National Security Regulation & Investment Risk: Quarterly Update from Washington

Taken together, these developments reinforce a broader point: for asset managers, sovereign wealth funds, financial institutions, private equity sponsors, and multinational companies, national security regulation is now a primary driver of transaction timing, diligence scope, governance negotiations, operating risk, and value preservation. It increasingly sits alongside antitrust, tax, and core regulatory analysis as a mainstream workstream in cross-border strategy and execution.

CFIUS Process Reform Advances as Government Shutdown Tolls Review Timelines

On February 6, 2026, Treasury issued a Request for Information (“RFI”) seeking input on the development of the Known Investor Program and on other ways to streamline the CFIUS process, including case reviews, non-notified activity, mitigation, and monitoring and enforcement. The RFI suggests that Treasury remains interested in process modernization and greater efficiency, particularly for repeat market participants, while preserving substantive scrutiny where national security concerns are acute.

For repeat investors, that is directionally positive but should not be overread. A more formalized Known Investor Program may eventually reduce friction for familiar investors and frequent filers, but it is unlikely to reduce sensitivity around critical technologies, sensitive personal data, supply-chain exposure, real estate proximity to sensitive sites, or non-notified risk. For sponsors, funds, and strategic investors, the practical implication is that investor profile, governance rights, information access, technical touchpoints, and business rationale should continue to be articulated with precision from the outset.

At the same time, the current partial government shutdown has introduced a more immediate source of process friction. Public reporting indicates that, since the Department of Homeland Security funding lapse began on February 14, 2026, CFIUS statutory deadlines have been tolled, even as the Committee has continued to engage informally in many matters. For deal parties, the result is not a complete halt, but a more unpredictable review timetable and less certainty around signing-to-closing assumptions. That timing uncertainty matters for transaction documents, financing, interim operating covenants, and outside dates.

Outbound Investment Controls Enter a More Durable Phase

What began as a White House initiative in outbound investment screening now rests on explicit congressional authorization. In December 2025, Congress passed the Comprehensive Outbound Investment National Security Act of 2025, or COINS Act, as part of the FY 2026 National Defense Authorization Act. The current outbound rules that became effective on January 2, 2025 remain in force until Treasury issues implementing regulations under the Act. The COINS Act does not, itself, rewrite the existing regime, but it codifies the outbound investment program on a permanent, statutory basis and equips Treasury with additional resources, including $150 million over two years, and grants express statutory authority to promulgate regulations that are expected to expand the program. (Our prior coverage of potential expansions is available here.) Market participants should treat outbound investment review as a permanent feature of the U.S. national security regulatory landscape, and one whose scope and operational requirements are likely to deepen as Treasury exercises its rulemaking authority.

For private equity sponsors, venture investors, strategic corporates, family offices, and financial institutions with exposure to semiconductors and microelectronics, quantum, AI, and related sectors in countries of concern, this warrants continued attention. Treasury’s public materials reflect an ongoing build-out of the program’s operating architecture, including FAQs, notification instructions, and exemption procedures. As a result, outbound investment review is becoming a standing diligence and structuring issue, particularly where a transaction presents governance rights, information rights, joint development features, technical collaboration, or other facts that move beyond passive market exposure.

This is particularly relevant for the investment community because outbound investment controls increasingly affect not only direct transaction permissibility, but also side-letter commitments, investor representations, internal approvals, and diligence protocols. At the same time, some of the areas highlighted for future expansion may overlap with jurisdictions or sectors already constrained by other U.S. authorities. The better near-term conclusion is therefore durability, not wholesale transformation.

DOJ and Treasury’s Financial Crimes Enforcement Network Continue to Favor Operationally Credible Compliance

On March 10, 2026, DOJ released its first department-wide Corporate Enforcement Policy for criminal cases. DOJ stated that the policy supersedes prior component-specific and U.S. Attorney’s Office-specific corporate enforcement policies. The significance lies not only in greater consistency, but also in the continued centrality of voluntary self-disclosure, cooperation, remediation, and preservation of relevant facts in the department’s charging and resolution analysis.

Treasury’s Financial Crimes Enforcement Network (“FinCEN”) moved in a similar direction on February 13, 2026, when it issued exceptive relief from the 2016 Customer Due Diligence rule requirement to identify and verify the beneficial owners of a legal entity customer each time that customer opens a new account. The relief does not eliminate beneficial ownership diligence. Rather, it removes a repetitive requirement at each new account opening while preserving onboarding obligations, risk-based ongoing diligence, and the ability of firms to exceed the baseline where their risk profile warrants it. The intended result is operational streamlining, not deregulatory retreat.

On March 30, 2026, FinCEN proposed a rule to implement its whistleblower program, and that proposal was published in the Federal Register on April 1, 2026. The proposed framework would incentivize reporting of violations involving the Bank Secrecy Act, International Emergency Economic Powers Act (“IEEPA”), the Trading with the Enemy Act, and the Kingpin Act, among others. For financial institutions, advisers, funds, and multinational businesses, the practical significance is that formal reporting channels and financial incentives increase the likelihood that compliance failures surface externally rather than being identified and remediated internally. That dynamic should elevate attention to internal reporting, investigative triage, documentation, and remediation processes.

On April 7, 2026, FinCEN and the federal banking agencies issued aligned notices of proposed rulemaking addressing AML/CFT program requirements. The proposals are designed to implement changes made by the Anti-Money Laundering Act of 2020 and to refocus AML/CFT compliance on effectiveness and risk-based allocation of resources. For financial institutions and investment platforms with bank-facing or broker-dealer-facing exposure, the message is that regulators continue to favor compliance programs that are demonstrably risk-based and operationally useful, rather than merely formal or checklist-driven.

