Creighton Chin – Senior Associate – Compliance
FD Associates
On May 13, 2025, the U.S. Department of Commerce, Bureau of Industry & Security (“BIS”) published a policy statement, accompanied by two guidance documents, that introduced new license requirements under the Export Administration Regulations (“EAR”) for the exports, reexports, and transfers of Advanced Computing Integrated Circuits (IC), and other commodities for use with Artificial Intelligence (AI) models that support Weapons of Mass Destruction (WMD) and military-intelligence in certain countries.
The key points of these documents are summarized below.
- The BIS policy statement, Controls that May Apply to Advanced Computing Integrated Circuits (IC) and Other Commodities Used to Train AI Models, (herein after referred to May 13 AI Policy Statement) requires exporters and re-exporters to obtain a BIS license to export, reexport, or transfer a commodity classified under Export Control Classification Numbers (ECCN) 3A090.a, 4A090.a and .z items in Categories 3, 4, and 5, e.g. 5A992.z, when there is “knowledge[1]” that the commodity will be used in an AI model that will further the use of WMDs or military intelligence activities in a D:5 country, or for or on behalf of an entity headquartered in a D:5 country.This license requirement applies to U.S. persons that provide any support or performs any contract, service, or employment, when there is “knowledge” that the activities and services will be used for or may assist the training of AI models for or on behalf of parties headquartered in D:5 countries (including China) or Macau.Exporters and re-exporters should presume a policy of denial consistent with policies stated in Part 744.6 – Restriction on Specific Activities of “U.S. Persons”; Part 744.22 - Restrictions on Export, Reexports, and Transfers to certain Military-Intelligence End Users; and Part 744.23, “Supercomputer,” “Advanced - Node Integrated Circuits,” and Semiconductor Manufacturing Equipment End Use Controls, of the Export Administration Regulations (EAR) for any D:5 country.
- In its guidance document, Industry Guidance to Prevent Diversion of Advanced Computing Integrated Circuits, BIS provided to exporters and reexporters AI-oriented behavioral and transactional red flags that will trigger a license under the May 13 AI Policy Statement when not mitigated. These red flags add to the “Know Your Customer” Guidance and Red Flags published in Supplement No. 3 to Part 732 of the EAR.
Included with this guidance are due diligence actions required for vetting companies involved in the use or export of AI ICs to destinations outside country Group A:1.
- In the second guidance document, Guidance on Application of General Prohibition 10 (GP10) to People’s Republic of China (PRC) Advanced-Computing Integrated Circuits (ICs), BIS clarified that it is a violation of GP10 for any company, including foreign companies, to use Chinese-produced ICs that meet the Advanced IC performance criteria of ECCN 3A090. The guidance included a non-exhaustive illustrative list of three Huawei ICs (i.e. Ascend 910B, 910C, and 910D) subject to GP10 and clarified that boards, servers, or assemblies, whether or not included in the list, are subject to the prohibitions.
This latest knowledge-based end user and end use control and the related due diligence actions, such as evaluating a customer’s ownership structure, adds to the list of other knowledge-based end user and end use restrictions in Part 744 that companies must address when doing business internationally.
These requirements and those under consideration by BIS, such as implementing a 50% ownership similar to one imposed by the Office of Foreign Asset Controls (OFAC) and proposed rules that will expand the scope of intelligence gathering restrictions, require a company to continuously evaluate its compliance program to ensure that it evolves with regulatory changes, as well as those within the company, to prevent violations under the EAR.
We recommend that companies - even those that are not affected by this new requirement - review their compliance programs to ensure it includes a robust end user and end use screening process that reviews transactions against the denied and restricted party lists and the Parts 744 and 746 controls. The process should include methodologies for collecting end user and end use information, as well as for red flag identification with increasing levels of due diligence and risk mitigation that matches the identified risk level. BIS has stated recently that it expects companies to be derisking high risk transactions as described in the various guidance documents and in the EAR and will penalize companies that ignore red flags.
Companies should assess whether their screening tools used for denied and restricted party screening screens the parties to the transaction against relevant lists. The relevant list extends beyond the lists specified under the EAR and include, as stated in the guidance, the Office of Foreign Assets Control’s (OFAC) Specially Designated Nationals (SDN) List, or the U.S. Department of State’s Statutorily Debarred Parties List. In practice, the screening lists should include all the lists administered by OFAC and the DoS. As part of assessment, companies should ensure their screening tools and processes rescreens entities against updates to the lists and flags to responsible employees any open transactions involving a potential match.
With the increasing likelihood that BIS will implement a 50% ownership rule, companies must now consider enhancing their screening process to include an evaluation of an entity’s ownership structure and relevant close affiliations. This is necessary to determine whether the entity is 50% or more owned by a party on the Entity List or other restricted party lists that could prohibit the transaction or trigger a license requirement under the EAR.
Evaluating a company’s ownership structure and potential connections to restricted or sanctioned parties may be supported through ownership research services provided by Kharon, Dow Jones, and Dun & Bradstreet. Additional sources include investor reports, open-sourced platforms (e.g. OpenSanctions.org, and China Defence University Tracker), and general internet searches. Each has its strengths and limitations and should be used to augment traditional screening tools.
Finally, the review should evaluate whether the compliance program provides ongoing training to the employees responsible for screening transactions. Training should include update on regulatory changes, effective use of the screening tools and techniques for researching an entity’s ownership, and changes in the company’s activities (e.g. introduction of new productions or markets) that could subject the activity under existing proposed rules.
As export control regulations continue to evolve and government regulators place greater emphasis on companies to know their customers and to mitigate risk of diversion, companies that fail to regularly review and update their compliance program expose themselves to significant penalties.
A robust end user and end use screening process is one element of a compliance program.
The article Does Your Export Compliance Program Pass Muster? highlights essential elements of an effective compliance program and challenges that companies may face when implementing a program. FD Associates has the expertise and experience to navigate these challenges and can support your company with targeted solutions, such as enhancing your end user and end use screening processes or developing a compliance program tailored to your company.
[1] Knowledge. Knowledge of a circumstance (the term may be a variant, such as "know," "reason to know," or "reason to believe") includes not only positive knowledge that the circumstance exists or is substantially certain to occur, but also an awareness of a high probability of its existence or future occurrence. Such awareness is inferred from evidence of the conscious disregard of facts known to a person and is also inferred from a person's willful avoidance of facts.