Chinese buyers are snapping up US technology companies as China’s tech industry marches up the value chain.  But the unwary and overzealous might be snared by US export regulations and foreign investment reviews.

The US export controls regime is governed by no less than four departments of the Federal Government, each enforcing a separate regime. Two of which, the Export Administration Regulations (“EAR”) and International Traffic in Arms Regulations (“ITAR”) might impinge on any significant investment into a US target company with advanced technology.  Additionally, when a business (rather than a specific technology) is being acquired, the Chinese purchaser must consider the Committee on Foreign Investment in the US (“CFIUS”).

While none of these laws are anything new (and reform is currently underway), uninformed Chinese tech buyers risk untoward consequences from unexpected applications of these regimes.

Export Administration Regulations

The EAR governs US products and technology that are potentially “dual-use” (i.e., can be used for both civilian and military applications) as interpreted by the Bureau of Industry and Security in the Commerce Department (“BIS”).

The Commerce Control List (the “CCL”) enumerates dual use goods, software, and technology.  Each such item has an Export Control Classification Number (“ECCN”) depending on the characteristics and capabilities of the item.  The US government applies some of its strictest licensing requirements for export to China on the CCL list (other than the catch-all number EAR99).  This includes certain seemingly innocuous items such as solar panels, batteries, and electronic components.

Importantly, the definition of “export” is tremendously broad—including the provision of technical information to a foreign national anywhere in the world.  Simply reading technical information to a Chinese national on United States soil equates to an export of that data.

Given the breadth of these definitions, a potential Chinese acquirer can be blindsided by these regulations even after it is deep into the due diligence process.  United States tech companies serving domestic markets may not be aware of the CCL, and would never have a reason to determine which ECCN number applies to their technology.  For many Chinese purchasers, a fundamental aspect of the value proposition in an acquisition is integration of the target company’s know-how and technology.  If this technical information is restricted by the CCL, the acquirer cannot as a foreign national, even examine this information, let alone integrate it into its Chinese or global operations.

Moreover, each violation under the EAR may be punishable by civil penalties, denial of export privileges, fines of up to five times the export value, and imprisonment of up to five years.

International Traffic in Arms Regulations

Separately, the ITAR regulations implement the provisions of the Arms Export Control Act (“AECA“).  Under ITAR, the Department of State Directorate of Defense Trade Controls (“DDTC“) controls the export and import of defense-related articles, information and services listed on the United States Munitions List (“USML“).

For all practical purposes, ITAR regulations prohibit technical information and material pertaining to defense and military related technologies from being exported to non-U.S. Persons without a license from the DDTC.  The US has a nearly blanket denial policy for licenses to export of almost anything controlled by ITAR to China.

While that may seem rather straight forward, the fines and potential prison time are in the details—or rather definitions—of “export” and “technical information”.  Similar the EAR the term “export” encompasses foreign nationals reading or hearing controlled information, even on US soil.

Likewise, “Technical Information” casts a surprisingly wide net.  ITAR controls information required for the design, development, production operation, and maintenance of defense articles.  For example, technical data hidden away in research or product development contracts with government entities for electronic components can be controlled by ITAR.  While ITAR does not apply to information related to general scientific, mathematical or engineering principles that are commonly taught in schools and colleges or information that is (legitimately) in the public domain (e.g., patents and information that can already be publically searched on the internet).  These exceptions must be treated with caution: a University of Tennessee college professor Reece Roth started his four year prison sentence in January last year for revealing certain technical information about electronic components in US Air Force research contract to his Chinese and Iranian graduate students.

This example offers an important lesson that can be applied to the due diligence process.  Release of government research contracts—whether from the military or a research university—to a due diligence data room open Chinese nationals could trigger an ITAR violation for the same reason.  This type of an inadvertent disclosure could lead to fines for the target company, professional liability law suits for their financial and legal advisors, and ultimately kill the deal for any potential Chinese acquirer.

ITAR penalties are more than just a slap on the wrist.  The ITAR permits (and the DDTC has threatened) fines of $1 million per violation, in addition to prison sentences of up to 20 years, confiscation of goods and permanent disbarment from export privileges.

CFIUS Review

Both the ITAR and EAR regulations can have serious, but not insurmountable, implications for CFIUS approval.  CFIUS reviews any investment by a foreign person that results in its taking control of a US business, if the business involves US “national security assets” or “critical infrastructure”.  The President can prohibit or unwind any transaction that does not pass CFIUS review.  Factors for passing CIFIUS review include the nationality of the acquirer, whether the products or technology are subject to ITAR or other export controls.

Due to the broad prohibition against exporting ITAR product to China and because of the limitation on EAR licenses for export to China, applicability of these two regimes raise red flags for CFIUS reviewers.  This is the case even when the company wishes to make an acquisition with no intention of exporting the technology (e.g., as part of an IP protection strategy).

A potential solution to this issue is to “mitigate” the security issues raised in the transaction by carving out ITAR or EAR contracts, products, and technical information from the transaction.  Effective mitigation would explain in part why Wanxiang Group’s Acquisition of A123 Systems and CNOOC’s Acquisition of Nexen survived CFUIS review despite sensitive technologies and military contracts.

Even where mitigation is commercially viable, however, an unresolved ITAR or EAR violation will almost certainly delay the CFIUS process.

Buyer, Seller, and Advisors Beware

The time pressures of a tech company acquisition—especially in a competitive bid or distressed company scenario—can lead to expensive and even criminal regulatory violations.  A sharp look out for EAR, ITAR, and CFIUS issues is mandatory for all parties to a Chinese acquisition of US technology.