend to be counterproductive because they create incentives for companies to simply do the work outside the United States, thus outside of U.S. control. However, the temporary imposition of unilateral controls, when there is a specific threat or a new threat or an evolving threat identified, such as during a CFIUS review or in connection with some sort of acquisition, can be and is a very effective tool. And in the regulations administered by the Commerce Department's Bureau of Industry and Security, in coordination with the Departments of Defense and State, there is the ability to move quickly to respond to some of these threats, again, focusing on the technology itself to particular tailored destinations with or without any particular transaction, however you would define that. These tools also can work very closely in connection with law enforcement resources to identify situations when there is a front company in the United States. And we can get into more details on some of these tools as well as how they work with the multilateral regime process. So although I cannot get into specific cases, I can say that other types of national security issues created by foreign direct investment in my experience primarily were those involved with colocation issues, that is, acquisitions next to sensitive military facilities; those that create espionage risks; those that reduce the benefit of Defense Department technology investments; those that would reveal personal identifying information; those that create security of supply issues for the Defense Department and other parts of the U.S. Government; and those that create potential exposures for our infrastructure. And so, in general, the CFIUS authorities in my experience in the agencies were well suited and well equipped to deal with these, its dedicated public servants working very hard. And that last point is the key. As mentioned earlier, they are stressed. They need help. They need assistance. And this is important not only for national security, but for our economic security so that the United States is known as a place that welcomes direct investment and can review the safe harbor process quickly and efficiently. In my last couple of comments, it is focused on--when thinking about potential legislative change, my suggestion would be to first ask, What is there about the authority that cannot be addressed through changes in regulations or internal process, or if there is another area of law such as trade remedies or export controls that could be more suited to addressing the national security risks, or if the issue could be resolved through merely an increase in resources or change in resources in particular areas? If the answer is no to those questions, then that is the sweet spot for statutory change. Those who know me know I have a 3-minute and a 30-minute and a 3-hour version of every topic, so I will stop here and look forward to answering your questions. Chairman Crapo. Thank you, Mr. Wolf. Mr. Lewis. STATEMENT OF JAMES A. LEWIS, SENIOR VICE PRESIDENT, CENTER FOR STRATEGIC AND INTERNATIONAL STUDIES Mr. Lewis. Thank you, Mr. Chairman, and I thank the Committee for this opportunity to testify. You have heard about how important CFIUS is, so I will not belabor the point. But the Committee, while it has done well in the past few years, faces a growing volume of cases, increased complexity of transactions, and Chinese industrial policies that pose an increasing challenge. The U.S. created CFIUS in response to concerns that foreign competitors were acquiring strategic industries. CFIUS authorities were updated in 2007 in the Foreign Investment and National Security Act. That was 10 years ago. And it created new authorities for CFIUS and new timelines. FINSA is now 10 years old and faces challenges created by a changed global environment. The most important of these comes from China, as you have noted. China seeks ways to circumvent CFIUS protections. China's goal is to end its dependence on foreign technology and to overtake the U.S. If China followed international practices in trade, its decisions to invest in domestic industries would be unobjectionable. But China has not hesitated to extract technology or concessions or to block competition to advance its own firms. China has a strategy to build a high-tech economy and is willing to spend heavily to acquire foreign companies and the know-how they possess. The fundamental issue for the U.S. is how to respond to a managed economy with a well-financed strategy to create domestic industries intended to displace foreign companies. China appears to be attempting to circumvent CFIUS and export controls. Some important ideas for CFIUS reform include expanding the scope of covered transactions, particularly in regard to what are called ``greenfield transactions,'' providing the Committee with extra flexibility for difficult cases by giving it the resources or support to better identify technology and business trends that create risk, finding ways to cooperate with foreign partners, and it is an indicator of how things have changed that now both Japan, Germany, and the European Union are adopting their own CFIUS-like processes. The Committee could use additional resources and information to make timely decisions. U.S. efforts to get China to follow global norms on trade are long overdue, but it will not work without a strategy to promote U.S. technology. Reports that the Trump administration will challenge China over trade practices are good news, but it needs to be part of a larger strategy that includes export controls and investment in R&D. It is important not to exaggerate China's strength. China faces immense problems, including its huge debt burden, pollution, and corruption, but it does have a strategy, as you noted, in China 2025 to displace the U.S. and building globally dominant high-tech industries. However, China's leaders are practical, and their behavior can be changed if the U.S. develops a coherent strategy in cooperation with key allies. CFIUS is not the only tool we can use in this, but it is the most important for dealing with foreign investment, and the Committee could use additional authorities and resources. I thank you for the opportunity to testify and look forward to your questions. Chairman Crapo. Thank you, Mr. Lewis, and I want to turn to you first with a couple of questions. In your testimony, you identify a number of concerns relating to China's industrial policy and transfers of U.S. technology. You also discuss how CFIUS may be improved to address some of the concerns while others may be better handled by export controls. In your opinion, what changes specific to CFIUS authority are necessary to effectively protect U.S. national security? And what changes to the export control regime do you find necessary to prevent unwanted transfers of technology and know- how? Mr. Lewis. Thank you, Mr. Chairman. I think the most important issue for me remains the way that China has changed its investment policies to circumvent CFIUS, and the case that we all know the best is, of course, what we call ``greenfield investments,'' which is Chinese companies opening facilities or subsidiaries in the United States. Those are not always covered. The Department of Defense put a report out on this some months ago. It was unclear to me why it was classified since, when you go to Silicon Valley, it is sort of an open secret that Chinese firms are all over the place trying to acquire brains, technology, trying to get around export controls and CFIUS. So I think the most important thing to look at is what are we doing about the alternate methods China has found to acquire technology. Another good example might be Chinese companies, when they come to the U.S., do not face the same restrictions that American companies face when they attempt to do business in China. A word that the Chinese dislike is ``reciprocity,'' so I think looking at the ways they circumvent, looking at greenfield investments, looking for reciprocity in investments would be a good approach for CFIUS. For export controls, I recently had an unusual experience. I talked to one of the leading high-tech trade associations, and at the end of their briefing on their technologies, they said, ``And we would like to see export controls strengthened.'' I said, ``Wait a minute. You guys usually say the opposite. What is happening here?'' And they said in some ways the control lists we have, both at State and Commerce, have not kept up with developments in technology and need to be updated. So I think the biggest change here would be to once again take a step back and look at the munitions list, the Commerce control list, and say, How do they need to be updated to reflect the current technological environment? This would help CFIUS as well. Chairman Crapo. Thank you. Mr. Wolf, expanding on Mr. Lewis' response, would you please focus on any concern that transfers to China of foundational technologies present and what Congress and the Administration can do to address this? Mr. Wolf. Sure, absolutely. The principal focus is to aggressively and with will think creatively about how to describe either in a unilateral fashion or a multilateral fashion the types of technologies that warrant control to China or other countries for these national security reasons. And the reason I put my emphasis there is because one should not have to wait for a transaction to occur, whether it is a covered transaction in the traditional sense or whether it is a joint venture or some other sort of arrangement. If there is a way in which some sort of foundational technology, even if broadly described, is going to be put to an end use or an end user of concern, then I would suggest using the authorities that already exist in the very flexible export control regulations to identify those. Now, that is very hard. That is very hard to do in many situations because it may not be--one may not be able to clearly articulate it. But that difficulty, frankly, is a check on the system so that you do not inadvertently impose controls that are broader than necessary and you thus affect collateral controls. By simply adding broader scopes to CFIUS to catch one situation of one type of technology with respect to really only one or a few countries of concern, you can end up harming the image of the U.S. as a country open to foreign direct investment more generally. So the direct answer is creative, clever use and aggressive evolution of existing export control rules. Chairman Crapo. Thank you. And, Mr. Lowery, in your opinion, does CFIUS lack authority to review any category of transactions to fulfill its mandate? Or is it a resource question? Mr. Lowery. It is a good question. My own view is that there is a significant resource question that they are going to have to address. It is just becoming very difficult to look at all the different transactions that are coming in and doing it in an efficient and effective manner so that we are still open to investment. In terms of authorities, it depends. I mean, I think that Jim Lewis talked about CFIUS does not have the ability right now to look at greenfield investments. I am not sure that it should because I think that the idea of CFIUS is to protect national security with an investment that is buying actual U.S. businesses. But if you wanted to go after greenfield investments, it does not have that authority currently. Beyond that, it does have most of the authorities. That does not mean that you could not make the regulations stronger. It also does not mean that they could--some of the guidelines-- CFIUS puts out guidelines about how they think filing parties should be thinking about transactions. Those probably need to be updated. It has not been done in 10 years. And that could help make sure that we are capturing transactions that maybe we were not already capturing. But I think that in terms of the authority itself, it just depends on what you are trying to get after. One that Mr. Lewis said, it would need legislative authority to investigate greenfield investments. Chairman Crapo. Thank you. Senator Brown. Senator Brown. Thank you, Mr. Chairman. To begin with, I first want to apologize. I have, as a number of people on this Committee have, conflicts today. We are working on the farm bill in the Ag Committee. I need to go there. And we are working on tax reform in the Finance Committee, so I will not be sitting here as long as I normally do with the Chair. Usually, we both sit through these hearings for pretty much the whole time. I apologize for having to do that. Mr. Lowery and Mr. Wolf, I want to start with you. Earlier this year, I raised concerns about potential conflicts of interest in the CFIUS process posed by a number of Administration officials with international business interests. So far, two matters regarding the Administration officials have come to light. It was reported in March that China's Anbang Insurance Group, a company familiar with CFIUS reviews, as you know, had ended its bid to buy the President's son-in-law's Fifth Avenue property. Then in July, after Anthony Scaramucci was announced as the new White House Communications Director, it was revealed that his hedge fund--SkyBridge Capital I believe was its name--was in the process of being acquired by China's HNA Group, possibly for more than the company was worth and was also under CFIUS review. I am concerned, as I know all three of you are, and I think most of the country is, about the national security implications of foreign acquirers, but possibly and particularly if they have ties to foreign Governments trying to buy influence in this Administration. So I have a series of questions, and, Mr. Wolf, I will start with you, and I will ask the three, and then you can answer as a group, and then Mr. Lowery. Do you believe Treasury and other CFIUS member agencies have a good understanding of Administration officials' business interests and possible conflicts of interest? Is Treasury aware of the range of business interests and possible conflicts of interest? Could more be done to ensure that all those ties are disclosed? And, third, are processes in place for officials involved in CFIUS or the President himself to be recused if necessary? And I will start with you, Mr. Wolf. Mr. Wolf. Sure. On the first topic, Treasury as such, I do not recall ever asking those questions. The responsibility for compliance with conflict of interest rules are up to the individual, and they work closely with their counsel at their Department, and that was the primary driver. With respect to the second question, it could not possibly hurt for Treasury to collect that information and to ensure that the same level of conflict of interest review that is supposed to be done and was done with us in-house by our Department counsel is also provided to the Treasury Department as a double check on what should already be done internally within the Department. Senator Brown. And that is not being done, to your knowledge? Mr. Wolf. Again, the responsibility lies with the individual and compliance with law, and we received regular briefings from our ethics counsel within the Department of Commerce, not just with respect to CFIUS but all matters that we were involved in to ensure that we did not have conflicts of interest both with respect to the annual disclosure process and regular updates and ethics briefings that the attorneys would give to us. So, again, I do not know--I do not think that information is generally shared with the Treasury Department, but it should already exist within the Departments, and there could not be anything harmful in doing so because it is already existing information within the existing Department of the individual employee. Senator Brown. Mr. Lowery. Mr. Lowery. To my knowledge--I agree with Mr. Wolf. When I was working on this, I recall Secretary Paulson recusing himself on specific transactions, or there were others--he was not the only one--that sometimes it just happened to be something that they had been working on in their private sector career, and they saw a CFIUS transaction, and, you know, I would go down the hallway and say, ``Hey, we have a CFIUS transaction on this,'' and the next thing you know, he would call the General Counsel and say, ``I have to recuse myself.'' To my knowledge, that still goes on. I cannot obviously speak on the specific cases you mentioned, but I would assume that the individuals, as Mr. Wolf said, would basically say, ``I need to recuse myself. I have business interests here.'' And they have disclosed that to their in-house counsel so the in- house counsel can also advise them on those issues. Senator Brown. And are you satisfied that the information from the Administration and from the President's family, that the information is available enough to you all--not to you all, but to the people in place now? Mr. Lowery. So CFIUS is a very--I mean, the people that work on CFIUS transactions, they are very protective of the information. So there are lots of people within the Government that do not have much to do with CFIUS, and they do not understand what is going on. There are two reasons for that. One is the classified information. Obviously, there is lots of classified information. There are national security issue at stake here. But the second reason is because of a little bit the issues you are getting at, but really it is proprietary information. These companies are