- The UK National Security and Investment Bill, once passed into law, will apply retroactively with effect from 12 November 2020.
- The Bill proposes a new stand-alone regime allowing the UK government to prohibit or impose modifications on transactions which may pose a risk to the UK’s national security - a term which remains undefined in the Bill.
- Certain sectors, including e.g. R&D in “engineering biology”, will be subject to a mandatory notification. If such transactions are unreported, the government will be able to call them in until five years after completion. For all other transactions that meet certain thresholds, voluntary notification is encouraged.
- The Bill will affect not only investments in UK corporates or UK-based assets, but also companies incorporated elsewhere or assets based elsewhere, when there is a nexus with activities in the UK or supplies to the UK.
- The Bill introduces civil and criminal sanctions for non-compliance with final or interim orders, as well as for failure to notify transactions subject to mandatory notification. Such deals will be considered legally void.
- The Bill is subject to change during consideration in Parliament; and the sectors subject to mandatory notification are under consultation.
The UK has announced a bill proposing a new system to screen transactions for national security risk, separate from the system of merger review operated by the Competition and Markets Authority. The National Security and Investment Bill has been in the pipeline since the publication of the National Security Risk Assessment in 2015, but has been delayed due to Brexit and the COVID-19 pandemic.
The Bill now goes before Parliament and so may change before it passes into law. As proposed though, the new rules once adopted will apply retroactively with effect from 12 November 2020.
The Act is a major upgrade to the existing regime under which the UK government is only able to intervene if a transaction is thought to have an impact on strictly defined public interest grounds. Notwithstanding some limited exceptions, the existing regime in essence applies only to investments meeting the merger control thresholds set out in the Enterprise Act. During the pandemic, the UK government already introduced emergency reforms to allow the government to screen investments in healthcare emergency situations, e.g. foreign acquisitions of UK vaccine companies. The National Security and Investment Act will, however, grant the Secretary of State (SoS) for Business, Energy and Industrial Strategy (BEIS) – currently Alok Sharma – much wider powers to intervene in acquisitions which may raise national security concerns. Deals in certain key sectors, including healthcare lines of business, will be subject to mandatory notification for investments as low as 15% and will only be able to proceed once approval has been obtained. Voluntary notifications are encouraged for all qualifying transactions in non-key sectors; and the SoS will be able to call in qualifying transactions for five years after completion but within six months of the government becoming aware of the transaction.
While the scope of the Bill is much more wide-ranging than the mechanism discussed for example in the 2018 National Security and Investment White Paper, the Bill is in line with the current global proliferation of national security regimes. The UK regime will be at the more stringent end of the spectrum but it is not out of the ordinary, except for its territorial scope: unlike other national security screening regimes, it will include not only UK corporates and UK-based assets, but also non-UK companies and assets when there is a nexus with activities in or supplies to the UK.
The new regime will affect a high number of transactions, estimated at possibly more than 1,800 notified transactions per year, and will significantly impact deal timetabling, document drafting, and potentially feasibility. The particular concern is that a “risk to national security” remains a very broad and undefined concept, no doubt subject to not only legal but also political interpretation.
The remainder of this note explores further the Bill’s key provisions.
1. Investors and targets caught by the Bill
The UK regime will cover a broad range of circumstances in which an “acquirer” gains control over “qualifying” entities or assets. The screening regime applies to entities and assets located in the UK, or outside of the UK when there is a nexus with activities in or supplies to the UK. The acquirer’s nationality is irrelevant: the Bill covers UK as well as non-UK acquirers.
- A “qualifying entity” means any type of entity regardless of its corporate form, but excludes individuals. Foreign entities are covered if they carry on activities in the UK, or supply goods or services to persons in the UK.
- A “qualifying asset” means an asset of any of the following types: land, tangible (or in Scotland, corporeal) moveable property, ideas, information or techniques which have industrial, commercial or other economic value. The Bill provides the following examples of assets: trade secrets, databases, source codes, algorithms, formulae, designs, plans, drawings and specifications, and software. Land or moveable property outside of the UK is also caught by the Bill if it is used in connection with activities carried on in the UK, or the supply of goods or services to persons in the UK.
2. Mandatory Notification
The mandatory system applies to certain types of transactions bringing about a change of control over entities, not assets, in a pre-defined list of “key sectors.”
The types of acquisitions cover: (1) the creation or increase of a shareholding of more than 15% of the shares or voting rights; (2) control through the increase of an existing shareholding of 25% (or less), 50% (or less,) or less than 75% of the company’s shares or voting rights to more than 25%, more than 50%, or more than 75% respectively; or control through an acquisition of voting rights that, alone or together with other voting rights already held by the acquirer, enable the acquirer to secure or prevent the passage of any class of resolution governing the affairs of the target.
The list of key sectors currently includes 17 proposed sectors. This list is subject to public consultation to improve the definitions and provide businesses with greater legal certainty. The consultation will run for a period of eight weeks and the list will be finalized by way of secondary legislation.
Based on the consultation documents, there are a number of areas which are relevant to the healthcare sector in the broadest sense:
- Activities ranging from R&D to production but also the ownership of IP rights in relation to advanced materials, in particular technical textiles, which include (1) smart fabrics with threads equipped with tiny sensors that respond to stimuli and perform a specific function, (2) fabrics embedded with devices to enhance muscle recovery and to help with physical rehabilitation; (3) fabrics of smart polymers to protect and prevent injury; (4) fabrics impregnated or coated for smart wound healing, (5) textile-based wearable electronics technology which can enable subtle integration of electronics with the human body for human-machine interfacing, (6) technology for the integration of functionalities such as energy harvesting, camouflage, structural and personnel health monitoring and protection.
