PRIA Logo
Back to search
Trade & Tariffs

Export Controls & Dual-Use Technology

37 min read·Updated May 12, 2026

Export Controls & Dual-Use Technology

U.S. export controls regulate what technology, goods, and software can be sent to foreign countries and foreign persons — a system designed to prevent adversaries from acquiring capabilities that threaten U.S. national security. Two parallel systems govern different categories: the Bureau of Industry and Security (BIS) administers the Export Administration Regulations (EAR) under the Export Control Reform Act (ECRA, 2018) (50 U.S.C. §§ 4801–4861) for commercial and "dual-use" items (technology with both civilian and military applications); and the State Department's DDTC administers ITAR (International Traffic in Arms Regulations) under the Arms Export Control Act (AECA) for defense articles and services on the U.S. Munitions List. The Entity List — maintained by BIS — designates foreign companies and individuals that require a specific license before receiving any U.S.-origin technology; Huawei's 2019 addition and the subsequent expansion to hundreds of Chinese companies marked the weaponization of export controls as an economic and national security tool. AI chip controls have become the most significant recent export control battleground: the Biden administration's October 2022 and October 2023 rules restricted exports of advanced AI chips (Nvidia A100, H100, and their variants) and chip-manufacturing equipment to China — an attempt to slow China's AI and military development that the Trump administration has continued and in some respects expanded. Civil penalties reach approximately $377,700 per violation (the inflation-adjusted IEEPA cap as of 2026); willful criminal violations carry up to $1 million and 20 years imprisonment.

Current Law (2026)

ParameterValue
Core statutesExport Control Reform Act (ECRA, 2018), 50 U.S.C. §§ 4801-4861; Arms Export Control Act (AECA, 1976), 22 U.S.C. §§ 2751-2799; International Emergency Economic Powers Act (IEEPA)
Primary agenciesBureau of Industry and Security (BIS, Commerce) — dual-use items; Directorate of Defense Trade Controls (DDTC, State) — defense articles; Treasury/OFAC — sanctions
RegulationsExport Administration Regulations (EAR) — dual-use items; International Traffic in Arms Regulations (ITAR) — defense articles and services
Commerce Control List (CCL)~3,000+ items classified by Export Control Classification Number (ECCN)
U.S. Munitions List (USML)21 categories of defense articles and services subject to ITAR
Entity List~600+ foreign organizations restricted from receiving U.S. exports without license (maintained by BIS)
Annual export licensesBIS processes ~30,000+ export license applications/year
  • 50 U.S.C. § 4811 — Policy (executive authority to control exports to protect national security, further foreign policy, and prevent proliferation of weapons of mass destruction)
  • 50 U.S.C. § 4812-4813 — Authority to control exports (President, through BIS, may control exports of items on the Commerce Control List; license requirements based on item classification, end-use, end-user, and destination country)
  • 50 U.S.C. § 4819 — Penalties (criminal: up to $1M fine and 20 years imprisonment for willful violations — prosecuted under federal criminal law; civil: up to approximately $377,700 per violation (2026 inflation-adjusted); denial of export privileges)
  • 50 U.S.C. § 4817 — Emerging and foundational technologies (BIS must identify and control emerging and foundational technologies essential to national security; interagency process with DOD, State, DOE, and IC)
  • 22 U.S.C. § 2778 — Arms Export Control Act / ITAR (defense articles and services on the U.S. Munitions List require State Department license for export; manufacturing licenses; brokering controls)

How It Works

U.S. export controls are the primary tool for preventing adversaries from acquiring American technologies that could enhance their military capabilities or enable human rights abuses. The system is split between two regimes: the EAR (Commerce Department) for dual-use items and the ITAR (State Department) for defense articles.

The U.S. export control system runs on two parallel tracks. The Export Administration Regulations (EAR), administered by Commerce's Bureau of Industry and Security (BIS), control "dual-use" items — goods, software, and technology with both civilian and military applications: advanced semiconductors, computing equipment, encryption software, telecommunications technology, aerospace components, and chemical/biological equipment. Each controlled item carries an Export Control Classification Number (ECCN) on the Commerce Control List; whether a license is required turns on the item's ECCN, the destination country, the end-user, and the end-use. Exports to close allies (Canada, UK, Australia) typically don't require licenses; exports to adversaries (China, Russia, Iran, North Korea) face extensive restrictions. BIS also maintains the Entity List — 600+ foreign organizations that pose national security concerns — for which export license applications are reviewed under a presumption of denial. Huawei, SMIC, and numerous Chinese AI and semiconductor companies have been added in recent years. The International Traffic in Arms Regulations (ITAR), administered by State's Directorate of Defense Trade Controls (DDTC), govern items specifically designed for military use — weapons systems, military electronics, satellites, and defense services including technical data. ITAR is stricter than the EAR: virtually all Munitions List exports require a license regardless of destination, making ITAR compliance especially burdensome for the aerospace and defense sectors.

Two mechanisms extend controls beyond the physical border. Deemed exports: transferring controlled technology to a foreign national inside the United States is treated as a deemed export to that person's home country, requiring the same license that would be needed for a physical export. This affects universities, research labs, and companies employing foreign nationals on sensitive projects. The China semiconductor controls — implemented beginning in October 2022 and expanded multiple times — represent the most significant use of export controls for technology competition since the Cold War: BIS restricted the export of advanced chips, chipmaking equipment, and AI-capable computing to Chinese entities to prevent China from manufacturing or acquiring advanced semiconductors for military AI, surveillance, and weapons systems. Controls have been coordinated with allies including Japan and the Netherlands (ASML), whose cooperation was necessary to close gaps that unilateral U.S. action would leave.

How It Affects You

If you're a U.S. exporter of technology, hardware, or software: Your first obligation is to classify every item you export. Goods and technology controlled by the EAR are classified under the Commerce Control List — each item gets an Export Control Classification Number (ECCN) that tells you why it's controlled (national security, anti-terrorism, missile technology, etc.) and which countries and end-users require a license. Items not on the CCL are classified EAR99 — the lowest-control category — but even EAR99 items are prohibited to sanctioned countries and parties on the Entity List or SDN List. BIS publishes a free consolidated screening database at bis.gov and OFAC's SDN List is searchable at treasury.gov/ofac. Before every shipment: classify the item, screen the end-user and end-use, and determine whether a license exception applies (License Exception STA, TMP, ENC, etc.) or whether you need a full individual license from BIS. Civil penalties run up to approximately $377,700 per violation (2026 inflation-adjusted) or twice the transaction value — whichever is greater — and criminal penalties reach $1 million and 20 years imprisonment per violation. Keep export records for 5 years per 15 CFR Part 762.

