Mirror, Mirror on the Wall, What’s the Outcome of the Trilogue?

19. February 2026

Part 6 in the CELIS blogseries on the revision of FDI Screening Regulation 2019/45

Authors: Andrew Hill (Amcham Europe), and Floor Doppen (University of Antwerp)

Introduction

The clock has started ticking for the early-2028 implementation deadline of the Foreign Investment Screening Regulation (the ‘Regulation’) with Germany already announcing that it will consolidate its screening rules and implement the Regulation bymid-2026, and many other member states re-opening their own screening legislations.

Naturally, investors and legal practitioners are curious about the exact outcomes of the trilogues, not least to know what will happen for them in their home-states. This intrigue comes as investors strive to understand how different the investment screening environment will look from 2028 onwards and how the Commission’s expanded role - through the Regulation and the Joint Communication on strengthening Economic Security - will influence screening in the near future.

The Council and the European Parliament struck a political agreement on the Regulation on the 11th of December and finally published the provisional agreement last week (‘provisional agreement’).

The most important changes relate to:

  • Procedural harmonization
  • Risk assessments
  • Definitions of foreign investor and control
  • Mandatory sectoral scope(s)
  • Security valves such as call-in powers and ex post investigations
  • Increased collaboration and a culture of solidarity

Ahead of the full adoption due to take place later this Spring, we have analysed the provisional agreement and attempted to give a lay of the land, and assess what investors should expect in terms of changes in the near future.

Procedures: Minimum harmonization – minimum impetus?

A clear win for the investment screening community is that the provisional agreement does not only mandate member states to have investment screening regimes in the first place, but requires these regimes to have a common structure. However, given that this Regulation leaves room for divergence, it will be up to member states to turn this common structure into reality.

As expected, this common structure will include a two-phase approach for investment screening across Europe. The co-legislators also provisionally agreed on a minimum set of filing requirements and, surprisingly, an optional single portal for notifications should nine member states request it. As most member states already screen in two phases, the adaption will have the largest impact on Spain, the main large member state with a one-phase regime.

Once notified, cases would enter Phase 1, which will last up to 45 days (Article 4 (2)(a)(i)). This mandatory deadline for early investigations should provide certainty for the vast majority of investments that are cleared, within a relatively short period. While industry preferred a 35 day process - aligning it with the Phase 1 deadline under the EU Merger Regulation and the Foreign Subsidies Regulation, the Council’s mandate reflected this longer time-frame presumably to accommodate for member states with longer preexisting Phase 1 windows.

In any case, neither the Council or Parliament put forward restrictions that would prevent screening authorities from artificially extending this deadline through creating clarity around when a filing is complete, and preventing the artificial extension of the Phase 1 window. At most, authorities must inform investors without undue delay when their filing is complete (Article 4 (2)(g)(a)). Without full harmonisation between filing requirements, member states will retain the flexibility to decide when a filing is complete. Additionally, there are no apparent maximum deadlines for Phase 2 investigations. Having said that, most screening authorities close their phase 1 investigations within shorter timelines (e.g. Sweden within 25 working days, and France within 30 working days).

Quite frustratingly for lawyers dealing with multi-country transactions, the Regulation will require investors to notify multi-jurisdictional investments on the same day… or, at least, endeavour to do so according to Article 7(a)! Perhaps this anticipates a future where all filings are made through a harmonised Single Portal. In the meantime, this is certain to create significant coordination and time pressures for lawyers (who have complained about this during consultations), but may bring some benefits to screening authorities.

More optimistically, the Commission will also publish a common minimum notification template for notifications to the Cooperation Mechanism (Article 15, the last version dates from 2023). However, it remains to be seen whether this will impact administrative burdens by changing filing requirements overall, and to what extent member states will include their own additional information requirements in domestic filing forms.

Lastly, luckily for researchers, stakeholders, and lawyers, all member states will have to publish an annual report (Article 24). As we wrote before, gaps in the current Regulation have led to different transparency requirements as well as different practices on the notification of cases, including when these are published. However, for now we might have to temper our enthusiasm a bit: there is an exemption for data for which full anonymisation is not possible, so most likely smaller states, or large states with fewer cases, or unwilling states, may play this card.

Risk assessment

To aid in creating a common structure for screening notified investments, the provisional agreement also includes a standard minimum list of risk factors that member states will use while assessing investments (Article 19). While not amounting to an exhaustive list of criteria, it creates a window into the screening process. It is also one of the best examples of how security and economic security considerations, in line with the European Economic Security strategy and a shifting geopolitical context, may seep into the new Regulation.

