Exporting AI to America's Partners: The Rules Are Being Rewritten in Real Time

Detailed view of components on a computer motherboard, showcasing technology and circuitry.

Custom Audio Player
0:00

Article Summary

What has changed about AI chip export controls in the past 18 months?

The regulatory landscape has shifted dramatically. The restrictive AI Diffusion Rule introduced in January 2025 was rescinded, replaced by a BIS final rule moving advanced computing ECCNs 3A090 and 4A090 to a case-by-case licensing review standard. Simultaneously, a Section 232 proclamation imposed a 25% tariff on advanced chip imports. Pending legislation including the Chip Security Act and AI OVERWATCH Act signals further tightening ahead—toward treating advanced compute more like a defense article than a commercial product.

Can U.S. companies still export AI chips to allied countries?

Generally yes, but conditions are tightening. Even exports to allied destinations may require licenses depending on the buyer's beneficial ownership structure, the stated end use, and current licensing policy. The regulatory trend is toward more conditions and greater scrutiny, not fewer requirements—and assumptions built into sales workflows from even six months ago may no longer reflect current policy.

Is the AI Diffusion Rule still in effect?

No. The January 2025 framework was rescinded in 2025. Advanced computing exports are now governed by a revised case-by-case licensing policy alongside a parallel layer of tariffs and proposed legislative measures. A more comprehensive replacement framework remains under active debate, meaning the current regulatory state is itself transitional.

What is the Chip Security Act and why does it matter for compliance programs?

The Chip Security Act is proposed legislation—not yet enacted—that would require verifying that advanced AI chips remain in their authorized locations after export, aimed at preventing diversion to adversaries. If enacted, it would impose downstream location verification obligations that go well beyond current export licensing requirements and would require compliance infrastructure that most organizations do not currently have.

Do AI chip export controls apply to cloud services and remote access, not just physical hardware?

Increasingly yes. Recent rules and guidance extend export control conditions to remote access and infrastructure-as-a-service arrangements, meaning that providing advanced compute capacity as a service can fall within export controls even when no chip physically crosses a border. Cloud providers, IaaS operators, and software developers are now directly within the compliance perimeter alongside semiconductor manufacturers.

There has rarely been a worse time to rely on last year's understanding of the rules or a better time to build a compliance program that can absorb change.

In less than 18 months, the regulatory landscape for artificial intelligence hardware has been written, rescinded, patched, taxed, and re-debated. For organizations building, integrating, or provisioning advanced compute, the ground is moving faster than legacy compliance programs can handle. This is no longer just a hurdle for semiconductor manufacturers. It directly impacts cloud providers, software developers, defense contractors, and research institutions. Here is what is settled, what is in motion, and how strategic leaders must respond.

What is changing about AI chip export controls?

The U.S. government is shifting from a single, list-based rule toward a moving package of licensing policy, tariffs, location-tracking proposals, and legislative controls, all aimed at keeping advanced AI compute out of adversary hands while still selling it to allies.

  • The Licensing Baseline: Following the rescission of 2025’s restrictive 'AI Diffusion Rule,' a January 2026 Bureau of Industry and Security (BIS) final rule shifted advanced-computing applications (specifically ECCNs 3A090 and 4A090) toward a case-by-case review standard.
  • The Parallel Tariff Layer: Simultaneously, a Section 232 proclamation imposed a 25% tariff on advanced chip imports, blending export controls with aggressive import defense.
  • The Legislative Horizon: Congress is aggressively asserting authority. The Chip Security Act proposes mandatory downstream location verification for AI semiconductors, while the AI OVERWATCH Act seeks to grant Congress veto power over specific hardware export licenses. Neither is law yet, but they signal a clear direction: compute will increasingly be treated like a defense article, not a commercial good.

Strategic Implications for Buyers

  • The Same Hardware, Splintered Rules: A sale that is routine to an international partner may be entirely prohibited if an affiliate of a restricted entity touches the ecosystem.
  • Diversion is the Main Front: Compliance no longer ends at the shipping dock. Transshipment hubs are drawing unprecedented federal scrutiny.
  • Enforcement is Capital-Intense: With the BIS executing a ~23% larger budget, process failures are yielding historic multi-million-dollar penalties.