Export Controls Enforcement Is Episodic, but the Exposure Is Not

Export controls remain a live enforcement priority, particularly in the semiconductor sector. On February 11, 2026, BIS announced a settlement with Applied Materials under which Applied agreed to pay approximately $252 million to resolve allegations involving illegal exports and reexports of semiconductor manufacturing equipment to China. BIS described the penalty as the statutory maximum and imposed compliance undertakings including audits and annual certifications. Applied also stated that DOJ and the Securities and Exchange Commission had closed related investigations without action.

For companies operating in or financing the semiconductor ecosystem, the Applied matter is a reminder that export controls are not an abstract policy issue. Classification judgments, end-user and end-use diligence, licensing analysis, escalation procedures, and documentary discipline function as real operational gates, and breakdowns in those gates can produce significant consequences. For investors, boards, and lenders, this means export controls should increasingly be evaluated not only as a legal risk but also as a diligence, valuation, and portfolio-oversight issue.

OFAC Advisory Reinforces That Transaction Diligence Must Go Beyond the Percentages

On March 31, 2026, Treasury’s Office of Foreign Assets Control (“OFAC”) issued an advisory on sham transactions and sanctions evasion. The advisory does not alter OFAC’s 50 Percent Rule. Rather, it supplements that rule by identifying factors to consider when assessing whether a purported divestment was real or whether a transaction was structured to conceal a blocked person’s continuing interest in property. OFAC identified a non-exhaustive set of indicators, including commercially unreasonable terms, transfers to family members or close associates, unclear business purpose, complex structures involving higher-risk jurisdictions, continued involvement by a blocked person, transfers occurring near the time of designation, and evasive responses about the blocked person’s role.

That guidance is especially relevant for asset managers, private equity sponsors, venture firms, and other gatekeepers. The legal ownership threshold remains important, but firms should not assume that nominal percentages alone resolve diligence where the surrounding facts suggest proxy ownership, retained benefits, sham divestment, or other efforts to evade blocking sanctions. In practice, that means sanctions diligence increasingly requires a more substantive understanding of beneficial ownership, governance arrangements, economic benefits, and the real role of designated persons in the transaction.

Sanctions Openings Remain Narrow and Highly Conditioned

Recent sanctions developments also counsel against reading selective authorizations as a broader reduction in risk. On March 19, 2026, OFAC issued Russia-related General License 134A, authorizing certain transactions ordinarily incident and necessary to the delivery and sale of Russian-origin crude oil and petroleum products loaded on vessels as of March 12, 2026. The following day, on March 20, 2026, OFAC issued Iran-related General License U, authorizing certain transactions ordinarily incident and necessary to the delivery and sale of Iranian-origin crude oil and petroleum products loaded on vessels as of March 20, 2026. Both authorizations were narrow, cargo-specific, and time-limited.

The practical lesson is less about reopening than about discipline. Parties considering reliance on this type of relief must still pay close attention to timing, cargo status, counterparties, services, routing, blocked parties, excluded jurisdictions, and the continued application of other sanctions restrictions. These sorts of licenses may create limited execution opportunities for well-prepared market participants, but they do not eliminate the need for transaction-by-transaction legal analysis and careful documentary controls.

Venezuela presents a related but distinct point. OFAC’s Venezuela program continues to involve a patchwork of general licenses, amendments, and FAQs touching oil, petrochemicals, electricity, financial services, contingent contracts, and certain PdVSA-related activity. For investors and commercial actors with the right compliance infrastructure, that complexity can create real openings. But those openings remain highly conditioned. Venezuela-related planning still requires disciplined attention to ownership, sanctions status, payment routing, licensing posture, and contractual guardrails, particularly where contingent rights or deferred performance concepts are involved.

Trade and Customs Risk Now Belongs in the Same Conversation

Trade policy remains fluid and consequential for the investment community. On February 20, 2026, the Supreme Court held that IEEPA does not authorize the President to impose tariffs. Market participants have since been reassessing refund opportunities, claims preservation, and future tariff exposure under other authorities. Whatever the ultimate recovery path for particular importers, the broader point is that aggressive Executive trade action remains constrained by statutory architecture, even as the Administration continues to search for alternative tools that may prove more durable.

That pivot is already visible. On March 11, 2026, USTR initiated Section 301 investigations relating to structural excess capacity and production in manufacturing sectors. USTR stated that written comments and requests to appear were due by April 15, 2026, and that public hearings would begin on May 5, 2026. For companies with meaningful import exposure, these developments reinforce that sourcing, tariff forecasting, customs valuation, country-of-origin analysis, and documentation should increasingly be considered together with sanctions, export controls, and broader national security risk.

Conclusion

For asset managers, sovereign wealth funds, financial institutions, private equity sponsors, and global companies, the question is no longer whether national security rules affect strategy. The question is whether those issues are being integrated early enough at the screening, diligence, structuring, governance, and portfolio-management stages to preserve flexibility, protect value, and support execution. Firms that treat these issues as episodic legal problems are increasingly likely to face friction. Firms that build credible internal capabilities around them may be better positioned both to manage risk and to pursue opportunities that others cannot underwrite comfortably.

Dechert advises leading institutional investors and multinational businesses across the full spectrum of national security regulatory issues, including CFIUS filings and mitigation, outbound investment structuring and notification, export controls classification and licensing, OFAC sanctions compliance and voluntary self-disclosure, AML/CFT risk, and tariff and trade policy exposure. We bring together regulatory, transactional, and enforcement experience to provide advice that is both legally grounded and commercially practical.