BIS’s announcement was not unexpected, given the Trump Administration’s vocal objections to the Rule, asserting the Rule would have stifled U.S. innovation and undermined U.S. diplomatic efforts. Because certain administrative procedures must occur before rescission is complete, Under Secretary of Commerce for Industry and Security Jeffery Kessler instructed BIS not to enforce the Rule pending its full rescission. BIS announced it would issue, in the next four to six weeks, a new regulation to govern the export, reexport, and transfer of advanced semiconductors and advanced computing commodities.
BIS also issued three guidance documents to advise the public on BIS’s enforcement priorities for advanced computing, especially with respect to China:
- An alert about the potential consequences of allowing U.S. AI chips to be used for the training and inference of Chinese AI models.
- Recommendations for protecting supply chains from diversion tactics.
- A warning against using advanced integrated chips (ICs) developed, designed, or manufactured in China.
Key take-aways
Although the guidance documents are not official rules, they make clear that BIS will scrutinize all transactions involving advanced ICs and commodities, wherever they occur and irrespective of whether the parties involved are U.S. persons or non-U.S. persons, exporters, or infrastructure as a service (IaaS) providers. While this is not a departure from BIS’s policy under the Rule, it shows that enforcement of advanced computing export controls remains a key priority for BIS. BIS will also expect heightened due diligence from all parties in the supply chain, and failure to conduct such diligence may aggravate potential penalties. In this respect, the guidance offers a preview of what the public can expect from BIS’s new rules, once issued.
Guidance concerning chips used for training AI models
This guidance details BIS’ determination that providing access to advanced computing ICs and commodities for training AI models has the potential to enable military-intelligence and weapons of mass destruction (WMD) end uses/users in Country Group D:5 countries (including China) or Macau. These license requirements pertain to the catch-all controls in Part 744 of the Export Administration Regulations (the EAR), namely the license requirements covering activities that do not involve any items appearing on the Commerce Control List (the CCL) or prohibited end users.
Accordingly, the activities listed below may require a license from BIS when there is knowledge (i.e., actual knowledge or reason to know) that an AI model will be used for a WMD or military-intelligence end use/user, even when the activity does not involve any item appearing on the CCL:
- Exports, reexports, or transfers (in-country) of advanced computing ICs and commodities subject to the EAR to any party, including non-U.S. IaaS providers (e.g., data center providers), when the exporter, reexporter, or transferor has knowledge that the IaaS provider will use these items to conduct training of AI models for or on behalf of parties headquartered in D:5 countries (including China) or Macau.
- In-country transfers of advanced computing ICs and commodities subject to the EAR already in the possession of parties such as IaaS providers if there is knowledge the items will be used by the transferee to train AI models for or on behalf of parties headquartered in D:5 countries (including China) or Macau.
- Provision of any support or performance of any contract, service, or employment, by a U.S. person when there is knowledge that such activity will be used for or may assist the training of AI models for or on behalf of parties headquartered in D:5 countries (including China) or Macau.
Persons involved in any of the activities above are advised to gain assurances that the end users will not use advanced computing ICs or commodities for a prohibited purpose. Notably, the guidance references non-U.S. IaaS providers specifically, whereas prior rules and guidance referred only to U.S. IaaS providers. Accordingly, BIS appears to be making clear that non-U.S. IaaS providers should be aware their activities can attract U.S. government attention.
Industry guidance on preventing diversion
Consistent with its view that advanced computing ICs have the potential to enable military-intelligence and WMD end uses, BIS also issued a non-exhaustive list of red flags to consider for export transactions, as well as recommended compliance actions to mitigate export risk. While failure to take these actions is not itself a violation of the EAR, the primary purpose of these publications is to put the industry on notice that BIS will expect these actions at a minimum. By so doing, BIS could determine that a failure to take these actions or to ask these questions is a willful avoidance of facts and constitutes “reason to know” that a violation is about to occur. BIS provided a non-exhaustive list, excerpted below and available here, of due diligence actions that companies should take when assessing new customers and IaaS providers:
- Evaluate the customer’s date of incorporation (e.g., incorporation after October 2022).