If you work in technology, semiconductors, defense, or any industry with dual-use applications: Export controls follow the technology, not just the finished product — and they extend to access within the United States. When a foreign national accesses controlled technology at your workplace (software source code, technical drawings, manufacturing specs), that's a deemed export — legally equivalent to shipping the technology to the person's home country. High-control destinations include China (HUA and VEU restrictions), Russia (expanded post-2022 sanctions), Iran, and North Korea. The October 2022 and subsequent semiconductor rules imposed sweeping controls on advanced chips (A100, H100 class), semiconductor manufacturing equipment, and U.S.-person services to certain Chinese chip fabs. If your company makes chips, EDA software, or equipment above specified performance thresholds, consult export counsel before any customer engagement involving controlled destinations or persons. The Entity List (maintained by BIS) and Military End User (MEU) list identify specific companies that require individual licenses — Huawei, SMIC, and hundreds of Chinese and Russian entities are currently listed.

If you're a university researcher or work in academia: The fundamental research exclusion is real — basic and applied research intended for publication and without publication restrictions is generally not subject to EAR controls (15 CFR § 734.8). This means most academic research, even research touching on dual-use technologies, doesn't require export licenses for sharing with foreign national students and collaborators. But the exclusion has clear boundaries: if your research involves proprietary technology, is subject to publication restrictions, is sponsored under a contract that gives the government control over results, or falls under the ITAR (defense articles and services), the fundamental research exclusion doesn't apply. For deemed exports in the research context: foreign national graduate students and postdocs can access EAR99 technology freely — the deemed export concern arises with controlled-technology items (ECCN 3E001, for example, covers technology for producing advanced semiconductors). Universities are not typically BIS-licensed exporters, but research with DoD, DHS, or intelligence community sponsors often comes with explicit export control requirements. Check with your institution's export control office before sharing technical data or granting lab access to nationals of controlled destinations.

If you're tracking U.S.-China technology competition or national security policy: Export controls have become the Biden and Trump administrations' primary non-military instrument for maintaining U.S. leadership in advanced technology. The October 7, 2022 semiconductor rules — widely called the most significant export control action in decades — imposed comprehensive controls on advanced logic chips (≥16nm node), advanced memory (HBM, 128-layer NAND), semiconductor manufacturing equipment, and U.S. person services to controlled Chinese chip fabs. The April 2024 rules extended controls to additional chip types and closed loopholes. The AI Diffusion Rule (proposed under Biden, revised under Trump in 2025) attempts to extend controls to AI model weights and compute access. CFIUS operates in parallel — screening inbound foreign investment in sensitive sectors — while export controls screen outbound technology flows. The two regimes are the core of U.S. technology competition strategy, and they're evolving rapidly: the Entity List grows by dozens of companies per year, and the multilateral framework through the Wassenaar Arrangement (41 member states) is under strain as allies resist U.S. unilateral controls affecting their own companies.

State Variations

Export controls are exclusively federal — no state variations apply.

Implementing Regulations

  • 15 CFR Part 730 — General information about the Export Administration Regulations (EAR): scope, applicability, and overview of controls on dual-use and other EAR-subject items

  • 15 CFR Part 738 — Commerce Control List (CCL) Overview and the Country Chart: the structural rules that govern how BIS classifies controlled items and how exporters determine whether a license is required. Key provisions:

    • § 738.2 — CCL structure: the CCL is organized into 10 categories: (0) Nuclear Materials, Facilities, and Equipment; (1) Materials, Chemicals, Microorganisms, and Toxins; (2) Materials Processing; (3) Electronics; (4) Computers; (5) Telecommunications and Information Security; (6) Lasers and Sensors; (7) Navigation and Avionics; (8) Marine; (9) Aerospace and Propulsion; items within each category are classified under a specific Export Control Classification Number (ECCN) — a 5-character alphanumeric code (e.g., 5E002 = encryption technology, 3A001 = advanced electronic components)
    • § 738.3 — Commerce Country Chart structure: the Country Chart is a matrix that cross-references ECCNs with destination countries; to determine if a license is required, an exporter looks up the item's ECCN, identifies the Reasons for Control listed in that ECCN (e.g., NS — National Security; MT — Missile Technology; AT — Anti-Terrorism; EI — Encryption Items), and then checks the Country Chart for the specific destination country and those reasons; if a "Y" (yes — license required) appears at the intersection, a license is needed unless an exception applies
    • § 738.4 — Determining license requirements: the standard 3-step compliance workflow — (1) classify the item by finding its ECCN in the CCL; (2) check the Country Chart for the destination country against the ECCN's reasons for control; (3) if a license is required, determine whether any License Exception in 15 CFR Part 740 applies; if no exception applies, a BIS license application is required; certain ECCNs impose license requirements that the Country Chart does not cover (e.g., items controlled to specific countries by statute or for very sensitive reasons listed directly in the ECCN)

    The CCL/Country Chart system is the foundation of dual-use export control compliance. Part 738's structure explains why a USB drive may require no license for export to the EU but requires one for export to China — the ECCN for encryption-capable devices, combined with the Country Chart "Y" for China under the AT column, triggers the requirement. Exporters who misclassify items — treating ECCN-controlled items as EAR99 (not on the CCL) — face penalty exposure equal to an unlicensed export.

