The “Regulations of the State Council on Foreign Investment” was approved at the 83rd executive meeting of the State Council on April 17, with the date of issue being May 5, and will officially come into effect on July 1. This is a regulation that is easily underestimated. At first glance, it seems to be a systematic arrangement of matters such as approval, filing, information reporting, and cross-border capital registration for overseas investment.

However, in the context of the accelerated pace of Chinese enterprises going global in recent years, the accelerated restructuring of the global industrial chain, the tightening of technology controls, the expansion of the scope of data supervision, and the continuous increase in the demand for overseas interest protection, its significance goes far beyond “clarifying the procedures.” What it really does is to reintegrate the requirements that were previously scattered in different institutional tracks such as development and reform, commerce, foreign exchange, export control, data security, state-owned asset supervision, consular protection, and overseas dispute response into a more complete framework.

In the past, when talking about overseas investment, companies were most concerned about three issues: whether the project needs to be filed, whether funds can go abroad, and how to register an overseas company. After the new regulations are implemented, the questions have changed to another way of asking: how does the asset go out, how is the technology used, how does the data flow, how do the personnel move, how is the control right arranged, who will support when encountering overseas barriers, and what price will be paid for stepping on the red line. Companies going global is no longer just “capital going abroad,” but a systematic compliance project involving assets, technology, data, personnel, control rights, and national security.

1. The boundary of going global has been redrawn.

Article 2 of the new regulations clearly defines “foreign investment”: The so-called foreign investment (i.e., overseas investment) refers to the activities of investors within China who directly or indirectly obtain ownership, control, and operational management rights of enterprises and assets in other countries or regions, as well as other related rights and interests, by investing assets, equity, or providing financing and guarantees. The most noteworthy part of this definition is that it does not limit overseas investment to several traditional forms such as “establishing a company,” “buying equity,” and “building a factory.” Financing, guarantees, indirect acquisition of rights and interests, and operational management rights arrangements may all fall under the regulatory purview of foreign investment.

This is especially critical for today’s cross-border transactions. Many overseas projects may not be written as “acquisitions” in the documents—it may be a convertible bond, a benefit right arrangement, financing support for an overseas SPV, or it may be the influence on overseas assets through guarantees, agreement control, or layered fund structures. As long as these arrangements ultimately point to overseas enterprises, assets, control rights, operational management rights, or other related rights and interests, it will be difficult to treat them as ordinary financing.

Another detail that is easily overlooked is that the new regulations uniformly include “enterprises, other organizations, and resident individuals within China” in the scope of investors. Although the specific management measures for foreign investment by resident individuals and others are still to be formulated separately, the direction has been clarified: high-net-worth individuals, family offices, offshore SPVs controlled by individuals, overseas fund shares, trusts, and other wealth management structures will not naturally be outside the rules in the future. Therefore, what this regulation changes first is not a certain approval form, but the underlying perspective of regulators on “going global”—instead of just staring at whether a company has set up a factory overseas, it begins to ask: How was this overseas equity formed? Who is in control? Have funds, assets, technology, data, and personnel been transferred out with it? Will these arrangements trigger considerations at the level of public interest and national security?

1. Data, technology, and security have become the new main lines of overseas compliance.

If Article 2 redefines “what is foreign investment,” then Articles 13 and 15 mark the two most sensitive lines for future foreign investment: one is technology and data, and the other is national security.

Article 13 stipulates that investors shall not export or use goods, technologies, services, and related data that are prohibited from export by the state when carrying out foreign investment activities; without permission, they shall not export or use goods, technologies, services, and related data that are restricted from export. Investors shall not transfer goods, technologies, services, and related data that are prohibited or restricted from export by the state to other countries or regions by means of cross-border dispatch of technical personnel, organizing personnel to work overseas, providing cross-border technical guidance, or arranging personnel for cross-border training.

