AI Export Controls in 2025: The Founder Cheat Sheet
This content is provided for educational and informational purposes only and is not intended and should not be construed as legal advice.
November 29, 2025
In 2025, U.S. export controls administered by the Bureau of Industry and Security (BIS) remain the single biggest regulatory hurdle for AI companies touching advanced hardware, large-scale compute, or cutting-edge semiconductor technology. While the January 2025 “AI Diffusion Rule” that would have required global licensing of closed frontier model weights was rescinded in May, the core 2022–2025 restrictions on GPUs, accelerators, and semiconductor manufacturing equipment are stronger than ever — and aggressively enforced.
Unlike OFAC sanctions (which are person/entity blocking prohibitions), BIS export controls are item- and destination-based licensing requirements. Violating them can mean civil penalties in the tens of millions, criminal referral, loss of export privileges, and permanent damage to fundraising and customer relationships.
This guide focuses exclusively on BIS export controls as they apply to AI in late 2025 — what triggers them, real enforcement cases, and exactly what founders and investors must do today.
1. Essentials: What Export Controls Target (and Don’t Target)
| What They Target | Examples in AI Context | Why It Matters |
|---|---|---|
| Advanced Hardware & Equipment | High-performance GPUs/accelerators (TPP ≥ 4800), SME for cutting-edge nodes | Prevents large-scale military AI training clusters |
| Certain Software & Technology | Source code/know-how for controlled chips; deemed exports to foreign nationals | Stops indirect tech transfer |
| End-Uses & End-Users | Any item if “known” for military/intelligence/WMD in D:5 countries; Entity List parties | Catch-all rule closes loopholes |
| Foreign-Made Items via FDPR | Chips made abroad using U.S. tools/software for restricted Chinese end-uses | Extends U.S. reach globally |
| What They DON’T Target | Examples in AI Context | Key Notes |
|---|---|---|
| Most Open-Source AI Models | Publicly released weights/code below thresholds | Generally license-free worldwide |
| Consumer/Low-Performance Hardware | GPUs below TPP 4800; standard laptops/servers | Safe for most non-China sales |
| Pure Services | General consulting, marketing materials | No license if no controlled tech |
| Allies & Non-Restricted Countries | Exports to Canada, UK, EU, Japan, etc. | Presumption of approval |
2. What Are the Current AI-Relevant Export Controls?
The controls are administered by the Department of Commerce’s Bureau of Industry and Security (BIS) under the Export Administration Regulations (EAR).
A key enforcement tool is the Entity List — a public list of companies, research institutions, and individuals (mostly in China and Russia) that are subject to specific license requirements, usually with a presumption of denial, because of involvement in military end-use, proliferation, human-rights abuses, or prior violations.
| Category | Controlled Items (Key ECCNs) | Main Restrictions | Destinations Requiring License | License Review Policy |
|---|---|---|---|---|
| Advanced AI Chips | 3A090.a, 4A090, 3A001.z, etc. | TPP ≥ 4800 on GPUs, accelerators, clusters | China (including Macau)/D:5 (presumption of denial); red flags elsewhere | Case-by-case; often denial for China |
| Semiconductor Manufacturing Equipment (SME) | Various (e.g., 3B001, 3B090) | Tools for ≤14nm logic, ≤18nm DRAM, ≥128-layer NAND | China (including Macau)/D:5 + expanded FDPR | Presumption of denial |
| Closed AI Model Weights | 4E091 (never implemented) | Would have covered models trained with >10²⁶ operations | Global (except close allies) — rescinded | N/A |
| “Catch-All” End-Use Controls | Any item subject to EAR | Knowledge of military/intelligence/WMD use in D:5 country | Worldwide if knowledge exists | License required; often denial |
Foreign Direct Product Rule (FDPR) extends U.S. jurisdiction to foreign-made chips if they are the direct product of U.S. software/technology or made in a plant using certain U.S.-origin equipment — effectively covering nearly all advanced chips worldwide when destined for restricted end-uses in China.
Deemed Exports/Reexports: Sharing controlled source code or technology with a foreign-national employee (even in the U.S.) or in a cloud instance accessible from China can trigger licensing.