  • 15 CFR Part 740 — License Exceptions (29 sections — the complete catalog of situations where EAR-controlled items may be exported without an individually-validated BIS license; license exceptions are the most frequently used compliance tool in export control practice):

    • § 740.2Restrictions on all license exceptions: no license exception may be used if the export destination or end-user is subject to a U.S. arms embargo, or if the export would be contrary to any other provision of the EAR; license exceptions cannot override Entity List restrictions or OFAC sanctions; this section is the "stop" check before applying any specific exception
    • § 740.11License Exception GOV (Governments): authorizes exports to U.S. government agencies and their contractors, international organizations (UN, NATO, IAEA), and cooperating governments for specific official uses; the most common GOV use: defense contractors shipping ITAR-adjacent items to foreign militaries of allied governments under government-to-government transfer programs
    • § 740.13License Exception TSU (Technology and Software — Unrestricted): the single most widely-used license exception; authorizes export of (1) technology and software in the public domain; (2) educational technology "customarily associated with" basic scientific research; (3) technology already released to the public through conferences, publications, or other unrestricted means; this is the "fundamental research exclusion" for EAR purposes — publically available scientific and technical data generally qualifies for TSU; critically, TSU does not apply to technology controlled for nuclear, missile, chemical/biological, or anti-terrorism reasons
    • § 740.14License Exception BAG (Baggage): authorizes individuals to export EAR-controlled items in their personal baggage when traveling abroad; covers personal laptop computers, mobile phones, and personal-use encryption software; limits apply (e.g., professional-grade encryption equipment may not qualify); travelers cannot use BAG for items intended for commercial transfer or items on the Entity List
    • § 740.16License Exception APR (Additional Permissive Reexports): addresses the "deemed reexport" problem — when a U.S.-exported item is reexported from a foreign country to another foreign country; APR authorizes certain reexports to allied countries without a new BIS license; compliance programs for multinational companies rely heavily on APR to manage supply chains
    • § 740.17License Exception ENC (Encryption): encryption software and hardware present a recurring compliance challenge because strong encryption is controlled on the Commerce Control List (ECCN 5E002); ENC provides structured pathways for exporting encryption products after submission of a one-time "encryption registration" with BIS; consumer encryption products (web browsers, mobile app encryption, standard corporate VPNs) typically qualify for a streamlined ENC exception requiring only a technical review; military-grade encryption with non-standard implementations requires individual licenses
    • § 740.18License Exception AGR (Agricultural Commodities): authorizes exports of food, agricultural commodities, and certain seeds to Cuba, North Korea, Sudan, and other countries subject to comprehensive embargoes that have specific food and agriculture exceptions; the humanitarian intent is to allow food exports to sanctions countries while maintaining other trade restrictions; AGR requires prior BIS notification in some cases
    • § 740.20License Exception STA (Strategic Trade Authorization): the broadest license exception for controlled items; allows exports of many mid-level-controlled items to 36 allied and partner countries (including all EU members, Japan, South Korea, Australia, New Zealand, Canada) without individual licenses; STA reflects the policy judgment that exports to close allies face lower diversion risk; STA cannot be used for the most sensitive controls (NS1 controlled items, certain missile technology) or for any Entity-Listed recipient; STA has been expanded several times since 2011 as the U.S. pursues allied technology collaboration

    License exceptions are binary — either an exception fully authorizes an export or it doesn't; there are no partial exceptions; a shipper who uses an incorrect exception faces the same penalty as a shipper who exported without any license. BIS conducts export compliance audits specifically targeting license exception use — checking whether the conditions of the applicable exception were actually met at the time of export. Recent rulemakings: 61 FR 68579 (December 1996) — foundational ENC framework; 61 FR 64274 (December 1996) — STA and other exception revisions.

  • 15 CFR Part 744 — Control Policy: End-User and End-Use Based: the BIS rules imposing export license requirements based on who receives the technology or what it will be used for, regardless of the item's ECCN classification. Part 744 is the primary mechanism for controlling exports to specific problematic entities and uses:

    • § 744.11 — Entity List mechanism: BIS may impose license requirements on specific foreign entities when there is reason to believe those entities are involved (or at significant risk of being involved) in activities contrary to U.S. national security or foreign policy; "added to the Entity List" means a license is required for any EAR-subject item going to that entity — with a presumption of denial for most applications; the Entity List (Supplement 4 to Part 744) currently contains 600+ entries, predominantly Chinese and Russian companies; entities are added through an interagency review process; removal requires a petition demonstrating changed circumstances
    • § 744.16 — Entity List applicability: the Entity List license requirement applies regardless of the item's ECCN or whether the item would otherwise be eligible for a license exception; the Entity List restriction overrides most license exceptions and creates the hardest export control barrier short of full embargo; exporters must screen all transactions against the current Entity List before export, including knowing whether a sub-tier supplier or consignee is listed
    • § 744.15 — Unverified List: less restrictive than the Entity List — requires exporters to conduct enhanced due diligence (Red Flag checks, obtaining end-use/end-user certifications) and prohibits use of several specific license exceptions for listed parties; Unverified List placement triggers obligations but not a license requirement; being unable to verify that an unlisted entity legitimately received previously exported items triggers Unverified List status
    • § 744.17 — Military End-Use and Military End-User (MEU) controls: certain advanced microprocessors, semiconductor equipment, and other high-technology items (described in Supplement 2 to Part 744) require a BIS license when destined for military end-use or to military end-users in China, Russia, Venezuela, and other D:5 country group countries; the MEU control applies even to items with ECCNs that would not otherwise require a license to those countries; this is the mechanism underlying the defense-oriented chip controls that restrict sales of certain chips to Chinese military customers
    • §§ 744.2–744.7 — Specific end-use prohibitions: Part 744 prohibits exports of EAR-subject items for specific uses regardless of ECCN: chemical or biological weapons development (§ 744.2); nuclear explosive or nuclear fuel cycle activities outside safeguards (§ 744.2); missile development (§ 744.3); unsafeguarded nuclear activities (§ 744.5); maritime nuclear propulsion (§ 744.5); and certain activities in China and Cuba

    Part 744 is the "who and what" layer of export controls, layered on top of Part 738's "what item" classification system. Exporters must check not just the item's ECCN and destination country, but also (1) whether the specific end-user is on the Entity List or Unverified List; (2) whether the intended end-use is prohibited; and (3) whether the item category and destination trigger the military end-user control. The Entity List has become the primary tool in the U.S.-China technology competition — Huawei (2019), SMIC (2020), and dozens of Chinese AI and semiconductor companies have been added, creating cascading compliance obligations throughout global technology supply chains that include U.S.-origin components.

