Home Insights What the national security test means for technology transactions in Australia

What the national security test means for technology transactions in Australia

The Federal Treasurer has announced that a new national security test will be introduced into Australia’s foreign investment regime from 1 January 2021. The new test is intended to help the government screen for foreign interference in ‘sensitive national security businesses’, and will have particular significance for transactions in the communications, technology and data sectors. 

In our 2019 article, we queried whether the foreign investment review board (FIRB) would seek broader powers to screen transactions for technology and data assets. We noted concerns of security agencies that many such transactions (particularly in relation to emerging technologies) fall below the monetary thresholds at which FIRB oversight kicks in. Moreover, while FIRB has power to regulate acquisitions, it does not review other types of transactions through which access to technology might be obtained, such as technology development and licensing transactions.

The reforms that are now being proposed will partly address the concerns of security agencies, by bringing more technology and data M&A transactions before FIRB.

While screening foreign investment into the technology sector may make sense from a national security viewpoint, both investors and existing players will be hoping that FIRB adopts a streamlined process so that approvals can be dealt with expediently. 

A new national security test

The proposed national security test will allow the Treasurer to block or impose conditions on investments by foreign persons in ‘sensitive national security businesses’ on national security grounds, irrespective of the monetary value of the investment.

This effectively extends the $0 threshold, which previously only applied to foreign government investors (FGIs), to private foreign investors that invest in a ‘sensitive national security business’.

Details of what will constitute a ‘sensitive national security business’ are still to be worked through, however the Treasurer has flagged that it may include:

  • businesses regulated under the Telecommunications Act 1997 (this will include carriers and internet service providers, but may also include virtual network operators, messaging applications, VoIP services and video streaming services);

  • businesses regulated under the Security of Critical Infrastructure Act 2018, including owners and operators of electricity or gas supply, ports and water infrastructure;

  • businesses involved in the manufacture or supply of defence or national security related goods, services and technologies; and

  • businesses that own, store, collect or maintain sensitive data relating to defence or national security. Depending on how broadly the concept of ‘national security’ is framed here, some have speculated that this could potentially capture data relating to health care and finance as well as businesses involved in the defence industry.

Streamlining investments

There are also positives in the reforms for institutional investment funds. The Government will issue investor specific exemption certificates which will enable foreign investors to make acquisitions without case-by-case screening.

There is also a proposal to amend the ‘foreign government investor’ screening rules so that large funds with passive government investors are no longer subject to a blanket $0 notification threshold.

How does this new approach differ to the US? 

It has been suggested that the proposed reforms are being driven in part by requirements imposed on Australia by the United States through the Foreign Investment Risk Review Modernization Act (FIRRMA) and Committee on Foreign Investment in the United States (CFIUS).

Under FIRMMA, investors from countries that can demonstrate ‘a robust process to assess foreign investments for national security risks and to facilitate coordination with the United States on matters relating to investment security’ are exempted from investment scrutiny.

However, even with the proposed amendments, FIRB’s review powers are narrower than the scrutiny the United States applies to its own technology and communications sector. Specifically, FIRRMA allows the CFIUS to review not only transactions involving the acquisition of an ownership interest in technology or telecommunications companies, but also transactions which give a foreign party any form of access to non-public technologies – such as data sharing arrangements and technology development and licensing agreements – all of which can be structured to confer rights that closely resemble ownership. In contrast, FIRB’s purview is restricted to situations where access to technology is obtained through an acquisition of business assets or a shareholding interest or by starting a local technology business.

There is precedent in Australia for broader review powers to be applied to the operation of critical assets in the interests of national security. Under the Security of Critical Infrastructure Act 2018 and the Telecommunication Sector Security Reforms (TSSR), the Minister for Home Affairs has the power to direct owners or operators of critical infrastructure assets to take or refrain from taking certain action in the interests of national security. The Minister is advised in this regard by the Critical Infrastructure Centre (CIC).

While the direction rights are rarely used, the fact that they exist gives the CIC and the Minister a broad platform from which to influence the management of critical infrastructure assets in the interests of national security.  

It is not proposed at this stage that such powers be given to the CIC for technology businesses or extended beyond licensed carriers in the telecommunications sector.

Next steps

Draft legislation to enact the proposed reforms will be released in July with the new regime due to commence from 1 January 2021.

In the meantime, foreign investors should remain mindful of the changing regulatory landscape when considering the acquisition of businesses that comprise or include significant data or technology assets.

This article was originally co-authored by Justin Fox.


James North

Head of Technology, Media and Telecommunications

James Wallace

Senior Associate


Technology, Media and Telecommunications Corporate/M&A

This publication is introductory in nature. Its content is current at the date of publication. It does not constitute legal advice and should not be relied upon as such. You should always obtain legal advice based on your specific circumstances before taking any action relating to matters covered by this publication. Some information may have been obtained from external sources, and we cannot guarantee the accuracy or currency of any such information.