filing. They are putting forward a lot of proprietary information. There are competitors on the outside that are sometimes very interested. And so you have to be very careful. That is why I think CFIUS over a 10- year timeframe, over a variety of Administrations, has basically been very protective of information. People call it like a star chamber, and the reason they do that is because of how well they protect their information, frankly, better than a lot of other parts of our Government. Senator Brown. Did you want to add something, Mr. Wolf? Mr. Wolf. The issues you raise with respect to transparency of information regarding conflicts of interest of political officials and career employees is not unique to CFIUS because every day--so there is nothing unique about CFIUS that addresses your point, and the success in ferreting out any concerns lies in the existing procedures within each of the departments as opposed to something that is CFIUS qua CFIUS to address. Senator Brown. Did you want to add something? Mr. Lewis. I would simply echo your point, Senator, that most transactions are without risk to national security, and so it is important to bear that in mind when we think about the deals that are being looked at. We have seen movie theaters, hotels, all bought by the Chinese, and that does not pose any risk. Senator Brown. So while there might be conflicts of interest that might or might not disturb the American public, they are not necessarily national security concerns. Mr. Lewis. I think that would be correct. Senator Brown. OK. Thank you, Mr. Chairman. Chairman Crapo. Thank you. Senator Perdue. Senator Perdue. Thank you, Mr. Chairman. Thank you guys for being here today. Before I start my questions, I would like to make one comment for the Committee since it was brought up earlier. Senator Van Hollen, Senator Schatz, Senator Kennedy, Senator Rounds, and I are new Members of this Committee, but we are totally capable of understanding the full historical perspective around confirmation of this Congress. I certainly echo the comments that have been made this morning about nomination and confirmation of this Committee, but I would like to put into perspective that we are sitting in a period with the slowest confirmation process in the history of our country since George Washington put his first Cabinet together. I think it is outrageous that the last day before we left for August break we confirmed 65 nominations in 1 day because of a back- room deal. Prior to that time, we had only nominated and confirmed--we had only confirmed 48. As we sit here today, this President has fewer than one- third of the confirmations that the prior President had. So I would like the record to show that some of us do have a full perspective on where we sit today. Mr. Lewis, thank you for being here today. I lived in China--or I lived in Hong Kong, worked in China, lived in Singapore, and the thing that always bothers me, China over the last 10 years has a net outflow--an outflow of capital of about $3.8 trillion, an inflow of about $1 trillion, 1.3, and then a net--that is a net outflow of about $2.5 trillion. I cannot track it. I have a feeling you cannot either. In 2016, the Bureau of Economic Analysis estimated about $10.3 billion of Chinese investment in the U.S., and yet AEI and Heritage and others had it as high as 56. So that is a wide range of estimate. And the reason is when you get under it, BEA actually had Luxembourg as the top foreign investor in the U.S. and China was 11th. With the network of capital flows in the world, how in the world are we able to track the overall net inflows from particular players outside the U.S.? Mr. Lewis. That is a great question, and it is a very difficult problem. And as you noted, small Caribbean islands tend to come at the top of the list for foreign investment, not because they are wealthy but because they are vehicles for money laundering. Chinese capital is seeking to leave the country---- Senator Perdue. And that is--I am sorry to interrupt. That is not just China. That is other people who have very nefarious intentions for the money, too, right? Mr. Lewis. Correct. But when you--that is true, and when you try to follow the funding for some Chinese acquisitions, it will lead you to some very strange places. So money laundering is a problem. There is a desire in China to move money out of the country, which may be kind of a vote of confidence. So we see a very large outflow into many, many sectors, most of which do not cause strategic concern. It is difficult to track, and that is one of the challenges for the Committee, is tracking the money back to its source to see if it is the Chinese State. Senator Perdue. Mr. Wolf, with regard to the specific China investments that are of concern, obviously one reason we have been dominant militarily is the size of our investment, but China is now approaching that. So the technological innovation that we have benefited from, from private sector and military and academic research has always kind of kept us at the forefront. One of the things I am concerned about is that China, not only in the United States, but their investment in infrastructure in Africa and other parts of the world, they are leading toward investments of next-generation technologies, and that is really concerning, things like artificial intelligence, autonomous vehicles, augmented reality, blockchain, robotics. They are recruiting actively kids that are graduating from our colleges, our PhDs, our Master's candidates, our scientists, our technicians, our engineers. And there is an immigration issue. I do not have time to get into that today with you guys, but what I would like to know is: How does CFIUS interact with the military, commerce players, and so forth to make sure we find the right balance of this foreign direct investment, which, as Mr. Lowery talks about, is very critical? When you have a $20 trillion debt, you better hope you can attract FDI. And we are the largest recipient of FDI in the world. Thank God. With the size of our economy, we need to keep that up. But there has to be a balance, and I am looking for some input as to things we need to be aware of as we consider this in any potential legislation. Mr. Wolf. Sure, happy to. With respect to the first topic that you asked Mr. Lewis about, the answer, frankly, is resources and aggressive use of intelligence resources to be able to do the deep digging and the deep dives into transactions. That was a critical part of every CFIUS case that we reviewed. It is what was behind the fund, what was behind the company, who were the parties behind it. And that is not always obvious. And that is just a pure function of manpower and attention and will to do the deep dive. And that is critical to the outcome. With respect to working with the military, the technical experts at the Defense Department were a critical part of the CFIUS and the export control process in terms of identifying the types of technology that were of concern. With respect to your concern about investment around the world, that is why working with our allies in the multilateral export control regimes is key, because the U.S. is not the only target for the very anxieties that you raised. And the existing export control system is precisely defined to do that. With respect to the topics at issue, it goes back to my main point. It requires the resources, the manpower, and the will to focus not just on technologies of yesterday or what is being used now, but creative thinking on all the topics that you just listed to see if there is a way in which to identify the sweet spot of that part of the technology that is of concern without otherwise trying to interfere or get in the way of commercial development. Senator Perdue. Thank you. Thank you, Mr. Chairman. Chairman Crapo. Senator Van Hollen. Senator Van Hollen. Thank you, Mr. Chairman. And I thank all of you for your testimony here this morning. I was recently on a bipartisan codel to China, Japan, and South Korea, really focused on the North Korea situation. But while we were in China, we heard from a number of American businesses complaining a lot about the lack of reciprocity generally, especially with respect to Chinese curbs that bar American financial companies access, and that has been referenced here this morning. And while I agree that CFIUS is not the tool we use to respond to reciprocity issues, I do think it is important that we continue to push China really hard on that front. Let me ask you, Mr. Lewis, you talked about how China--and, look, we all agree that, overall, foreign direct investment has benefited the United States, but we want to make sure that it does not hurt us in our strategic interests, especially national security. The question is how we may broaden that to look at some key national economic security issues. You mentioned China buying up small firms in the Silicon Valley area, and my question for all of you is: When you have one big purchase, you know, you may very clearly be able to decide this is going to have an impact on national security or not. But do we have the tools to look at sort of a pattern of a purchase and say, hey, this one in and of itself, this purchase may not trigger a national security problem. But China has the ability, you know, it is not like a bunch of free market companies that are out there purchasing. They have got a strategy, you know, driven by the Government. Do we have the capacity to say, OK, this one by itself may not be so bad but, you know, if you go down the line, one, two, three, four, then you are talking about a serious national security issue? Mr. Lewis. I will start. Thank you, Senator. That is a great question. One thing that has been touched on a couple times in all of our remarks so far and in the questions is the question of intelligence support for CFIUS. And to the extent this can be discussed in an open hearing, it would be beneficial if there were additional resources given to the National Intelligence Council. The U.S. relies on two sources of intelligence to track both money laundering and the kind of activities you are talking about: human intelligence, which faces grave problems in China, as you know; and signals intelligence, which also is pressed considerably by the Chinese. So we need to think of how to make resources and collection priorities evolve to reflect these kind of economic problems you have raised. We do not have the ability yet to adequately track these larger patterns, so CFIUS tends to be a transactional focus, and it would be beneficial if the NIC or some other body had the ability, the wherewithal to supply things on long-term trends in semiconductors, artificial intelligence, cloud computing, hypersonic strikes. There is a whole range of things, so, yes, better intelligence support, better tracking trends would be valuable. Senator Van Hollen. All right. I would be interested in any other comments, but also I would like to throw in there the greenfields issue. I take it from your testimony, Mr. Lewis, that you think we should expand the jurisdiction, the authorities here to include greenfields. Is that right? Mr. Lewis. Yes. Senator Van Hollen. And as the others answer that earlier question, if you could also respond to that issue. Mr. Wolf. Sure. The issue with respect to trends was very important to me when I was in the Government, and the first direct answer that is not really a CFIUS issue is just a straight up law enforcement effort. If there are a particular series of individual acquisitions that are all on their face benign but in the aggregate are used for an ulterior motive such as creating front companies in order to hide the ultimate objective, then using the existing domestic law enforcement tools of getting to that motive and pursuing intellectual property theft, espionage under existing statutes is absolutely critical. And that can be done without CFIUS. Within the CFIUS process, it is important that in the intelligence estimate that is provided with respect to an intelligence--or with respect to a particular case, an answer given as to whether this is an individual transaction or part of a trend or pattern, and that is absolutely something that we reviewed, and I would want to make sure that the authority exists to be able to block or deny or mitigate a case if the information exists that this is only one part of a whole. So your question and your concern about the trend is absolutely valid and something that we spent a significant amount of time looking into. Mr. Lowery. The only thing I was going to add is that the trend is something that CFIUS does look at. In fact, actually in their annual report to Congress, CFIUS actually does try to point out here is where a number of transactions have actually happened, and we are now concerned that a specific country--and it would be a classified report, so Congress could see it; I could not see it--is able--is going after a certain technology. So this is done with CFIUS, but it is usually--Treasury leads the effort, but really it is the intelligence community and the Commerce Department that does a lot of the heavy work, as well as the Treasury Department. So there is a way of trying to get at that through CFIUS, though I think Mr. Lewis makes a good point about there are other things that need to go beyond that. Senator Van Hollen. Thank you. I look forward to following up with all of you. Thank you, Mr. Chairman. Chairman Crapo. Thank you. Senator Rounds. Senator Rounds. Thank you, Mr. Chairman. This has been an interesting discussion, and it leads me back into another responsibility. We all have multiple committees up here. I serve on the Armed Services Committee, and as such, I also serve as Chair of the Subcommittee on Cybersecurity. One of my concerns about the increased foreign investment in the United States is what kind of electronic and cyber-vulnerabilities that increased foreign investment poses for our country. For example, there is already significant concern in Congress and the Administration that countries like China are acquiring intellectual property from American companies. I am concerned that foreign investment in our country would give potentially malicious actors a back door into the United States and leave us perhaps more vulnerable to IP theft or cyberattack. My question for you is: Can you discuss the nexus between cybersecurity and foreign direct investment? And is the CFIUS review process robust enough to account for vulnerabilities in this area? Or is it simply one part of a chain, and how does it fit into that chain with other investigations as well? Mr. Lewis. Mr. Lewis. Thank you, Senator. That is a major concern, so I am glad you raised it. Let me just talk about the potential risk to cybersecurity. You have supply chain risk, which is that the components or the software that goes into critical infrastructure defense products may be contaminated at the source, creating cyber-risk for the U.S., military risk. This is no longer a hypothetical concern, so there have been some incidents. You have a critical infrastructure risk that the CFIUS Committee has been good at blocking acquisitions of critical infrastructure or in mitigating potential risk. So when you think about, say, Alcatel-Lucent, the conditions that the Committee imposed were sufficient to mitigate the risk. And following up on these mitigation agreements is an important part--an important improvement I have seen in the last few years with CFIUS. You have real estate concerns. That always sounds funny, but we know about the potential of the wind farm to be next to a Navy research facility. You have to think about real estate now. Ten years ago, real estate was not on the CFIUS agenda. And, finally, a new one is data. The access to huge swaths of Americans' personal data by a foreign competitor could create intelligence risk. So I think there is a whole area where we need to think about how an acquisition will affect or increase the risk to cybersecurity. Senator Rounds. Any other thoughts, gentlemen? Mr. Wolf. Those are excellent points. Just to emphasize a significant number of the cases that we have reviewed over the years involved situations where the U.S. Government or its contractors or suppliers were consumers of critical infrastructure, telecommunications equipment, computers, et cetera. And to the extent that there was a possibility of foreign control over the content of the components or malicious software being installed surreptitiously, that was factored into our decision to either propose a block or aggressive mitigation, such as a requirement to spin off the U.S. side of the business for a certain number of years so that the U.S. Government, Defense and other departments, could find other alternative sources of supplies that were domestic. So that is a critical part of the CFIUS review. The other part of it, frankly, with or without an individual transaction, is the regular cybersecurity work that the Government and its contractors do in terms of knowing who their suppliers are of their components and what the source of the information is that they are receiving. And that is in addition and separate to CFIUS, and, again, unrelated to particular transactions. But it was one of the most significant, most discussed, most critical elements of the cases that we saw in the last several years. It is a key point. Mr. Lowery. The only thing I would add, just as Mr. Wolf