  • 22 CFR Part 120-130 — International Traffic in Arms Regulations (ITAR — State Department jurisdiction over defense articles on the U.S. Munitions List, distinct from EAR/Commerce jurisdiction over dual-use items; ITAR-controlled items require DDTC licensing while dual-use items require BIS licensing under the EAR)

  • 15 CFR Part 791 — Securing the Information and Communications Technology and Services (ICTS) Supply Chain — a separate, non-EAR authority allowing the Secretary of Commerce to review and prohibit specific ICTS transactions involving "foreign adversaries" (currently: China, Russia, Iran, North Korea, Cuba, and Venezuela) that pose undue risk to national security. Part 791 is not an export control — it operates domestically, targeting the acquisition, importation, transfer, installation, dealing in, or use of ICTS products and services already present in the U.S. under Executive Order 13873 (May 2019) and IEEPA authority. Key provisions:

    • § 791.2 / § 791.3Scope: a "Covered ICTS Transaction" must involve (1) ICTS designed, developed, manufactured, or supplied by a person controlled by a foreign adversary; (2) a nexus to U.S. critical infrastructure, data on U.S. persons, or U.S. digital economy operations; and (3) a meaningful risk to U.S. national security or the safety of U.S. persons; the scope is deliberately broad — covering hardware, software, services, and any component thereof with a foreign adversary supply chain link
    • §§ 791.103–791.109Transaction review process: the Secretary may initiate a review at any time; upon determining a transaction is Covered, BIS issues an Initial Determination that the transaction is (a) prohibited, (b) not prohibited, or (c) permitted subject to mitigation; within 30 days of service, the party may respond and propose alternative mitigation measures; after interagency consultation (Treasury, State, DOD, DOJ, DHS, USTR, DNI, NSC), the Secretary issues a Final Determination — prohibited transactions must be unwound or stopped; parties may request reconsideration based on new facts; classified national security information may be submitted to courts ex parte in any review (§ 791.110), limiting judicial oversight
    • Subpart D — Connected Vehicles (§§ 791.300+): the most significant ICTS rulemaking to date, effective 2026, prohibits the import, sale, or use in the U.S. of (a) Vehicle Connectivity System (VCS) hardware (Bluetooth, cellular, satellite, Wi-Fi modules) and (b) Automated Driving System (ADS) software designed, developed, manufactured, or supplied by entities with ties to China or Russia; this effectively bars most Chinese-made connected vehicle systems from the U.S. market; the rule covers passenger cars, light trucks, and buses (commercial vehicles under a separate rulemaking); Chinese automakers (BYD, SAIC, Geely) and their U.S. subsidiaries are subject to prohibited status; non-Chinese vehicles using Chinese-origin VCS components face compliance obligations — they must certify that covered components were not supplied by Chinese or Russian entities. The 2024-2025 rulemaking (89 FR 58265, 89 FR 96895) created the connected vehicle framework following extensive comment periods
    • § 791.200Penalties: violation of a Final Determination or failure to unwind a prohibited transaction is subject to IEEPA civil penalties — approximately $377,700 per violation (2026 inflation-adjusted) or twice the value of the transaction, whichever is greater; criminal penalties for willful violations reach $1 million and 20 years imprisonment; aiding or abetting a prohibited transaction is itself a violation

    Part 791 represents a qualitatively different kind of technology control from the EAR: while the EAR restricts U.S.-origin technology flowing out to adversaries, Part 791 restricts foreign adversary technology entering U.S. networks and infrastructure. The practical compliance universe is broad — any company that procures IT, communications, or networking equipment; any software platform with cloud infrastructure; any automaker or tier-1 supplier using connected components — all face potential exposure if their supply chain includes Chinese or Russian-origin hardware, software, or services. The connected vehicle rule in particular has reshaped automotive supply chains: suppliers that previously sourced telematics modules from Chinese manufacturers must requalify with non-Chinese alternatives, and OEMs must obtain and maintain supply chain transparency at the component level.

    Recent rulemakings: 86 FR 4923 (January 2021) — original ICTS transaction review rule. 89 FR 58265 (July 2024) — proposed connected vehicles rule. 89 FR 96895 / 89 FR 96896 (December 2024) — final connected vehicle ICTS rule, effective model year 2027 for VCS hardware and 2030 for ADS software.

  • 15 CFR Part 750 — Export License Application Processing, Issuance, and Denial: BIS's procedural regulation governing the complete lifecycle of an export license application under the Export Administration Regulations (EAR):

    • § 750.2 — Advisory opinions and classification requests: before applying for a license, exporters may request a classification request (to confirm the ECCN classification of their item) within 14 calendar days, or an advisory opinion (whether a specific proposed transaction would likely be approved) — advisory opinions are non-binding but provide useful guidance before committing to a transaction; BIS may share advisory opinion requests with other government agencies when the item or end-use raises concerns outside BIS's expertise
    • § 750.3 — Interagency review: all export license applications are reviewed not just by BIS but by other relevant federal agencies under the Export Administration Review Process — the Departments of State, Defense, Energy, and the Intelligence Community may review applications involving their areas of concern; State reviews sensitive equipment that implicates foreign policy or nonproliferation goals; Defense reviews items with potential military application; Energy reviews nuclear and nuclear-related items; agencies must complete their review within BIS's overall timeline
    • § 750.4 — Processing timeline: BIS must resolve or refer to the President all license applications within 90 calendar days of registering the application; most applications are resolved in far less time — routine approvals for low-risk destinations take 2–4 weeks; applications requiring multiple agency review (particularly those involving China, Russia, Iran, or sensitive technologies) may take the full 90 days; applications not resolved within 90 days must be forwarded to the President with a recommendation
    • § 750.6 — Denial procedures: if BIS intends to deny a license application, BIS must notify the applicant within 5 days of the decision with an explanation of the denial basis; the applicant then has 45 days to appeal the denial to BIS's Operating Committee or request escalation through the interagency review system; denied applications may include classified reasons that cannot be shared with the applicant
    • § 750.7 — License conditions: BIS may issue a license subject to conditions — specific end-use restrictions, authorized consignee limitations, verification requirements, or reporting obligations; conditions are legally binding; violating a license condition is itself an EAR violation subject to civil and criminal penalties
    • § 750.8 — Revocation and suspension: all BIS export licenses are subject to revocation or suspension without notice; BIS may revoke a license if new information reveals the export would be contrary to U.S. national security, foreign policy, or the EAR's objectives; license holders whose authorizations are revoked must immediately cease the authorized shipments — there is no grandfathering for in-transit shipments under a revoked license
    • § 750.10 — License transfers: a BIS license may not be transferred to another party without prior written BIS approval; this prevents companies from "renting" export licenses or using an authorized entity's license to cover exports by an unauthorized entity — a common compliance fraud scenario

    Part 750 is the operational interface between exporters and BIS — the rules that govern the experience of actually applying for, receiving, and using an export license. The 90-day processing timeline is binding, but strategic applications (particularly those involving dual-use items for China or Russia) often take the maximum time due to interagency dispute resolution requirements. The license condition provisions are important for compliance planning: exporters must read license conditions carefully before using an approved license, since conditions can require end-use certificates, destination verification, or reporting obligations that weren't part of the original application.

