ABSTRACT
Export controls anchored in the Export Control Reform Act of 2018 and expanded through the CHIPS and Science Act of 2022 reoriented United States strategy toward targeted denial of advanced computing, semiconductor manufacturing equipment, and related inputs to the People’s Republic of China. The regulatory spine consists of the Bureau of Industry and Security (BIS) Export Administration Regulations updates beginning October 7, 2022, refined in October 2023, extended in December 2024, and further clarified in January 2025, with the Foreign Direct Product Rule asserting extraterritorial jurisdiction over foreign-made items incorporating controlled US technology. The rationale—summarized by National Security Advisor Jake Sullivan as a “high fence around a small yard”—posits that control of narrow chokepoints can sap adversary capability while preserving broader trade. The Cold War experience of Coordinating Committee for Multilateral Export Controls (CoCom) and its successor ecosystem, the Wassenaar Arrangement, shows a contrasting tendency: lists broaden under political and security pressure; enforcement frays as exceptions, transshipments, and intelligence collection proliferate; and coalition management strains when Washington wields extraterritorial levers. The contemporary regime inherits those structural liabilities while contending with a target that is vastly more embedded in global value chains and more adept at technological absorption than the Soviet Union. These dynamics complicate optimistic claims associated with “weaponized interdependence”—that command of network chokepoints can be durably decisive—by foregrounding long-run adaptation, leakage, and allied fatigue.
Initial scope alignment relied on statutory and rule-based pillars. ECRA delegated standing authority to control exports for national security and foreign policy, including extraterritorial reach via the EAR and the FDPR; the CHIPS and Science Act erected incentives and guardrails to reshore capacity while imposing “guardrails” on expansion in China by subsidy recipients. The BIS interim final rule of October 7, 2022 introduced controls on advanced computing integrated circuits, semiconductor manufacturing items, and related services destined to the PRC; subsequent notices and frequently asked questions elaborated license exceptions, de minimis thresholds, and end-use restrictions. The October 2023 updates tightened performance thresholds and widened geographic coverage to address re-export and transshipment, while the December 2024 package added high-bandwidth memory and broadened controls on software and tools, accompanied by January 15–16, 2025 Federal Register clarifications. The official record across these instruments is public, granular, and cumulative, enabling precise mapping of jurisdictional hooks that bind non-US suppliers through content, tooling, and software linkages. BIS “Federal Register Notices” index; BIS October 13, 2022 notice referencing the October 7, 2022 interim final rule; BIS January 15, 2025 corrections and clarifications (Federal Register extract); BIS January 16, 2025 addendum to the December 2024 updates; BIS April 4, 2024 corrections referencing the October 17, 2023 interim final rules; BIS Entity List overview; BIS FAQ entries on the Entity List and location in 15 CFR. Statutory anchors are accessible in authenticated text: Congress.gov text of the Export Control Reform Act of 2018 and PDF](https://www.congress.gov/115/bills/hr5040/BILLS-115hr5040ih.pdf); Congress.gov enrolled bill PDF for the CHIPS and Science Act of 2022 (Public Law 117-167) and text](https://www.congress.gov/bill/117th-congress/house-bill/4346/text).
The doctrinal articulation of the “small yard” is public and attributable to September 2022 remarks by Jake Sullivan, where the phrase “high fence around a small yard” is documented in official materials. Whereas Cold War controls focused on end items and a limited set of dual-use lines, the contemporary yard centers on design software, manufacturing tooling, interconnects, memory subsystems, and advanced logic—nodes where US and allied firms control crucial intellectual property. The logic resonates with scholarly accounts of network power: control of critical hubs can enable coercion across finance, data, and technology. Yet the Cold War archive warns that lists expand under pressure. CoCom list debates in the Foreign Relations of the United States series record persistent disagreement over what counted as “strategic,” periodic pushes to widen coverage, and sustained frictions with European partners over economic costs. CIA declassifications on the KGB’s Directorate T detail a worldwide program to acquire Western technology by legal and clandestine means, lowering US lead times despite formal embargoes. White House materials citing the “small yard, high fence” framing (September 2022 remarks by Jake Sullivan); FRUS documentation on CoCom list disputes (1952–1954 and 1969–1976 volumes) and](https://history.state.gov/historicaldocuments/frus1969-76v04/d294); CIA “The Technology Acquisition Efforts of the Soviet Union” (declassified dossier on Directorate T operations); CIA “Soviet Acquisition of Militarily Significant Western Technology” (April 1982) and related files](https://www.cia.gov/readingroom/document/cia-rdp96b01172r000700060001-8).
Three Cold War lessons travel to 2025. First, the yard grows. CoCom began with a narrow strategic mandate but widened as civil-military integration blurred distinctions and as leaders layered broader foreign-policy objectives—Afghanistan sanctions, Poland’s martial law—on top of security rationales. The present regime shows the same drift: human-rights concerns, Russia supply-chain interdiction, and surveillance-linked listings have expanded the scope beyond pure battlefield denial. This pattern is visible in the regulatory chronology from October 2022 through January 2025, as performance metrics, geographic coverage, and categories such as high-bandwidth memory, software, and services were added to plug evasion channels and target emerging bottlenecks. An expanding yard raises compliance burdens, increases licensing queues, and stimulates political contestation at home and abroad—precisely the dynamic documented in the FRUS record when Washington sought to broaden CoCom lists over allied objections. BIS rules and notices, 2022–2025; FRUS 1961–1963 and 1952–1954 entries on CoCom scope and allied resistance and](https://history.state.gov/historicaldocuments/frus1952-54v01p2/d129).
Second, enforcement is porous and adaptation is persistent. The Cold War record demonstrates systematic acquisition through front companies, transshipment, scientific exchanges, and espionage—efforts that narrowed technology lead times even when formal controls were intact. The USSR ultimately lagged less because it failed to obtain blueprints and equipment than because its economy proved ill-suited to absorption and diffusion, a point emphasized across declassified assessments. By contrast, China is deeply embedded across global supply chains, fields competitive firms in key segments, and has repeatedly displayed capacity to re-engineer around constraints, pool “good-enough” components, and scale domestically in response to denial. The regulatory response—wider country coverage, FDPR expansion, de minimis tightening, and attention to services and cloud access—is therefore iterative and high-maintenance, inviting recurring rule-change cycles that themselves spur new evasion tactics. The BIS December 2024 and January 2025 instruments codify this spiral by adding memory classes and toolchains while asserting expansive jurisdictional claims to capture foreign-made items with even minimal US content. BIS December 2024/January 2025 documents and](https://www.bis.doc.gov/index.php/component/docman/?gid=3563&task=doc_download); CIA technology-acquisition dossiers.
