CFIUS and Inbound Investment: A 2026 Field Guide

The 2025 amendments to the CFIUS regulations expanded covered transactions to include certain non-controlling investments in a broader range of US businesses, with particular focus on agricultural land, biotechnology, and certain semiconductor adjacencies. The amendments also clarified the Committee's authority over real-estate transactions in proximity to a meaningfully longer list of sensitive sites.

For deal teams advising foreign investors and their US counterparties in 2026, the practical question is no longer 'is CFIUS in the deal?' - for any cross-border transaction with a US nexus, it almost certainly is in scope to be analyzed. The questions are whether a filing is mandatory, whether a voluntary filing is advisable, and how the CFIUS analysis interacts with the deal's overall regulatory and timing strategy.

Mandatory filings remain the easier category. The triggers - certain investments in TID U.S. businesses, certain transactions involving foreign-government interests, and the discrete categories of real-estate transactions identified in the regulations - are reasonably well defined. The work is in the early scoping: identifying whether the target develops, produces, designs, tests, manufactures, fabricates, or develops a critical technology; whether it processes sensitive personal data of US persons; or whether it performs functions in connection with covered investment critical infrastructure.

The harder analytical work is the voluntary filing decision. The Committee's expanded authority over non-notified transactions - and the corresponding rise in 'CFIUS calls' months or years after closing - has changed the calculus. The cost of a voluntary filing is real (sixty to ninety days of additional process, the disclosure burden of the form, the risk of mitigation conditions). The cost of declining to file is the multi-year shadow of a possible non-notified-transaction inquiry, which can land at the worst possible moment - typically when the foreign investor is preparing to exit or to fund the next acquisition.

Our default advice for foreign investors taking meaningful positions in US targets with any sensitivity profile is to file voluntarily. The exceptions are narrow: transactions where the investor is from a treaty-favored jurisdiction, the target is genuinely outside the regulatory perimeter, and the deal economics will not support the timing impact of a filing.

Mitigation is the area that has changed most in the last two years. The Committee's mitigation toolkit has expanded beyond traditional access controls and proxy boards to include affirmative governance commitments, technology safeguards, and personnel restrictions. Mitigation agreements are increasingly bespoke and increasingly intrusive, and the negotiating posture matters. Investors who arrive at the mitigation discussion with a credible, written compliance posture - and a willingness to commit to specific, auditable obligations - consistently achieve better outcomes than those who treat mitigation as a generic compliance exercise.

Three practical points stand out for 2026 transactions. First, the CFIUS analysis should begin at the term sheet, not at signing. The decision tree on filing - mandatory, voluntary, none - informs the deal timetable, the regulatory cost allocation, and the structure of the closing conditions. Late-stage discovery of a mandatory filing is one of the most expensive avoidable errors in cross-border M&A.

Second, the documentary record matters before the filing exists. The Committee will, in any meaningful matter, ask for the parties' diligence materials, board presentations, and integration plans. Those documents should be drafted with the understanding that a US government reader will see them. This is not a license to obscure substance; it is a discipline of clarity and tone.

Third, the post-closing compliance posture should be designed into the deal, not bolted on after the mitigation agreement is signed. Where the parties anticipate any meaningful mitigation, the integration plan should reflect the mitigation regime from day one - including reporting cadence, audit infrastructure, and personnel restrictions. The compliance failures that lead to penalties almost always trace to mitigation regimes that were treated as legal documents rather than operating manuals.

We continue to see the Committee approach reasonable cases reasonably. The system rewards counterparties who engage early, disclose fully, and offer credible mitigation where it is needed. The transactions that go badly are the ones where the analysis was done late, the disclosure was incomplete, or the mitigation was negotiated as an afterthought. None of these failure modes is necessary.

What we are watching

We will return to this topic across the coming quarter. If you are actively negotiating a transaction where these issues are live, we'd welcome a confidential conversation.

Three takeaways

• The market is settling, but the diligence bar is rising.
• Preparation, not posture, is the source of speed.
• The right structure can move price more than another round of negotiation.