  • 15 CFR Part 762 — Recordkeeping: the BIS regulations specifying what export records must be kept, for how long, in what format, and how they must be produced for inspection. Part 762 is the compliance infrastructure requirement that underlies all EAR enforcement — BIS can only verify compliance through records, and inadequate recordkeeping is itself a violation. Key provisions:

    • § 762.2 — Records required to be retained: all export control documents (as defined in Part 772 of the EAR) must be retained, including: export license applications and approvals; export and reexport documents (Electronic Export Information, Automated Export System filings); shipping documents (air waybills, bills of lading, invoices, purchase orders); end-use/end-user certificates; documents supporting use of license exceptions; authorization documents for deemed exports; and any communications related to the classification, licensing, or clearance of export transactions
    • § 762.4 — Original records required: the regulated person must maintain records in the original form in which they were received or created — photocopies or digital scans of originally-paper records require specific procedures; electronic records generated in electronic form may be retained electronically; BIS may disallow reproduced records that don't meet the standards of § 762.5
    • § 762.5 — Reproduction standards: reproductions (scans, microfilm) are permissible only if: (1) the reproduction is a true copy of the original; (2) retrieval equipment is available for inspection; (3) a management certification attests to the accuracy; and (4) the reproduction process meets technical standards ensuring legibility and non-alteration; reproduction procedures must be documented; BIS inspectors may reject reproductions that don't meet the standard
    • § 762.6 — Five-year retention period: all EAR records must be retained for 5 years from the latest of: (1) the date of export; (2) the date of any known reexport; (3) the date of any license, license exception, or other authorization; or (4) any date specified in the applicable authorization; the 5-year clock runs from the latest triggering event — meaning that for long-term authorizations like Manufacturing License Agreements, records may need to be retained for many years beyond any individual shipment
    • § 762.7 — Production and inspection: any person located in the United States required to keep EAR records must produce them within 30 days of a BIS request; persons located outside the United States must produce records in connection with any BIS investigation; BIS Special Agents may conduct unannounced export compliance visits and inspect records; obstruction of a records inspection is an independent EAR violation; foreign subsidiaries of U.S. companies are covered to the extent the records relate to EAR-controlled transactions

    Part 762 recordkeeping violations are among the most commonly cited in BIS enforcement actions — frequently as an additional charge alongside substantive export violations. A company that exported without a required license AND failed to keep records faces two separate violations: the export violation and the recordkeeping violation. Conversely, a company with exemplary recordkeeping can demonstrate compliance or, when violations occurred, show they were isolated lapses rather than systematic program failures — which significantly affects penalty calculations. The 30-day production deadline is operationally important for compliance: BIS requests for records must be immediately escalated to legal counsel, export control officers, and IT because 30 days is tight for reconstructing records that may span multiple systems, subsidiaries, and years.

  • 15 CFR Part 760 — Restrictive Trade Practices or Boycotts: the BIS anti-boycott regulations implementing the Export Administration Act's prohibition on U.S. persons participating in or supporting unsanctioned foreign boycotts — primarily the Arab League boycott of Israel. The anti-boycott rules are a distinct legal regime from export controls: while export controls restrict what the U.S. sends out, Part 760 prohibits U.S. companies from accommodating foreign governments' economic coercion of third countries. Key provisions:

    • § 760.2(a) — Prohibition on refusals to do business: a U.S. person may not refuse, or knowingly agree to refuse, to do business with any person from a boycotted country, pursuant to an agreement with a boycotting country or in furtherance of a boycott; this covers the classic Arab League scenario — an exporter cannot refuse to sell to an Israeli company, or blacklist Israeli nationals, because a customer in Saudi Arabia or UAE has requested it; the prohibition applies to all U.S. persons — individuals, corporations, partnerships, and foreign subsidiaries owned or controlled by U.S. parents
    • § 760.2(c) — Prohibition on furnishing information about business relationships with boycotted countries: a U.S. person may not provide information about whether it has business relationships with Israel, or about a company's owner's religion or national origin, in response to a boycott-related request; even passively answering a "do you do business with Israel?" question in a foreign contract or questionnaire violates this section if the purpose is to facilitate a boycott
    • § 760.2(f) — Prohibition on discriminatory actions: a U.S. person may not discriminate against any U.S. person based on their race, religion, sex, or national origin when complying with a foreign boycott; if an Arab League country requires that employees traveling to that country not include individuals of the Jewish faith, a U.S. company may not comply — and may not assign travel based on religion even if the employer itself does not discriminate
    • § 760.3 — Exceptions: limited exceptions exist for compliance with the import requirements of a boycotting country (a U.S. exporter may comply with a boycotting country's own import restrictions — e.g., a ban on goods "made in Israel" — because compliance with the destination country's lawful import requirements is allowed), as well as for compliance with local (host country) requirements, export documentation, and specific maritime shipping requirements
    • § 760.5 — Mandatory reporting: a U.S. person who receives any request to take action that furthers or supports an unsanctioned boycott — whether they comply or not — must report that request to the Department of Commerce; the reporting requirement is separate from the compliance prohibition; failure to report is itself a violation; reports must include the identity of the requesting party, the nature of the request, and the action taken; this creates a comprehensive paper trail of boycott-related requests, regardless of compliance

    Part 760's enforcement creates two separate exposure vectors: the substantive violations (compliance with a boycott request) and the reporting violation (failure to report the request even if not complied with). The latter catches companies that receive boycott-related language in foreign contracts and simply ignore it or quietly remove it without filing a report with BIS. Civil penalties under the Export Administration Act are assessed per violation — in significant international contracting situations, a single multi-country RFP with embedded boycott language can generate multiple reporting violations if not handled correctly. The practical compliance requirement: any international contract, questionnaire, or RFP received by a U.S. company must be reviewed for boycott-related language, particularly in transactions with Middle Eastern counterparties; flagged language must be either refused or reported to BIS.