and Mr. Lewis said, CFIUS has done this part extremely well, is my view. But some of the aspects go beyond CFIUS, and that is where there are other tools within the Government that we try to work on, but remember, CFIUS has on its Committee the Defense Department, Homeland Security, Justice Department, the intelligence services across the Government, which include the FBI, the CIA, the DIA, the Treasury Department's intelligence services. So all of these folks are working together to try to see whether or not there is an actual risk because of a purchase of a U.S. business. Senator Rounds. Do you find that the focus, which right now is on the entity itself that may very well want to make a purchase within the United States, is there adequate focus also on the product itself or the different products, whether it be data, whether it be a specific product that is vital within another part of the chain? Do we have the ability right now and are we focused enough on both--not just the entity itself but the different products that may very well be the issue of concern? Mr. Lowery. My view is that is what CFIUS is at least attempting to do the whole time, and I think that they have done pretty well. So they look at the threat, which is the entity that is purchasing. They look at the vulnerability, the product that they are actually purchasing. What is that asset? Does it have any nexus to national security or not? And then trying to figure out is it OK for those two things, the threat and the vulnerability, to come together? Or do you need to mitigate it or do you need to block it? That is what CFIUS is trying to do the whole time. Senator Rounds. Yes, sir? Mr. Lewis. Thank you. The two agencies that provide the support to CFIUS in this regard are both the intelligence community and DOD. So we really rely on them to be able to say when a particular technology or product creates cybersecurity risk or any other kind of risk. Senator Rounds. Thank you. My time has expired. Thank you, Mr. Chairman. Chairman Crapo. Thank you. Senator Warren. Senator Warren. Thank you, Mr. Chairman. And thank you to our witnesses for being here today. CFIUS, the Committee on Foreign Investment in the United States, is responsible for reviewing the acquisitions by foreign companies to ensure that they do not threaten U.S. national security. And, unfortunately, this applies only to certain transactions, and our adversaries know that. So according to news reports, an internal Pentagon report issued last year found that China was making significant targeted investments in cutting-edge American startups with expertise in areas like autonomous vehicles, artificial intelligence, robotics. These types of investments provide access to potentially sensitive technology, but they do not trigger CFIUS review. The Pentagon is worried--and I think they should be worried--about this. In June, Secretary Mattis told the Armed Services Committee he thought CFIUS ``needs to be updated to deal with today's situation.'' So I wanted to start by asking you, Mr. Wolf, are you concerned about the national security impacts of these early stage investments in sensitive technology? Mr. Wolf. Yes, I am, and that is why I would put a particular emphasis on identifying what the technologies of concern are, and in addition to the CFIUS authorities, making sure that they are adequately described within the existing export control system. Senator Warren. Actually, can you just say a bit more about what you would do by way of response? Can you expand on that a little bit? Mr. Wolf. Absolutely. So instead of waiting for a transaction to occur, however it is defined, whether it is a joint venture or a covered transaction or a greenfield investment, the Department of Defense, working with its colleagues in State, Energy, and Commerce, should identify the key sweet spot of those types of technologies that you described that are of national security concern and make sure that our existing export control rules govern them and, to the extent possible, work with our allies so that their regulations control the same types of technologies. That magnifies the benefit of the effort. Senator Warren. Actually, that is very helpful. You know, as you know, a lot of today's technologies look very different from what the world looked like back when we built CFIUS originally. And the defense technologies of tomorrow are going to look even more different. So we need an approach to it that keeps changing, iterating over time. And I think that means it is time to expand CFIUS's mandate. But before we do that, we are going to need to deal with the fact that CFIUS has serious staffing and resource problems already. In recent years the number of cases coming before the Committee has skyrocketed. Both current and former Government officials have argued that CFIUS must be strengthened, but so far the opposite seems to be happening. President Trump has failed to appoint certain key positions in the CFIUS process, including the Director of the Office of Science and Technology Policy, which is kind of important here. And the President's budget proposes significant cuts at some of the CFIUS agencies, including a 16-percent cut to the Commerce Department and a 32- percent cut to the State Department. So could I ask, what impact do budget cuts have on the positions at non-DOD CFIUS agencies? What impact will this have on the work of the Committee? Mr. Wolf. It is potentially devastating. It is all a function of resources and manpower and attention spent to complex situations, complex technologies, and difficult transactions. And you need lots of people or you need more people than are there now in order to address all the issues that you identified. Senator Warren. Well, thank you. I think this is urgent. It is about national security. We do not want to wake up one day and discover that our adversaries have components of our national security technology because Congress and the Administration were asleep at the switch on this. We need to modernize this process, but we also need to make sure it is fully staffed. Mr. Wolf. I agree. Senator Warren. Thank you, Mr. Chairman. Chairman Crapo. Thank you. Senator Kennedy. Senator Kennedy. Thank you, Mr. Chairman. Tell me, gentlemen, what triggers CFIUS review? Mr. Lowery. So CFIUS is technically a voluntary process, so if you are in an M&A transaction and it is in the national security realm and that realm is not defined, but there are a number of factors in the law that suggest what those national security issues are. So M&A transactions are voluntarily filing transactions. That is how you trigger a review. It is important to note that if the Government or CFIUS sees that a transaction has not been filed, they do have the power to compel a filing, if need be. Senator Kennedy. What should trigger a review? How would you change it? Mr. Lowery. The only way I would change it--so I think that that actually is a good approach, because there are lots of transactions that happen--in fact, the bulk of the cross-border mergers and acquisitions that happen are in areas that have nothing to do with national security, and so we should not be doing national security reviews of them because we just waste resources by doing that. But I think that it should be explored at least. One idea is--so right now CFIUS does high, high scrutiny of State-owned companies when they make a purchase in the United States. I think that it might be worthwhile at least exploring the idea of should those filings be mandatory as opposed to voluntary. And then you could through the regulatory process try to narrow that scope down because there could be State-owned cases or State-controlled entities that buy something, again, that has nothing to do with national security. So I think that is worth something to explore. That is right now not in legislation, so you would have to change the legislation for that. Mr. Wolf. One additional idea would be with respect to acquisitions or any kind of an arrangement next to a sensitive facility. Right now, the colocation issue that I described only gets triggered if it is a covered transaction as defined in the legislation. And I do not have an exact answer for you, but to the extent that there is a joint venture or a greenfield investment or any other kind of investment near a facility, there should be a Federal way in which to limit the access, proximity next to a sensitive facility by a foreign entity. Mr. Lewis. And perhaps a final point is that Wall Street and the investment community knows in much greater detail the transactions that are underway or being contemplated, and particularly if it is a publicly traded transaction, we might have a publicly traded company, we will get some regulatory insight. But if it is not publicly traded, we may miss it. So finding ways to better take advantage of the knowledge on Wall Street and to look for private deals would be helpful. Senator Kennedy. Well, what if it is not a merger and acquisition? I think this is Senator Warren's point. Let us suppose you have a startup developing a pharmaceutical drug, and someone in China wants to put in $20 million for Phase I trials. Is that something we ought to look at? Mr. Wolf. Well, in general, that type of investment should be welcome, and we want to make sure that the U.S. remains welcoming to that. And the key goes back to the points that I was raising earlier, which is: Is there something about that investment that creates a national security issues or is it an economic issue better left to bilateral deals or trade remedies outside of CFIUS? So in that type of fact pattern, I would think about it, not waiting for a transaction, however you define it, whether covered or joint venture or just a flow of money, but identifying the information that is of concern and trying to address the information in any setting. Senator Kennedy. But how do you know? Let us suppose the pharmaceutical drug is a vaccine for HIV, and it appears to work, so the Chinese just keep pouring money into it, and they get control of the company, and they take it back home, and they keep the vaccine and say, ``We are not going to share it with America.'' Mr. Wolf. Then that becomes economic and other issues. Then it really is a function of what our intelligence agencies can tell us about the intentions of the parties engaged in particular transactions. Senator Kennedy. They are not clairvoyant, though. They cannot tell the future. Mr. Wolf. No, they cannot. And we can do what we can do, but there are a lot of very clever people who can think aggressively and prospectively about the types of technologies that, if cutoff or no longer able to be developed in the U.S., would create national security threats. And that should be the emphasis of the thinking. Senator Kennedy. Let me ask one other question quickly, gentlemen, and any of you can jump in. When, if ever, should CFIUS be used as a sword with respect to reciprocity? I do not mean to pick on the Chinese. They are not the only ones. But they are beating our brains out. They are stealing all our technology. It is a condition of doing business there. Mr. Lowery. So my own view on--should CFIUS be used as a reciprocity tool? My own view is no, and I have a few reasons for this. One is that if there is an investment that makes sense that is coming into this country, but American firms would not be allowed to invest in China, why should we penalize the company that is receiving that investment, when it is not a national security issue whatsoever, just because maybe some of their competitors could not go out and buy something in China? I think that, in essence, we would be importing the policies of another country--China--as opposed to using our own--the policies of what we want in this country, and the policies that we want in this country are to welcome foreign investment. So I do not think that CFIUS is the way to get at reciprocity. I think there are trade tools that we can be using, and that is a much better way of approaching the problem. Mr. Lewis. I disagree with that a little bit. I think we need a comprehensive strategy for approaching China on these trade issues. They have gotten away with things for decades, and you need to approach them thinking about CFIUS, foreign investment, export controls, trade provisions. You have to have the full package. And as a negotiator, you may not want to take anything off the table until you see if it is worth doing. So go in with the whole deck. See what they offer you. Senator Kennedy. Gentlemen, I am out of time. Thank you. Senator Scott [presiding]. Senator Donnelly. Senator Donnelly. Thank you. And thanks to all of the witnesses. My home State of Indiana is home to a big portion of the American steel industry, and it is an integral part of our national defense manufacturing base. Increased levels of foreign steel imports, particularly from China, and a lot of it is with dumping, illegal Government subsidies, it has weakened our domestic steel industry, and it has provided foreign companies greater access to our markets. So this is to all of you. When you review transactions, does CFIUS consider foreign industrial policy that weakens U.S. industries vital to defense manufacturing and critical infrastructure? Mr. Lowery. So CFIUS would look at--if an investment, not an export but an investment into a company in Indiana or any company was actually harming maybe the supply chain for the Defense Department on steel or could potentially--by getting access to specific technology, could actually harm the United States' national interest, that is what CFIUS would look at. CFIUS would not look at whether or not a country is dumping. That is something that would be done through trade remedies. Mr. Wolf. He said it very well. Senator Donnelly. OK. Let me ask you this: Are there U.S. industries important to our national defense or critical infrastructure that have been particularly challenged by aggressive foreign trade policies? As you look at the national defense area, obviously one of concern is steel. What are other ones? And what do you see as the biggest challenges they face? I know that is a little bit to the side of what we are doing right now. Mr. Wolf. Sure. Within the CFIUS context, the evidence shows based on public filings of cases during the Obama administration and now that the semiconductor industry is obviously the hottest topic with respect to the issue that you raised. To the extent that it is a trade remedy issue, that is not the role nor does CFIUS have competence or expertise to be able to focus on that. It is focused just on the national security implications. But, you know, by the evidence, that plus issues involving foundational technologies for aerospace have been hot topics, absolutely. Mr. Lewis. Generally, anything that you could label as high tech is a concern, and so avionics, not only semiconductors but the broad information technology industry, including robotics and artificial intelligence, these are all places where we have seen efforts by China and a few others to acquire U.S. know-how in companies in ways that would harm our national security. Senator Donnelly. Currently, CFIUS reviews foreign direct investment transactions for national security implications. Do you believe CFIUS or a process modeled off it should also review the economic considerations of foreign investments to see that the American economy actually benefits in any way, shape, or form from the transaction? Mr. Lowery. So I think that there is a portion of that that CFIUS does, but not a big portion, and that is basically if there is a mitigation agreement--the Department of Labor actually sits as an ex officio member of CFIUS to make sure that labor issues are looked at carefully. But in terms of do I think that CFIUS should expand its mandate to go beyond national security to kind of an economic benefits test, a benefits-cost test, I do not. But that is because I think that we are welcoming foreign investment and we have to be very careful about how much we are dictating to companies about how they handle things. As long as they treat their employees well and follow the laws of the land, then that is not something I think CFIUS should be looking at. Mr. Wolf. I agree. I believe that CFIUS should continue to be narrowly focused on national security implications. The implications of expanding its scope to pure economic considerations runs the risk of politicization and overall harming the U.S. as a destination for foreign direct investment. To the extent that there are economic harms with respect to investment, there is an entire body of law dealing with trade remedies that is much more tailored, much more specific, much more robust to address that. CFIUS does not have the history, the expertise, the personalities to be able to address it, even if the authority were to expand. Mr. Lewis. The dilemma of what you have raised is a serious problem, and so we do need to address it. But CFIUS may not be the right tool. There are other tools that we either have or that we need to deal with this because it is something that increasingly is affecting the American working population. Senator Donnelly. You talked a little bit about the stretches on the CFIUS tool as it is, as the volume increases and complexity of transactions continues to increase. What additional resources, if any, such as personnel and information-sharing technology do you think CFIUS