This means that regulators see more than just servers, databases, and code packages. Personnel dispatch may constitute technology transfer, remote guidance may constitute service transfer, cross-border training may constitute knowledge transfer, and overseas R&D collaboration may also involve the flow and use of related data. For AI, cloud computing, autonomous driving, intelligent manufacturing, biomedicine, Fintech, and industrial software companies, the following questions are already very real: Can overseas R&D centers call domestic training data? Can overseas teams access source code, model parameters, risk control rules, and user profiles? Does the technical training provided by domestic engineers to overseas teams involve restricted technologies? Is the use of algorithms, data sets, and product documents accumulated by Chinese teams by overseas subsidiaries internal collaboration or a regulated cross-border transfer? These issues were often handled at the business level in the past. Now, they must enter compliance review.

Article 14 further returns matters such as cross-border capital flow, import and export of goods and technologies, trade in services, cross-border data flow, entry and exit of personnel, review of concentration of undertakings, export control, network security, taxation, and state-owned assets to relevant laws and regulations for handling. This shows that the “Regulations on Foreign Investment” is not a special data law, nor is it an export control law—but it embeds these rules into the main process of overseas investment. Companies can no longer split ODI, data export, export control, network security, and personnel dispatch into several unrelated processes when making overseas projects in the future.

Article 15 stipulates that the investment authorities and commercial authorities of the State Council, together with other relevant departments, shall conduct security reviews on overseas investments that affect or may affect national security, as well as the transfer and disposal of related assets and rights and interests. There are two key words here: one is “may affect” and the other is “transfer and disposal.” The former indicates that the security review does not wait for the occurrence of damage results; the latter indicates that the review does not only focus on the moment when the investment occurs—after the overseas investment is completed, the re-transfer or disposal of related assets, equity, and rights and interests may also fall under regulatory purview.

This is especially important for projects involving sensitive technologies, important data, key minerals, energy resources, communication infrastructure, artificial intelligence, semiconductors, biotechnology, and financial infrastructure. Before going global, companies cannot only ask “is this project commercially worthwhile,” but also ask: Are there any controlled technologies or data? Who is the overseas partner? Will subsequent equity exits, asset transfers, overseas listings, or the introduction of external investors change the judgment of control rights and security risks?

1. The role of the state has changed: not only regulation, but also service and countermeasures.

There is another aspect of this new regulation that is easily overlooked: it is not a purely regulatory document. Articles 6 to 9 specifically stipulate the construction of a service system—the state will coordinate service resources in the fields of foreign affairs, law, finance, taxation, finance, trade, logistics, entry and exit, customs, and trade promotion to provide guarantees for investors; governments and relevant departments at the provincial level and above shall also provide public services such as laws and regulations, policies and measures, investment guidelines, intellectual property rights, risk prevention, and rights protection.

There is a very real change behind this: today’s main players going global include new energy vehicle companies, photovoltaic companies, smart hardware companies, as well as SaaS companies, game companies, payment institutions, cross-border e-commerce companies, AI companies, consumer brands, and small and medium-sized supply chain companies. The overseas environment they face is far more complex than in the past—sanctions, export controls, investment reviews, data localization, tax investigations, labor compliance, intellectual property disputes, anti-monopoly reviews, overseas litigation, exchange restrictions, and political risks, almost none of which can be handled in isolation. It is costly and easy to fall into traps for companies to explore on their own.

What is more noteworthy is the countermeasure clause. Articles 23 to 25 of the new regulations clearly state that when investors encounter investment barriers or operational obstacles in the destination country, the commercial authorities may organize investigations and adjust national investment policies, restrict the import and export of related goods or technologies, and restrict international trade in services based on the results of the investigation. If any country, region, or international organization violates international law and the basic norms of international relations and takes discriminatory prohibitions, restrictions, or similar measures against China, the Chinese government may take corresponding measures to protect the legitimate rights and interests of investors and national overseas interests.

