🇺🇸 Live Defense & National Security

CFIUS — Foreign Investment Screening (31 CFR 800-802)

Screens foreign investments in the US for national security risks through the CFIUS review process.

View official source document

Rules extracted

Obligations decomposed

4.2x

Avg obligations per rule

🇺🇸 United States

Jurisdiction

About this regulation

The Committee on Foreign Investment in the United States (CFIUS) reviews certain transactions involving foreign investment in U.S. businesses and certain real estate transactions by foreign persons to determine the effect of such transactions on U.S. national security. These regulations implement the Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA), codified at 31 CFR Parts 800-802. Part 800 covers investments in U.S. businesses (including covered control transactions and covered investments in TID U.S. businesses), while Part 802 covers real estate transactions near military installations and sensitive government facilities. Key features include mandatory declarations for critical technology/infrastructure transactions, voluntary notice procedures, excepted investor carve-outs, mitigation agreements, and civil penalties up to $5,000,000 per violation or the value of the transaction.

What AuditDSS covers

Source

Regulation

Extracted

Rules

Decomposed

Obligations

4.2x

Decomposition ratio

Each rule is decomposed into an average of 4.2 atomic obligations — the smallest testable units that can be independently violated.

Fully extracted & scored

All 50 obligations have been decomposed, titled, risk-scored, and embedded for semantic matching.

Risk scoring

Every obligation in CFIUS is scored across independent risk dimensions:

Obligation Weight

How critical within the regulatory framework

Violation Likelihood

How often breached in practice

Enforcement Evidence

Regulator enforcement history and penalties

Cascade Dependency

How many obligations depend on this one

Regulatory details

Full title: CFIUS — Foreign Investment Screening (31 CFR 800-802)
Regulatory body: Committee on Foreign Investment in the United States
Jurisdiction: 🇺🇸 United States
Document type: regulation
Effective date: February 13, 2020
Issuing authority: U.S. Department of the Treasury — Committee on Foreign Investment in the United States
Industry: Defense & National Security
Official source: View source document ↗

Who this applies to

foreign personsU.S. businessesTID U.S. businessesexcepted investorsreal estate purchasers

Key requirements

covered transaction review
mandatory declarations for critical technology
voluntary notice process
mitigation agreements
real estate transaction review
penalties up to $5M per violation

Frequently asked questions about CFIUS

What is CFIUS?

Who does CFIUS apply to?

CFIUS applies to foreign persons, U.S. businesses, TID U.S. businesses, excepted investors, real estate purchasers.

How many obligations does CFIUS contain?

AuditDSS has decomposed CFIUS into 50 atomic obligations from 12 rules. Each obligation is independently testable and risk-scored.

What are the key requirements of CFIUS?

The key requirements include: covered transaction review, mandatory declarations for critical technology, voluntary notice process, mitigation agreements, real estate transaction review, penalties up to $5M per violation.

How can I assess my CFIUS compliance?

Upload your compliance policy to AuditDSS. The platform maps your document against all 50 CFIUS obligations using deterministic AI scoring — not checklists or LLM summaries. You get a risk-scored gap analysis showing exactly which obligations are covered, partially covered, or missing.

Which jurisdiction enforces CFIUS?

CFIUS is enforced in United States by Committee on Foreign Investment in the United States.

When did CFIUS come into effect?

CFIUS became effective on February 13, 2020.

What industry does CFIUS apply to?

CFIUS is primarily relevant to the Defense & National Security industry. AuditDSS covers 69 regulations in this industry sector.

Build a CFIUS compliance pack

Don't have a compliance policy yet? AuditDSS generates a complete compliance pack for CFIUS — alone or combined with other regulations your business needs. Every clause is mapped to specific obligations.

Policy

High-level commitments and governance framework covering CFIUS requirements.

Procedures

Step-by-step operational procedures to implement each policy commitment.

Forms & checklists

Ready-to-use forms, registers, and checklists for day-to-day compliance operations.

Multi-regulation

Combine CFIUS with other regulations into a single unified compliance pack for your business.

Build CFIUS compliance pack

Already have a policy? Assess it against CFIUS

Upload your document

Upload your compliance policy, program manual, or operational document. AuditDSS accepts any text-based document.

AI maps against 50 obligations

Your document is scored against every obligation in CFIUS. Each claim is mapped to the obligation tree and evaluated for coverage.

Risk-scored gap report

Receive every gap ranked by risk priority with remediation guidance, enforcement evidence, and cascade impact analysis.