needs to process a higher volume of transactions and to be able to make sure they are covering what they need to do? Mr. Wolf. A significant number of more people involved in handling the mitigation agreements. After a deal is reached, often there is a condition of the sale that requires a lot of manpower, a lot of oversight. They last for a very long time, and there are more every day. And so the number of people that need to be focusing on that needs to be substantially higher. Similarly, the number of people who spend their days reviewing transactions, public and otherwise, to see if any of them warrant being pulled before CFIUS for consideration, that is a straight up issue of manpower and resources in reviewing data. Those are the two biggest resource constraints right now. Mr. Lowery. I would only add one, which is--I agree totally, but it is important to get some of our political officials confirmed, and the reason is because--look, the CFIUS people doing their analysis do an excellent job. But they are civil servants. These transactions by nature involve a lot of risk. There is risk. And so taking that risk is something that Senate-confirmed people are paid to do, to be frank. They are the ones that have to come in front of this Committee and answer to what decisions are made. It is much harder for the civil servants, who are doing an excellent job, to do that, and so sometimes having the resources to do mitigation agreements so that you can actually welcome that foreign investment and protect national security, but you then also need some of your political appointees who can provide air cover and make the tough calls. Mr. Lewis. One agency we have not mentioned yet--and we have mentioned a lot--is the Defense---- Senator Donnelly. Mr. Lewis, I apologize. I am out of time. Mr. Lewis. Just let me say DSS, they are the ones who do the mitigation agreements. Give them a little more help. Senator Donnelly. OK. Thank you. Thank you, Mr. Chairman. Chairman Crapo [presiding]. Thank you, Senator Donnelly. Senator Donnelly. See, I was doing your work for you there. Chairman Crapo. I appreciate it. Senator Scott. Senator Scott. Thank you very much. Thank you to the panel for being here this morning as well. There is no question that South Carolina benefits from FDI. In the past 5 years, our State's economic activity based on FDI has increased by 30 percent. Over 130,000 South Carolinians are employed as a result of global investment. That said, it is clear to me that bad actors are taking advantage of our system of trade. Senator Cornyn and others have pointed to gaps in CFIUS around the purchase of foundational technologies of AI and biotech. These gaps have allowed the Chinese to strategically invest in key sectors of our economy while stealing our intellectual property and eroding our military superiority. I will ask the panel and start with Mr. Lewis: What techniques are the Chinese using to circumvent CFIUS? The second question is: How can Congress fill these gaps in our protections? Mr. Lewis. So I think we have talked a lot about the greenfield problem, which is that--this has come up a couple times. Our regulations are post facto. So if you have not invented the technology, it is not going to be caught. And so how do we deal with that? And the Chinese are looking to buy brains, right? And it is very hard to control brains, especially if they are in the country. So we need to think about how we track, monitor, and occasionally--not always but occasionally, because of the benefits you cited, occasionally block transactions where China is making bets in the future technologies. Mr. Wolf. On the intellectual property theft issue, that is much more of a law enforcement issue and attention and resources of the Justice Department to investigating whether it is a sensitive technology or otherwise that is being stolen or exfiltrated. So CFIUS may not be the best tool because if there is going to be IP theft, there is going to be IP theft with or without a transaction, however you define it, so focus the resources on the theft of the technology in the traditional way, and that would be my suggestion for an emphasis on that question. Senator Scott. Anything to add? Mr. Lowery. The only thing I was going to add is that if the technology is in an area that is concerning potentially for export controls, that is when some of Mr. Wolf's comments from earlier come into play, I think, where looking through what powers and abilities through the flexibilities of our export control laws as opposed to CFIUS, which is there to--if there is an investment actually in a company or in a business that actually gets some of those assets that could be a national security concern, that is when CFIUS should play its role. Senator Scott. Thank you. Considering the topic of today's discussion, I want to point something out that I think is very important. A majority of Chinese deals make it through our approval process. Yet American companies are not given that same courtesy in China. In fact, China dramatically restricts our financial services sector's presence in its country. That does not seem fair to me, because it is not. That is not a level playing field that our President is advocating on behalf of. I was joined by Chairman Crapo--thank you very much--and 14 other Senators in asking the Administration to focus its efforts on the lack of reciprocity. Mr. Lowery, can you discuss the hurdles that American financial services firms face in China? Mr. Lowery. Yes, this is something I had to work on when I was in Government. So it has been a problem for a while. I was glad to see the letter from the 14 Senators. I wish it was 100 Senators, because I think that it is a problem, which is that U.S. firms cannot actually--there are equity caps in insurance companies, there are equity caps for investment banks, there are equity caps for banks. The way that we have made progress on that in the past has usually been through dialogue, and so I recall back in 2006, 2007, we were running into a lot of problems. Through a dialogue that Secretary of the Treasury Paulson set up at the time, we were able to make progress--not as much as we should have. Under the Obama administration, they also had a dialogue which also made even further progress on getting these equity caps raised. I think that that is something that the Trump administration should work on, my guess is they are probably starting to work on. But I think that that is a way to get at it. But your point is exactly right. There is a problem when in an area such as financial services where it makes very little sense for them to have equity caps that China still has those. But I think that through the force of our will and diplomacy, that is the best way to get at that problem. Senator Scott. Thank you very much, Mr. Chairman. Chairman Crapo. Thank you. Senator Tillis. Senator Tillis. Thank you, Mr. Chairman. Gentlemen, thank you for being here. China, I think, constitutes about 1.6 percent of our total inward foreign direct investment, so relatively small scale. A lot of what we are talking about here are things that they have done that are really outside of this that need to be dealt with, and I think probably dealt with in a way that is perhaps outside of CFIUS. One thing, Mr. Wolf and Mr. Lowery, you both have said is that trying to keep the scope tight--I could be concerned with CFIUS scope creep moving into other areas that we probably should consider, but not necessarily within the lanes of CFIUS. Mr. Lewis, I want to talk about one of those. As China's economy emerges and as it matures and as they try to build infrastructure for things that are not related to national defense--you know, pick an area, health care, insurance, whatever--they are likely to look at Nations that have mature platforms, the technology platforms that they would like to use to accelerate, you know, really actually rounding out an economy that is still growing. And if they do that, if they are to acquire somebody--you made me think about this because of a comment you made about maybe an acquisition would involve a company that has a significant amount of data on U.S. citizens, say health care information. How do we strike the balance between allowing that investment to occur, which may be needed by a technology provider that is in a mature market, to let them leverage their technology for purposes that are purely, you know, in this case let us say for the Chinese population, how do you do that in a way that does not create an impediment for companies that have data that we clearly want to protect but not necessarily disadvantage them as having a large platform and growth opportunity in a country like China? Mr. Lewis. Thank you. Great question. China has gotten sort of a pass on the trade rules ever since they joined the WTO, and their argument was, ``Well, you know, we are small and we are growing and we are poor, so it should not apply to us.'' And that just does not work anymore. So part of it is we need to think about how do we get China to live up to its commitments under international trade. I am optimistic that they can do that. This Administration appears to be making an effort. That is good. But it will take a long time because they get so much benefit out of it. In the near term and on specific cases, I think this is one of the strengths of the CFIUS process, is the ability to impose mitigation agreements on the acquirer that limit the risk, and those have been relatively successful. There is this issue of tracking them afterwards, and that is where---- Senator Tillis. On that, I have one other question I want to direct specifically toward CFIUS. But I think that so much of what we need to do to get China to a good place in behavior is probably not something that would come through CFIUS but would come through trade agreements, a number of other devices that we can use to actually incent them to exhibit good behavior. Now, with respect to CFIUS, I have had this discussion in Senate Armed Services on cyber. You know, what we seem to be focused on are the--you know, it is an artificial intelligence application, maybe it is next-generation communications technology, biotech. But what about the risk of focusing on those big rocks and missing some of the little rocks that if China had significant investment in could be disruptive? I always use the example of if I were trying to think about a way to disrupt the U.S. economy or the DOD, the DOD would be the last place I would attack. It would be their supply chain. And it would be to the most vulnerable part of their supply chain, and I am talking about a cyberthreat. Well, similarly, I would make investments in companies that could ultimately be disrupted. We think about the end product. I think about the supply chain that gets to that end product. So to what extent does CFIUS take into account maybe seemingly innocuous minor investments in companies and technologies that ultimately play a very important role in that supply chain link to these other highly important technologies that we focus on? Mr. Lowery. I think that the answer is that is exactly what CFIUS is trying to look at, so---- Senator Tillis. How well do you think we are doing it for the fully supply chain? Mr. Lowery. I think that CFIUS does a very good job of looking at companies that are part of the supply chain. The reason is because the Defense Department, some of the officials there--not just the Defense Department. It could be Homeland Security or the Justice Department. They know kind of where the supply chain exists, because actually some of the people that work on CFIUS are some of their procurement experts. And so they actually look at the supply chain and think--there are transactions that I know CFIUS has looked at which were tiny transactions, and no one would--they would never make it into the newspapers. But CFIUS actually goes out and says, ``We need to look at that because that is a small part of our supply.'' And that is something that--if it is a purchaser that is a threat to our national security, that may make it--either block it, get it to abandon the transaction, or as Mr. Lewis said, come up with a mitigation agreement so that you might wall them off from certain parts of that technology. Senator Tillis. And, Mr. Chair, since I am the last one, I want to ask just one more question, if I may. To what extent does CFIUS--let us say that, again, with China only being 1.6 percent of the internal FDI right now, but they have great relationships and growing relationships with many of our allies that constitute a significant portion of that. To what extent is CFIUS instructive by the nature of the relationships that China has with other--let us say a company domiciled in Australia that is making a significant investment in a technology that would be subject to immediately flag if it comes from China? Is that all instructive to the CFIUS process. Mr. Wolf. It is, and it should be more so. One of the changes I would recommend considering that we often discussed is sometimes we were limited in our ability because of either classified information or proprietary information issues from sharing concerns we had with allies and getting information from them with respect to similar concerns by similar investments in their countries. And a serious topic, I would think, for legislative consideration would be expanding the ability of CFIUS to share information, both commercial as well as intelligence, with allies for exactly the purpose that you just described. Mr. Lewis. That is an important area for reinforcement because when you look now at our NATO allies, at Australia, at Japan, they are all concerned about Chinese investment. They are all looking to the U.S. to provide them at least an example on how to regulate it, and CFIUS is an example. And they are looking for the kind of information and intelligence support that Mr. Wolf was discussing. Senator Tillis. Thank you all. Thank you, Mr. Chair. Chairman Crapo. Thank you, and, Senator Tillis, I will take one more question also. This will be the final question, and it is for the whole panel, if you have a response to it. In your opinion, are there any instances where a gap in CFIUS authority either could have or did result in a threat to U.S. national security? And if so, please discuss the CFIUS shortcomings that led to such a breach. Mr. Lewis. So I believe the thing that we would all want to look at is the Defense Department report that talked about--and I hate to say it over and over again--greenfield investments in Silicon Valley, looking at advanced information technologies for robotics and artificial intelligence. The Chinese have been able to acquire technology in a way that circumvented the process. Mr. Wolf. So in my 7 years, I am confident that there were no unresolved national security risks with any case that we addressed. I would go back to the point I made earlier about activities outside of CFIUS authority with respect to colocation near sensitive military facilities. And I do not have visibility into that, but it would be something worthy of further analysis along the lines of your question. Chairman Crapo. Thank you. Mr. Lowery. Mr. Lowery. I am unaware of anything, any problem that has existed. I think the DIUx report does some excellent analysis. I think that some of their policy conclusions need more work. Chairman Crapo. All right. Thank you. And, again, let me thank each of you for your written testimony and for being here and responding to the Senators today. This is a very critical issue, and there is a significant amount of interest and activity here on the Committee and outside the Committee here in Congress, and we intend to explore it, and we want to get it right. So we appreciate your help. Thank you for being here today. This Committee is adjourned. I should have said for the record that questions from Senators may come to you, and we urge you to respond to them promptly, and the Senators have until the 21st to submit those questions. [Whereupon, at 11:28 a.m., the hearing was adjourned.] [Prepared statements, responses to written questions, and additional material supplied for the record follow:] PREPARED STATEMENT OF CLAY LOWERY Managing Director, Rock Creek Global Advisors, and Former Assistant Secretary for International Affairs, Department of the Treasury September 14, 2017 Chairman Crapo, Ranking Member Brown, and Members of the Committee, I would like thank you for the opportunity to testify on Examining the Committee on Foreign Investment in the United States (CFIUS). My name is Clay Lowery and I am currently Managing Director of Rock Creek Global Advisors, a consulting firm that advises clients on international economic and financial policy matters. My testimony should be considered my own views alone. I served in the U.S. Government from 1994 to 2009, principally with the Treasury Department, although I also had a stint at the National Security Council. From 2005 to 2009, I served as the Assistant Secretary of International Affairs for the Treasury Department, and one of my primary responsibilities was overseeing CFIUS during the last time substantial CFIUS reform occurred. I am pleased to be testifying alongside Kevin Wolf and Jim Lewis, both of whom I respect and of whose views and expertise I think highly. In my testimony, I will discuss briefly (i) the nature of CFIUS and its process, (ii) its performance, and (iii) some