Download PDF

National Security and Investment Act 2021: Protecting the family silver or stifling investment in UK plc?

January 2022
Paul Henty

On 4 January 2022, the National Security and Investment Act 2021 (“NSI”) entered into force.  The NSI provides the UK Government with powers to scrutinise acquisitions and investments where the target operates in areas which could give rise to national security considerations. The new legislation is nothing short of a sea change for the regulation of mergers and acquisitions.

Key features of the new regime are as follows:

  • It replaces the powers contained within the Enterprise Act 2002 (“EA 02”) for the Government to intervene in “public interest mergers”. The NSI gives far greater scope for the Government to examine mergers and investments, particularly where national security concerns arise;
  • The legislation encompasses both share and certain asset purchases which relate to a target active in one of seventeen areas of potential sensitivity;
  • For the first time, there will be a positive obligation to notify certain transactions to the Secretary of State (“SoS”) for Business Enterprise and Investment. Failure to notify when required to do so may result in the transaction being legally void and without effect or may constitute a criminal offence;
  • The Government may impose certain conditions on an acquisition, unwind steps already taken or block an acquisition completely;
  • While the legislation is principally motivated by mitigating the risk of foreign control over sensitive assets or activities, its scope is not limited to transactions where there is a foreign buyer. There is also no de minimis excluding transactions below a certain size or value.

The NSI is part of a number of measures taken in recent years to allow the Government to control the ownership of UK based businesses which have a strategic or national security dimension.   For reasons discussed below, its scope is surprisingly wide and parties who ignore its provisions may do so at their own peril.

When does the NSI take effect?

The legislation received royal assent on 19 April 2021.  Its entry into force required the Government to publish certain guidance and secondary legislation, which occurred in July 2021.  The NSI took full effect on 4 January 2022.

A surprising aspect of the NSI is that the SoS may call in deals concluded after 20 November 2020, which is to say that the SoS has a controversial “look-back” power.  Completed transactions could therefore be subject to ex post scrutiny notwithstanding that the legislation had not been operational at the relevant time.

What is “national security”?

The legislation provides no definition of “national security”.  However, in Secretary of State for the Home Department v. Rehman [2001] UKHL 47, Lord Hoffmann stated the term means the security of the UK and its citizenry.  In the absence of a statutory definition, there are concerns that Governments may use the NSI to include wider industrial policy concerns, such as job creation.

Who will administer the regime?

BEIS has established a specific unit, the Investment Security Unit (“ISU”) to act on the SoS’s behalf, reviewing notifications and conducting an initial review within 30 working days of notification.  After that time, the transaction will either be cleared or called-in for a full national security assessment.  Where a full assessment follows, that must be completed within 45 working days (extendable by consent by the parties).  The clock may be stopped where the parties fail to provide information required by the SoS for the purpose of the assessment.

Which industries are covered by the NSI?

The new list covers businesses in no fewer than seventeen different categories.  Businesses active in the following areas will fall within the scope of the NSI:

  • Advanced Materials
  • Advanced Robotics
  • Artificial Intelligence
  • Civil Nuclear
  • Communications
  • Computing Hardware
  • Critical Suppliers to Government
  • Cryptographic Authentication
  • Data Infrastructure
  • Defence
  • Energy
  • Military and Dual-Use, Quantum Technologies
  • Satellite and Space Technologies
  • Suppliers to the Emergency Services
  • Synthetic Biology
  • Transport

Businesses are referred to in the NSI as “qualifying entities”.

The choice of categories relates directly to the risk of harm to the national interest.  For example, if an enemy state were to obtain ownership of a defence contractor, that may enable it to access sensitive military secrets (for example, the state of readiness of the British military, the positioning of troops, perceived weaknesses in the armed forces or supplies or technology available to it).  It may also provide leverage to a foreign government if that contractor were able to suspend or withdraw services or supplies critical to the defence of the nation.

The scope of some of the seventeen classifications is not entirely clear or is delineated by definitions which are highly complicated.  Where parties to a transaction are unsure whether the target entity or asset falls within one of the categories, they may wish to consult informally with BEIS to obtain further guidance.

What type of deals are covered?

As mentioned above, both share and asset acquisitions are potentially within scope. Section 8 defines the circumstances where acquiring control of an entity may trigger the provisions of the NSI.  Broadly this will occur where more than 25% of the voting rights are acquired or where an existing shareholder moves from its current level of ownership to beyond the thresholds of 50% or 75% of the voting rights in the target.  Acquiring “material influence” in a qualifying entity will also be sufficient.

Sections 9 and 11 deal with situations where the acquisition of assets may fall within the NSI.  Qualifying assets include such things as land, trade secrets and intellectual property.  Assets are likely to be outside scope where purchased as inputs in the usual course of the acquirer’s business.

