The National Security and Investment Act (the Act) creates a new screening regime for transactions which potentially raise national security concerns in the UK.

The Act will come into effect on 4 January 2022.  However, as it has retrospective effect from 12 November 2020, lenders need to understand the implications for finance transactions now. 

A detailed FAQ has been prepared by our Corporate team, and can be found here: National Security and Investment Act: FAQs.  We have summarised the headline issues lenders need to be aware of as a consequence of the Act, and set out more detail under each of the drop down headings below.

Speed read

  • The Act comes into force on 4 January 2022, but will apply to transactions effected on or after 12 November 2020.
  • It applies to 17 “sensitive sectors” which give rise to national security risks. Those sectors are advanced materials, advanced robotics, artificial intelligence, civil nuclear, communications, computing hardware, critical suppliers to government, cryptographic authentication, data infrastructure, defence, energy, military and dual-use, quantum technologies, satellite and space technologies, suppliers to the emergency services, synthetic biology and transport.
  • The Act introduces a mandatory notification regime – with criminal and civil penalties for non-compliance – where a person increases their shares or voting rights in “qualifying entities” (i.e. those involved in one of the 17 sensitive sectors) to over 25%, 50% or 75% thresholds. Relevant transactions carried out without a mandatory notification are automatically void.
  • The Act also introduces a voluntary notification regime where a person either acquires “material influence” over an affected entity’s policies (without necessarily having voting control), or acquires a right, interest or control over a “qualifying asset” which is used in one of the 17 sensitive sectors.
  • The voluntary notification process precludes the government from later “calling in” a transaction for review. If a transaction is not notified voluntarily, it can be reviewed by the government at a later date and the sanctions available are potentially wide enough to unwind a transaction, or severely circumscribe an entity’s activities.
  • No notifications are possible prior to 4 January, however the Investment Security Unit can be contacted for informal advice before then.
  • Lenders need to be aware of the need to conduct due diligence on customers who are involved in these sectors, including in connection with acquisitions and disposals effected since 12 November 2020.Lenders ought not to proceed with loans until they are satisfied that either (i) no notifications are required or possible or (ii) the notification has been made to the Investment Security Unit and clearance received.
  • Where the Act is relevant to customers, lenders should consider enhancing conditions precedent, and deal-specific obligations, restrictions and other conditions.
  • In all cases, lenders ought to revisit their own-brand lending documentation to ensure that their conditions precedent, representations, undertakings and events of default are sufficiently widely worded to capture transactions and activity affected by the Act.
  • Lending and taking most types of security will not of themselves trigger notification to the ISU. However on enforcement of security the Act becomes relevant to dispositions of shares and assets, and therefore mandatory or voluntary notification should always be considered.
  • “Legal” share security and asset security (where the shares and assets are registered in the lender’s name, with the lender being a legal owner) needs to be treated with particular caution and advice should always be taken where the entity/asset in question is involved in a sensitive sector before security is taken.

The Act has been introduced to protect the UK’s national security from foreign parties gaining ownership of, or exercising influence over, UK businesses and assets to the extent that such influence gives rise to national security concerns. 

The new regime replaces the existing public interest merger regime provisions of the Enterprise Act 2002 insofar as a transaction involves national security considerations and represents an important new execution risk factor, with a similar risk profile to merger control rules. 

The Act comes into force on 4 January 2022 and will have retrospective effect. This means the Government can look back at and, potentially, unwind relevant transactions that have taken place from and including 12 November 2020.