Third, coalition management is fragile. CoCom benefited from shared threat perception and alliance structures yet repeatedly fractured over commercial losses, scope, and unilateral US extraterritorial measures. The current environment is harder: partners such as Japan, Republic of Korea, Taiwan, Netherlands, and Germany face acute economic exposure to China, fear retaliatory restrictions on critical minerals and market access, and maintain varying legal philosophies regarding country-specific export law. Where CoCom provided a single forum, the post-1996 Wassenaar Arrangement is deliberately non-binding and transparent rather than coercive, offering limited traction for coercing common discipline on China as a named target. In practice, the US is relying on bespoke alignments underpinned by FDPR, with credible threats of secondary enforcement to deter leakage through non-US nodes. Historical precedents show how such pressure can corrode allied goodwill and accelerate “designing out” of US content to avoid jurisdiction—a risk already noted in industry analyses during prior sanction waves. State Department materials underline Wassenaar’s transparency and voluntary character, while Wassenaar’s own founding and control-list documentation confirm the absence of binding, target-specific obligations. State Department overview of Wassenaar participation; Wassenaar Arrangement “About us” and founding/control-list documents](https://www.wassenaar.org/app/uploads/2021/12/Public-Docs-Vol-I-Founding-Documents.pdf).
The strategic claim that chokepoint control can be turned into reliable coercive leverage—central to the “weaponized interdependence” literature—rests on sustained dominance of network hubs and credible, collectively enforced denial over long horizons. The Cold War archive and contemporary rule-evasion and partner-politics trends cut against such durability. Denial can raise costs, slow diffusion, and shape the tempo and direction of an adversary’s programs; it rarely proves terminal, and may catalyze substitution and indigenous scaling. The scholarly record formalizing these network-centric claims is authoritative and peer-reviewed, and remains foundational for analysis of 2025 export controls. International Security (MIT Press) “Weaponized Interdependence: How Global Economic Networks Shape State Coercion” (2019).
Policy implications for US economic security and alliance stewardship follow directly. First, precision is perishable; maintaining a truly “small yard” demands continuous pruning alongside reactive plug-the-gaps additions. Second, enforcement must prioritize the handful of highest-value nodes, including design software ecosystems, EUV/DUV toolchains, specialty chemicals and gases, advanced packaging and interconnects, and high-bandwidth memory, while resisting temptation to sprawl into broad commercial domains where leakage and allied pushback increase sharply. Third, extraterritoriality works best as a credible backstop, not a routine instrument; overuse corrodes cooperation and accelerates “EAR-free” redesigns. Fourth, allied cohesion requires regularized, treaty-quality consultation channels that can absorb shocks without precipitating public splits; the historical experience of CoCom suggests that secrecy-lite mechanisms, shared intelligence on evasion networks, and jointly staffed licensing frictions dashboards can reduce mistrust. Finally, claims of decisive technology denial should be tempered by realistic assessments of adaptation paths and time horizons; the Cold War technology gap often owed more to political economy than to list management, and the PRC’s capabilities, market scale, and innovation system differ fundamentally from the USSR baseline.
The record that underpins these conclusions is public and verifiable across official institutions: the BIS rulemaking corpus from 2022 through 2025 demonstrates list expansion and extraterritorial reach; the FRUS archive documents allied frictions and failed efforts to preserve a narrow list under geopolitical stress; the CIA declassifications catalogue acquisition and evasion mechanics that resonate with twenty-first-century shell companies, transshipment, and cloud-access workarounds; the Wassenaar Arrangement’s texts explain why formal multilateral control is ill-suited to target China directly; and the peer-reviewed literature on networked coercion clarifies both the promise and the limits of chokepoint strategies over long horizons. The resulting picture suggests that export controls can impose tactical friction and strategic delay, but that their long-run efficacy hinges on disciplined scope management, concentrated enforcement at genuine bottlenecks, credible but sparing extraterritorial use, and sustained, trust-preserving alignment with key suppliers who face asymmetric commercial exposure to China. BIS notices and FAQs and](https://www.bis.doc.gov/index.php/documents/policy-guidance/3434-2023-frequently-asked-questions-003-clean-for-posting/file); Congress.gov on ECRA and CHIPS and](https://www.congress.gov/117/bills/hr4346/BILLS-117hr4346enr.pdf); FRUS CoCom documents and](https://history.state.gov/historicaldocuments/frus1952-54v14p1/d6); CIA technology-transfer files; Wassenaar background and lists; International Security (2019) “Weaponized Interdependence”.
CHAPTER INDEX
- 1. From CoCom to “Small Yard”: Legal Architecture, Doctrinal Framing, and the 2022–2025 BIS Rule Cascade
- 2. Scope Creep Mechanics: Civil–Military Fusion, Foreign-Policy Layering, and Domestic Politicization
- 3. Enforcement and Evasion: FDPR, De Minimis, Transshipment, Cloud Access, and the Adaptive Target
- 4. Coalition Dynamics: Allied Exposure to China, Extraterritorial Leverage, and Risks of “EAR-Free” Redesign
- 5. Technology Bottlenecks, Enforcement Innovations, and the Future of Strategic Chokepoints
- 6. Weaponized Interdependence Revisited: Chokepoints, Time Horizons, and Systemic Adaptation
- 7. Implications for US Economic Security: Prioritizing Bottlenecks, Licensing Strategy, and Alliance Management
From CoCom to “Small Yard”: Legal Architecture, Doctrinal Framing, and the 2022–2025 BIS Rule Cascade
The legal foundation for the current US export control framework aimed at China sits on a combination of statute, regulation, and administrative rulemaking. The Export Control Reform Act of 2018 (ECRA) grants the US government permanent authority to control exports, reexports, transfers (in-country) of items for national security and foreign policy reasons under the Export Administration Regulations (EAR). Under that authority, the Bureau of Industry and Security (BIS), in the Department of Commerce, has issued a series of rulemakings beginning October 7, 2022, that have successively expanded and refined control over advanced computing integrated circuits (ICs), semiconductor manufacturing equipment (SME), high-bandwidth memory, artificial intelligence model weights, and related inputs. Each package attempts to balance what is statutorily required under ECRA with industry pressure, allied coordination, and enforceability concerns.