3. Enforcement Cases and Penalties (2022–2025)
BIS and the Department of Justice (DOJ) have dramatically increased enforcement, often in coordination with the Office of Foreign Assets Control (OFAC). Penalties routinely exceed $1M; criminal cases can reach hundreds of millions.
| Date | Party | Violation Summary | Penalty / Outcome |
|---|---|---|---|
| 2024–2025 | Multiple Chinese entities (140+ added Dec 2024) | Supplying SME to SMIC/Huawei despite controls | Entity List designation → no U.S. items |
| Mar/Sep 2025 | 42 + 23 PRC entities | Providing controlled SME to listed Chinese firms | Entity List additions |
| 2025 | Nvidia H20 / AMD MI308 sales to China | Required individual licenses (previously license-free) | Ongoing case-by-case approvals |
| Ongoing | Huawei Ascend chips | Dealings may violate General Prohibition 10 | Worldwide prohibition for knowing parties |
| 2024 | Various smuggling cases | Transshipment hubs (Malaysia, Singapore, UAE) to divert GPUs to China | Criminal indictments + $10M+ fines |
4. Key Enforcement Trends in 2025
| Trend | Description | Impact on AI Companies / Startups / VCs |
|---|---|---|
| Shift from global to targeted enforcement | AI Diffusion Rule rescinded; focus on Entity List & guidance | Less day-to-day burden outside China |
| Huawei / domestic Chinese chips focus | Warnings against Ascend 910B/C; General Prohibition 10 applied | Avoid Huawei hardware anywhere |
| Cloud & remote compute restrictions | U.S.-origin cloud instances to Chinese users often require license | AWS, Azure, GCP have restricted China access |
| Ally coordination | U.S. pushing NL/JP/KR for tighter SME controls; tariff/FDPR threats | Potential multilateral tightening in 2026 |
| Higher penalties | Commerce signals intent to “significantly increase penalties” for China diversions | More conservative corporate compliance |
5. Practical Compliance Guide
A. Quick Decision Tree for AI Companies
- Subject to EAR? → Almost always yes for advanced GPUs/accelerators/U.S.-developed models
- Hits 3A090/4A090 thresholds? → License needed for China/D:5
- Below thresholds but red flags for military/AI training in China? → License required
- Releasing closed model weights >10²⁶ ops? → Currently no control
- Cloud/SaaS: Chinese user accessing >threshold compute? → Likely license required
B. Compliance Checklist for Founders & Startups
| Step | Action Items | Tools / Tips |
|---|---|---|
| 1. Classify Your Technology | Run ECCN self-classification or submit CJ request to BIS | Use BIS SNAP-R portal; consult counsel early |
| 2. Screen All Parties | Customer, investor, employee, cloud provider vs. Entity List, Denied Persons, red-flag guidance | Free BIS search or a reputable denied party screening provider |
| 3. Implement End-Use Statements | Require written confirmation: “Not for military end-use in China” | Include in ToS, contracts |
| 4. Cloud / Remote Access Controls | Geo-fencing advice: block logins from China/Macau IPs, cap per-account compute at safe levels, log all access attempts | Monitor for unusual China IP spikes |
| 5. Employee / Deemed Export Rules | Screen nationality; license if sharing controlled source code/tech with non-U.S. persons | Especially important for H-1B, OPT, green-card holders from D:5 countries |
| 6. Due Diligence on Investors | VCs: Check ultimate beneficial owners; avoid funds with Chinese military ties | CFIUS overlap — mandatory filings for certain AI investments |
| 7. Recordkeeping & Training | 5-year records; annual training | Use templates from BIS website |
| 8. Voluntary Self-Disclosure (VSD) | If violation discovered → immediate VSD dramatically reduces penalty | BIS encourages; can cut penalty by 50%+ |
C. Special Advice for VCs & Accelerators
- Due Diligence Questions to Ask Portfolio Companies:
• Have you classified all AI hardware/software under the EAR?
• Do you have China exposure (customers, investors, employees, cloud)?
• What geo-restrictions are in your cloud/SaaS terms?
• Any plans to release closed-weight frontier models? - Red-Flag Investors: Funds linked to Chinese military (e.g., “Seven Sons of National Defense”), state-owned enterprises, or Entity-Listed parents.
- Deal Term Protections: Require representations & warranties on export compliance; include post-closing audit rights.
6. How One Lex Partners Helps AI Clients with Export Controls
| Service | Description | Typical Timeline |
|---|---|---|
| ECCN Classification & License Filing | Full classification + BIS license submission | 2–4 weeks |
| Compliance Program Build-Out | Geo-fencing, ToS clauses, training, audits | 4–8 weeks + retainer option |
| Investor & Deal Diligence | Comprehensive Entity List and restricted-party screening process, reps & warranties drafting, CFIUS overlap checks | 1–2 weeks |
| VSD & Enforcement Response | Lead voluntary self-disclosure to minimize penalties | Immediate + 4–12 weeks |
| Training Workshops & Audits | Interactive sessions + annual audits | 2–3 weeks |
| Red-Flag Investigation & Remediation | Deep-dive + remediation plans | 1–3 weeks |
We specialize in practical, fixed-fee export controls work for AI and deep-tech companies. Reach out for a no-obligation discussion of your specific situation.