The Corporate Action Plan

To transition from a compliance educator to a resilient strategic advisor, leaders must execute immediate operational shifts:

What a forward-looking program does while the rules move

You cannot control the policy cycle. You can control whether your program is built to absorb it. The organizations that will navigate the next eighteen months well are doing five things now:

  1. Re-screen on ownership, not just names. Map the beneficial ownership of every counterparty in the compute supply chain.
  2. Treat the destination map as live. Build a process to absorb licensing-policy changes quickly, rather than hard-coding last year's country assumptions into sales workflows.
  3. Watch the services layer. Remote access to controlled compute, cloud and infrastructure-as-a-service, is increasingly inside the control perimeter. (More on this in our July 27 brief.)
  4. Document end-use diligence. Where chips ultimately go and what they enable is exactly where enforcement is focused; contemporaneous records are your best defense.
  5. Scenario-plan the legislation. Model what your exposure looks like if location-verification or congressional-veto requirements become law, so you are not rebuilding under deadline pressure.

Frequently Asked Questions

Can U.S. companies still export AI chips to allied countries?

Generally, yes, but the conditions are tightening and shifting. Even allied destinations can require licenses depending on the buyer's ownership, the end use, and current licensing policy. The trend is toward more conditions, not fewer.

Is the AI Diffusion Rule still in effect?

No. The January 2025 framework was rescinded in 2025. Advanced-computing exports are now governed by a revised licensing policy and a patchwork of tariffs and proposed measures, with a more comprehensive replacement framework still under debate.

What is the Chip Security Act?

A proposed law, not yet enacted, that would require verifying advanced chips remain in their authorized locations, aimed at preventing diversion to adversaries.

Does this affect cloud and remote access, not just hardware?

Increasingly, yes. Recent rules extend conditions to remote access and infrastructure-as-a-service, meaning providing compute capacity can fall within export controls even when no chip physically crosses a border.

How CTP helps

Since 1993, CTP has engineered robust compliance frameworks across 90+ countries. We help advanced-compute enterprises design screening mechanisms, evaluate ownership structures, and insulate operations from regulatory whiplash. Don't run a 2026 business on a 2025 rulebook.

Talk with CTP.

Key Points

What does the shift to case-by-case licensing review for advanced computing ECCNs mean in practice, and how should compliance programs respond to a standard that is inherently less predictable than rule-based controls?

The move from defined performance threshold-based controls to case-by-case review introduces compliance uncertainty that rule-based frameworks do not create—and organizations that managed AI chip compliance through bright-line classification rules must restructure their programs around a more judgment-intensive standard:

  • Case-by-case review replacing predictable threshold-based licensing determinations with transaction-specific government discretion that cannot be reliably anticipated from product specifications alone — Under the prior framework, licensing requirements for advanced computing chips were triggered by defined performance thresholds that compliance teams could apply mechanically to product specifications; under case-by-case review, licensing outcomes depend on BIS's assessment of the specific transaction's national security implications—including buyer identity, end-use application, destination country, and ownership structure—in ways that make pre-transaction licensing prediction substantially less certain and make pre-application government engagement more valuable than internal licensing analysis alone.
  • Transaction documentation requirements intensifying under case-by-case review because the government's licensing assessment depends on the quality of information the applicant provides — Case-by-case review shifts the burden of building the licensing case to the applicant; transactions that might have proceeded under a license exception or a defined licensing rule now require affirmative demonstration that the specific buyer, end use, and destination meet the criteria for approval; compliance programs must develop the documentation capabilities to support detailed license applications—including end-user profiles, infrastructure capability verification, and end-use analysis—that case-by-case review requires but that prior threshold-based frameworks did not.
  • Licensing timeline uncertainty requiring commercial planning that builds authorization lead time into transaction structures rather than assuming standard processing windows — Case-by-case review introduces licensing timeline variability that threshold-based frameworks do not; transactions that trigger interagency consultation, raise novel end-use questions, or involve buyers with complex ownership structures may experience substantially longer review periods than standard commercial planning anticipates; organizations that make commercial commitments on the assumption that licensing timelines will be predictable will encounter fulfillment problems when case-by-case review extends beyond anticipated windows.
  • Pre-application BIS engagement becoming a strategic compliance tool for transactions where licensing outcome uncertainty is high — For transactions involving buyers, end uses, or destinations that present uncertainty under case-by-case review, pre-application engagement with BIS through advisory opinion requests or informal consultation can surface agency concerns before a formal application is submitted; organizations that develop the institutional capability to engage BIS proactively rather than submitting applications and waiting for outcome will manage case-by-case licensing uncertainty more effectively than those that treat license applications as the first point of government contact.
  • Compliance program agility as the organizational capability that case-by-case review most directly demands — Rule-based licensing frameworks reward compliance programs that accurately apply defined criteria; case-by-case review rewards programs that can rapidly assess novel transactions, engage government stakeholders, build evidentiary records, and adapt to licensing outcomes that inform future transaction structuring; the organizational capability that case-by-case review demands is fundamentally different from the classification accuracy and exception verification that prior frameworks prioritized—requiring compliance programs to develop judgment and government relations capabilities alongside technical regulatory knowledge.