The initial package, the “October 7, 2022 Interim Final Rule” (commonly “October 7 IFR”), introduced controls on advanced computing items and semiconductor manufacturing items destined for the People’s Republic of China (PRC), especially where those items could support military end uses or surveillance or human rights abuses. It introduced performance thresholds for ICs, imposed licensing requirements for computer commodities containing advanced ICs, established end-use/end-user controls for supercomputers, and asserted controls over certain U.S. persons’ activities and foreign-produced items using U.S. technology under the Foreign Direct Product Rule (FDPR).
Subsequent reviews and public comments led BIS to issue two separate rules in October 2023: the “Export Controls on Semiconductor Manufacturing Items Interim Final Rule” (SME IFR) and the “Implementation of Additional Export Controls: Certain Advanced Computing Items; Supercomputer and Semiconductor End Use; Updates and Corrections” (AC/S IFR). These rules refined performance thresholds, expanded categories of controlled SME, clarified de minimis thresholds in items with U.S. origin content, tightened license exception availability, and adjusted licensing-review policy and country group definitions. For example, SME controls were reorganized under ECCNs (Export Control Classification Numbers) 3B001 and 3B002, moving certain items from former ECCN 3B090 and tightening end-use restrictions. The effective date for many SME rule provisions was November 17, 2023, with some changes set to take effect in January 1, 2026, allowing a transition period. (Federal Register)
Further corrections and clarifications were published April 4, 2024, via interim final rulemaking to adjust technical errors in the October 2023 IFRs, correct omissions, refine definitions (such as “advanced-node ICs”, “supercomputer”, etc.), and adjust the scope of license exceptions and de minimis rules to close loopholes identified during regulatory implementation. (Federal Register)
Parallel to hardware and software controls, the Entity List has been substantially expanded under BIS rulemaking between 2023 and 2025. For example, on March 28, 2025, BIS added 70 entities (of which 42 are under China) to the Entity List under the EAR, based on determinations that those entities posed significant risk to U.S. national security or foreign policy. These additions trigger stricter licensing requirements for all items subject to EAR for those entities, often with a presumption of denial. (Federal Register)
Also relevant is a final rule on January 16, 2025, adding 16 entities (14 under China, 2 under Singapore) for their involvement in advanced IC development, contributions to China’s weapons, surveillance, or other military-relevant end uses. This rule also included a “Footnote 4” designation for many entries meaning foreign-produced items subject to EAR are covered. (Federal Register)
These doctrinal and regulatory moves signal a shift toward what is called a “high fence, small yard” posture: the yard being the set of technologies, firms, processes, and imports that are tightly controlled; the fence being the regulatory, enforcement, licensing, and allied coordination mechanisms to keep that yard from leaking. The doctrine is visible in publicly stated policy by BIS, Commerce Department, and White House rhetoric and in the design of the rule cascade: thresholds (e.g., performance metrics, nanometer scale, computing operations per second) are used to try to limit the yard; licensing exceptions are narrowed; and jurisdictions are extended via FDPR, de minimis rules, and foreign-produced items. For example, the SME IFR and AC/S IFR both include revisions to de minimis provisions (including a “0% de minimis” rule for some SME items) to require even minimal U.S. content in foreign-made items to be controlled if directed to China or other destinations of concern. (Federal Register)
The legal architecture thereby combines: the statutory base (ECRA), enabling regulation (EAR), classification systems (ECCNs; definitions of “advanced-node”, “supercomputer”, etc.), licensing policy (license review policy, exceptions, validated end users), and enforcement levers (FDPR, end-use and end-user controls, Entity List additions). Each new rule has layered on adjustments intended to close observed gaps or respond to identified evasion strategies.
Doctrinally, key framings are: China’s military-civil fusion demands that dual-use technologies rapidly cross from civilian to military application; that high-performance computing and AI pose “force-multiplying” risks; that control over design, software tools (“EDA”, simulation, modeling”) is as important as control over hardware; that allied cooperation and export-control harmonization are both essential and yet under strain. These framings justify regulatory expansion and extraterritorial claims, while opening areas of tension (how much spillover to civilian trade, how much cost to allies, how aggressive to be in presumption of denial).
By September 2025, the cumulative rule cascade has resulted in a regulatory regime that covers: advanced ICs past certain performance thresholds; semiconductor manufacturing tooling and equipment including those related to photolithography, etching, deposition, packaging, interconnects; services, software, and AI model weights; foreign-produced items with U.S. origin inputs; validated end-user mechanisms narrowly defined; entity listing with presumption of denial in many cases; de minimis rules greatly reduced for many categories when destined for China or entities of concern. The yard, although intended to be small, has been materially widened since October 2022 across both technical scope and number of entities targeting Chinese end users.
Real-time data show enforcement complexity increasing: as more entities are listed, more license applications are denied or delayed; firms outside the United States must map supply chains for U.S. input content; foreign legal exposure increases under extraterritorial rules; allied countries are pushed to adjust their export regulations or risk being avenues for controlled item diversion; firms are investing in design-out (avoiding U.S. origin content) or in internalizing capabilities previously imported.
In legal precedent and analogy, CoCom’s early period also began with narrower lists that over time expanded via list addenda, alliance pressures, and changing threat perceptions. The U.S. academic and policy literature since 2022 has tracked that same process. The regulatory record confirms it in the US-China export control case. The designs of ECCNs, the boundaries of license exceptions, the classification of foreign-produced items, and the rate of Entity List expansions are all observable, quantifiable markers of scope creep.
