From screening to structuring: FDI risk reshapes M&A deal terms

Foreign direct investment controls have changed the mechanics of cross-border M&A. They have not simply added another filing to the transaction checklist. They have fundamentally redrawn the strategic calculus of deal structuring, negotiation and contractual draftsmanship.

This shift reflects a broader change in screening practice. FDI regimes are proliferating, existing regimes are being reinforced and regulators are interpreting sensitive sectors more broadly. The traditional focus on investor identity remains important, particularly where the buyer has state links or connections to jurisdictions of concern. But the dominant question is increasingly asset-led: what is being acquired, what does it enable and what would happen if control passed to a foreign investor?

That matters because the perimeter of sensitivity has widened. Technologies, data, supply chain position and proximity to state functions can all determine the intensity of scrutiny. Sectors such as biotechnology, AI, critical raw materials and food security now sit alongside more established categories such as defense, energy and telecoms. In the EU, this direction of travel is clear: the revised FDI Screening Regulation makes national screening mechanisms mandatory across Member States, establishes a minimum harmonized scope of review and extends scrutiny to EU-based investors ultimately controlled by non-EU entities. The shift is already visible in practice. FDI notifications across the EU increased by nearly 75% in 2024, and the revised framework is likely to add further pressure to an already active screening environment.

For M&A practitioners, the consequence is immediate. Where the target touches a strategic domain, FDI risk must be built into the deal architecture from the start. It affects timetable, conditionality, remedies, termination rights and post-closing integration. In sensitive transactions, the SPA is no longer just documenting commercial agreement, it is allocating national security risk. 

FDI is now a deal strategy question

A reactive approach to FDI is increasingly untenable. Transactions can fail not because the underlying commercial logic is weak, but because the parties underestimate the regulatory terrain, engage too late or fail to explain the transaction in terms the authority can accept.

That requires a different approach from merger control. FDI regulators are government entities, and their analysis is increasingly shaped by security, political sensitivity, industrial policy and strategic dependance. The timing and content of engagement therefore need to be calibrated accordingly.

The first step is a detailed initial risk assessment. This should map the target’s technologies, intellectual property, customers, government and defense contracts, supply chain role, data flows and links to critical infrastructure. It should also identify whether any limited activity, product line, customer relationship or dataset could change the regulatory analysis.

That point is often decisive. FDI review does not always tolerate a de minimis approach. In competition analysis, a small revenue stream or limited market overlap may be peripheral. In FDI, one sensitive contract, technology or dataset can change the risk profile of the entire transaction.

Early assessment also shapes the regulatory narrative. The parties should anticipate the questions screening authorities are likely to ask and prepare credible answers before the review begins. Where potential concerns are identifiable, mitigation should be considered early. The most sophisticated dealmakers no longer wait for regulators to define the problem, they test which safeguards may be needed, whether those safeguards are commercially acceptable and how they can be framed as proportionate responses to specific risks. 

The judgment is delicate. Too little mitigation may increase the risk of delay, escalation or prohibition. Too much may erode the commercial value of the deal. In the most sensitive transactions, the negotiation effectively takes place on two fronts: with the counterparty and with the state – and requires both legal rigor and commercial creativity.

Turning regulatory risk into contract terms

The results of that FDI assessment must then be reflected in the contractual documentation. This is where the policy shift becomes concrete.

Long-stop dates are often the first pressure point. FDI reviews can be unpredictable, particularly in multi-jurisdictional transactions where reviews may run sequentially or where one’s authority’s concerns influence another’s. Political attention can also extend timelines beyond the formal statutory process. In complex cross-border deals, long-stop dates of 12 to 18 months are no longer unusual, and even those may prove insufficient in highly sensitive cases.

The drafting must account not only for the formal statutory timelines, but also for pre-notification engagement, information requests, remedy discussions and ‘stop the clock’ delays. In jurisdictions such as the US, pre-filing engagement can materially extend the process in high-stakes transactions. An aggressive long-stop date may look attractive at signing, but it can become a false economy, creating artificial pressure that weakens regulatory strategy and forces the parties to abandon an otherwise viable transaction.

Conditions precedent need precision. The SPA should identify all FDI clearances required before closing. But the exercise does not end with mandatory filings. In some cases, conditions should also cover voluntary filings or potential call-in risk, where an authority can review a transaction that was not mandatorily notifiable but may raise national security concerns. Where post‑closing intervention could lead to unwinding or intrusive remedies, prudent parties may decide that closing certainty requires resolving that risk before completion.

Cooperation obligations require equally careful drafting. FDI authorities often request sensitive details about the buyer (and its direct or indirect shareholders) and the target. The buyer needs enough information to satisfy its regulatory obligations, while the seller needs to protect the commercially sensitive material before closing. Counsel-to-counsel and regulator-only disclosure mechanisms can manage that tension, allowing sensitive material to reach the authorities without passing through the counterparty's commercial team. The position can be complicated where a state-owned enterprise buyer is not prepared to divulge certain information to worldwide FDI regulators. This constraint should be clearly addressed in the transaction documents and may introduce additional risk for the seller, albeit one that is often non-negotiable.  

“Hell or High Water” clauses have become one of the most contested issues in FDI-sensitive deals. A traditional commitment requires the buyer to accept any remedies needed to obtain clearance. That is increasingly difficult in the FDI context, where remedies can be less predictable and more intrusive than antitrust remedies. On the other hand, FDI regulators often show greater flexibility towards behavioral remedies than their merger control counterparts, underscoring the need to distinguish between these regimes when negotiating such commitments.

Potential (largely behavioral) FDI remedies may include structural separation, restrictions on management involvement, exclusion of certain critical shareholders or limited partners, limits on technology or data access, IT segregation, localization commitments, investment obligations or constraints on future governance. Some may directly undermine the strategic rationale for the acquisition. Buyers are therefore less willing to sign open-ended commitments.

As a result, more transactions use limited or commercially reasonable efforts standards, often combined with negotiated remedy caps. These caps define the maximum burden the buyer is prepared to accept, whether financial, operational or structural. Their value lies in forcing the parties to confront FDI risk at signing, rather than after the regulator has already framed the risk.

Reverse break fees may help where parties cannot agree on remedy obligations. A fee, payable by the buyer if the transaction fails for lack of FDI approval, compensates the seller for delay and opportunity cost, while giving the buyer an economic incentive to pursue approval. The amount will depend on the perceived clearance risk, the buyer’s control over the regulatory outcome and the commercial value of the transaction.

Warranties also need to become more FDI-specific. Standard representations may not be enough where the target operates in sensitive areas and where the target’s activities often determine where a mandatory filing is required. The SPA may need targeted warranties covering government and defense contracts, dual-use technologies, classified programs, export-controlled items, sensitive data, critical infrastructure, supply chain dependencies and prior engagement with national security authorities. A disclosure gap in this context is not merely a diligence issue. It may lead to unexpected filings, delay, remedies or refusal of clearance.

Post-closing covenants are just as important where remedies are likely. FDI commitments can affect integration planning, IT migration, data access, governance, supply arrangements, intellectual property transfers and cross-licensing. If the post-closing plan conflicts with clearance conditions, the buyer may inherit immediate compliance risk. The SPA should therefore preserve enough flexibility to implement a remedy-compliant integration plan, rather than hard-wiring steps that may later become impossible or unlawful.

With thanks to Freshfields Jérôme Philippe and Basile Marin for their contributions to this update.