How does the parallel tariff layer created by the Section 232 proclamation interact with export control compliance obligations, and what does managing both simultaneously require?

The imposition of a 25% tariff on advanced chip imports through Section 232 creates a parallel regulatory dimension that intersects with export control compliance in ways that organizations accustomed to managing these frameworks separately must now address in an integrated compliance posture:

  • Tariff and export control compliance operating through different legal authorities, agencies, and enforcement mechanisms that each require independent compliance management while creating combined transaction risk — Section 232 tariffs are administered by the Department of Commerce under trade authority distinct from BIS's export control authority under the Export Control Reform Act; a transaction that is export control compliant may still be tariff non-compliant, and vice versa; compliance programs that manage export controls and tariff obligations through separate teams without integration risk missing the combined compliance picture that transactions subject to both frameworks require—particularly for transactions involving advanced computing hardware where both frameworks apply simultaneously.
  • Country of origin determination becoming a compliance-critical question under Section 232 that intersects with export control destination analysis for advanced chip transactions — Section 232 tariffs apply based on the country of origin of imported chips, while export controls apply based on destination and end-use; for advanced chips manufactured in multiple jurisdictions or assembled from components sourced globally, country of origin determination affects both tariff liability and export control analysis in ways that require coordinated assessment rather than independent framework application.
  • Supply chain cost structure shifting under combined tariff and licensing costs requiring commercial model adaptation that compliance programs must anticipate and support — The 25% Section 232 tariff adds substantial cost to advanced chip transactions that already face licensing complexity and timeline risk under case-by-case export control review; organizations whose commercial models were built around the cost structures of the prior regulatory environment must adapt pricing, supply chain design, and customer commitment structures to reflect the combined regulatory cost burden—adaptation that compliance programs must support by providing accurate and timely assessment of the combined tariff and licensing implications of proposed transactions.
  • Enforcement budget expansion creating heightened detection risk for both tariff and export control violations that organizations might previously have assumed carried low detection probability — The article's reference to BIS executing a approximately 23% larger enforcement budget signals an enforcement environment where process failures carry higher detection probability than historical experience suggested; organizations that managed tariff and export control compliance with tolerance for procedural gaps because enforcement seemed unlikely must recalibrate their compliance investment against an enforcement posture that is actively resourced to identify and penalize violations across both frameworks.
  • Legislative trajectory suggesting further integration of tariff and export control tools into a unified advanced technology control framework that compliance programs must be designed to accommodate — The concurrent use of Section 232 tariffs alongside export licensing controls for advanced AI chips reflects a policy direction toward treating advanced compute as a strategic national security asset subject to the full range of trade restriction tools rather than as a commercial product subject only to export licensing; compliance programs must be designed to accommodate this integrated framework rather than managing tariff and export control obligations as parallel but separate compliance activities.

What does diversion remaining the primary enforcement focus mean for compliance programs whose controls were designed around the point of initial export rather than the full lifecycle of chip deployment?