  • 15 CFR Part 30 — Foreign Trade Regulations (FTR): the Census Bureau regulation requiring Electronic Export Information (EEI) to be filed through the Automated Export System (AES) for most U.S. exports. Part 30 implements 13 U.S.C. §§ 302, 304, and 307, creating a dual-purpose filing system — the same EEI submission that generates U.S. international trade statistics also serves as an export control compliance verification mechanism. Key provisions:

    • § 30.1 — Scope: EEI filing is required for all exports of goods valued over $2,500 per Schedule B commodity classification destined for a single country in a single shipment; exports to Canada are exempt from EEI; exports requiring a BIS or State Department export license require EEI regardless of value
    • § 30.2 — AES filing requirement: exporters, or their authorized U.S. Customs brokers/freight forwarders, must file EEI in AES no later than 1 hour before departure for most modes of transport; for vessel exports, EEI must be filed 24 hours before loading; each EEI submission generates an Internal Transaction Number (ITN) that must appear on the shipping documentation — the Shipper's Export Declaration (SED) or, for electronic filings, the AES filing date and ITN citation on the bill of lading or air waybill; carriers cannot accept export cargo without the ITN
    • § 30.15 — Dual-use purpose: Part 30 explicitly recognizes that EEI serves both the statistical mission (informing U.S. export trade data) and the export control mission (verifying that exporters have the required BIS or State licenses); the AES system cross-checks filed information against the Denied Persons List, Unverified List, and Entity List before issuing an ITN; a "routed transaction" — where the foreign buyer controls the shipping — creates specific obligations on the U.S. seller to provide accurate classification and license information to the buyer's freight forwarder
    • Subpart D — Exemptions (§§ 30.35–30.40): significant exemptions include shipments to U.S. territories (Puerto Rico, Guam) moving under domestic authority; shipments of gift parcels valued under $2,500; diplomatic shipments under official seal; postal exports not requiring a license; and in-transit shipments moving through the United States to a foreign destination without entering U.S. commerce
    • Subpart H — Penalties (§§ 30.70–30.74): civil penalties up to $10,000 per violation; criminal penalties under 13 U.S.C. § 305 for willful violations include fines and imprisonment up to 5 years; common violations include filing late, filing with incorrect Schedule B classification, failing to disclose an export license requirement, and allowing shipment without a valid ITN; AES generates automated alerts when filed Schedule B numbers do not match declared license information, creating an audit trail that Census and CBP use in enforcement referrals to BIS

    Part 30 represents the integration point between export statistics collection and export control enforcement — the AES system is where the Census Bureau's data-collection mission and BIS's national security mission share a common transaction record. For exporters, this means that an innocent-seeming misclassification of a shipment — using the wrong Schedule B number to reduce perceived value — that also happens to conceal an ECCN-controlled item from AES creates exposure under both Part 30 (statistical reporting violation) and the EAR (unlicensed export). The 2025 amendment (90 FR 39122, May 2025) updated electronic filing procedures. Recent rulemakings: 73 FR 31555 (June 2, 2008) — the comprehensive revision that replaced the paper Shipper's Export Declaration with mandatory AES electronic filing; 90 FR 39122 (May 2025) — technical updates.

  • 15 CFR Part 748 — Applications (Classification, Advisory, and License) and Documentation: BIS's rules governing how exporters interact with the licensing system — how to request ECCN classifications, obtain advisory opinions, file license applications, gather support documents, and qualify for the Validated End-User (VEU) program. Part 748 is the exporter's procedural guide to the EAR:

    • § 748.3 — Classification requests and advisory opinions: before submitting a license application, exporters may ask BIS to provide the correct Export Control Classification Number (ECCN) for their item via a classification request; BIS will review the item's technical parameters and issue a determination; exporters may also request a non-binding advisory opinion on whether a specific proposed transaction would likely be approved — useful for evaluating transaction risk before committing to a contract; BIS processes classification requests within 14 calendar days
    • § 748.10 — PRC End-User Statement: for license applications involving advanced semiconductor equipment, high-performance computing components, or other specified technologies destined for China, exporters must obtain a People's Republic of China End-User Statement — a document executed by the stated end-user in China certifying the intended use and acknowledging that re-export or diversion requires U.S. authorization; the PRC End-User Statement requirement was significantly expanded in 2022–2023 as part of the semiconductor export control regime; BIS maintains a list of items requiring PRC statements (Supplement 2 to Part 748)
    • § 748.11 — Statement by Ultimate Consignee and Purchaser: for license applications to most destinations (excluding China, which uses the PRC End-User Statement), the applicant must obtain a written statement from the ultimate consignee (the actual end-user of the technology) and the purchaser certifying: the intended end-use of the item; that the items will not be re-exported without U.S. authorization; and that the items will not be used to develop chemical/biological/nuclear weapons or missiles; this document shifts legal responsibility to the foreign consignee and creates a paper trail for enforcement
    • § 748.15 — Validated End-User (VEU) authorization: the VEU program allows BIS to pre-approve specific foreign companies in eligible countries (currently India and China) as authorized recipients of certain controlled items without requiring individual export licenses; instead, an exporter simply notes the VEU authorization and ships without applying for a license each time; VEU status requires the foreign entity to demonstrate: a record of compliance with EAR conditions; procedures to prevent unauthorized access to controlled items; and acceptance of enhanced audit rights by BIS; VEU reduces administrative burden for exporters shipping repeatedly to trusted foreign partners but requires the foreign entity to maintain higher compliance standards and submit to regular U.S. audits
    • § 748.16 — Integrated circuit designer and OSAT (outsourced semiconductor assembly and test) approvals: an emerging provision added post-2022 that allows BIS to maintain approved lists of IC designers and packaging companies for semiconductor-related license decisions; exporters shipping to approved entities may use streamlined licensing procedures; the addition of this section reflects BIS's effort to create tiered compliance pathways for the semiconductor industry where global supply chains make item-by-item review impractical
    • § 748.13 — Hong Kong import and export licenses: license applications covering Hong Kong require documentation proving that the end-use is in Hong Kong (not re-exported to mainland China under Hong Kong's more open trading status); since 2020, when BIS ended the separate treatment of Hong Kong under the EAR, Hong Kong is treated as China for export control purposes — but exporters must document the final destination because legitimate Hong Kong-only uses remain licensable while uses involving PRC ultimate consignees require China-applicable license conditions

    The key practical consequence of Part 748 for U.S. exporters: a comprehensive export control compliance program must address the support documentation cycle — obtaining PRC End-User Statements or Ultimate Consignee and Purchaser statements before shipping, not after. Late or missing support documents are a common audit finding and can expose exporters to compliance violations even when the underlying export was otherwise permissible.