The Act establishes:

  • A mandatory notification regime, whereby the proposed acquirer in certain proposed transactions is under a statutory obligation to notify the Secretary of State and obtain pre-completion approval to proceed. Failure to follow the mandatory regime where it applies will result in a void transaction and potential civil and criminal penalties being imposed on the proposed acquirer (and their officers).
  • A voluntary notification procedure, whereby a seller, proposed acquirer or the relevant company itself may voluntarily give notice of a transaction to the Secretary of State with a view to obtaining clearance. The benefit of making such a submission is that, assuming the transaction is approved, the Secretary of State won’t then issue a call-in notice after completion.
  • A call-in power, giving the Secretary of State the power to scrutinise a transaction that has taken place and, if it is found that a national security risk has arisen, to impose necessary and proportionate remedies for the purpose of preventing, remedying or mitigating that risk. This could include, as a last resort (though this is not specifically stated), requiring the transaction to be unwound.

It is not possible to make a formal notification before 4 January 2022.  Nevertheless, as the Government will have the ability to look back to any transactions that took place from and including 12 November 2020, parties should contact the Investment Security Unit (ISU) for informal advice in relation to any potential trigger events.  The ISU can currently be contacted by email: . From 4 January 2022, notifications must be submitted using an electronic case management portal.

The 17 sensitive sectors are as follows:

  • Advanced Materials
  • Advanced Robotics
  • Artificial Intelligence
  • Civil Nuclear
  • Communications
  • Computing Hardware
  • Critical Suppliers to Government
  • Cryptographic Authentication
  • Data Infrastructure
  • Defence
  • Energy
  • Military and Dual-Use
  • Quantum Technologies
  • Satellite and Space Technologies
  • Suppliers to the Emergency Services
  • Synthetic Biology
  • Transport

However, even where a business or asset appears to fall outside of the “sensitive sectors” a voluntary notification may still be needed under the Act if the transaction may be of interest from a national security perspective.

Whether or not a transaction is ‘called in’ will depend on the Government’s assessment of three risk factors – the “target risk” (the way the entity or asset is being or could be used), the “control risk” (the amount of control over the entity or asset that has been or will be acquired) and the “acquirer risk” (any characteristics of the acquirer that may have national security implications).

When considering the level of “control risk”, the mandatory notification regime will be triggered where:

  • an acquirer increases the percentage of shares they hold in a qualifying entity to more than 25%, 50% or 75%;
  • an acquirer increases the percentage of voting rights they hold in a qualifying entity to more than 25%, 50% or 75%; or
  • an acquirer obtains voting rights in a qualifying entity which enable them to secure or prevent the passage of any class of resolution governing the affairs of that entity.

Importantly, a “qualifying entity” is not just a limited company.  It is defined as an entity that is not an individual, so it includes companies, LLPs, partnerships, trusts and unincorporated associations.

The voluntary notification regime (and call-in power) may be triggered where:

  • a person acquires “material influence” over a qualifying entity’s policy, without necessarily having the number of votes or shares to reflect this (this could be found with a shareholding as low as 15%); or
  • a person acquires a right or interest in, or control over, a qualifying asset and as a result it is able to (i) use the asset, or use it to a greater extent than prior to the acquisition or (ii) direct or control how it is used, or do so to a greater extent than prior to the acquisition.

A “qualifying asset” is described in detail in our FAQs but essentially captures land, tangible moveable property (such as office equipment and machinery) and “ideas, information of techniques which have industrial, commercial or other economic value” (such as intellectual property).

Where the mandatory notification regime applies but is not complied with (or the transaction proceeds without Secretary of State approval), the transaction will automatically be void.  The acquirer (including its officers) also risks severe civil and criminal penalties, including a large fine and/or imprisonment.   

The potential implications of a void transaction for a lender are that:

  • it could lose the benefit of any security, notwithstanding any additional requirement to disgorge repayments;
  • it may face difficulties clawing back any funds that have been advanced, particularly if they have been dissipated; and
  • it may be required to disgorge any monies it has received as a result of the sale.

These scenarios are hypothetical, as the Act does not go into detail about the practical implications of the automatic voiding. There is significant industry pressure on the Government to replace this automatic voiding with provisions making any such transaction potentially voidable. We await either a change to the legislation or clearer guidance from the Secretary of State and/or the courts in relevant cases in the future. 