thoughts on CFIUS reform. CFIUS plays a critical role in protecting U.S. national security. I recognize there are gaps in the current system that must be addressed, but I would also counsel that CFIUS's objective is to protect legitimate national security interests while promoting foreign investment, and thus CFIUS should not be used as an economic, protectionist, or overly broad tool. The most important aspect of CFIUS is to understand what it is trying to achieve: ensure national security while promoting foreign investment. These words come directly from the legislation that created CFIUS and has guided it for the last 30 years. When experts raise concerns about national security issues that may have recently become more prominent and recommend that the best--and sometimes only--tool to address those concerns is CFIUS, my view is to evaluate those recommendations against what CFIUS was designed to achieve. Roughly 7 million American workers, or about 6 percent of total U.S. private-sector workers, are employed directly through foreign direct investment (FDI). These jobs are higher paying: providing average compensation per worker 24 percent higher than U.S. private- sector wages. These jobs are disproportionally in the manufacturing sector: 20 percent of all manufacturing employment is due to FDI. And, according to a recent Reuters analysis--two-thirds of the manufacturing jobs created from 2010 to 2014 can be attributed to foreign direct investment. In short, FDI is in the national interest of the United States. However, we should not be complacent. While the U.S. remains the largest destination for FDI, our share of attracting such investment has fallen about 40 percent in the past 16 years. \1\ --------------------------------------------------------------------------- \1\ United Nations Conference on Trade and Development (UNCTAD) World Investment Report 2017. --------------------------------------------------------------------------- Last, I want to note how this could be used against U.S. companies overseas. The United States has always been the leader in defining ``national security'' in a reasonable and fair way. I would remind the Committee that any actions we take are likely to be copied and used by other countries, potentially to the detriment of U.S. interests abroad. CFIUS Evolution CFIUS is an interagency committee established by Executive Order in 1975 with the Secretary of the Treasury as its chair. Its central purpose at that time was to monitor foreign direct investment in the United States. In 1988, driven by concerns regarding growing Japanese investment in the United States, Congress enacted the Exon-Florio amendment that expanded these powers significantly, including (i) giving CFIUS the responsibility to investigate foreign acquisitions of companies engaged in business in the United States, and (ii) providing the President the ability to suspend or prohibit a covered transaction that, in the President's judgment, threatens the national security and existing laws are not adequate or appropriate to address the threat. \2\ In 2007, following concerns that had been raised over a Middle Eastern investment in U.S. port facilities, Congress amended and further strengthened CFIUS through the Foreign Investment and National Security Act (FINSA). --------------------------------------------------------------------------- \2\ To be precise, the President delegated the investigative functions to CFIUS by Executive Order. --------------------------------------------------------------------------- A new Executive Order directing CFIUS followed in early 2008 and new regulations implementing FINSA were issued later that year. The key reforms resulting from those efforts include:Increasing accountability in the executive branch as Senate-confirmed officials now must certify that CFIUS has completed its work on each transaction; Broadening the factors that CFIUS may consider in terms of investigating cross-border M&A transactions, particularly in areas such as critical technology, energy, and critical infrastructure; Raising the certification bar for cases in which the acquirer is a State-controlled entity; Increasing CFIUS interaction with Congress; Providing for a more formal role for the intelligence community; and Clarifying CFIUS criteria for evaluating whether an acquirer is obtaining control of a U.S. business. CFIUS Process CFIUS is chaired by Treasury and is comprised of the Departments of Commerce, Defense, Energy, Homeland Security, Justice, and State as well as the Office of the U.S. Trade Representative and the Office of Science and Technology Policy. In addition, the Intelligence Community under the leadership of the DNI and the Department of Labor serve as nonvoting members of CFIUS. \3\ --------------------------------------------------------------------------- \3\ Several offices in the Executive Office of the President also serve as observers of CFIUS. --------------------------------------------------------------------------- Parties submit their transactions to CFIUS for review on a voluntary basis, although CFIUS has the authority to compel a filing if necessary. The statute prescribes strict timelines for CFIUS's review, but parties are encouraged to pre-file with CFIUS to provide the Government with an opportunity to begin its analysis before the ``clock starts ticking.'' CFIUS officials are obligated by law, and subject to the possibility of criminal or civil penalties, not to disclose information regarding transactions. The rationale behind this rule is to protect both proprietary and intelligence information. Once a transaction has been filed, CFIUS first determines whether it has jurisdiction to review the transaction--that is, does it involve foreign control of a U.S. business in interstate commerce--and, if it does, CFIUS then undertakes a three-part evaluation: 1. Does the acquirer pose a threat to national security? This analysis is led by the Intelligence Community. 2. Is national security made more vulnerable by virtue of the acquisition of the U.S. assets? This analysis tends to be driven by the CFIUS agency with applicable subject-matter expertise. 3. Do the consequences of permitting the threat and vulnerabilities to be combined through a specific transaction risk impairing national security? CFIUS investigates these questions in the first 30 days after it accepts the filing. If at the end of those 30 days, CFIUS is not satisfied or in most transactions where the acquirer is State- controlled, then CFIUS will undertake a second-stage investigation that lasts up to an additional 45 days. The process, the timelines, the composition of CFIUS, the protection of information, and the reforms of 2007/08 have all been designed by Congress and respective Administrations to protect national security and to do so in the context of maintaining the United States' long-standing policy openness to investment. In addition, knowing that some transactions may raise national security issues, Congress has expressly authorized CFIUS to enter into mitigation agreements with the transaction parties to address those concerns. There are many different types of methods of mitigating a transaction. Examples include establishing special security procedures at facilities that can be verified by the Government, implementing certain passivity mechanisms, or even forcing a company to divest specific assets. In short, these mitigation agreements impose measures on the parties that address national security risks. These mitigation agreements are the pressure valve that enables CFIUS to find solutions to more difficult transactions--to welcome foreign investment and protect national security. If at the end of that 75-day period, CFIUS cannot make a decision or recommends that a transaction should be prohibited--then the matter is referred to the President who has 15 days to make a decision. Only the President has the ability to block a transaction. In the past 27 years, the President has prohibited or unwound only three transactions. The primary reason that such activity by the President is so rare is that most transactions do not pose a national security risk or risks can be mitigated through diligent work by CFIUS. The other reason is corporate concern about reputational risk. When the President makes a formal decision on a transaction, that decision is made public. Companies that believe the President could prohibit their transaction are understandably reluctant to be subject to a public rejection. Accordingly, most companies will withdraw from the CFIUS process and abandon their transaction. How CFIUS Has Performed Since FINSA was enacted 10 years ago, CFIUS--in my opinion--has performed in an exceptionally professional and thoughtful manner. Congress and the American people should be proud of how well the group of individuals across the Government have carried out their duties. Their scrutiny of cases is thorough; they have protected national security; they have protected information as well as anyone in the U.S. Government; and they have preserved the reputation of the United States as open to investment from around the world. CFIUS in many respects has been a model not only within our Government but also for other countries; various nations are now considering how they can emulate the U.S. process. That said, there is little question that the investment landscape has changed substantially in those 10 years. By far, the most important change has been the rise of China as a direct investor in the United States. Ten years ago, CFIUS would review just one or two transactions a year that had involved a Chinese acquirer--today, it is literally dozens and dozens of transactions every year. While I believe we should welcome Chinese investment and that each transaction should be judged on its own merits, these transactions have more complex financial structures, sometimes are more opaque, and come from a country where the State plays a much larger role in the economy. Often, these factors and others, raise the threats to national security. I know that fellow panelist Jim Lewis is focusing his remarks on Chinese investment and the threats it raises so I will not elaborate further. The other development is the concern that technology is being transferred that could make our national security more vulnerable. I know that Kevin Wolf is an expert on export control laws so I'll let him elaborate on the importance of these developments. CFIUS Reform As for me, these changes in the investment landscape as well as the fact that it has been 10 years since CFIUS was reformed suggest that a close, sober evaluation by Congress, by the GAO, and by the Administration is in order. As with any analysis, it is best to think of any potential reforms in terms of benefits and costs, including intended and unintended consequences. I would have three starting points beyond a cost/benefit analysis: First, I want to note the importance of providing appropriate resources to both Treasury and other agencies for CFIUS cases. The CFIUS process is currently under stress because of a significant increase in cases, without a commensurate increase in resources. While I strongly believe that we should set good policy on the merits, we also need to provide adequate resources to effectively carry out those policies. CFIUS reviewed over 170 transactions last year, which is the highest number since CFIUS was strengthened 10 years ago. As mentioned earlier, there is a much larger proportion of cases originating from China and that are structurally more complex. In 2017, my understanding is that CFIUS is on pace to investigate a much higher number than in 2016. There is little question in my mind that the individuals doing their jobs are under too much strain--they need more resources before we consider how to increase their work load. I am very concerned that a significant expansion of CFIUS will overwhelm the system and significantly impact its effectiveness and ability to function. So while resources are not the issue on the table today, I do not think you can separate them from the policy if you want the system to function efficiently and effectively. Second, as part of the new FINSA law of 2007, this Committee added an Assistant Secretary of Treasury to oversee CFIUS. The Trump administration has nominated a highly qualified individual in Heath Tarbert. This Committee approved him with near unanimous support roughly 4 months ago. Why he has not been confirmed is a mystery to me, but at a time when CFIUS is under as much strain as it has ever been and when Congress is considering reforms that would expand CFIUS--it is past time to confirm the individual with the most direct responsibility for overseeing the system. Third, as we consider reforming CFIUS, we should adopt a set of guiding principles to ensure that the United States both safeguards its national security and remains the destination of choice for investment: Minimize the opportunity for politicizing transactions. Keep CFIUS narrowly focused on national security and resist the impulse to use it for broader economic policy goals. Ensure accountability of the executive branch for protecting national security while welcoming foreign investment. This means that the executive branch should find solutions by ``working a problem'' and use its authority to craft appropriate mitigation measures, which may mean additional resources--maybe paid by fees from the filing parties--for monitoring and verification. It also means providing filing parties an opportunity to ``make their case'' directly to Senate-confirmed individuals so that parties to transactions are not faced with the situation where staff-level officials are deadlocked or uncommunicative and the next step is a decision by the President. Maintain CFIUS's focus on--and review should be triggered only by--foreign mergers and acquisitions of U.S. businesses, and not broaden the scope to sweep in thousands of commercial or licensing transactions. Increase scrutiny over State-controlled acquirers, including the possibility of making the filing of such transactions mandatory. Thank you and I'm happy to field any questions. ______ PREPARED STATEMENT OF KEVIN J. WOLF Partner, Akin Gump Strauss Hauer & Feld LLP, and Former Assistant Secretary for Export Administration, Department of Commerce September 14, 2017 Chairman Crapo, Ranking Member Brown, and other distinguished Members of the Committee. Thank you for convening this hearing and for inviting me to testify on this important national security topic. I was last before this Committee in January 2010 for my confirmation hearing to be the Assistant Secretary of Commerce for Export Administration, a position I held until January 20, 2017. In that role, I worked closely with my colleagues within Commerce and many other agencies in shepherding the U.S. export control system. I was also a Commerce representative to the Committee on Foreign Investment in the United States. Although I am now a partner with Akin Gump Strauss Hauer & Feld LLP, the views I express today are my own. I am not advocating for or against any potential changes to CFIUS or its legislation on behalf of another. Rather, I am here to answer your questions from the perspective of someone who has been both a Government policymaker and a practitioner for nearly 25 years in these critical and complex national security areas. I am happy to help however you see fit. My fellow panelists have already described well the content and scope of CFIUS, so I will get straight to my main point, which is that the CFIUS and export control systems complement each other. CFIUS has the authority to control the transfer of technology of national security concerns, but only if there is a covered transaction, however defined. The export control rules regulate the transfer of specific types of technology of national security concerns regardless of whether there is a covered transaction. This means that if concerns arise about specific or general types of technology--whether as part of a CFIUS review or from any other source--then the focus, I respectfully submit, should be on controlling the technology at issue to the destinations of concern. The export control system is already well developed and flexible enough to address exactly this issue. Yes, it can be complex, but its national security functions are not limited by the need for a transaction. Moreover, the system is designed to constantly evolve as new threats are identified, new technologies of concern are discovered, and wide-spread commercialization makes existing controls unnecessary or impossible to implement. The most effective export controls are those that are multilateral--those that our allies and other countries also impose for common objectives. Unilateral controls--those that only one country imposes--are generally counterproductive because they create incentives for non-U.S. companies to develop the technology outside of U.S. control. The imposition of unilateral controls, however, can be an effective short-term technique for regulating the export of technology--at any stage of its development--that is newly discovered to be sensitive in general or with respect to a specific destination. The Export Administration Regulations, implemented by the Commerce Department's Bureau of Industry and Security, have the authority to impose such controls in coordination with other departments, primarily Defense