1. Understanding the Committee on Foreign Investment in the United States
(CFIUS) and anticipating how the US Government looks at threats—
preparation can be critical for ensuring successful CFIUS transactions
The CFIUS helps prevent foreign M&As in the US from threatening US national
security. The Government’s transaction threat assessment identifies threat actors who
may be targeting or exploiting the transaction, as well as the threat vectors they may use
to access the transaction parties. Problems in the CFIUS review arise largely either
because the parties do not understand how their transaction relates to US national
security or how the Government’s transaction threat assessment, written for every
transaction, is developed and used by the CFIUS to assess threat issues and drive
mitigation. The number of CFIUS investigations has increased—companies must be
prepared for the CFIUS as well as the US Government’s post-transaction requirements
to clear the deal.
When foreign companies are considering investing in the United States
Timeline
Cyber threat Analysis Detection
Companies subject to US export controls
Businesses supporting the US Government
Critical infrastructure
US defense industry
Deemed a covered transaction by Treasury
Deals
subject to
CFIUS
review
Insiders: Use of a witting or unwitting individual with authorized access to
conduct attacks on behalf of threat actors.
Cyber: Use of computers, computer networks and mobile computing
devices to gain access to a similar system. This has a heavy focus on
remote collection.
Technical: Use of technical means such as electronic eavesdropping,
webcams, CCTVs, and wiretaps.
Nation States: Vast resources and capabilities. Often interested in
strengthening military capabilities, economic espionage, critical
infrastructure disruption, or jump-starting research and development.
Hackers: Seek access to sensitive data for a variety of reasons including
intelligence collection, information network disruption, profit, sabotage, fraud
and embarrassment; can act independently or on behalf of other threat actors.
Competitors: Unscrupulous companies targeting business information,
trade secrets, intellectual property, access to export controlled information
Sample Threat Actors Assessed by US Government
Sample Threat Vectors Assessed by the US Government
Assessing the threat to US national security in the
pre-transaction phase: Who needs it, and why?
Foreign firms acquiring US entities must understand the
CFIUS process and potential risks and mitigations associated
with the transaction, and how those factors may impact the
timing, structure or viability of the deal
Financial firms supporting the deal must understand the
non-financial risks associated with the transaction and the
parties involved to protect the firm’s investment.
© 2016 PwC. All rights reserved. PwC refers to the US member firm or one of its subsidiaries or affiliates, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details. This
content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.

2. PwC’s Strategic Threat Management Group can assist in the pre- and post-
transaction phases of a CFIUS transaction
Timeline
Cyber threat Analysis Detection
Pre-transaction
Review/Investigation
Post-transaction
mitigation
Why PwC? Our CFIUS team is comprised of senior subject matter specialists with deep technical knowledge and unique first hand experience identifying and assessing
CFIUS transaction-based threats. Our team, leveraging our robust and well-regarded Corporate Intelligence capability, includes seasoned professionals who developed
the US Government’s CFIUS threat assessment process and have personally written or reviewed several hundred threat assessments for the CFIUS. Our experience has
also been drawn on to provide post-transaction mitigation agreement third party compliance audit services.
Contacts
Glenn Ware
Principal
+1 (703) 918-1555
glenn.ware@us.pwc.com
Steve Klemencic
Manager
+1 (703) 918-1201
steven.klemencic@us.pwc.com
PwC staff members can inform key corporate decision makers of potential US national security issues
We can:
• Provide foreign acquirers a Pre-Transaction Threat Assessment with a US national security focus on
potential threats security—before submitting their CFIUS filing to the US Government
• Provide law firms the “deep dive” into potential clients to support client acceptance decisions
A mitigation agreement may be required to gain CFIUS clearance
We can:
• Provide cleared technical experts to assist in mitigation implementation and resolving complex
merger/acquisition IT integration issues
• Provide gov’t required third party audit services for mitigation agreement compliance
Jeannette Chu
Managing Director
+1 (703) 225-8519
jeannette.l.chu@us.pwc.com
1st Stage Review 2nd Stage Investigation
Presidential
Decision
45 Days30 Days 15 Days
CFIUS Review Timeline
© 2016 PwC. All rights reserved. PwC refers to the US member firm or one of its subsidiaries or affiliates, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details. This
content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.