Thus the “small yard” framing holds as doctrine but is under continuous tension from empirical expansion. Law and regulation for now permit a narrower yard, but every subsequent rule has added new technologies, firms, or tighter jurisdictional reach, especially where gaps appeared due to performance threshold evasion, foreign-supplier transshipment, cloud-based service use, or de minimis rules. Enforcement burden, compliance complexity, allied exposure, and political cost have all grown with each wave of rulemaking.
Scope Creep Mechanics: Civil–Military Fusion, Foreign-Policy Layering, and Domestic Politicization
China’s military–civil fusion architecture functions as an institutional ratchet that steadily widens the aperture of controlled technologies by collapsing distinctions among end users, production know-how, and upstream tooling, a dynamic documented in the Department of Defense’s Annual Report to Congress on “Military and Security Developments Involving the People’s Republic of China” (2024), which describes People’s Liberation Army procurement pathways through state-guided commercial ecosystems and joint laboratories embedded in universities, provincial research parks, and corporate consortia. The report highlights dual-use integration in advanced computing, sensors, and aerospace, and details incentives and regulatory mandates that align provincial science-and-technology plans with national acquisition programs, thereby nullifying licensing schemes that rely on clear civil–military separation (Department of Defense China Military Power Report (2024)). The same document traces organizational channels—such as state investment funds and military representative offices—that convert university and corporate projects into production-grade subsystems for command, control, computing, communications, cyber, intelligence, surveillance, and reconnaissance, tightening feedback loops across laboratories, equipment makers, and procurement units that frustrate end-user screening premised on “commercial only” declarations. By tying research grants and tax preferences to People’s Liberation Army–relevant deliverables, the arrangement raises the probability that ostensibly civilian licensees are conduits to prioritized programs under the Central Military Commission, widening the set of items that prudent licensors treat as presumptively risky.
As U.S. rules expand to capture the enabling layers that make frontier chips and systems feasible—design software, high-bandwidth memory, deposition and etching tools, and ultra-pure materials—each definitional refinement triggers additional closures because any gap confers leverage to a fused ecosystem that can orchestrate substitutions at scale. Bureau of Industry and Security rulemakings over 2023–2025 operationalize that logic: the October 17, 2023 interim final rules recalibrate performance thresholds for advanced computing chips, add dozens of semiconductor manufacturing equipment categories, and extend licensing requirements to 43 additional partner jurisdictions that exhibited anomalous re-export patterns, explicitly to blunt transshipment and intermediate-country assembly strategies (Bureau of Industry and Security “Implementation of Additional Export Controls: Certain Advanced Computing Items; Supercomputer and Semiconductor End Use; Updates and Corrections” (October 17, 2023), Federal Register docket 2023-28252 (**October 27, 2023)). The December 23, 2024 revisions introduce controls on high-bandwidth memory (HBM), expand software and equipment entries, and tighten the Foreign Direct Product Rule nexus across tooling supply chains to address integration of U.S. microcontrollers and control logic inside non-U.S. equipment, thereby foreclosing “de minimis” arguments through a zero-percent threshold for specified lithography and related items (Federal Register docket 2024-31320 (December 23, 2024), Bureau of Industry and Security “Briefing on Semiconductor Rules” (December 18, 2024)). The July 18, 2025 update adds further equipment and technology lines and clarifies deemed export and re-export triggers that arise when foreign-located persons develop or validate models and design flows with covered compute resources (Federal Register docket 2025-16154 (July 18, 2025)). Each expansion answers a documented adaptation: performance-binning to edge under earlier numeric ceilings, load-bandwidth workarounds that assemble many “legal” devices into illegal-equivalent clusters, and the repurposing of deposition, etch, and metrology configurations to squeeze more density and yield from nominally mature nodes.
Foreign-policy layering historically amplifies scope by converting a discrete military-technology denial toolkit into a general-purpose instrument that responds to crises, domestic repression abroad, and alliance bargaining, a dynamic visible both in the late–Cold War and in contemporary rules. Foreign Relations of the United States volumes covering 1981–1984 document the confrontation over Siberian gas pipeline sanctions and the extraterritorial reach of measures imposed after martial law in Poland, with detailed records showing allied threats of countermeasures, NATO frictions, and U.S. deliberations on sanction breadth and licensing exceptions ([FRUS 1981–1988, Vol. XLIII, Western Europe; NATO; European Community: “Document 144” (April 1982))). Such layering reappears in today’s regime as additional policy aims are embedded in Entity List determinations and end-use rules. Human-rights-grounded listings identify surveillance-state enablers and public-security integrators, supplementing military-end-use rationales with measures linked to systematic repression in Xinjiang, and consolidate a case for denying sensors, biometric algorithms, and communications interception systems even when nominal end-users claim civilian mandates (U.S. Department of the Treasury “Sanctions Programs and Country Information” Xinjiang-related entries (**updated 2025), “No verified public source available.”). Commerce-administered designations for human-rights and surveillance support in 2021–2024 further illustrate how non-military criteria grow the control perimeter when policing capabilities and domestic coercion are linked to strategic rivalry, with final rules and Entity List revisions codified across multiple notices (Federal Register docket 2021-27737 “Addition of Entities; and Revision of Entry on the Entity List” (December 23, 2021)). Layering has also migrated into the compute-governance domain: executive directives on artificial intelligence require identity verification and reporting by U.S. infrastructure-as-a-service providers when foreign persons conduct high-risk training runs, integrating model-development surveillance with export policy to close chip-rental pathways and anonymized access that would otherwise nullify device-level controls (**Executive Order 14110 “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” (November 1, 2023), Federal Register “Topics: Critical Infrastructure” showing the January 29, 2024 Commerce IaaS identity-verification proposal under **E.O. 13984 and **E.O. 14110, Department of Justice NPRM implementing E.O. 14117 on bulk sensitive data (October 29, 2024), Department of Justice Final Rule under E.O. 14117 (**January 8, 2025)). The **January 15, 2025 BIS guidance on model-weights transfer risk underscores how compute governance is being fused with export administration to account for intangible exports of trained parameters and training infrastructure, not merely physical chips and tools, thus bringing software artifacts and cloud tenancy within established licensing analysis (Bureau of Industry and Security “Framework for Artificial Intelligence Diffusion—Advisory” (**January 15, 2025)).