The rationale for including “advanced materials” in the list of key sectors is to ensure access for the UK defence sector to these materials and technologies, considered important for the UK’s military capability. Foreign control may cause supply disruptions affecting the UK’s national security.
- Critical suppliers to the emergency services; this includes the ambulance services.
- A sector which will need to be defined better is “engineering biology” which – at the moment – includes entities undertaking activities in the UK which consist of or include the research, development and production of synthetic biology; or providing a service connected with engineering biology. Synthetic biology includes the design and fabrication of, inter alia, enzymes, genetic circuits and cells. It covers both R&D as well as production. The rationale given for making “engineering biology” a key sector lists examples of specific companies which would fall under the definition, e.g. companies developing vaccines. The UK government’s wish is to make the UK a global biotechnology partner of choice; at the same time the government seeks to ensure a balance between providing the appropriate safeguards for national security, while not imposing disproportionate burdens on companies and investors.
3. Voluntary Notification
The mandatory system is complemented by a voluntary one for investments in companies outside of the key sectors, as well as for asset investments meeting certain thresholds. Voluntary notice can be given by any of the parties: seller, acquirer or the qualifying entity. The notice can be given where the acquirer will gain control over a qualifying entity or asset through any of the following scenarios:
- An acquirer gains control of a qualifying entity if either of the following scenarios applies:
- The person’s holding of the entity’s shares or voting rights increases from (i) 25% or less to more than 25%; (ii) from 50% or less to more than 50%; (iii) from less than 75% to 75% or more;
- Post-transaction the acquirer would be able to secure or prevent the passage of any class of resolution governing the affairs of the entity;
- Post-transaction the acquirer will be able to materially influence the policy of the entity which was not the case prior to the transaction.
- An acquirer gains control of a qualifying asset if the investment allows the person to use the asset, or use it to a greater extent than prior to the acquisition, or to direct or control how the asset is used, or direct or control how it is used to a greater extent than prior to the acquisition.
4. Call-in Mechanism
The SoS can call in transactions which may give rise to national security risks. This applies to contemplated transactions as well as completed transactions for a period of five years after closing but must be done within six months of the government becoming aware of the transaction. The possibility to call in transactions applies with effect from 12 November 2020 for triggering events. The government has promised to assist parties who may be affected by this provision with informal advice so as to minimise disruptions.
5. Framework for defining a national security risk
The SoS published a Statement of policy intent which describes the assessment framework the SoS will use to decide whether to call in a transaction. The framework can also help parties decide whether to submit a voluntary notification. The main elements of assessment are:
- Target risk: only in exceptional circumstances will an acquisition in a non-key sector cause a national security risk. Beyond transactions in key sectors, the SoS may also call in acquisitions of real estate in close proximity to a sensitive site.
- Trigger event risk: the SoS will examine how the acquired control could be used in practice, e.g. the potential for disruptive or destructive actions, espionage or inappropriate leverage.
- Acquirer risk: national security risks are considered more likely when acquirers are hostile to the UK, or owe allegiance to hostile states or organisations. The SoS does not single out state-owned entities as inherently more dangerous, but will carry out a case-by-case assessment taking account of the past and the acquirer’s activities.
6. Examination and decisions
The BEIS SoS will be supported by a new Investment Security Unit. It will have wide-ranging powers to request information, including requiring witnesses to help it understand the information. Much of the work of the Unit would be without publicity, the government not intending to routinely publish call-in decisions or indeed simple clearances. The Bill also provides for mechanisms to share information with other agencies, subject to a number of safeguards.
Following a voluntary or mandatory notification, the SoS will have 30 working days to call in the transaction for review. The SoS then has 30 working days to decide whether to take action. The same applies in the case of transactions which were called in although not notified. In cases where the SoS believes that action is necessary, the time period for review can be extended by a further 45 working days. Further extensions of time are possible with the agreement of the acquirer. Time will not run while information requests by the SoS are pending (and this may well be the reason for significant extra time elapsing). During the investigation the SoS can issue interim orders e.g. to prevent completion of the transaction.
The SoS will examine whether “on the balance of probabilities” the transaction poses a risk to national security. If this is the case the SoS can impose an order prohibiting contemplated or unwinding completed transactions, or imposing measures to remedy the national security risk. The order can have effects beyond the UK’s borders if the person is a UK national, a UK resident, a company incorporated or constituted under UK law, or carrying on business in the UK. Orders can be reviewed and may be varied or revoked. A notice about the final order will also be published.
There will be court oversight, but in general by way of judicial review rather than full appeal on the merits. The government takes the view that the SoS is best placed to assess national security risks and that the courts should not remake his decisions. There is also provision to invoke existing “closed material procedure” rules to limit disclosure of sensitive material during court proceedings.
Notifiable acquisitions that are completed without approval are void; but the SoS will have the ability to retroactively approve them. There are also civil and criminal sanctions, including fines of up to 5% of global turnover or £10 million pounds (whichever is higher) and up to five years’ imprisonment, for not notifying transactions subject to the mandatory regime, not complying with final or interim orders, or not providing requested information.
8. Interaction with UK merger control proceedings
The SoS has the power to direct the CMA not to proceed with a merger control investigation if this is necessary and proportionate in light of the security risk a transaction causes. At the same time the CMA is required to provide the necessary assistance to the SoS.