On 11 November 2020 the draft National Security and Investment Bill, the “NSI Bill” was published. The NSI Bill would introduce a new statutory regime granting the “Secretary of State” for Business, Energy and Industrial Strategy robust powers to scrutinise acquisitions which may pose a risk to the national security of the UK.

The NSI Bill had its second reading in the House of Commons on 17 November 2020 and began debate at the committee stage on 24 November 2020, which is anticipated to last until 15 December 2020. The NSI Bill will then be debated in the House of Lords. If passed through both Houses, it may receive amendment prior to receiving royal assent and becoming law. As currently drafted, when the NSI Bill becomes law it will apply retrospectively to all relevant transactions from 12 November 2020. Therefore parties involved in transactions or proposed transactions relating to the sectors discussed below should be mindful now of the potential application of the NSI Bill.

The NSI Bill’s stated aim is to provide the Secretary of State with powers in line with countries such as the United States, Australia and Japan, while maintaining the UK’s position as an attractive forum for business and an openness to foreign investment.

The primary new power under the NSI Bill is an ability for the Secretary of State to ‘call-in’ certain acquisitions, by foreign or domestic purchasers, in order to undertake an assessment of the national security implications of that acquisition. The NSI Bill also introduces a mandatory notification requirement on any purchaser proposing to acquire a qualifying entity in a sensitive sector. Such acquisitions will be unable to complete unless approved by the Secretary of State. The NSI Bill additionally creates a voluntary notification system to encourage notifications for acquisitions which may raise national security concerns but do not fall into the mandatory notification regime. Finally, the NSI Bill empowers the Secretary of State to address risks to national security by imposing remedies or sanctioning non-compliance.

Application of the NSI Bill

The NSI Bill applies to any acquisition of the control of a qualifying entity or asset in a sensitive sector. A “qualifying entity” is any entity, including a company, a limited liability partnership, or any other body corporate. If the qualifying entity is based outside of the UK it is still a qualifying entity if it carries on activities or supplies goods or services to persons in the UK. A “qualifying asset” is any asset, including land, tangible property, and ideas, information or techniques. If the qualifying asset is based outside of the UK it remains a qualifying asset if it is used in connection with activities carried on in the UK or the supply of goods or services to persons in the UK.

A “trigger event” is any acquisition of the control of a qualifying entity or qualifying asset, in any sector. Control for the purposes of a qualifying asset is defined in the NSI Bill as being an acquisition: (i) of more than 15% of economic ownership or voting rights; (ii) increasing economic ownership or voting rights currently held from 25% or less to more than 25%, 50% or less to more than 50%, or 75% or less to more than 75%; (iii) of voting rights sufficient to pass or block resolutions of the entity; or (iv) of an interest or right enabling material influence on the policy of the entity.

Certain “sensitive sectors” are being consulted alongside the NSI Bill, which will eventually be defined by additional secondary legislation, which the government may update or amend as it considers necessary. These sensitive sectors are: (1) Advanced Materials; (2) Advanced Robotics; (3) Artificial Intelligence; (4) Civil Nuclear; (5) Communications; (6) Computing Hardware; (7) Critical Suppliers to Government; (8) Critical Suppliers to the Emergency Services; (9) Cryptographic Authentication; (10) Data Infrastructure; (11) Defence; (12) Energy; (13) Engineering Biology; (14) Military and Dual Use; (15) Quantum Technologies; (16) Satellite and Space Technologies; and (17) Transport. The NSI Bill also empowers the Secretary of State to introduce further regulations which may provide exemptions and exceptions with respect to these sensitive sectors. Therefore the reality of the application of the rules concerning these sensitive sectors will only become evident once corresponding implementing legislation is published.

Before the publication of the NSI Bill, the Enterprise Act 2002, the “EA 2002”, was the primary statute enabling the government to analyse transactions for national security concerns. The NSI Bill differs from the EA 2002 by containing no turnover threshold or share of supply jurisdictional tests in order for a transaction to be scrutinised by the Secretary of State. Additionally, unlike other similar legislation in other countries, the NSI Bill applies to all purchasers of qualifying entities in sensitive sectors, whether foreign or domestic, and does not define ‘national security’.

Notification under the NSI Bill

A trigger event concerning a qualifying entity in a sensitive sector is a “notifiable acquisition”, creating a mandatory obligation on a purchaser to notify the Secretary of State prior to its completion by way of a “mandatory notice”. A notifiable acquisition that completes without the prior approval of the Secretary of State will be deemed void and of no legal effect. It is however unclear how this will apply in practice to non-UK assets or transactions.