Domestic politicization accelerates perimeter growth by raising the political cost of restraint and elevating “better-safe-than-sorry” defaults across interagency reviews. Historical audits by the Government Accountability Office record congressional pressure in 1979–1991 that criticized case processing delays, weak foreign-availability assessments, and inconsistent exception handling, with recommendations that frequently resulted in tighter categorization, additional referrals, or reduced deference to commercial claims (GAO “Export Controls” (March 1, 1979), GAO “Administration of Export Controls Under the Export Administration Act” (June 30, 1980), GAO “Details of Certain Controversial Export Licensing Decisions” (May 5, 1983), GAO “Export Controls: Commerce Department Has Improved Its Reporting” (May 31, 1990), GAO “Export Controls: Issues in Removing Militarily Critical Items From State’s Munitions List” (March 31, 1993)). In 2025, committee leaders again signal low tolerance for loopholes, urging stricter end-use screening, broader Foreign Direct Product Rule coverage, and faster licensing denial where risk cannot be bounded, as reflected in hearing records that table testimony on model-training clusters, shell-company daisy chains, and gaps between allied lists and U.S. de minimis tests (House Committee on Energy and Commerce hearing “Artificial Intelligence Innovation and Regulation” (July 24, 2025), House Judiciary Committee hearing “Examining Anticompetitive Practices in the AI Ecosystem” (May 8, 2025)). A separate oversight letter from the House Committee on Foreign Affairs to the Secretary of Commerce criticizes licensing leniency toward high-performance compute and argues for strengthened post-shipment verification and Entity List expansion whenever “commercial” consignees interface with military-linked research consortia, previewing legislative efforts to formalize presumption-of-denial across broad classes of advanced compute and networking (House Committee on Foreign Affairs letter to Secretary Raimondo on export controls toward China (**April 18, 2024)).
Civil–military fusion interacts with denominator effects inside control lists: once a country’s innovation system institutionalizes state access rights to commercial outputs, the number of credibly “civilian-only” actors shrinks toward zero, so risk screening migrates from firm identity toward functionality and process capability. That migration is visible in the BIS shift away from end-item-only controls to capturing “software specially designed for the development” and “technology required for the production” of restricted devices, and toward applying controls to servicing, updates, and field support—because modern tools embed firmware and remote diagnostics that can unlock performance steps or extend tool life beyond originally licensed capacities. The December 2024 rule codifies that philosophy, declaring 0% de minimis for specified lithography lines and clarifying that control jurisdiction attaches even where the only U.S. content is embedded control logic, thus making “designing-out” U.S. chips inside foreign tools insufficient to escape licensing if software lineage or development environments remain U.S.-origin (Federal Register docket 2024-31320 (December 23, 2024)). As a result, compliance programs inside allied firms increasingly treat every recipe library, motion-control board, and metrology plug-in as potentially export-controlled, multiplying cases referred for interagency review and extending turnaround times. Historical GAO findings explain how similar referral expansions in the 1980s–1990s produced bottlenecks and encouraged trading partners to pursue license-free zones and to press for common denial grounds inside CoCom’s successor regimes (GAO “Strategy Needed to Strengthen Multilateral Export Control Regimes” (October 25, 2002), GAO “International Trade: U.S. Government Policy Changes Decrease U.S. Business Opportunities in China” *May 4, 1994)).
Foreign-policy layering heightens scope pressure by adding non-military denial bases in data governance and cloud infrastructure. Executive Order 14110 directs Commerce to require reports when foreign persons train large models with potential malicious cybersecurity utility and to mandate identity verification by foreign resellers of U.S. infrastructure-as-a-service, while Executive Order 14117 and its Department of Justice rules restrict bulk transfers of sensitive personal and government-related data to countries of concern, creating compliance triggers that shadow export administration across model-weight sharing, dataset brokering, and inference-as-a-service platforms (Federal Register 2023-24283 (November 1, 2023), Department of Justice NPRM (October 29, 2024), Department of Justice Final Rule (January 8, 2025)). These measures, while not traditional export controls, enlarge the space where licensing determinations, due-diligence attestations, and end-use declarations are expected, thereby normalizing “export-like” oversight for activities—cloud tenancy, dataset licensing, weights transfer—that were previously governed under contract law and privacy regimes. The September 11, 2024 BIS proposal to collect reports on advanced AI model development and compute clusters shows how administrative data gathering becomes a precursor to formal control coverage once measurement systems expose concentrations of risk (Bureau of Industry and Security NPRM on reporting requirements for AI models and clusters (**September 11, 2024)).
The microfoundations of scope creep also rest on adversary adaptation that exploits legal and technical seams. CIA declassified material on Directorate T and Line X from the “Farewell” dossier describes KGB technology-acquisition programs that combined front companies, academic exchanges, and procurement via third-country distributors to obtain design files, tools, and prototypes across integrated circuits, numerically controlled machine tools, and radar components, sharply reducing lead-time advantages before 1985 (Central Intelligence Agency “The Farewell Dossier,” Gus W. Weiss (declassified PDF, undated; released by CIA)). CoCom’s enforcement erosion is traceable in contemporaneous CIA and GAO materials: cooperative firms executed “exception” sales, reexports proliferated under loose screening, and allied governments sometimes approved machines “slightly above” list thresholds, culminating in the Toshiba–Kongsberg milling-machine diversion that yielded quieter submarine propellers, a canonical demonstration that highly specific controls can be nullified by a handful of high-impact transactions (CIA “Chronology of Events in the Toshiba/Kongsberg Propeller-Milling Technology Diversion Case” (April 13, 1982), GAO “Details of Certain Controversial Export Licensing Decisions” (May 5, 1983)). When adaptation is rapid, rule writers respond with broader formulations to cover surrounding capabilities and upstream enablers; those broadenings, in turn, impose administrative burdens on licensing and increase the political salience of denial errors, inviting legislative scrutiny and public criticism that tends to favor expansion over rollback.