Where the Secretary of State exercises the ‘call in’ power, if the voluntary notification procedure is not followed or approval not obtained, the transaction will not automatically be void, but the ISU can subsequently call in and review the transaction and, if thought fit, impose necessary and proportionate remedies for the purpose of preventing, remedying or mitigating the national security risk.

What that means in practice is likely to vary depending upon the circumstances and risks identified. A final order might, among other things, include provisions:

  • requiring a person to do or not do particular things;
  • requiring the appointment of a person to conduct or supervise certain activities; or
  • relating to the transfer of intellectual property.

And, as a last resort, although the Act does not specifically list this outcome, the power appears to be wide enough to permit the court to require the transaction to be unwound.

Given the serious consequences of any failure to comply with the Act, lenders would be well advised to ensure appropriate conditions precedent are factored into transaction documents and appropriate representations and undertakings are obtained from the other parties to the transaction, as well as including a specific additional event of default.  Lenders should consider seeking specific advice on the potential application of the Act in each case where there appears to be a risk of a national security threat. 

Lenders should also consider undertaking due diligence on transactions undertaken by customers or targets between 12 November 2020 and 4 January 2022 to ensure that no trigger events or potentially notifiable events occurred during that period.

The fact that a transaction is entirely domestic, or entirely overseas does not mean that the potential impact of the Act can be disregarded.

The acquisition of a foreign entity which carries on activities in or supplies goods and services to persons in the UK could potentially be caught by the regime. Likewise, the acquisition of overseas assets could also potentially be caught if they are used in connection with activities carried on in the UK or in connection with the supply of goods or services to persons in the UK.

The Secretary of State has 30 working days following notification of a potential trigger event to decide whether or not to issue a call-in notice. 

If a call-in notice is issued (whether or not the trigger event was notified), the Secretary of State then has a further 30 working days to assess the transaction and determine whether or not to issue a final order.  This can be extended, unilaterally, by a further 45 working days in certain circumstances, and by written agreement for any voluntary additional period.  Requests by the ISU for further information can also pause the timetable.

Accordingly, there could be 105 working days or even longer from the date of notification of a potential trigger event to the date the Secretary of State makes a final order imposing remedies, or issuing a final notification confirming no further action is needed.  This needs to be factored into the deal timetable.

The impact of the Act on the enforcement of security depends very much on the nature of the security and the type of enforcement action taken. There is no blanket exemption or exclusion for the creation or enforcement of security.

As such, where the secured assets may fall within any of the relevant sensitive sectors (as described in the regulations: The National Security and Investment Act 2021 (Notifiable Acquisition) (Specification of Qualifying Entities) Regulations 2021 (, or may otherwise give rise to a national security risk, lenders should obtain specific advice on the implications of the Act before taking any security over those assets or enforcement action in relation to the same.

The Government gave the following guidance in a draft document published in March 2021:

although loans, conditional acquisitions, futures, and options are not exempt from scrutiny, the overwhelming majority of these are expected to pose no national security concerns, including within the core areas. In the rare circumstances where they do pose concerns, the Secretary of State generally only expects to intervene when an actual acquisition of control will take place (e.g. a lender seizing collateral).”

This guidance was contained in a draft statement of policy intent published in March 2021, but the wording concerning the Secretary of State only expecting to intervene where an actual acquisition of control by lenders will take place has not been replicated in its entirety in any subsequent drafts, including the final version published in November. No further guidance has been given in this regard in more recent versions of the statement.

The pre-enforcement position

It is therefore highly unlikely that lending will, of itself, result in a lender acquiring control of an entity or asset.  It is also highly unlikely (save for security where shares or assets are registered in the name of the lender, for which see below) that taking security will result in lenders acquiring control of an entity or asset, given that in most charges the taking of security neither grants the lender greater use of the asset, nor the ability to direct or control how it is used (other than through restrictive covenants) prior to enforcement of the security.