The provisional agreement highlights some risk assessment criteria that are already present in the legacy Regulation and in practice, such as:

  • A stronger focus on the effect of an investment on the availability of critical technologies, including the protection and availability of intellectual property;
  • Increased focus on security of supply considerations;
  • Geographical proximity to military facilities.

However, it also makes explicit some new considerations which reflect shifting priorities, such as:

  • Whether the foreign investor has opaque ownership structures;
  • Home state considerations such as a deficient national AML/CFT regimes or legislation that can force firms to provide information for intelligence purposes without due process;
  • Harmful behaviour and compliance record with mitigating measures in other member states.

To help with this standardisation, the Commission will make risk assessment forms available to member states, which may lead to a more harmonized approach across the EU. These common assessments will become the baseline for member states, but won’t preclude them from adding additional criteria or making decisions on a different basis. Likewise, the interpretation of these criteria may vary across member states, depending on their risk appetite and perceptions of the geopolitical environment.

For investors, this minimum list of risk assessment criteria will provide more transparency around how their investments will be assessed and give them a basis for self-assessment. It may also provide stronger backing for recourse should they feel a screening decision be inappropriate. In that vein, the Regulation also gives investors the right to effective judicial recourse (Article 4 (2)(f)), as well as the opportunity to make their views known effectively before a screening authority takes its screening decision (Article 4 (3)).

If implemented in perfect harmony, investors should be able to conduct an accurate self-assessment of security risks, submit common paperwork across all relevant jurisdictions and know, within 45 days, whether an in-depth investigation will be opened. However, member states maintain the discretion to retain national specificities to undermine these advances – let’s see if they use it!

Definitions: Close but no cigar?

Investors may benefit immediately from the provisional agreement as it relates to common definitions of ‘foreign investors’, ‘foreign investments’, ‘indirect foreign control’ and other jurisdictional questions which create significant headaches for lawyers today (Article 2). As we discussed before, this was a hidden cause for many divergences in investment screening across jurisdictions.

Importantly, the issue of indirect foreign control that came to the fore in the Xella judgement is ‘solved’, meaning that intra-EU investments with indirect foreign ownership will become part of the screening framework.

However, both the Council and Parliament failed to make significant progress in defining the elusive concept of ‘effective participation’, which will serve as the concept of ‘control’ in the Regulation. The provisional regulation shows that the co-legislators accepted the Council’s recital (Recital 16a), clarifying that the concept of control used for merger control (‘decisive influence’) generally applies to investment screening. Yet, there still remains some uncertainty around the margin between these two tests, and to what extent the ‘effective participation’ could apply to minority shareholdings, agreements and other arrangements. While the provisional agreement doesn’t resolve these issues, the Commission’s forthcoming guidelines may provide an opportunity to minimise divergence, should the Council agree.

Scope: Big and balanced

The public announcements in December already broadcasted that the co-legislators reached a reasoned balance between the Council’s full alignment with the dual-use list, common military list, and outbound investment screening list, and the Parliament’s maximalist approach on the mandatory scope. The provisional agreement now shows us a clear and relatively delineated scope focussed on Article 4 (4):

  • Dual use items;
  • Military equipment;
  • Hyper-critical technologies, based off of the Outbound Investment Screening Recommendation, and listed in the Annex I (semiconductors or quantum technologies, or research and development of artificial intelligence technology;
  • Critical Raw Materials;
  • Critical entities defined through a risk-based assessment by member states, without, interestingly, any reference to the critical entities directive
  • Electoral infrastructure; and
  • Financial system entities.

The majority of these point to clearly understood concepts or lists, such as the dual use list and financial system entities. Others may present implementation challenges. For instance, the critical entities designation will require member states to create or designate an existing risk-based assessment to serve as a basis for mandatory notification. Presumably, many member states will look to the Cybersecurity Directive (NIS2) and the Critical Entities Resilience (CER) Directive to serve this role if they do not wish to create a new one. However, given that these are directives, there is likely inconsistency between how member states implement it, designate entities, or notify designees of their applicability.

Most importantly for many investors, the provisional agreement shows that member states will have the discretion to choose whether or not to screen greenfield investments. Similarly, it confirms that internal corporate restructuring will generally be out of scope – as long as there is no change in control, in addition to foreign investments made in the application of a resolution tool or of write-down and conversion powers (Article 1 (5)(a)).