The enforcement emphasis on diversion—rather than only on unauthorized initial export—requires a fundamental expansion of where compliance programs intervene and what evidence they maintain:

  • Compliance perimeter extending from the shipping dock through the full deployment lifecycle in a framework where where chips ultimately go and what they enable is the enforcement priority — Prior compliance programs focused primarily on pre-export authorization—confirming classification, screening counterparties, and obtaining required licenses before shipment; the diversion-focused enforcement environment extends compliance obligations into the post-export period, requiring visibility into where chips are actually deployed, how computational access is distributed, and whether end-use matches authorization—a compliance scope that point-of-export programs are not designed to address.
  • Transshipment hub scrutiny creating compliance obligations for routing and logistics decisions that were previously treated as purely commercial choices — Federal scrutiny of transshipment hubs reflects enforcement awareness that diversion most commonly occurs through intermediate routing rather than direct unauthorized export; compliance programs must evaluate shipping routes against commercial logic rather than accepting customer-specified logistics arrangements, and must flag routing through jurisdictions with documented diversion histories for enhanced review—treating logistics decisions as compliance-relevant rather than commercially determined.
  • Contemporaneous end-use documentation as the primary enforcement defense in a diversion-focused environment where what chips enable after deployment is the central compliance question — Enforcement actions focused on diversion examine what chips were actually used for rather than only whether export documentation was correct at shipment; compliance programs must establish contemporaneous documentation practices that record end-use verification, deployment location confirmation, and access control assessments at the time they occur rather than reconstructing this information in response to enforcement inquiry—because post-hoc reconstruction lacks the evidentiary credibility that contemporaneous records provide.
  • Cloud and IaaS access monitoring as a compliance obligation for providers whose services extend controlled compute to downstream users whose identity and location may not be known at the time of chip deployment — The extension of export controls to remote access and infrastructure-as-a-service means that cloud providers must monitor not only the initial deployment of advanced chips but the ongoing access patterns of users who receive computational capacity through their services; compliance programs for IaaS providers must integrate access monitoring into their post-deployment compliance posture rather than treating license compliance as complete when service contracts are executed.
  • Ownership re-screening of counterparties throughout the transaction lifecycle rather than only at initial onboarding reflecting the enforcement reality that ownership structures change and diversion networks evolve — Diversion schemes frequently exploit changes in counterparty ownership that occur after initial onboarding screening established a compliant relationship; compliance programs must implement ongoing ownership monitoring for active counterparties in the compute supply chain rather than relying on onboarding screening to establish permanent compliance status for relationships that may change materially over time.

How should strategic leaders scenario-plan for the Chip Security Act and AI OVERWATCH Act, and what compliance infrastructure investments make sense before either becomes law?

Scenario planning for pending legislation is not speculative compliance investment—it is risk-calibrated preparation for a regulatory direction that is clearly signaled even when the specific legislative outcome remains uncertain:

  • Location verification infrastructure as the Chip Security Act compliance capability that requires the longest implementation lead time and therefore warrants the earliest investment — If enacted, the Chip Security Act's mandatory downstream location verification requirement for AI semiconductors would require compliance infrastructure—including chip-level tracking mechanisms, end-user location verification systems, and post-deployment monitoring processes—whose implementation timeline is measured in months rather than weeks; organizations that wait for enactment to begin implementation planning will face compressed timelines that produce the compliance gaps enforcement review is most likely to find in the immediate post-enactment period.
  • Congressional veto preparation requiring compliance programs to model the transaction population that would be subject to legislative review under the AI OVERWATCH Act and assess the commercial implications of extended authorization timelines — The AI OVERWATCH Act's proposed congressional veto authority over specific hardware export licenses would add a legislative review period to licensing timelines that are already extended under case-by-case review; organizations that model their exposure under this framework before enactment can identify which transaction categories would be most affected, restructure commercial commitment timelines to accommodate potential legislative review periods, and develop the government affairs capabilities that congressional engagement would require.
  • Defense article treatment trajectory requiring compliance program architecture designed for the stricter end-use controls, retransfer restrictions, and post-deployment monitoring obligations that defense article frameworks impose — The legislative direction toward treating advanced compute like a defense article rather than a commercial good signals a compliance framework that would impose ITAR-like obligations—including retransfer restrictions, end-use monitoring agreements, and post-deployment verification requirements—on transactions that currently require only EAR licensing; compliance programs built exclusively around EAR frameworks may require substantial restructuring if compute moves into a defense article control regime.
  • Scenario modeling methodology that quantifies exposure under specific legislative outcomes rather than producing qualitative assessments that do not support investment prioritization decisions — Useful scenario planning for pending legislation produces quantified exposure assessments—identifying which specific counterparties, transaction types, and revenue streams would be affected under each legislative scenario—that support investment prioritization decisions rather than general awareness that regulatory change is coming; compliance programs must develop the transaction data and analytical capability to produce these quantified assessments rather than relying on qualitative regulatory monitoring that cannot support business-level planning decisions.
  • Compliance infrastructure investments made before legislation takes effect retaining full value if legislative outcomes differ from anticipated scenarios while providing immediate protection against the diversion and licensing enforcement that current rules already require — The compliance capabilities that Chip Security Act and AI OVERWATCH Act preparation would develop—including location verification, ownership monitoring, and end-use documentation—are also directly valuable under current export control requirements; investments made in preparation for legislative scenarios that do not materialize are not wasted because they strengthen compliance against the enforcement environment that exists today regardless of what legislation passes tomorrow.