The NSI Bill also provides for voluntary notification of an acquisition which is not a notifiable acquisition by way of a “voluntary notice”, by a purchaser, a seller, or the entity itself.. A voluntary notice provides a route for the Secretary of State to be notified of a trigger event which may not involve a statutorily defined sensitive sector, but may raise national security concerns and therefore be exposed to the risk of being ‘called-in’, as discussed in more detail below.

The implications of the wide ranging definition of notifiable acquisition in the NSI Bill means that mandatory notification may be required for a notably broad range of transactions. For example, if a group of companies that is being acquired includes a 15% minority ownership of an English transportation company, an acquisition of that group is likely to be a notifiable acquisition. Similarly, an investment round where an investor increases its shareholding from 10% to 26% of an AI start-up with a UK presence is also likely to be a notifiable acquisition.

The ‘Call-In’ Power

After receiving a mandatory or voluntary notice the Secretary of State must determine as soon as reasonably practicable whether it will be accepted. Following acceptance the Secretary of State has 30 working days to decide whether to issue a “call-in notice”, or whether the acquisition can proceed without further action. A call-in notice may only be issued where the Secretary of State reasonably suspects that a trigger event has taken place, or may take place, which may pose a risk to national security. A transaction cannot be completed after a call-in notice has been issued without the approval of the Secretary of State.

Guidance has been published on factors that the Secretary of State will consider before issuing a call-in notice: (i) the target risk, the nature of the target and the area of the economy in which it operates; (ii) the trigger event risk, the nature and degree of control being acquired and its practical use; and (iii) the purchaser risk, the extent to which the purchaser itself raises national security concerns.

After issuing a call-in notice the Secretary of State begins a 30 working day “assessment period” to consider whether the transaction poses a risk to national security. The assessment period may be extended by a further 45 working days and there is also scope for the purchaser and Secretary of State to agree a further voluntary extension to the assessment period. Following its review, the Secretary of State will determine whether remedies under the NSI Bill are required or whether it will take no further action.

Whether or not it has received a notice, the Secretary of State may on the grounds of national security issue a call-in notice for any trigger event within 6 months of becoming aware of that trigger event, for up to 5 years after the trigger event. If a notifiable acquisition was not approved, or if false information was provided to the Secretary of State, then there are no time limits for when the Secretary of State may issue a call-in notice.

Powers and Sanctions

Before the end of the assessment period, the Secretary of State must issue a final order or a final notification. During the assessment period, the Secretary of State may also issue an interim order. An order issued under the NSI Bill may have an extremely broad scope and provides the Secretary of State with far-reaching powers to protect national security. A final notification permits the transactions to complete.

A natural person failing to comply with an order under the NSI Bill or completing a notifiable acquisition without approval from the Secretary of State may incur imprisonment of up to 5 years or a fine of up to £10 million. If the offence is committed by a business, the fine is the greater of £10 million or 5% of global turnover (including subsidiaries).


The government has used its current powers under the EA 2002 to intervene in only 12 transactions on the grounds of national security since the introduction of the EA 2002 in 2003. By way of comparison, an impact statement published by the government with respect to the NSI Bill estimates that there will be 70 to 95 call-in notices and 1,000 to 1,830 notifications made under the NSI Bill to the Secretary of State annually. However, it should be noted that the NSI Bill impact assessment indicates that transactions concerning domestic purchasers are unlikely to give rise to national security concerns and that call-in notices will normally be issued to foreign purchasers.

While large corporate entities may be used to regulatory oversight and have the capacity to handle the accompanying processes, given the lack of a transaction thresholds, SMEs and start-ups may find compliance with the NSI Bill and potential delays to funding more challenging. Additionally, it is unclear what ‘national security’ means in the context of the NSI Bill, as it remains undefined, and the accompanying risk for the deterrent of foreign investment in the UK remains a distinct possibility. All of these concerns have been identified in the ongoing debate of the NSI Bill in the House of Commons and the NSI Bill may receive corresponding amendment before it becomes law. In any case, given the extremely wide scope of the NSI Bill as currently drafted, and the multitude of sectors to which it applies, the NSI Bill has the potential to cause meaningful disruption to transactions concerning businesses or assets with a UK nexus.