- Evaluate the customer’s ownership structure to determine if parties are headquartered or have an ultimate parent headquartered in a destination specified in Country Group D:5 (including China) or Macau.
- Evaluate the end user and end use of the item (e.g., whether the customer’s line of business is consistent with the ordered items).
- Notify potential customers that items are subject to the EAR and would require a license if exported, reexported, or transferred (in-country) to or within certain destinations.
- Seek end-user certifications with detailed information on all proposed transaction parties, including the end user, and the intended end use for specific transactions. The customer should also certify that it will not export, reexport, or transfer (in-country) advanced computing ICs for restricted ‘military-intelligence end uses’ or ‘military-intelligence end users,’ or for WMD.
- Request a written attestation from the data center that affirms that (i) the end user is authorized to operate at its location, and (ii) it has the infrastructure to operate the type of server containing advanced ICs being exported. Conduct on-site visits at the data center, or alternatively, utilize independent third-party certified auditors.
- Evaluate data centers to determine whether they have the infrastructure to operate servers containing advanced ICs greater than 10 megawatts.
These recommendations are consistent with prior, more general red flag and due diligence guidance, but are unique in that they are targeted specifically to export transactions involving advanced computing ICs. Such guidance shows how high an enforcement priority advanced computing ICs are for BIS.
Application of General Prohibition 10 to People’s Republic of China (PRC) advanced-computing ICs
Finally, BIS declared that any use of ICs that: (i) meet the parameters of 3A090 on the CCL; and (ii) have been developed or produced by companies located in, headquartered in, or whose ultimate parent company is headquartered in Country Group D:5, including China or Macau, may be a violation of the EAR’s General Prohibition 10 (GP10).
GP10 prohibits any person, U.S. or non-U.S., from proceeding with transactions with knowledge that a violation of the EAR has occurred or is about to occur. BIS advised that all 3A090 ICs developed by Chinese companies likely were developed in violation of the EAR, as these chips likely were either designed with U.S. software or technology or produced with semiconductor manufacturing equipment that is the direct product of US-origin software or technology, or both, rendering the items subject to the EAR. Because the export, reexport, and in-country transfer of such U.S.-origin software or technology to or within China and used to develop the 3A090 ICs was and is prohibited, use of such 3A090 ICs by any person, U.S. or non-U.S., Chinese or non-Chinese, could be proceeding with knowledge a violation has occurred, and therefore constitute a violation of GP10.
BIS published a non-exhaustive list of chips designed in China and presumed to be subject to GP10 restrictions.
In other words, these chips are presumed to have been made in violation of the EAR and users of these chips may be at risk of substantial penalties, unless the requisite licenses from BIS were obtained.
BIS further advised all prospective users of these chips to confirm their ICs were delivered in compliance with the authorizations required for both: (i) the export of the production technology from the IC’s designer to its fabricator, and (ii) the export of the IC itself from its fabricator to its designer or other supplier. Like the compliance actions referenced above, purchasers that fail to make these confirmations could be found to have a reason to know the ICs were exported in violation of the EAR by willfully avoiding facts with respect to the ICs. BIS did advise it will not pursue enforcement actions against parties that obtain a 3A090 IC solely for technical analysis or evaluation (such as destructive testing) to determine the technical capabilities of an individual IC. However, BIS is making clear that for any other purposes, any person could be at risk of incurring direct liability (i.e., civil or criminal penalties) under the EAR for purchasing or using these chips. Non-U.S. clients seeking to gain access to advanced ICs should carefully consider these risks. Financial institutions and other parties that finance or assist the purchase, sale, or export of such ICs also could be at risk of liability under GP10.
Export controls continue to evolve and likely will remain a key component of U.S. national security and the Trump Administration’s posture towards China. Industry can expect heightened attention and enforcement from BIS. A&O Shearman continues to monitor developments. Should you have any questions on the matters discussed in this article, please contact any of the contacts listed or your usual contact at A&O Shearman.