and State. The descriptions of the technology can be as broad or narrow as the national security requires. The descriptions are generally connected to physical commodities, but do not need to be. The controls can be tailored to specific countries and to nationals of those countries. Law enforcement tools can be used with respect to domestic transactions when there is a foreign party using a U.S. company as a front. Using the export control process is also an excellent check on unintended consequences because it forces policymakers to describe clearly the information to be controlled. We can discuss the details of these tools and how they fit into the multilateral control regimes and the CFIUS process later as you like. Although I cannot discuss specific cases, I can say that other types of national security issues created by foreign direct investment include primarily those that (i) have colocation issues (e.g., acquisitions next to military facilities); (ii) create espionage risks, (iii) could reduce the benefit of Defense Department technology investments; (iv) reveal personal identifying information of concern; (v) create security of supply issues for the Defense Department, or (vi) create potential exposure for critical infrastructure, such as with the telecommunications or power grids. In my experience, the existing CFIUS structure, authorities, and internal procedures generally allowed for the resolution of these issues quite well. The Treasury Department was an excellent honest broker and well-facilitated consensus conclusions--often after lengthy interagency discussion and always with the terrific support from the intelligence community. The agencies were always respectful of the need for a whole-of-Government decision that took into account the particular equities and expertise of the other agencies. The career staff were and remain talented, dedicated public servants. This last point is key. Given the increase in filings, and the increase in more complex cases, the staff was being stretched thin when I was there, and I expect they are even more stretched now. They need help. They need more resources, particularly with respect to those involved in monitoring mitigation agreements and studying transactions. I make this polite suggestion not only for their benefit but for the sake of our national security. I also make the suggestion for our economic security so that the U.S. remains known as a country that welcomes foreign direct investment with the minimum necessary and quickest possible safe-harbor review burden. Thus, when considering changes to CFIUS to address apparent gaps in national security controls associated with foreign direct investment, the questions I would ask are (i) whether the statutory authority already exists to address the issue through a regulatory or process change; (ii) whether another area of law, such as trade remedies or export controls, could address the issue more directly and without collateral consequences on other investments; or (iii) whether the solution lies in more resources to the agencies. If the answer to these questions is ``no,'' then that is the sweet spot for consideration of change to CFIUS legislation. For each possible change in CFIUS's scope, however, it is vital to weigh the costs. For example, if there is even a small expansion in the scope of CFIUS's review authority, then some companies may be less willing to invest in the United States with the actual or perceived extra burden and time involved in closing a transaction, particularly if there is not a significant expansion in staff. With every expansion in scope, there will be a corresponding and exponential expansion in burdens and costs generally--more regulations lead to more words, lead to more analyses of those words in novel fact patterns, lead to more filings, lead to more reviews, lead to more mitigation agreements, and on and on. Also, if the legislation becomes too prescriptive, then it may limit the ability of the Administration and staff to resolve novel national security issues in a creative way. There were many such situations over the course of the last seven years that I suspect could not have been contemplated by the original drafters of the legislation and the regulations. On export control and CFIUS topics, I have a 3-minute, a 30-minute, and a 3-hour version. So, I will stop here with these general opening comments and look forward to answering your questions. Thank you again for spending the time to think through this complex and important national security issue. ______ PREPARED STATEMENT OF JAMES A. LEWIS Senior Vice President, Center for Strategic and International Studies September 14, 2017 I thank the Committee for this opportunity to testify. The Department of Treasury's Committee on Foreign Investment (CFIUS) is one of the most important tools for protecting national security while also creating the conditions that enable a strong economy and an advanced technological base. CFIUS is one of three activities that protect national security related technology and the defense industrial base along with export controls and Federal investment in research and development (R&D). The CFIUS Committee has done well, but the growing volume of cases, increased complexity of acquisition transactions, and China's industrial policies pose an increasing challenge to the CFIUS process. The U.S. created the CFIUS process to regulate foreign acquisitions of American companies in response to concerns that strategic industries were being lost to foreign competitors. The goal is to maintain an open investment environment while mitigating risk to national security. CFIUS's authorities were updated in 2007 by the Foreign Investment and National Security Act (FINSA), which expanded the Committee's remit to include homeland security, created timelines for review, and gave the President the authority to reopen and reexamine already completed transactions (known as an ``Evergreen'' provision). FINSA is now 10 years old and faces challenges created by a changing global economic environment. The most important of these challenges comes from China. China is a strategic competitor who seeks way to circumvent CFIUS protections. China's industrial policies are the greatest challenge for CFIUS. The laws, policies, and regulations that were adequate in the past, whether for export control or for foreign investment, must be reviewed and reconsidered to manage the challenge America faces from China's managed economy. China's goal is to end its dependence on foreign technology and overtake the U.S., as it has overtaken other Nations. \1\ This is not a military conflict, but it has deep implications for American security and for the prospects of an international system based on the rule of law and democratic norms. The fundamental issue for the U.S. and other Western Nations is how to respond to a managed economy with a well-financed strategy to create domestic industries intended to displace foreign suppliers. --------------------------------------------------------------------------- \1\ My colleague Scott Kennedy's research initiative ``Made in China 2025'' explores this at greater length. --------------------------------------------------------------------------- Although it is a member of the World Trade Organization (WTO), China does not follow WTO rules. Its public justification for this is that China is still a developing economy and should not be held strictly accountable, but this is nonsense for the world's second largest economy. Compare the treatment of U.S. companies in China to Chinese companies in the United States. When Alibaba built a data center in Seattle, it was not forced to do this as a junior partner in a joint venture, nor was it forced to provide source code, but U.S. companies in China face these requirements. There are other countries that want to challenge the global institutions created by the U.S. and it allies after 1945, chief among them Russia, but the Russian economy is in steady decline and while Russia is dangerous in many areas, it is not an economic competitor. One reason that China has gotten away with this for so long is that many companies have been ambivalent about pushing back. They fear retribution from China--a reasonable concern, since China is not shy about retaliating against critics--and many do not believe the United States will take action to support them against such retribution--also a reasonable concern. China is a huge market that companies are reluctant to risk, but as the consequences of China's industrial policies become clearer, company attitudes have changed and there is growing concern about unfair competition from the Chinese State. If China followed international practices, its decisions to invest in domestic industries would be unobjectionable. There would be potentially profound effects on the global economy, but competition is the nature of the market. But China has not hesitated to extract concessions or block foreign competition in order to advance its own firms. China's 5-year plans lay out the strategic economic and technological goals that China will pursue and fund. These have had mixed success in the past, but a steady, well-funded pursuit of its economic and technological goals is one of the hallmarks of Chinese policy. China is pulling ahead because it has a strategy to build a high-tech economy and is willing to spend heavily and consistently to achieve this. We do not always want to take Chinese propaganda announcing technological success at face value, but China commits to research and investment programs for decades, while our spending is often limited to fits and starts. China's announcement of an indigenously produced commercial airliner illustrates Beijing's intent to ``move up the value chain,'' build industries, and displace Western firms. China's Soviet-supplied aircraft factories made shoddy aircraft. When China opened its market, Western firms rushed to sell aircraft. Part of the requirement for market access was coproduction, where Chinese companies worked with Western aircraft firms to make parts for Western commercial aircraft. Coproduction, over 20 years, taught Chinese companies essential production know-how, and the quality of Chinese aircraft has improved markedly. Most of this transfer did not involve IP theft. However, the Chinese Government will be tempted to use subsidies, pressure domestic airlines to buy the new Chinese plane, and barriers to foreign companies to give their manufactures an edge in China and in the global market. These practices are not uncommon as Beijing seeks to promote its domestic companies. Semiconductors are another key industry for China and a major concern for CFIUS. Since the 1960s, the United States has been the leader in semiconductor manufacturing. A strong semiconductor sector is crucial for growth in key high tech industries and will grow more important as more devices are connected to the internet. Semiconductors enable a broad a range of industries and serves a foundational role for critical civilian and military digital technologies. Persistent Chinese efforts to acquire semiconductor technology, combined with changes in the industry, could create risks for the U.S. and opportunities for potential attackers. In the last few years, there have been a number of efforts by Chinese companies with links to the Government to buy Western semiconductor firms, using a multi-billion-dollar acquisition fund created by the Chinese Government. While the CFIUS process has been successful in blocking many of these efforts, China's policy to end its reliance on foreign semiconductors manufacturers by creating its own companies has not changed and there will be continued pressure. Chinese policy seeks to extract technologies from Western companies; use subsidies and nontariff barriers to competition to build national champions; and then create a protected domestic market for these champions to give them an advantage as they compete globally. Huawei is the best example of a now globally dominant Chinese company built along these lines, but there are others. A senior Chinese official once remarked that if China had not blocked Google from the China market, there would be no Baidu. Various strategies are employed, using barriers to trade, security regulations, procurement mandates, acquisitions (both licit and illicit) of foreign technology, and through strategic investments in or acquisition of foreign firms. In addition, companies from the U.S. and other Western Nations have found themselves under pressure to make long-term concessions in technology transfer in exchange for market access. Intellectual property (IP) theft is no longer the most important problem. It is easy to overstate the cost of commercial cyber- espionage. While China's policy has been to acquire Western IP from the start of the opening of its market, and while the high point of IP theft came from cyber-espionage between 2000 and 2015 (more a reflection of our lax defenses than of Chinese skill), the situation has changed considerably. Most of the estimates of the cost of Chinese commercial espionage, however, are exaggerated. A country could steal ``$600 billion'' in IP and not gain $600 billion in value if it is unable to turn the stolen IP into commercially valuable products. It does little good to steal IP if you do not have the expertise to use it, and until recently, this was true for China's espionage in advanced technology. What has changed in the last decades is that in many cases, China has the money and the skill to use much of the IP it has acquired licitly or illicitly. In other cases, China has realized that acquiring ``know-hows'' is more important than acquiring IP, and has turned to the purchase of Western companies as a key part of its new industrial policies. Because of past technology transfers through joint ventures and coproduction, and in part because of heavy, sustained Government investment in science and research, China has developed its own innovation capabilities. In some technology areas, China may even be the world leader. This is a good thing for the global market and competition, and it should help spur a rethinking of America's relaxed approach when it comes to technology and innovation. What is not good is the Chinese Government's policy of using unfair business practices to give Chinese companies an edge in marketing their innovations. In the worst case, stolen IP means that the victim company faces a new competitor. In China, this new competitor may have access to Government subsidies or benefit from a protected domestic market built with nontariff barriers to hobble foreign competition. Subsidized Chinese companies have an immense advantage operating from a closed domestic market and selling to an open international market. Confronting China over these practices is long overdue, but the central issue is not IP theft but the unfair treatment of U.S. companies in China. The word that China fears is reciprocity--that they should be treated in the United States the way American companies are treated in China. Concern over technology transfer has been an element of the U.S.