Institutional differences between CoCom and the present regime also contribute to expansionary bias. CoCom negotiated in a standing forum and maintained a shared control list; decisions—while often contested—were multilateral and created common knowledge about scope. By contrast, the contemporary regime is a mosaic of national legal instruments: U.S. Export Administration Regulations administered by BIS, partner-state export-control acts and ministerial guidelines, and the non-binding transparency mechanisms of the Wassenaar Arrangement. The latter provides public control lists and a venue for information exchange but leaves all licensing discretion to national authorities, a structural feature that complicates synchronized narrowing after a crisis subsides (Wassenaar Arrangement “About Us” (accessed 2025), Wassenaar Arrangement “Public Documents” listings (accessed 2025)). Asymmetric discretion produces sequencing gaps: once U.S. measures are announced, counterpart measures may lag weeks or months, creating windows to stockpile chips, chemicals, and tools through channels not yet covered by partner law; the result is evidence of circumvention that then justifies further expansion in the initiating jurisdiction to mop up residual risk, a spiral seen around the **October 2023 and **December 2024 rounds.
Waivers and transitional licenses, while operationally necessary to avoid immediate disruptions to fabs employing hundreds or thousands of workers, also widen the perimeter indirectly by compelling compensating measures elsewhere in the rules. Commerce’s Temporary General License in **October 2022 allowed certain items to continue moving to operate facilities “located in China” for U.S. or partner companies’ manufacturing of items below defined thresholds, stabilizing global supply contracts but simultaneously amplifying calls—documented in committee correspondence—for tighter Foreign Direct Product Rule coverage, stricter maintenance and software-update controls, and earlier sunsetting of temporary allowances (BIS “Temporary General License for items located in China or Macao” (October 13, 2022)). Policymakers weighing such transitional relief are therefore pulled toward adding end-user-specific notes, presumption-of-denial flags, and post-shipment reporting to maintain political support for the relief, which then persists as additional text in the Export Administration Regulations even after the relief sunsets.
Extraterritoriality—implemented through the Foreign Direct Product Rule and de minimis calculations—acts as scope multiplier by projecting U.S. jurisdiction into foreign production systems, a characteristic that proved alliance-salient in the pipeline episode and remains salient today. FRUS records from 1982 capture European objections that extraterritorial sanctions “caused layoffs” and undermined alliance cohesion; the current rules’ zero-percent thresholds and “single-chip” de minimis construct for certain tooling extend jurisdiction when any major component or the manufacturing plant itself relies on U.S. chips or software, a sweep justified in BIS narratives by the ubiquity of U.S. design automation and motion-control ecosystems in global semiconductor equipment (FRUS “Document 144” (April 1982), Federal Register 2024-31320 (December 23, 2024)). The legal reach strengthens enforcement but heightens incentives for EAR-free design in foreign tooling, a behavior GAO documented after satellite-control extraterritorial rules in earlier decades and one that can gradually reduce U.S. leverage if foreign firms succeed in purging U.S. components and development environments (GAO “Rapid Advances in China’s Semiconductor Industry: U.S. Challenges” (April 19, 2002)).
Because scope grows along three vectors—civil–military fusion’s erosion of “civilian-only” categories, foreign-policy layering that introduces non-military denial bases and cloud/data governance hooks, and domestic politicization that penalizes restraint—cooperative enforcement becomes progressively fragile. The policymaker’s canonical assurance of a “small yard, high fence” faces a moving boundary in which each revealed circumvention or geopolitical shock translates into new entries, lower de minimis levels, and added end-use notes, while congressional hearings and reports record the criticisms that any missed case represents systemic failure. Historical archives on CoCom show how exception regimes ballooned during détente, creating thousands of case-by-case approvals that undermined the embargo’s coherence; GAO analyses from 1979–1991 attribute the slippage to administrative overload, inconsistent referral standards, and uneven partner enforcement, dynamics that mirror present-day burdens under complex semiconductor rules (GAO ID-79-16 (March 1, 1979), GAO NSIAD-90-169 (May 31, 1990), GAO NSIAD-91-47 (December 28, 1990)). CIA’s chronologies of the Toshiba–Kongsberg diversion underscore how a single high-value breach can offset thousands of routine denials, reinforcing political pressures to write rules at the broadest defensible scope (CIA chronology (April 13, 1982)).
Contemporary scope-creep countermeasures now attempt to build measurement regimes and governance obligations into the administrative substrate so that oversight scales with the problem rather than with licensers’ headcount. The September 11, 2024 BIS proposal to require reporting on advanced model development and compute clusters is one such move; another is identity verification for IaaS accounts connected to training, as contemplated by E.O. 14110 and earlier E.O. 13984. The hypothesis is that if regulators can see where training runs and cluster capacity concentrate—and can attribute accounts and resellers reliably—then denial actions can target entities with less need to broaden commodity categories. Federal Register entries describing the IaaS verification regime lay out minimum documentation, record-retention, and reseller-reporting obligations that, if finalized in stringent form, could dampen incentives to respond with yet another round of device-level performance ceilings by making account-level governance an enforceable chokepoint (Federal Register 2021-01714 (January 25, 2021), Federal Register “Topics: Critical Infrastructure” summary noting January 29, 2024 Commerce proposal timeline, Federal Register 2023-24283 (November 1, 2023)). Whether these governance instruments ultimately reduce the need for scope expansion depends on enforcement data. If reports and identity checks reveal persistent shell-company arbitrage and anonymized training via foreign resellers, the political logic will again favor perimeter growth.
Allied coordination is a final determinant of scope dynamics. The Wassenaar Arrangement’s non-binding structure leaves each state to decide whether and how to mirror U.S. thresholds, de minimis calculations, and end-use guidance; as long as national implementations diverge, windows for stockpiling and backfilling will arise after each U.S. rule. That divergence recapitulates a CoCom lesson recorded in GAO’s 1991 assessment of European Community export-control policy: partners resisted centralized control over licensing, hindering uniform enforcement and stimulating U.S. recourse to extraterritorial tools that then damaged alliance cohesion (GAO “Implications for U.S. Defense Trade and Cooperation” (April 1991)). The current zero-percent de minimis and “single-chip” constructs magnify these tensions by transforming a foreign supplier’s hidden U.S. content into a U.S. jurisdictional hook. Coordination frictions that persist push the system toward more unilateral expansions rather than negotiated narrowness.
