Universities were provided with useful guidance on when these risks might arise.
The Department for Business, Energy & Industrial Strategy (BEIS) published its National Security and Investment Act: Guidance for the Higher Education and Research-Intensive Sectors (the Guidance). This is BEIS's interpretation of the National Security and Investment Act of 2021 (the NSIA), important legislation requiring assessment and possible modification of deals, whether or not involving universities, on national security grounds throughout Britain (national security is not a devolved matter).
Enacted on 29 April 2021, the NSIA will require mandatory notification of future acquisitions of entities operating in 17 sensitive areas of the British economy from 4 January 2022, but BEIS can exercise its retrospective power to assess these and other transactions completing after 11 November 2020. National security risks can arise irrespective of the nationality of the acquirer or its owners.
Universities should welcome this guidance because they have been troubled by a lack of clarity as to their dealings with:
where these may raise national security concerns.
Foreign postgraduates and researchers wishing to come to the UK must already comply with the Foreign & Commonwealth Office’s Academic Technology Approval Scheme, whilst UK universities must obtain export control approval for partnerships involving sensitive technologies or certain countries.
The Centre for the Protection of National Infrastructure has given guidance on international research collaboration, whilst BEIS is staffing up a Research Collaboration Advice Team. However, the enactment of the NSIA and the importance of UK university research in the global fight against COVID-19 have accelerated these efforts and BEIS’s decision to address specific issues in the HE sector in its first batch of guidance illustrates the importance it ascribes to the sector.
BEIS provides guidance in the following areas:
The key question in each is whether a person, not necessarily foreign, acquires control of or material influence over an entity (such as a university spin-out company) or a university’s asset (such as intellectual property or land). If an entity associated with a university operates within one of the 17 sensitive areas and is to be acquired after 3 January 2022, the acquirer must notify the Investment Security Unit of BEIS in advance of completing and wait for at least 30 days, at the risk of the transaction being voided or suffering criminal or civil penalties. The trigger typically requires a shift in ownership over the 25% mark but can arise in lesser investments if they enable the acquirer to materially influence the entity.
If a target entity does not operate within any of the 17 areas, or if an asset is to be acquired, BEIS need not be notified pre-completion but can assess the acquisition upon its reasonable suspicion of a national security risk, in response to a voluntary notification in advance or upon its own initiative retrospectively within a limitations period. So for these trigger events occurring from 12 November 2020 until 3 January 2022, BEIS can retrospectively assess them for national security risk, provided it takes action before 4 July 2022. While the 17 areas are described in detailed regulations proposed on the same date, the Guidance illustrates generic scenarios that are commonly encountered and analyses their consequences for university and acquirer under the NSIA.
Of most importance for many HE institutions is that the funding of undergraduate tuition by a foreign government does not pose a risk to the UK’s national security. This point is deduced from the general discussion of student funding which focuses on postgraduates and the funder’s rights to acquire ownership of intellectual property generated by the postgraduate's research. The funding of the tuition of undergraduates or even postgraduates by foreign governments does not raise any national security risks unless it results in a transfer of the fruits of research to the funder.
Outside the tuition context, the Guidance concentrates on the possible acquisition of assets affecting national security which does not give rise to a mandatory obligation to notify BEIS. Relatively few examples are given of entities, such as university subsidiaries or spin-out companies, being acquired, which may require the acquirer from 4 January 2022 to notify BEIS pre-completion.
The Guidance addresses the situation when a person contracts for or sponsors research to be conducted by a university, or sponsors a chair in research. If the person thereby obtains rights to university intellectual property, eg by license, this could be a trigger event allowing BEIS to assess the agreement if it reasonably suspects that the event could risk national security. Indeed, BEIS can act as soon as the agreement is made, because the shift in control by subsequent license is contemplated.
The Guidance describes a research collaboration between a university and a private company, with the latter receiving an option to receive a non-exclusive license of any resulting intellectual property. If the option is exercised, BEIS may assess the transfer of the asset for its risk to national security - interestingly, the mere receipt of the option appears not to be an assessment opportunity. Further, a person’s sponsoring of a professorship with the power to influence the direction of research but with no rights to its fruits falls outside the scope of the NSIA.
These are collaborative projects between different research organisations and public or private partners. If a university partners with a research centre in such a way that the centre obtains control over laboratory equipment and software for example, BEIS could assess this transfer of control over the university's assets for national security risk.
Universities often form private companies to commercialise research, retaining some shares or rights to intellectual property.
Upon formation of a spin-out, any license of intellectual property to it could be assessed by BEIS if it reasonably suspects a national security risk. Further, if the spin-out operates in one of the 17 sensitive areas and its shares are subsequently sold by the university after 3 January 2022, this is likely to be an acquisition that must be notified to BEIS pre-completion. The same principles presumably apply in connection with a wholly owned subsidiary formed by a university to house a project.
One example illustrates a typical investment by a venture capital fund. If such a fund enters the shareholder register of a pre-existing spin-out by investing in return for 27% of the expanded share capital after 3 January 2022, it will need to notify BEIS pre-completion, explaining its ownership. If the fund fails to notify, or notifies and fails to obtain approval before completing, the acquisition will be void, and criminal or civil penalties could be assessed on the fund and its principals.
The Guidance addresses donations, recognising that some gifts are in substance grants anticipating future research. Provided that no shift in control of intellectual property to the donor is contemplated, which is desirable for tax and charity law reasons, donations should not give rise to BEIS’s power to assess national security risk.
An example is given illustrating complexities in current donation practice. A private company which supplies laboratory equipment donates a large sum to a university to develop a new research laboratory. The donor is later awarded a contract to supply the university. This fact pattern is stated to raise issues under the procurement rules, rather than the NSIA. Provided that the procurement rules are satisfied, the NSIA is not implicated because the donor obtains no control over university assets.
UK universities have welcomed numerous Chinese students and increasingly collaborate with Chinese entities in research. Given the current influence of the Chinese communist party on public and private actors there, the United States, and increasingly the UK, have become aware of the possibility that their universities could inadvertently transfer control of sensitive entities or assets to the Chinese Government or other competing sovereigns.
With the NSIA, the UK Government has enacted a comprehensive framework enabling BEIS to assess transactions within and without the HE sector for the risk they may pose to national security. Whilst the Guidance does not answer every national security question facing universities, its prompt publication should be welcomed by administrators who need to run their institutions while the UK Government further calibrates its protection of entities and assets it considers relevant to our national security.