Member states’ own scopes will likely be broader than these lists, depending on how they interpret and gold-plate this minimum standard. If the European Parliament’s negotiation is any indication of how legislators will act when implementing the Regulation, national members of parliament may rush to include specific technologies in the scope to signal their support for domestic industry.

Retroactive & call-in powers

The provisional agreement also includes potentially long retroactive (up to 5 years) and call-in windows to function as “security valves” for investments that were not initially screened, requiring all member states to ensure they incorporate the necessary flexibility in their screening laws to adapt to evolving threats or evading tacticts.

The provisional agreement provides two routes for ex officio investigations (Article 4(2)(c)):

  • Anti-circumvention and compliance – for investments that were subject to mandatory notification but weren’t notified, a route which already exists in most member states.
  • Call-in – for investments that weren’t subject to mandatory notification where the authority has ground that such foreign investment may affect security and public order.

While broad retroactive powers exist in some regimes in combination with voluntary notification mechanisms (take Germany or Denmark), the mandatory inclusion of call in powers is striking.

This will create a change in practice in certain member states, depending on whether or not they already allow for call-ins. France and the Netherlands, for instance, have sectoral review systems with no explicit provision to call-in foreign investments that don’t fall within their legal scopes. For the Czech Republic and Germany, on the other hand, this particular provision should not impact their existing practices substantively, as the Emposat case in Czechia highlighted last year.

Security Solidarity

The provisional agreement also creates a culture of security solidarity, requiring member states to have the tools necessary to take into account security concerns related to other member states. In that same vein, it will require member states to work separately and together to monitor the compliance with mitigating measures, especially when they implicate subsidiaries established in other member states.

In practise, security solidarity considerations sometimes are taken into account. Spain’s decision to block the Hungarian consortium Ganz-Mavag’s takeover of train-maker Talgo, for example, included considerations linked to the transfer of technology necessary for military mobilisation in Eastern Europe. This, effectively, incorporated security considerations beyond Spain’s own borders.

These provisions on security solidarity impact the risk assessment and the ability of lawyers to accurately identify the risks associated with an investment. The writing is on the wall: investors must look at cross-border and EU-wide implications and take into account various economic security considerations while planning investments.

Cooperation: Trust based

The co-legislators have continued to move further in the direction of a framework for trust-based cooperation between the member states and the Commission. While the Parliament’s proposals to give the Commission more intervening power in national decisions were not successful, the co-legislators agreed to structured conversation and accountability mechanisms.

This cooperation starts at the notification to the Cooperation Mechanism, where member states will use a new “filtering mechanism” (Article 15) to decide which cases to pass along. This creates some much-needed conformity around the use of the Cooperation Mechanism and includes criteria related to the technology and investors involved, as well as whether the investment involves multiple jurisdictions.

Once notified, member states and the Commission will be able to issue comments and opinions. The “host” member states will be obliged to “explain how these were considered, including reasons for any disagreement” and possess the tools to address these concerns (Articles 12-13).

Similarly, although the Commission will not have full investigatory powers, it may be allowed to “assist” a host member state in gathering information, something also required of other member states (Article 16).

The agreement also includes the creation of a common database (Article 18) to prevent circumvention – allowing member states to work together with the Commission to prevent forum shopping and exchange information on malign actors. Notably, it will include information previously not shared among member states and the Commission such as decisions taken in specific cases, requiring more transparency (Article 18 (7)(d)).

Ultimately, time will reveal the extent to which member states and Commission end up working together, although the two year-long negotiations amongst screening authorities and the past 5 years of cooperation through the first Regulation, has created a strong informal network between screening authorities. Beyond screening authorities, the Joint Communication on strengthening Economic Security shows that governments are investing more in their overall cooperation, through a monitoring mechanism on portfolio investments and research into cumulative investment risks which may inform screening and call-in decisions by member states. In short, investors will see closer cooperation between member states before the 2028 implementation, now that the writing is on the wall that cooperation has to happen.

Far from over

Now that the provisional agreement has been published, the race is on to implement the Regulation and prepare deals for a new reality. Regardless of the final text, there always remains room for divergence between member states on implementation which may undermine the spirit of the progress made in Brussels. The Commission’s guidelines should provide clarity on these outstanding implementation questions but there are no indications, yet, as to how far they will go.

Tune in next time for a last full assessment of the Regulation (once released) and a discussion on the implementation challenges going forward!!

Print Friendly, PDF & Email
Posted in CELIS Institute, CELIS-Blog and tagged