- China relationship for decades, but China's growing wealth and sophistication poses a new kind of challenge U.S. regulation and policy. Moreover, China's strategies for acquiring technology and, perhaps, for circumventing FINSA, are relatively agile and attempt to take advantage of this policy gap. The long-term viability of China's managed economy model is an open question, but in the near term, it creates new risks for U.S. companies and for national security. One question for this hearing is whether the existing tools to manage risk are adequate. These include export controls and foreign investment reviews. Another question is whether a defensive strategy that seeks to block Chinese acquisitions is enough. The answer is both cases is that there is room for improvement. Improving the ability to compete and to create new products in the United States is an essential complement of maintaining U.S. national security and leadership in technology. We can review the question of the effectiveness of existing policy tools like CFIUS by looking at some of the ideas for CFIUS reform. The incentive for this review is that China appears to have looked for ways around FINSA regulations. This needs to be addressed by expanding the scope of covered transactions, by providing the Committee with additional flexibility for review in difficult cases, by moving from a transactional focus to better identify technology and business trends that create risk, finding ways to cooperate with foreign partners, and by ensuring it has the resources and information needed to timely decisions. Some recommendations, such as expanding CFIUS's jurisdiction to review transactions that do not result in foreign control of a company but still allow access to technology, or expanding CFIUS authority to review overseas joint ventures, are better handled by export controls. The same is true for having CFIUS create lists of critical technology. The Departments of Defense, Commerce, and State already maintain such lists for export control purposes and while in some cases these lists need to be updated to focus on new and truly crucial technologies, another list is unnecessary. Similarly, while it may be helpful to the CFIUS committee to have access to lists that identify countries of concern and broader technology trends, these are competencies already found in the National Intelligence Council (NIC), which already has a CFIUS support group and is required by FINSA to review CFIUS applications. The NIC would require additional resources if these tasks were added to its portfolio, but one important goal for change should be to expand CFIUS's current transactional focus. FINSA gives the NIC a statutory role in the CFIUS process, but it does not have a ``vote'' on the committee. This is appropriate and should not change, both because of our long-standing principle of not giving intelligence agencies a role in policy-making and because the Departments of Defense and Justice, who are member of the intelligence community (IC), already protect IC equities in the CFIUS process. CFIUS already has an implicit policy of greater scrutiny of transactions involving Chinese State Owned Enterprises (SOEs). These transactions already face significant hurdles, but it may be worth considering more explicit policies targeting SOEs. Adding new Cabinet agencies that do not have a national security as a primary mission to the CFIUS committee would be inadvisable. The net effect would be to complicate a process and dilute its focus on national security. Twelve years ago, the French Government blocked the acquisition of the yogurt maker Danone (known in the U.S. as Dannon) by an American company to protect a national champion. This sounds and was ridiculous. We do not want to find ourselves in a similar situation, nor would it be advisable to make the CFIUS process more complicated. This applies to the question of mandatory filing as well. One authority provided by FINSA was the ability of the President to return to any foreign acquisition and reverse it. This ``evergreen'' provision creates a powerful incentive for filing. The most difficult issue in considering how to expand the scope of covered transactions is whether to expand CFIUS authorities to cover ``Greenfield'' investments. This is a difficult issue because many entrepreneurs, researcher and companies welcome Chinese investment in advanced technology. American companies maintain many research facilities in China. Finding a way to better grasp the potential risks of Chines greenfield divestment would require knowing the extent to which the source of Chinese investment was actually Beijing, ensuring that export control regulations are being observed, and giving CFIUS the scope to intervene if considered necessary for national security. The U.S. would also benefit from a more formal cooperative mechanism. Informal cooperation exists now but this could be strengthened. Japan has adopted new regulations on ``inward investment'' and the European Union is drafting regulation to provide guidance to its members. All of them are motivated by the same challenge (although they do not say it publicly), that challenge being China's industrial policies. There is a good opportunity now to increase formal information sharing and cooperation in these matters to ensure that if an acquisition is denied on one country that others are aware of the denial and the reasons for it. The decision to locate CFIUS in the Treasury Department was made to show that the goal is to encourage foreign investment while mitigating any risk to national security. This decision remains sound. It would not be useful to impose a ``net benefit'' or ``reciprocity'' test on foreign investment. These considerations are best left to the market, which takes these factors into account in its pricing mechanisms. The goal in any measure to strengthen CFIUS should be keep this open investment environment. U.S. efforts to get China to follow global norms on technology, trade, and investment is long overdue, but it will not work without a strategy on how to move ahead in technology. The United States has innate advantages, with the strongest scientific base in the world, leading technology companies, and an innovative culture that others find difficult to match. Strengthening and revitalizing the partnership among companies, universities, and Government can reignite U.S. innovation, but it will require a willingness to invest seriously in growth. Reports that the Trump administration will challenge China over unfair trade practices are good news, but this needs to be accompanied by policies to accelerate the creation of new goods and services in the U.S. Innovation has become a buzzword and everyone is for it. Innovation means creating new products and services, either by improving existing products or by taking advantage of scientific discoveries. Companies spend heavily on developing new products, but very little on developing new ideas. A lack of support for research limits American innovation and economic growth. Everyone agrees that innovation is essential for America prosperity and security, but America lives in a post-innovation environment of its own making. The Nation that is coasting on the science investments of the Cold War, and underinvestment in research slows growth in income and productivity. For developed economies, innovation is the best way to grow, by finding better ways to use existing resources to produce goods and services. There are many reasons why productivity growth in the United States is flat, but underinvestment in scientific research is one of them, and this creates a self-imposed disadvantage in military and economic competition with China. The innovation ecosystem is complex, interconnected, and global, but it is ``pay-to-play.'' Restoring U.S. strength in innovation requires investment, both by encouraging private sector investment and by Government spending in those areas, like basic research, where private sector spending is likely to be insufficient. China has allocated billions of dollars for investment for research in and acquisitions of advanced technologies that are key to future economic growth, including semiconductors, 5G telephony, artificial intelligence, and super computers. The United States allocates millions for the same efforts, meaning we are being outspent a thousand to one. We do not want to take media hyperbole about a war over AI or supercomputing too seriously, but we also do not want to watch as others pass us. There are other areas where policy changed could improve American innovation and economic performance. The recommendations of the International Monetary Fund for the U.S. economy include tax reform, less regulation, increased infrastructure spending, deficit reduction, educational improvements, and improved trade agreements. These can be contentious issues, but a decision to match China in investment for science and technology should not face the same debate. It is important not to exaggerate China's strength. It faces immense problems in Government debt, life-threatening pollution, mismanagement, and corruption, but under its current leaders, it intends to displace the United States and building globally dominant high tech industries is a part of this strategy. China's leaders are practical, however, and its behavior can be changed, however, if the U.S. develops a coherent strategy in cooperation with key allies. CFIUS is not the only tool we can use in this, but it is one of the most important. I thank the Committee for the opportunity to testify and look forward to any questions. RESPONSES TO WRITTEN QUESTIONS OF SENATOR BROWN FROM CLAY LOWERY Q.1. In light of recent news that 143 million Americans' personal information held by Equifax was hacked, and past incidents, like the OPM breach, in which millions of Federal employees' personal information was obtained by a foreign State, it seems to me that protecting Americans from cyber- related threats is more important than ever. In your experience, if a foreign company that may have ties to a foreign Government is trying to acquire a U.S. company that has access to the personal data of millions of Americans, what national security concerns CFIUS would consider? How would CFIUS be able to mitigate those concerns? A.1. When investigating a foreign direct investment (FDI), CFIUS examines (i) the threat of the acquirer, including its relationship to its home Government and (ii) the vulnerability of the asset being purchased. Increasingly, a key vulnerability for CFIUS to consider is the accumulation of substantial personally identifiable data. In most cases, CFIUS should generally be able to mitigate such concerns if they present a risk to national security. In fact, I would argue CFIUS has the obligation to try to find mitigation in such cases in order to meet its dual mandate: protect national security and promote foreign investment. In cases when the national security risks cannot be mitigated, CFIUS should, if necessary, recommend to the President that he block the transaction. Q.2. As I mentioned in my opening statement, I think we need to keep a close watch on how much of the research capabilities in agriculture, particularly R&D relating to seeds, is owned by our adversaries. I believe additional oversight of our country's agricultural assets is critical to protecting our Nation's food supply. Do you believe that agriculture and food security are important to U.S. national security? In the case of CFIUS reviews of foreign acquisitions of agricultural assets for national security risks, is USDA appropriately included in the process? A.2. I do think food security issues can rise to the level of being national security risks and transactions may need to be reviewed by CFIUS. CFIUS has had the ability to bring appropriate expertise throughout the Government, when necessary. In my experience, USDA has been brought into CFIUS transactions when necessary and appropriate. I would, however, suggest caution with regards to the proposal to make USDA a full member of CFIUS, primarily because the vast bulk of current transactions that go through CFIUS have little to do with USDA expertise and could be a poor allocation of scarce resources. Q.3. In your testimony and at the hearing, you suggest that CFIUS could use more resources. If its resources were increased, how could those resources be most effectively used to better protect national security? Should it be allocated to monitoring M&A activity, reviews, investigations, mitigation, or something else? A.3. CFIUS has been overloaded for the past couple of years and this has harmed its ability to conduct its investigations in an efficient and thorough manner. While having more resources for mitigation monitoring is probably necessary, this could be outsourced to trusted private sector service firms. The investigation and disposition of transactions, however, must be done by the Government and this seems to be the more immediate need. ------ RESPONSES TO WRITTEN QUESTIONS OF SENATOR MENENDEZ FROM CLAY LOWERY Q.1. Last year, due to increasing pressure from Venezuela's economic crisis, PdVSA, Venezuela's State-owned oil company pledged 49.9 percent of its shares in U.S. oil company Citgo to Russia's Government-owned oil company, Rosneft. Citgo is owned by PdVSA, and it operates pipelines and oil refineries throughout the U.S. It is my understanding that Rosneft may have also acquired additional ownership shares of PdVSA on the open market, which could bring their ownership potential to more than 50 percent. Respected market analysts have predicted that PdVSA could default on its debt to Rosneft in the near future. If such a default were to occur, Rosneft would then acquire at least a 49.9 percent ownership stake in Citgo. If PdVSA defaults on its debt, Rosneft would acquire, at a minimum, a near-majority ownership stake in Citgo, which has 48 petroleum product terminals, three refineries in Texas, Louisiana, and Illinois, and nine pipelines throughout the United States. In your opinion, would such an acquisition generate national security concerns? In your opinion, should CFIUS review any acquisition of Citgo by Rosneft? Are there any statutory limits that constrain CFIUS's authority to review foreign acquisitions of U.S.-based companies that are owned by foreign companies, as would be the case if Rosneft were to acquire Citgo? A.1. It is hard for me to comment on this transaction because I do not have any insight into the specifics. In general, however, under the regulations (see Section 800.303 and Section 800.304), CFIUS may find a convertible debt instrument to be an instance of a ``covered'' transaction as defined in the regulations. Q.2. To my knowledge, CFIUS does not have a process requiring members to recuse themselves from a review if they have conflicts with a particular transaction. Would it concern you if members of the CFIUS had prior employment engagements, personal financial holdings, or other interests that served to impede their ability to objectively review transactions? In such cases, do you believe that CFIUS members should recuse themselves? In your opinion, should CFIUS establish a recusal process governing member participation in the event of potential conflicts? A.2. CFIUS is essentially a committee of individual agencies in which the Treasury Department chairs. It is not an established bureau or other legal entity of the Treasury Department. The ethics requirements and regulations of each agency are applicable to the employees of those agencies so members should be recusing themselves when appropriate under current law. In my experience, individuals within CFIUS recused themselves from transactions based--I believe--on the ethics rules and commitments that they had with their respective agencies. During my time at CFIUS, a number of officials from different agencies did recuse themselves from transactions, even in cases where the connection to the purchasing or targeted firm was tenuous. ------ RESPONSES TO WRITTEN QUESTIONS OF SENATOR BROWN FROM KEVIN J. WOLF Q.1. In light of recent news that 143 million Americans' personal information held by Equifax was hacked, and past incidents, like the OPM breach, in which millions of Federal employees' personal information was obtained by a foreign State, it seems to me that protecting Americans from cyber- related threats is more important than ever. In your experience, if a foreign company that may have ties to a foreign Government is trying to acquire a U.S. company that has access to the personal data of millions of Americans, what national security concerns CFIUS would consider? How would CFIUS be able to mitigate those concerns? A.1. I agree that foreign Government access to or control over PII of U.S. persons, particularly Government employees, can present national security concerns warranting CFIUS mitigation or other action. If, for example, as part of its espionage activities directed against the United States, a foreign Government were to acquire large quantities of PII about U.S. Government employees, it could mine such data for compromising or embarrassing personal information that could be used to coerce employees to engage in activities contrary to the interests of the United States. Examples of such information could be indications of a child's drug problem, extra-marital affairs, gambling problems, or large financial debts. Often people would like to keep such personal information confidential. A foreign Government could trade on this general desire to motivate such employees to engage in illegal or unethical activities in exchange for a promise to not release the comprising information. In my experience, CFIUS has been able to mitigate such issues. Although the applicable laws prohibit me from referring to any particular case, there are, in general, ways of mitigating such concerns. For example, CFIUS could require as a condition for clearance that a U.S. company be created and then managed and controlled by U.S. citizens. This would ensure U.S. person control over all U.S. person PII involved in the transaction. The foreign buyer would still receive financial gain from the transaction and engage in other activities unrelated to the PII, but would not have the ability to access the PII because of the U.S. person intermediary that was established. Although every transaction is different in terms of risk and financial considerations, other mitigation efforts could include audits of how the PII is being secured. Q.2. Which agency, or agencies, are best equipped to identify threats from the transfer of critical technology, dual-use technology or early stage technology know-how, intellectual property theft and espionage, and cyberthreats, to name a few? A.2. No one agency is, could, or should be solely responsible for identifying such technology and know-how. The technologies are too varied. Issues warranting technology control range, for example, from bird flu information to Artificial Intelligence software to robotics technology to advanced semiconductor production technology. There are hundreds of other examples. Different agencies have different equities and expertise, which makes them better able to identify more precisely technologies and threats of particular concern. The Commerce Department's Bureau of Industry and Security (BIS) is, however, the best single agency to lead and coordinate efforts to identify and control such technologies. Indeed, the primary purpose for its existence and the regulations it administers--the Export Administration Regulations (EAR)--is to be responsible for such efforts. It has a staff of experts in most areas of technology, a licensing system to regulate the control of dual-use