What does building a compliance program that can absorb regulatory change actually require, and how should organizations assess whether their current program meets that standard?

The article's central challenge—building a program designed to absorb change rather than react to it—requires specific organizational and program design choices that most legacy compliance programs were not built to provide:

  • Regulatory intelligence function that monitors the full range of legislative, regulatory, and enforcement developments affecting advanced compute rather than tracking only final rules — Programs designed to absorb change require early awareness of regulatory developments at the proposal, debate, and pre-final stages rather than only at implementation; monitoring that covers congressional hearings, BIS advance notices, industry advisory committee discussions, and enforcement action patterns provides the lead time needed to prepare for regulatory changes before compliance deadlines compress implementation timelines.
  • Modular compliance program architecture whose individual components—screening, classification, licensing, end-use monitoring—can be updated independently as specific regulatory requirements change without requiring full program redesign — Compliance programs built as integrated monolithic systems that must be comprehensively redesigned when any component's requirements change cannot absorb regulatory change at the pace the current environment demands; modular architecture that allows screening methodology, licensing workflows, and documentation standards to be updated independently enables compliance programs to adapt to specific regulatory changes without the implementation timelines that comprehensive redesign requires.
  • Cross-functional governance structure with defined authority and meeting cadence for compliance decisions that require legal, technical, and commercial input simultaneously — The compliance decisions that advanced compute export control requires—including case-by-case licensing strategy, ownership investigation methodology, and end-use monitoring design—cannot be made effectively by compliance functions operating in isolation; governance structures that integrate legal, engineering, sales, and compliance leadership in defined decision-making forums enable organizations to make and implement compliance decisions at the pace that a rapidly changing regulatory environment demands.
  • Compliance program stress testing against the specific enforcement scenarios and regulatory changes that current intelligence suggests are most likely rather than against the prior regulatory environment — Programs that test their compliance effectiveness against historical regulatory requirements are measuring readiness for a regulatory environment that no longer exists; stress testing must simulate the specific compliance scenarios that current BIS enforcement focus, pending legislation, and regulatory trajectory make most likely—including beneficial ownership screening failures, post-export diversion detection gaps, and case-by-case licensing documentation deficiencies—to identify the program gaps that matter most in the current environment.
  • External advisory relationships that provide access to regulatory intelligence and government engagement capabilities that internal compliance functions cannot develop alone — The speed and complexity of regulatory change in advanced compute export controls exceeds what most internal compliance programs can monitor and respond to without external support; organizations that develop advisory relationships with compliance specialists who maintain current regulatory intelligence, government agency relationships, and cross-industry enforcement visibility—such as the thirty-plus years of multi-jurisdictional compliance experience that CTP brings—are building the external capability complement that enables internal programs to absorb change rather than perpetually catch up to it.

CTP Updates

Latest Posts

Contact Us

How Can CTP Help You?

Please complete the form.
A member of the CTP team will be in touch soon!

// Simple Form Validation by BRIX Agency
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.