Mandatory notification and call-in

The NSI creates a mandatory duty for parties to notify a share acquisition which is a notifiable transaction.  The deal must not be completed until the SoS has approved the transaction.  Once the SoS has confirmed that the notification is complete, the ISU must complete the initial national security review within 30 working days.

The SoS may also give a call-in notice where there has been a notifiable transaction or where one is taking place or is in progress or in contemplation. The notice may be given up to 5 years after the trigger event took place.  However, the SoS must exercise the call-in power within 6 months of becoming aware of the relevant transaction.

Controversially, there is no guidance as to what constitutes “awareness”.  It is not clear whether this could involve constructive awareness (e.g. from press coverage of a deal) or is confined to actual awareness.  That lack of clarity contrasts with the UK merger control regime, which allows the CMA four months from when material facts about the merger entered the public domain to review the merger.

It is also important to note that the NSI makes it a criminal offence to fail to notify, without reasonable excuse, the acquisition of control of a target entity and to complete a deal without obtaining SoS approval. Those committing such an offence could be liable for a fine of up to the higher of £10million or 5% of the total worldwide turnover and up to five years’ imprisonment for the buyer’s solicitors. There is also the prospect that such a deal may be declared void.

Voluntary notifications

Unlike share acquisitions, asset purchases fall outside the duty of mandatory notification discussed above.  This may incentivise parties in some instances to structure their deal as an asset transaction, thus avoiding the complications of requiring SoS consent.  However, asset transactions may still be “called in” by the SoS.  For that reason, the NSI provides the facility for the parties to an asset transaction to make a voluntary notification of the deal to the SoS.

Power to order no integration until review complete

While a trigger event is being assessed, the Secretary of State will be able to impose interim remedies in order to ensure that the effectiveness of the national security assessment or subsequent remedies is not prejudiced by action taken by the parties. For example, the SoS might prohibit activities which would result in the integration of two businesses, or act to safeguard assets, until the national security assessment is complete.

Judicial review

Parties may apply to the High Court for judicial review of the decision of the SoS.  Claims will need to be brought not more than 28 days after the grounds to make the claim first arose, unless the Court gives permission for the claim to be brought after the expiry of this time limit.

Co-existence with competition regime

The NSI will run alongside the existing UK merger control regime set out in the EA 02.  The principal purpose of the EA 02 regime is to facilitate regulatory oversight to protect competition.  The EA 02 allows the Competition and Markets Authority (“CMA”) to investigate mergers or acquisitions where:

  • the transaction would enhance or create a share of supply above 25%in relation to the supply of goods of any description, at least one-quarter of all the goods of that description which are supplied in the United Kingdom; or
  • the target has a UK turnover in excess of £70 million (for entities which are not “relevant undertakings”); or
  • the target has a UK turnover in excess of £1 million (for entities which are “relevant undertakings”).

For the purpose of condition (c), a “relevant undertaking” encompasses three categories of enterprise, namely (i) military and dual-use technologies, (ii) two parts of the advanced technology sector, encompassing computing hardware and quantum technologies.

How to deal with call-in risk in transactions?

The parties should be particularly aware that any attempted completion of a deal that falls within the scope of the mandatory notification duty will be void if clearance is not obtained.

From the perspective of the buyer, that means that completion of any relevant share purchase by a qualifying entity should be made conditional on obtaining clearance.  The buyer will not wish to commit itself to completing a transaction which may turn out to be illegal and void.  Notifying the deal to the SoS should start the clock running towards the six-month time limit.

The buyer should consider if warranty protections are appropriate.  For example, the buyer may rely on the seller’s judgment as to whether or not the target’s activities bring it within one or more of the seventeen listed categories.  Seeking a warranty as to the accuracy of that assessment will provide the seller with some comeback if the deal is ultimately called in.

The parties may also wish to consider an agreement dealing with the consequences of a call-in or adverse assessment by the SoS (for example, to what extent is the purchase money to be refunded?).  Given the potential for the main transaction agreement to be declared void, it may make sense to include the agreed arrangements in a separate document.

In relation to the acquisition of qualifying assets, the buyer may still wish to notify the SoS on a voluntary basis and seek to make the completion conditional, although it is to be expected that this may be met with push-back from the seller.  However, the seller should consider too whether a failure to notify could raise the risk of non-completion or even a potential unwinding of the deal.

Helpfully, the Government has indicated that the ISU will be open to providing informal guidance on whether or not a deal is notifiable.  Unfortunately, such guidance will not be binding on the SoS and a prudent buyer must give careful consideration as to how much comfort can be drawn from it.


Clearly, the NSI provides the parties to a transaction with some very delicate issues for consideration.  Given the NSI’s pervasive scope, its latent uncertainties and the draconian consequences for ignoring its provisions, parties (particularly buyers) and their advisors must give careful consideration to the potential application of the NSIA and develop a strategy for mitigating the risk of intervention on national security grounds.

Download PDF