  • 15 CFR Part 758 — Export Clearance Requirements and Authorities: the operational rules governing what exporters must do at the point of shipment — the EAR's requirements that apply when goods physically leave U.S. territory, as opposed to the licensing requirements (Part 748/750) that apply before the transaction. Part 758 is where export control compliance meets freight logistics:

    • § 758.1 — Electronic Export Information (EEI) filing: exporters of items subject to the EAR must file Electronic Export Information (EEI) in the Automated Export System (AES) — CBP's electronic manifest system — before or at the time of export; EEI is required for controlled items (those requiring a license or using a license exception) and for all items valued over $2,500; the EEI captures the exporter, consignee, item ECCN classification, license authorization, and other key data that enables BIS and CBP to monitor export control compliance at the border; failure to file accurate EEI is itself a Part 758 violation, separate from any licensing violation
    • § 758.3 — Responsibilities of parties: all parties to an export transaction — exporter, freight forwarder, shipper, and carrier — share responsibility for EAR compliance; the exporter bears primary responsibility for classification and licensing; the freight forwarder typically files EEI and prepares export documents; the exporter must provide the forwarder with accurate ECCN and license information; hiring a forwarder does not transfer liability — an exporter who provides inaccurate information to a forwarder that files a false EEI is still responsible for the underlying violation
    • § 758.4 — Use of export license: a BIS-issued export license is valid from any U.S. port of export (not tied to a specific port) unless the license face states otherwise; exporters may split a licensed quantity across multiple shipments; each shipment consumes part of the license's authorized value or quantity; the exporter must ship within the license's validity period (generally 2 years from issuance) and must notify BIS if the licensee's circumstances change materially after license issuance
    • § 758.5 — Conformity of documents and diversion prevention: export documents (commercial invoice, packing list, shipping labels, bill of lading) must accurately describe the items being shipped; the ECCN, quantity, value, and consignee in export documents must conform to the AES filing and the applicable license; carriers are required to unload any cargo that U.S. Customs has detained for EEI or licensing review, even if the cargo is already aboard a vessel or aircraft; this provision prevents "sailing first, filing later" schemes where controlled items are shipped before clearance is received
    • § 758.6 — Destination control statement: exporters must place a destination control statement (DCS) on the commercial invoice for every shipment of items on the Commerce Control List — the statement reads (in substance): "These items are controlled by the U.S. Government and authorized for export only to the destination indicated. They may not be resold, transferred, or otherwise disposed of, to any other country or to any person other than the authorized end-user or consignee, either in their original form or after being incorporated into other items, without first obtaining approval from the U.S. Government or as otherwise authorized by U.S. law and regulations"; the DCS creates a legally binding notice to consignees and downstream recipients of their re-export obligations under the EAR
    • §§ 758.10–758.11 — Firearms clearance requirements: special procedures apply to firearms (ECCNs 0A501/0A506/0A507) and certain shotguns at export and temporary import; firearms exporters must present physical items to CBP for inspection before loading on the carrier; temporary imports of firearms (e.g., foreign sporting rifles brought to U.S. competitions) require a specific entry procedure before BIS will authorize re-export

    Part 758's practical compliance significance is highest for exporters who ship frequently through freight forwarders: the destination control statement requirement must be built into the company's standard invoice template, and the AES filing must accurately reflect the ECCN classification for every controlled shipment. Audits by the BIS Export Enforcement team regularly identify violations where the EEI filing records the incorrect ECCN (often showing EAR99 for controlled items), the DCS is absent from invoices, or the consignee in shipping documents differs from the authorized consignee on the license.

  • 15 CFR Part 785 — BIS Enforcement Procedures: governs the administrative adjudication process for alleged violations of the Export Administration Regulations, including the hearing and decision procedures when BIS issues a charging letter against an individual or company for an EAR violation. Part 785 applies to civil administrative enforcement (not criminal prosecution, which proceeds in federal court):

    • § 785.2 — Covered violations: EAR violations subject to administrative enforcement include unauthorized exports of controlled items, false or misleading export documents, violations of license conditions, prohibited transactions with denied parties, and failure to maintain required export records (Part 762); each transaction can be charged as a separate violation with a separate penalty
    • § 785.10 — Protected information: evidence submitted by BIS involving classified national security information or privileged law-enforcement materials may be withheld from the respondent; the ALJ may review such evidence in camera and determine how to proceed without disclosing classified content — a significant due-process limitation that reflects the national security context of export control cases
    • § 785.11 — Prehearing conference: the Administrative Law Judge may convene a prehearing conference to narrow the issues, establish a discovery schedule, and consider stipulations; unlike federal court proceedings, EAR administrative hearings do not include broad civil discovery — parties exchange evidence but depositions and interrogatories are limited
    • § 785.12 — Hearings: enforcement proceedings are conducted before an ALJ in the format of an administrative hearing; the standard of proof is a preponderance of the evidence; BIS bears the burden of proving the violation; the respondent may present witnesses and documentary evidence and cross-examine BIS witnesses
    • § 785.16 — Decisions: after the hearing, the ALJ issues a recommended decision stating findings of fact and conclusions of law; the recommended decision goes to the Under Secretary of Commerce for Industry and Security, who issues the final decision imposing, modifying, or vacating penalties; the Under Secretary may reject or modify the ALJ's recommended decision, making BIS's leadership the final administrative arbiter
    • § 785.17 — Settlement: BIS and respondents may settle at any stage — BIS's Office of Export Enforcement actively negotiates consent agreements that typically combine a civil monetary penalty, compliance commitments (enhanced export compliance programs, third-party audits), and in egregious cases, a period of denial of export privileges; most significant EAR enforcement actions resolve through negotiated settlement rather than full hearing
    • § 785.19 — Payment of final assessment: civil penalties must be paid within 30 days of the final decision unless stayed pending appeal; unpaid penalties may be collected through federal debt collection procedures or referral to the Department of Justice; a denial of export privileges suspends the respondent's ability to participate in any export transactions — not just the transaction that gave rise to the violation

    BIS enforcement priorities have focused on: unauthorized exports of semiconductor and microelectronics technology to China and Russia; violations of Russia-related export controls imposed after the 2022 invasion of Ukraine; transactions with Entity List parties; and structuring (deliberately breaking up export transactions to avoid thresholds). The most significant recent cases involved penalty settlements exceeding $10 million for major companies that exported controlled items to China or Russia through intermediaries. Criminal referrals to DOJ are made in cases involving willful violations, fraud, or conspiracy — particularly where respondents deliberately circumvented controls through falsified end-user certifications or transshipment through third countries.