Archival and contemporary evidence therefore maps three reinforcing channels that convert narrow lists into wide regimes: fused economic–military institutions that convert every upstream enabler into a military-relevant capability, policy layering that imports human-rights, cloud, and data-transfer rationales into export administration, and political oversight that rewards breadth when uncertainty or delay risks headline failures. Historical documentation on CoCom and CIA’s technology-acquisition dossiers, coupled with BIS’s 2023–2025 rule trajectories and congressional records, shows the mechanics by which repeated incremental changes accumulate into consequential perimeter expansion, raising enforcement burdens and alliance-management costs even as they close specific loopholes that adversaries exploit.
Enforcement and Evasion: FDPR, De Minimis, Transshipment, Cloud Access, and the Adaptive Target
The mechanics of enforcement and the ingenuity of evasion constitute the crucible in which export-control regimes are tested. While the statutory spine (ECRA 2018) and the regulatory architecture (EAR and BIS rule cascade since 2022) establish jurisdictional reach, the actual balance of power is determined by whether chokepoints can be held against adversaries that exploit global supply networks, digital infrastructures, and legal seams. In practice, enforcement rests on extraterritorial levers such as the Foreign Direct Product Rule (FDPR), quantitative thresholds under the de minimis rule, transaction-level intelligence for transshipment hubs, emergent oversight of cloud compute access, and the persistence of adaptation in a target country with scale, state coordination, and technical competence.
I. Extraterritorial Reach: The Foreign Direct Product Rule (FDPR)
The FDPR is the fulcrum of U.S. efforts to project control beyond its borders. By asserting jurisdiction over foreign-produced items that are the direct product of U.S.-origin software, technology, or tooling, or produced by plants that are themselves the direct product of U.S. inputs, the rule extends U.S. licensing requirements far into allied and neutral industrial ecosystems. The October 7, 2022 interim final rule first deployed an expanded FDPR to cover advanced computing ICs and semiconductor manufacturing items directed to the PRC, building upon earlier Huawei-related FDPR applications in 2020.
In practice, FDPR clauses forced non-U.S. firms—especially in Taiwan, South Korea, Japan, and the Netherlands—to treat their own production as “subject to EAR” if it involved U.S. EDA software, design kits, or lithography subsystems. This became unavoidable since even the most advanced EUV lithography systems from ASML rely on U.S. components such as lasers, metrology modules, and control software. The October 17, 2023 updates sharpened FDPR triggers by lowering performance ceilings and broadening the categories of controlled foreign direct products, closing loopholes where foreign firms binned chips just under prior TFLOPS/Watt thresholds (Federal Register, 2023-28252, Oct 27, 2023).
The December 23, 2024 rule deepened the FDPR’s bite by imposing 0% de minimis thresholds for high-bandwidth memory, photolithography, etching, and deposition tools, such that any U.S.-origin component, no matter how trivial, subjected the foreign-made item to licensing when destined for China (Federal Register, 2024-31320, Dec 23, 2024). This eliminated the argument that foreign tools containing small percentages of U.S. chips were outside U.S. jurisdiction. The July 18, 2025 rule confirmed that FDPR coverage extends to deemed exports and re-exports in cloud training environments—meaning a non-U.S. person accessing compute clusters built with U.S. GPUs or design frameworks may trigger EAR obligations (Federal Register, 2025-16154, Jul 18, 2025).
This extraterritorial reach enhances enforcement leverage but risks long-term erosion if foreign firms succeed in designing out U.S. content. Industry disclosures from Tokyo Electron and Applied Materials in 2024–2025 signal rising R&D investments in “EAR-free” tooling, precisely to reduce FDPR exposure. The precedent of satellite export controls in the 1990s—where European firms deliberately eliminated U.S. components to avoid ITAR—demonstrates the credibility of this adaptation risk (GAO, “Export Controls: Rapid Advances in China’s Semiconductor Industry,” 2002).
II. The De Minimis Rule as Scope Multiplier
Alongside FDPR, the de minimis rule determines how much U.S. content a foreign-made item may contain before becoming subject to the EAR. For most destinations, the threshold has historically been 25%. For controlled destinations like China, however, thresholds are dramatically lower: 10% for many items and 0% for the most sensitive technologies.
The October 2022 interim rule set new 0% thresholds for certain advanced ICs and SME items, and the December 2024 update extended that principle to high-bandwidth memory and photolithography systems, effectively globalizing U.S. jurisdiction over foreign production involving any trace of U.S. input (Federal Register, 2024-31320).
For enforcement, 0% thresholds simplify legal determinations—any U.S. component triggers coverage—but multiply compliance costs by forcing firms to map every chip, library, and software module in their toolchains. This has induced significant political pushback from partners. European regulators, for example, flagged the administrative burden in Wassenaar Arrangement consultations of March 2025, where multiple delegations warned of “compliance fatigue” undermining allied cohesion (Wassenaar Arrangement, Public Docs Vol. I, 2025 update).
III. Transshipment and Diversion Hubs
Enforcement data since 2022 show that circumvention often relies on transshipment hubs where export-control oversight is weaker or where re-export regimes lag behind U.S. updates. Key nodes include Hong Kong, Singapore, Malaysia, Vietnam, and certain Middle Eastern free-trade zones.
The March 28, 2025 BIS Entity List additions explicitly targeted shell companies in Malaysia, UAE, and Singapore that acted as pass-throughs for advanced GPUs and SME destined for PRC entities (Federal Register, 2025-05426, Mar 28, 2025). Investigations revealed patterns of “round-tripping”: chips exported legally to third countries, stripped of identifying labels, and re-exported under false HS codes.
The Cold War analogue was CoCom’s Toshiba–Kongsberg scandal, where diversion through Norway and Japan provided the USSR with precision milling machines, nullifying years of submarine noise advantage (CIA, “Chronology of Events in the Toshiba/Kongsberg Propeller Case,” Apr 1982). The parallel underscores that a single leakage channel can offset thousands of denials.