The institutional meaning is already clear: overseas investment by enterprises is no longer just the commercial behavior of the enterprises themselves, but has also been included in the toolbox of national overseas interest protection and foreign economic relations adjustment. In the current situation where technology restrictions, industrial chain restructuring, investment reviews, and sanction countermeasures occur frequently, companies must recognize a reality: overseas risks are no longer just contract risks, tax risks, and corporate governance risks—it is increasingly like a crossroads.

1. No more “getting on the bus first and then buying a ticket”: compliance must be prioritized.

Articles 27 to 31 of the new regulations construct a relatively clear responsibility system. If an investor invests in a foreign investment project prohibited by the state, the competent authority may order the cessation of investment activities, order the disposal of shares or assets within a time limit, and confiscate illegal income; if it refuses to implement it, it may also be fined 5‰ to 10‰ of the investment amount, and the person directly responsible may also be fined 50,000 to 100,000 yuan. If the approval and filing procedures are not fulfilled as required, or the approval and filing are applied for by submitting false materials or concealing true information, the approval and filing authority may order corrections, confiscate illegal income, and impose a fine of 1‰ to 5‰ of the investment amount; if the corrections are refused, the investment activities may be ordered to cease, and a fine of 5‰ to 10‰ of the investment amount may be imposed.

What companies should be more vigilant about is qualification restrictions. After the penalty decision takes effect, the relevant competent authorities may not accept the approval and filing application of the illegal actor within three years, or prohibit it from engaging in foreign investment activities within one to three years. The impact of this on companies is often greater than fines. Once a company that is globalizing its layout is forced to suspend its project, its overseas assets are ordered to be disposed of within a time limit, and its subsequent overseas window is closed, it may have a knock-on effect on financing, mergers and acquisitions, listing, supply chain contracts, overseas customer relations, and market reputation.

The real signal released by the new regulations is that overseas investment compliance can no longer be regarded as supplementary work after the transaction is completed. It must be placed in the entire process of board decision-making, investment committee review, transaction structure design, due diligence, and post-investment management. For companies, at least four lists should be added before and after July 1:

01 List of overseas investment projects—In addition to overseas subsidiaries, M&A projects, and equity investment projects, financing, guarantees, convertible bonds, benefit rights, overseas fund shares, offshore SPVs, and overseas reinvestment arrangements should also be included.

02 Cross-border list of technology and data—Source code, algorithm models, training data, user data, industrial data, risk control rules, R&D documents, technical drawings, patented technologies, software systems, overseas access rights, and cross-border collaboration mechanisms all need to be systematically sorted out.

03 Security review and export control assessment form—A preliminary judgment should be completed in the early stages of the transaction for those involving sensitive industries, sensitive technologies, important data, key supply chains, and complex control right arrangements.

04 Overseas dispute and investigation response form—When participating in overseas arbitration, litigation, or being investigated by overseas judicial and law enforcement agencies, the provision of evidence or materials to overseas countries must comply with relevant rules such as national secrets, data security, personal information protection, technology export management, export control, and judicial assistance.

In a nutshell, future overseas projects cannot only do traditional commercial DD, financial DD, and legal DD. Data DD, technology DD, security DD, export control DD, and countermeasure risk assessment will increasingly become standard configurations. The promulgation of the “Regulations of the State Council on Foreign Investment” is not to deny companies from going global—it emphasizes at the beginning to promote the high-quality development of foreign investment, support investors to carry out foreign investment activities in accordance with market principles, and legally enjoy investment autonomy, make independent decisions, bear their own risks, and be responsible for their own profits and losses.

But it also draws a clearer line: going global is not escaping supervision, and globalization is not a compliance vacuum. The extensive model of “investing first and then making up for it later” will have less and less space. The companies that can really go far are not necessarily the fastest-running companies, but the companies that can see the rules clearly, build a system, and guard the boundaries.

[Paperduoduo]