  • 15 CFR Part 716 — Initial and Routine Inspections of Declared Facilities (Chemical Weapons Convention): governs how BIS and the OPCW (Organization for the Prohibition of Chemical Weapons) conduct inspection and verification activities at U.S. facilities that produce, process, or consume scheduled chemicals under the Chemical Weapons Convention (CWC) — the international arms control treaty banning chemical weapons. Facilities with declared Schedule 1, 2, or 3 chemical activities are subject to OPCW inspections, which BIS coordinates and accompanies on the U.S. side:

    • § 716.1 — General information: initial and routine inspections are conducted by OPCW inspection teams with BIS representatives accompanying; the inspection aims to verify that the facility's activities are consistent with its declarations and consistent with the CWC's prohibitions; inspections are limited to the purposes described in the treaty and must be conducted in the least intrusive manner consistent with effective verification
    • § 716.2 — Purposes and types: Schedule 1 facility inspections verify that the facility is not producing Schedule 1 chemicals (the most toxic, with essentially no legitimate commercial use) for purposes prohibited by the CWC, and that the facility's activities match its declaration; Schedule 2 facility inspections verify that Schedule 2 chemicals (precursors and potential weapons chemicals with some legitimate uses) are not diverted to prohibited purposes; Schedule 3 facility inspections are less intrusive and address facilities using Schedule 3 chemicals (chemicals that could be used as precursors)
    • § 716.3 — Consent and warrants: a facility may consent to an inspection or BIS may obtain a warrant authorizing entry; the facility owner, operator, occupant, or authorized agent may give consent on behalf of the facility; the person consenting certifies that they have authority to do so and agrees not to revoke consent during the inspection; if a facility refuses consent and BIS seeks a warrant, the warrant is obtained from a U.S. magistrate judge
    • § 716.4 — Scope and conduct: each inspection is limited to its treaty-specified purposes; facilities have the right to assert Confidential Business Information (CBI) protection for trade secrets and proprietary data — CBI claims must be raised during the inspection and BIS will work with the OPCW team to protect legitimately confidential information while still accomplishing inspection objectives; inspections may include document review, facility walk-through, sampling of chemicals or equipment, and interviews of facility personnel
    • § 716.10 — Post-inspection activities: BIS forwards the final OPCW inspection report to the facility after receipt; facilities may submit comments on the report to BIS within the time period specified; BIS evaluates comments and coordinates with the OPCW Technical Secretariat on any disputed findings; the post-inspection process can affect whether additional monitoring visits are scheduled

    The CWC inspection framework represents one of the most extensive international verification regimes in arms control — OPCW inspectors have conducted thousands of inspections at declared chemical facilities worldwide since the treaty entered into force in 1997. For U.S. chemical manufacturers, producers of certain industrial chemicals, and pesticide manufacturers, CWC declaration and inspection obligations are a compliance reality: facilities must declare their production of scheduled chemicals annually to BIS (under 15 CFR Part 712–715), and declared facilities are subject to OPCW visits coordinated through BIS. The U.S. chemical industry's declared facilities include major chemical companies and specialty chemical producers; their annual declarations to BIS underpin U.S. compliance with the CWC's verification regime.

(119th Congress)

  • HR 4505 (Rep. Kamlager-Dove, D-CA) — Export Controls Enforcement Act. Would create a 5-year program stationing at least 20 export control officers at U.S. posts abroad to strengthen end-use checks and prevent diversion. Status: Introduced.
  • S 744 (Sen. Banks, R-IN) — Maintaining American Superiority by Improving Export Control Transparency Act. Would require BIS to report annually to Congress on export license applications and enforcement for Country Group D:5 entities. Status: Introduced.
  • S 3374 — Would prohibit BIS from issuing licenses for the export, reexport, or in-country transfer of certain controlled items. Status: Introduced.
  • HR 5853 — Would raise export-control civil fines from $300,000 to $1.2 million and double the transaction-based multiplier to 4x for future violations. Status: Introduced.
  • HR 7003 — BIS STRENGTH Act. Would authorize the Commerce Under Secretary to hire up to 25 outside experts for BIS with flexible pay and up-to-five-year appointments. Status: Introduced.
  • HR 3264 (Rep. Wilson, R-SC) — Would require Treasury and other agencies to assess whether Hong Kong enables money laundering and export-control/sanctions evasion, reporting to Congress within 180-360 days. Status: Introduced.

Recent Developments

  • Semiconductor export controls on China have been expanded multiple times since 2022 — the most aggressive use of export controls in decades
  • The Entity List has grown significantly, particularly targeting Chinese AI, semiconductor, and surveillance companies
  • BIS has ramped up enforcement — criminal prosecutions for export control violations have increased
  • Allied coordination (Wassenaar Arrangement, bilateral agreements with Japan/Netherlands) is key to preventing circumvention
  • AI model weight controls and quantum computing restrictions are emerging areas of export control policy
  • In March 2026, the Bureau of Industry and Security submitted for OMB review its information collection on Entity List and Unverified List requests, used by parties seeking removal from or modification of their status on Commerce Department export control lists.
  • In January 2026, the Bureau of Industry and Security eased export controls on certain civil Unmanned Aerial Vehicles (UAVs) and related technologies, streamlining drone exports that previously required individual licenses.
  • In early 2026, the White House published a fact sheet detailing President Trump's actions on advanced computing chips, restricting certain semiconductor exports to protect America's economic and national security interests.
  • In March 2026, the White House moved to block a congressional bill that would have restricted AI chip exports, signaling a preference for executive-branch control over semiconductor export policy rather than legislative mandates.
  • In March 2026, reporting indicated the White House was narrowing an executive order on China investments, leaning toward a more focused approach to restricting U.S. investment in Chinese technology sectors.
  • In March 2026, Intel CEO Lip-Bu Tan met with President Trump at the White House, reflecting the administration's engagement with the semiconductor industry on domestic manufacturing and the CHIPS Act implementation.

At My Address

See how Export Controls & Dual-Use Technology plays out in your area

Pull up the federal-data report for any U.S. ZIP — federal spending, environmental risk, hospitals, schools, your reps, all on one page.

Enter your address