In terms of pre-enforcement events, in our view the mere occurrence of an event of default (which in principle entitles the lender to enforce its security) is unlikely to trigger mandatory or voluntary notifications, since no positive action will have been taken by the lender to obtain control, merely the right to do so will have arisen.  Importantly no new “right or interest” in the underlying asset or entity will have been given at the point the event of default occurs.

The position on or after enforcement

However, the enforcement of any type of security interest involving a sale of the underlying assets (specifically shares) most definitely raises the prospect of a notifiable event and/or mandatory notification.  For more detail see our Insight entitled “National Security and Investment Act: an overview for insolvency practitioners”.

The creation of certain types of security will inevitably be more likely to engage the provisions of the Act: share charges where control or ownership passes to the secured creditor on creation for example, and true chattel mortgages where there is a transfer of title to the secured creditor with provision for reconveyance on redemption. In particular, Scots law share pledges (which given the absence of any concept of equity in Scots law require legal transfer of title to the charge holder in order to create an effective right in security) need to be treated with caution.

Where a lender holds security over shares in a qualifying entity, the mandatory notification regime could be triggered by any action or event that results in a person (including the lender) acquiring (or increasing an existing position to) more than 25%, 50% or 75% of the votes or shares in that entity, or acquiring voting rights that enable or prevent the passage of any class of resolution governing the affairs of that entity. It is conceivable that the enforcement of security over shares could result in one of these scenarios.

If this is the case, depending on the route of enforcement taken, if the lender is deemed to be the ‘acquirer’ under the legislation, it is under a statutory obligation to obtain prior ISU approval before taking steps that would result in any such acquisition of control.  Even if these thresholds are not reached, if the effect of the enforcement of security over shares is that the lender acquires material influence over a relevant entity’s policy, then it would be advisable to follow the voluntary notification procedure before taking such action.

The Act contains a specific exemption confirming that the acquisition of rights by administrators or creditors arising from the appointment of administrators (whether by the company, the directors or a qualifying floating charge holder) will not in and of itself trigger the notification regime or call in powers.

However, there is no equivalent exemption for the appointment of liquidators or receivers.  The Act (together with all guidance given by the Government to date) is silent on the way in which the provisions will interact with the appointment of other insolvency officeholders or fixed charge receivers.  Our current interpretation, on the basis of the wording of the Act, is that it seems unlikely that the appointment of fixed charge receivers will of itself trigger the notification requirements. However, the position is clearly open to possible counter argument and lenders should obtain specific advice in each case if there is any possibility that the enforcement strategy may trigger the regime.

Depending on the circumstances, an insolvency or receivership sale could trigger either mandatory notification by the buyer or voluntary notification by the officeholder and/or the buyer and we have published an overview of the potential implications for insolvency practitioners here: National Security and Investment Act: an overview for insolvency practitioners - TLT LLP (

Next steps

The key questions for lenders to ask themselves or their legal advisors in each case are:

  • Does the entity or do the assets in this transaction fall within the relevant sensitive sectors or otherwise give rise to a national security risk?

  • If so, might any elements of this transaction result in the lender or any other party potentially gaining control of the relevant entity or asset for the purpose of the Act (whether now or at some stage in the future, through the future utilisation of its facilities or the enforcement of its security)?

Where the underlying assets or entities may fall within any of the relevant sensitive sectors, or may otherwise give rise to a national security risk, lenders should obtain specific advice on the implications of the Act before taking any security over those assets or enforcement action in relation to the same.

The need for approval and the potential for delays in high risk scenarios will need to be taken into account as part of the transaction planning.


The Act continues to be the subject of ongoing consultation with, and scrutiny by, affected industries and organisations and it is anticipated that more detail will become available in the coming months. We will provide further updates as this detail becomes available. If you would like to discuss any aspect of the issues raised in this article, please contact a member of our Restructuring and Insolvency or Banking and Finance teams.

Date published

03 December 2021