The National Security and Investment Act 2021 (the Act) came into force on 4 January 2022, granting the UK Government the ability to review certain contemplated or historic transactions, and intervene as it deems necessary, in the interests of national security.
The scope of these powers, and the breadth of transactions they may apply to, are quite wide so it is important to understand when the Act may apply, and in particular what considerations should be evaluated, and when.
Below, we list the 10 key considerations from the Act to help ensure you have the most up-to-date information to support your business.
Key considerations
Non-compliance and sanctions
Where a trigger event occurs in relation to one of the 17 qualifying sectors, mandatory notification is required. The Government has the power to issue penalties of up to 5% of worldwide turnover, or £10,000,000 (whichever is higher) where there is non-compliance, and to potentially void the relevant transaction. There is also a potential for individuals to be imprisoned for up to five years.
In order to determine whether a transaction falls within the regime established by the Act, there are four principal questions:
- Is the transaction relating to an entity with ties to the UK;
- Is the change of control of that entity or those assets sufficient to fall within the Act;
- Is there, or will there be, a trigger event;
- Does the qualifying entity operate within particular high-risk sectors.
The trigger events to be aware of are:
- The acquirer’s shares in the entity increasing to more than 25%, to more than 50%, or to at least 75%;
- The acquirer’s voting rights in the entity increasing to more than 25%, to more than 50%, or to at least 75%;
- The transaction enabling the acquirer (whether alone or together with other voting rights it holds) to secure or prevent the passage of any class of resolution governing the affairs of the entity; or
- The acquirer being able to exercise material influence over the entity’s policies.
Considering voluntary notification
The voluntary notification regime allows for voluntary notification to the Government where the 17 sensitive sectors do not apply.
Guidance has been published by the Government as to the circumstances where voluntary notification may apply. The Government has also set up an email address for enquiries.
The Government has a power of call-in over any transactions of which it becomes aware, to assess whether there is a national security risk. This can be done at any time where there a mandatory notification ought to have been made. However where the transaction only falls within the voluntary notification regime (e.g. as a result of not being within the 17 identified sensitive sectors), the Government can only issue a call-in notice for up to six months after having become aware of it. Otherwise, the Government can issue a call-in notice for up to five years after the transaction. As a result, issuing a voluntary notification can ensure a shorter timeframe of uncertainty.
The Act is retrospective to 12 November 2020
This means that if there is any concern that transactions which completed on or after 12 November 2020 (or for which conditional completion was agreed after that date) may fall within the scope of the Act, these should be reviewed and post-transaction notification considered.
Connection to the UK
While the Act only applies to transactions where there is a connection to the UK, the Act interprets this broadly, and this does not mean that entities outside the UK are not relevant; an entity which supplies goods or services to the UK may also be considered a qualifying entity. There are no restrictions as to level of supply or trade to the UK for an entity to fall within the scope.
The trigger events
It should be borne in mind that the relevant trigger events under the Act do not only relate to an acquisition of control from a position of no control (e.g. from having less than 50% of voting rights to having over 50% of voting rights). Even in circumstances where an acquirer already has control through virtue of shares, and then it acquires further shares (even if ultimately this does not change its commercial control), this will still be a trigger event should the thresholds be met. Additionally, if the percentage of shares does not change, but a transaction results in the ability to pass resolutions governing the affairs of the entity, this may still be a trigger event.
The sensitive sectors
The legislation governing this list is secondary legislation, which may be updated going forward as other risks are identified by the Government. It is therefore vital to remain updated on the list of relevant sectors.
As at the date of this note, the high risk sectors which will trigger a mandatory notification (if the assets and control tests are passed) are as follows:
- Advanced materials;
- Advanced robotics;
- Artificial intelligence;
- Civil nuclear;
- Communications;
- Computing hardware;
- Critical suppliers to the government;
- Cryptographic authentication;
- Data infrastructure;
- Defence;
- Energy;
- Military and dual use;
- Quantum technologies;
- Satellite and space technology;
- Suppliers to emergency services;
- Synthetic biology;
- Transport.
Note that even if an entity does not operate within one of these sectors, the Secretary of State may still investigate if the entity operates in a sector which is closely linked to one of the above sectors.
Many above sectors may appear obvious and a company may instinctively know whether the sector is relevant. However where there is uncertainty, the Notifiable Acquisitions Regulations contain more explicit guidance.
When notification should be given
Notification must be given at the point of contemplation – prior to a trigger event occurring – and certainly not after. The guidance as to when this stage is reached is unclear, but it is suggested that entering into an agreement or arrangement that may allow for a party to cause a trigger event, whether contingently or not, would fulfil this. A non-binding heads of term document would not necessarily reach this stage, but the relevant party may consider this to be the most appropriate stage to make the notification, before progressing the transaction any further. A voluntary notice may also be given after a trigger event has occurred but the justification for doing this would have to be assessed in the particular context given the potential ramifications.
Who should make the notification, and how
Notifications are made digitally via the Investment Security Unit (ISU). In the case of a mandatory notification, the entity making the notification should be the acquirer (or party obtaining control). In the case of a voluntary notification, this can be the acquirer, seller, or any other qualifying entity concerned.
Final orders
Following its assessment, the Secretary of State may impose any final order it sees fit. This is expected to be on the acquirer but may be on any relevant party. In most cases it appears that the Secretary of State will attempt to impose a final order, if the risks justify this, simply as may be required to negate the national security risk. However, it reserves the right to block or unwind a transaction.
With respect to mandatory notifications, these must be cleared by the Secretary of State prior to the trigger event or the transaction will be legally void, though the Secretary of State has the power to retrospectively validate a transaction which ought to have been notified.
Incorporating consideration of the Act into due diligence
Due diligence exercises and questionnaires should be updated, where relevant, to determine whether there has been any historic failure to comply with the Act.
Our experienced corporate solicitors are happy to provide guidance on the interpretation of the Act or to discuss next steps in relation to historic or ongoing transactions. Get in touch today if you would like advise on all aspects of the NSI Act. We offer an initial no-obligation consultation.