and commercial technologies of concern, policy staff to revise and update the controls, and, unlike any other export control agency, its own enforcement officials. The list of dual-use and commercial technologies, which include know-how, that are now controlled for export is the Commerce Control List (CCL). See: https://www.bis.doc.gov/ index.php/regulations/commerce-control-list-ccl. It is a lengthy, complex list that is the result of decades of interagency and allied efforts to identify dual-use and commercial technologies that warrant control for national security, foreign policy or other reasons. The list primarily implements controls agreed to with our multilateral regime partners to regulate the flow of commercial technologies and other items that also have military, nuclear, biological/ toxicological, and missile applications. It also contains some unilateral controls on items of particular concern to the United States, such as commercial satellites and related technology. It is relatively easy to update and can be revised without the need for new legislation. The difficult part is identifying new technologies of concern, which is particularly challenging given the fast evolution of commercial technologies. (This issue is a large part of what is motivating consideration of whether to expand the scope of CFIUS reviews.) During the Obama administration, Commerce worked closely with the Defense Department, State Department, and other departments to substantially revise and update the list of military and space items warranting control. This effort, which affected hundreds of thousands of military and space items, took all available extra time of hundreds of U.S. Government experts to complete over the course of 7 years. Indeed, we only published our final military and space reform regulations in the weeks prior to the end of the Administration. This reform effort was done on top of the existing and generally well-run interagency effort to update annually the existing lists of items controlled by the multilateral export control regimes. Regardless of what happens with the FIRRMA bill, I strongly believe that Congress should ask of, and provide support to, a massive Administration effort to identify the emerging critical technologies of concern that are not now controlled but should be. No one knows precisely what these technologies are, but BIS exists to lead such an interagency and whole-of-Government effort to identify and control them. There is no need to create whole new systems or agencies to do exactly what BIS is already specially designed to do. BIS and the agencies it works with will, however, need additional resources to create the regular process for researching, analyzing, and defining novel technologies identified in FIRRMA that are of concern. They are not as easy to identify and describe clearly as technology for use in traditional military, nuclear, biological/toxicological, or missile applications. With respect to the second part of your question, BIS is not the right agency to lead efforts to stem the theft of intellectual property, acts of espionage, or cyberthreats. Although BIS can certainly provide support to such efforts in several ways, such issues are better led by the Departments of Justice and Homeland Security. Q.3. If a foreign company is engaged in any of these activities and is acquiring a U.S. firm, will CFIUS consider this as part of the review or investigation? A.3. CFIUS indeed considers export control, IP theft, espionage, and cyber-issues when deciding whether to approve, mitigate, or block a proposed transaction. If another area of law can address the concern, such as export controls, then CFIUS does not act. If another area of law cannot, then CFIUS factors the threat into its analysis of what action it should take. Q.4. Are there areas were CFIUS should play a larger role or have additional authority to address national security threats? A.4. Yes. CFIUS should have more authority to: (1) control real estate transactions near sensitive military or other Government facilities; (2) share information with allies as part of its or common considerations of transactions, taking into account business proprietary and classified information sensitivities; and (3) address changes in existing relationships, such as through bankruptcies, that would create national security concerns. More importantly, CFIUS needs massively more funding and staffing to review a significant increase in covered transactions--and covered transactions that are more complex. The agencies can barely handle the workload they have now, which harms both national and economic security because of the uncertainty and delay it injects into the system. CFIUS also needs more resources in various departments to research and investigate covered transactions that are not filed with the committee. Q.5. As I mentioned in my opening statement, I think we need to keep a close watch on how much of the research capabilities in agriculture, particularly R&D relating to seeds, is owned by our adversaries. I believe additional oversight of our country's agricultural assets is critical to protecting our Nation's food supply. Do you believe that agriculture and food security are important to U.S. national security? In the case of CFIUS reviews of foreign acquisitions of agricultural assets for national security risks, is USDA appropriately included in the process? A.5. Yes. Without commenting on any particular case, acquisitions in the agricultural sector generally do not create national security threats. It is conceivable that a large enough one or one with a hostile buyer though could present national security issues. This is why CFIUS has the authority to--and indeed does invite--agencies not normally part of CFIUS to participate if they have particular equities in the matter. In my experience, USDA and other similar agencies are routinely invited to participate in cases involving agriculture or food security, and their expertise is given great weight by the committee as part of the CFIUS review process. Q.6. In your testimony and at the hearing, you suggest that CFIUS could use more resources. If its resources were increased, how could those resources be most effectively used to better protect national security? Should it be allocated to monitoring M&A activity, reviews, investigations, mitigation, or something else? A.6. Yes. CFIUS needs help in all these areas. Each of the agencies, particularly the economic agencies need more people with business and national security backgrounds reviewing transactions that occur but are not filed. They need an ever- growing number of people to be involved in mitigation arrangements. Without such staff, mitigation will not be considered an option and the committee will effectively be forced to recommend a block rather than a resource-consuming mitigation arrangement. Every agency needs more subject matter experts in business and the technologies at issue. Now, the staff are taken from existing resources. As hiring freezes and budget cuts delay the recruiting of new staff, the problems compound. As the cases become more complex and more cases go to investigation, more staff are needed. Treasury and the other departments can give you a better assessment of resource needs, but, in my Government and private sector experience, resources for a significant number of new career officials is needed even without an expansion of CFIUS' scope. If it is expanded, it will take a significantly larger allocation and recruiting effort to get the staff needed to handle the hundreds or thousands of new cases that would come in. ------ RESPONSES TO WRITTEN QUESTIONS OF SENATOR MENENDEZ FROM KEVIN J. WOLF Q.1. Last year, due to increasing pressure from Venezuela's economic crisis, PdVSA, Venezuela's State-owned oil company pledged 49.9 percent of its shares in U.S. oil company Citgo to Russia's Government-owned oil company, Rosneft. Citgo is owned by PdVSA, and it operates pipelines and oil refineries throughout the U.S. It is my understanding that Rosneft may have also acquired additional ownership shares of PdVSA on the open market, which could bring their ownership potential to more than 50 percent. Respected market analysts have predicted that PdVSA could default on its debt to Rosneft in the near future. If such a default were to occur, Rosneft would then acquire at least a 49.9 percent ownership stake in Citgo. If PdVSA defaults on its debt, Rosneft would acquire, at a minimum, a near-majority ownership stake in Citgo, which has 48 petroleum product terminals, three refineries in Texas, Louisiana, and Illinois, and nine pipelines throughout the United States. In your opinion, would such an acquisition generate national security concerns? A.1. I do not know enough about the financial arrangements to be able to opine. My experience with complex cases such as this is that they require a significant amount of analysis and detail before coming to a conclusion that there are no unresolved national security risks. Q.2. In your opinion, should CFIUS review any acquisition of Citgo by Rosneft? A.2. I do not know, but, based on the information provided, it seems as there would be foreign ownership or control of a U.S. business. Q.3. Are there any statutory limits that constrain CFIUS's authority to review foreign acquisitions of U.S.-based companies that are owned by foreign companies, as would be the case if Rosneft were to acquire Citgo? A.3. I do not believe so, but would need to research the issue to be certain. Q.4. To my knowledge, CFIUS does not have a process requiring members to recuse themselves from a review if they have conflicts with a particular transaction. Would it concern you if members of the CFIUS had prior employment engagements, personal financial holdings, or other interests that served to impede their ability to objectively review transactions? In such cases, do you believe that CFIUS members should recuse themselves? A.4. Yes, I would be concerned. The question describes a conflict of interest. Yes, if such conflicts exist, they should recuse themselves from the matter before the committee. If such a person refused to recuse himself or herself, I would speak up and ask that deliberations stop until the conflict issue was resolved. Q.5. In your opinion, should CFIUS establish a recusal process governing member participation in the event of potential conflicts? A.5. Although the idea is worth discussing, it is probably more efficient for the individual members to work with the ethics counsel at the departments for which they work to ensure their understanding of and compliance with applicable ethics rules. CFIUS is a committee; it is not a stand-alone agency. Thus, it does not have the infrastructure of a regular bureau, agency, or department to provide support to the members. Also, conflicts for Government officials do not potentially arise only in CFIUS matters, but also in many other aspects of their day-to-day work. Thus, it makes more sense for ethics education and compliance to be a focus of the employee's department. That said, your question suggests the existence of an issue that I do not know about. A reasonable response by the Treasury department CFIUS leaders if there is a possible issue would be to remind the staff and political members of the committee of their ethics obligations and that they should work with their department's counsel to understand the scope of their obligations. ------ RESPONSES TO WRITTEN QUESTIONS OF SENATOR BROWN FROM JAMES A. LEWIS Q.1. In light of recent news that 143 million Americans' personal information held by Equifax was hacked, and past incidents, like the OPM breach, in which millions of Federal employees' personal information was obtained by a foreign State, it seems to me that protecting Americans from cyber- related threats is more important than ever. In your experience, if a foreign company that may have ties to a foreign Government is trying to acquire a U.S. company that has access to the personal data of millions of Americans, what national security concerns CFIUS would consider? How would CFIUS be able to mitigate those concerns? A.1. I have recently written a CSIS Commentary on the risks of foreign access to data through the acquisition of American companies. Here is the link: https://www.csis.org/analysis/ understanding-ant-big-data-and-cfius. The gist of the essay is that CFIUS was created to protect the defense industrial base; homeland security and critical infrastructure were added by the FINSA reforms of 2007; now it is time to add access to data as a consideration. Legislation is not necessary to do this, but adding language on data to legislation would send a clear signal. Q.2. As I mentioned in my opening statement, I think we need to keep a close watch on how much of the research capabilities in agriculture, particularly R&D relating to seeds, is owned by our adversaries. I believe additional oversight of our country's agricultural assets is critical to protecting our Nation's food supply. Do you believe that agriculture and food security are important to U.S. national security? In the case of CFIUS reviews of foreign acquisitions of agricultural assets for national security risks, is USDA appropriately included in the process? A.2. That probability is very low that nations seeking to use force or coercion against the U.S. does will exploit food as a vulnerability. The one area where consideration of agriculture may have merit is in the acquisition of advanced research or genetic manipulation techniques. CFIUS, in these cases, could consult with USDA to consider the risk from the potential loss of intellectual property. Q.3. In your testimony and at the hearing, you suggest that CFIUS could use more resources. If its resources were increased, how could those resources be most effectively used to better protect national security? Should it be allocated to monitoring M&A activity, reviews, investigations, mitigation, or something else? A.3. Better tracking of M&A activity in the U.S. and abroad, including trends in research and development that could lead to new companies or products, would be useful, as would additional resources to the Intelligence Community entity that supports CFIUS (which I occasionally advise). Monitoring of risk- mitigation agreements are best performed by the Defense Security Service (DSS) and an expanded workload would require more resources. ------ RESPONSES TO WRITTEN QUESTIONS OF SENATOR MENENDEZ FROM JAMES A. LEWIS Q.1. Last year, due to increasing pressure from Venezuela's economic crisis, PdVSA, Venezuela's State-owned oil company pledged 49.9 percent of its shares in U.S. oil company Citgo to Russia's Government-owned oil company, Rosneft. Citgo is owned by PdVSA, and it operates pipelines and oil refineries throughout the U.S. It is my understanding that Rosneft may have also acquired additional ownership shares of PdVSA on the open market, which could bring their ownership potential to more than 50 percent. Respected market analysts have predicted that PdVSA could default on its debt to Rosneft in the near future. If such a default were to occur, Rosneft would then acquire at least a 49.9 percent ownership stake in Citgo. If PdVSA defaults on its debt, Rosneft would acquire, at a minimum, a near-majority ownership stake in Citgo, which has 48 petroleum product terminals, three refineries in Texas, Louisiana, and Illinois, and nine pipelines throughout the United States. In your opinion, would such an acquisition generate national security concerns? In your opinion, should CFIUS review any acquisition of Citgo by Rosneft? A.1. CFIUS should review this acquisition. Q.2. Are there any statutory limits that constrain CFIUS's authority to review foreign acquisitions of U.S.-based companies that are owned by foreign companies, as would be the case if Rosneft were to acquire Citgo? A.2. I do not believe there are limitations if some link to the U.S. can be demonstrated. The legislation proposed by Senator Cornyn would help make clear that CFIUS has the authority to review such transactions. Q.3. To my knowledge, CFIUS does not have a process requiring members to recuse themselves from a review if they have conflicts with a particular transaction. Would it concern you if members of the CFIUS had prior employment engagements, personal financial holdings, or other interests that served to impede their ability to objectively review transactions? In such cases, do you believe that CFIUS members should recuse themselves? In your opinion, should CFIUS establish a recusal process governing member participation in the event of potential conflicts? A.3. CFIUS members represent agencies and do not act in their individual capacity. Agency positions go through an internal clearance process, and the CFIUS process itself works against self-interest. If an individual representative has a conflict of interest, he or she would normally be replaced by another individual from the agency in question, but in general, what is being presented is an agency view. Additional Material Supplied for the Record STATEMENT SUBMITTED BY THE RAIL SECURITY ALLIANCE [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] LETTER SUBMITTED TO THE TRUMP ADMINISTRATION ON CHINESE EQUITY CAPS FINANCIAL SERVICES SECTOR [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT] CHINA'S TECHNOLOGY TRANSFER STRATEGY [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]