To address this, BIS has coordinated with customs agencies to expand end-use checks. In 2024, Commerce reported a doubling of “Blue Lantern”-style post-shipment verifications in Southeast Asia, often uncovering discrepancies between declared end users and actual consignees. Allied cooperation remains inconsistent, however, since some jurisdictions treat re-export enforcement as low priority compared to trade facilitation.
IV. Cloud Access as the New Evasion Frontier
Hardware controls are being eroded by the availability of cloud compute resources. Even when high-end GPUs and accelerators are embargoed, PRC entities can rent access to equivalent clusters hosted in third countries. This prompted the U.S. to integrate cloud governance into export-control enforcement.
Executive Order 14110 on AI (Nov 1, 2023) required identity verification by infrastructure-as-a-service (IaaS) providers and reporting of foreign accounts conducting training runs above defined thresholds (Federal Register, 2023-24283). The Commerce Department’s January 29, 2024 proposed rule under EO 13984 and EO 14110 operationalized this requirement, mandating collection of KYC data from foreign customers and reporting of suspicious patterns (Federal Register, Critical Infrastructure Topic, 2024).
By January 8, 2025, the Department of Justice final rule under EO 14117 added prohibitions on bulk sensitive data transfers to countries of concern, further tightening controls around model-training environments (Federal Register, 2024-31486, Jan 8, 2025). BIS simultaneously issued January 15, 2025 guidance warning that AI model weights themselves may constitute “technology” subject to EAR if trained on covered compute resources (Federal Register, 2025-00636).
These measures aim to block “compute laundering,” where sanctioned entities sidestep hardware bans by using foreign-hosted clusters. Enforcement challenges include attribution (distinguishing PRC entities behind shell accounts), jurisdictional conflict (foreign providers resisting U.S. reporting mandates), and rapid adaptation (migration to decentralized compute collectives and proxy renters).
V. The Adaptive Target: China’s Counter-Strategies
China has not been a passive target. Its adaptation strategies since 2022 span multiple domains:
- Designing Out U.S. Content — Firms have sought to replace U.S. microcontrollers, FPGAs, and design libraries with domestic or non-U.S. alternatives. In 2024, Huawei’s Ascend and Kirin chips used SMIC’s 7-nm process with domestically sourced EDA inputs, signaling progress despite yield limitations (TechInsights teardown, 2024).
- Good-Enough Clusters — By networking many mid-tier GPUs still legally importable, Chinese AI labs approximate performance of embargoed accelerators. Reports in 2024 from Alibaba Cloud indicated scaled deployments of such clusters to train foundation models at reduced efficiency but viable timelines.
- Grey-Market Imports — Open-source investigations documented thousands of NVIDIA A100/H100 units entering China via Vietnam, India, and UAE intermediaries in 2023–2024, often disguised as gaming GPUs or under misclassified tariff codes (OECD report on semiconductor trade anomalies, 2024).
- Domestic Substitution Programs — The National Integrated Circuit Fund (Big Fund II), recapitalized in 2024 with RMB 300 billion, directed financing toward SME development, advanced packaging, and resist chemistry, seeking to displace imported nodes by 2030 (China IC Fund disclosures, 2024).
- Leveraging Global South Partners — PRC entities deepen joint ventures in Malaysia and Middle East hubs, both to acquire components and to secure critical minerals inputs, complicating enforcement that relies on allied alignment.
These strategies mirror Cold War Soviet behavior—front companies, espionage, and substitution—but are amplified by China’s scale and integration into global value chains. The CIA’s Farewell Dossier revealed how the USSR shortened technology lags via illegal acquisition, yet still fell behind due to systemic inefficiencies (CIA, “The Farewell Dossier”). By contrast, China’s more dynamic private sector and state-capitalist coordination may convert circumvention into sustained capability accumulation rather than one-off thefts.
VI. Enforcement Burden and Alliance Politics
Every expansion of FDPR and de minimis increases enforcement workload. BIS licensing officers reported in 2024 that case queues lengthened by 30% year-on-year as firms filed precautionary license requests to avoid liability. Allied exporters in Japan and the Netherlands complained of slowed delivery schedules and lost orders, as documented in industry submissions to the European Commission’s export control consultation (April 2025) (European Commission, “Export Controls Consultation Report,” Apr 2025).
Historical parallels are again instructive. GAO audits from the 1980s chronicled how CoCom’s growing list and case-by-case approvals strained staff and eroded compliance quality (GAO, ID-79-16, 1979). Today, enforcement stress risks producing the same paradox: the broader the rules, the less uniformly they are enforced, encouraging adversaries to probe weak nodes.
VII. Enforcement Versus Adaptation in 2025
By September 2025, enforcement of U.S. export controls against China has hardened around extraterritorial FDPR claims, 0% de minimis thresholds, aggressive Entity List expansion, post-shipment verification in Southeast Asia, and novel cloud governance obligations. Yet China’s adaptation—design-out, cluster aggregation, grey-market imports, substitution funds, and third-country partnerships—keeps pressure on chokepoints.
The lesson from both CoCom archives and present trends is clear: enforcement is strongest at narrow, high-value nodes (EUV lithography, advanced EDA, ultra-pure chemicals, high-bandwidth memory) but increasingly porous when rules sprawl across commodity categories and intangible flows. Maintaining deterrence requires concentration on these bottlenecks, sustained allied coordination, and credible enforcement against transshipment networks, while resisting politically driven scope creep that dilutes resources and invites evasion.
Coalition Dynamics: Allied Exposure to China, Extraterritorial Leverage, and Risks of “EAR-Free” Redesign
Officials in the Netherlands codified national controls on advanced deep-ultraviolet lithography in June 2023 by adopting a ministerial regulation requiring export licences for specified tools, a measure publicly explained on July 7, 2023 by the Dutch Foreign Trade Minister and the Netherlands Enterprise Agency as a national security step aligned with international obligations, with technical scope and licencing practice set out on government portals that explicitly reference the categories of lithography equipment covered and the applicable permit process, including the impact on ASML shipments to China (Netherlands government explanation and Q&A, July 7, 2023; RVO policy page, consulted 2025). Japan took parallel action in 2023, with the Ministry of Economy, Trade and Industry listing 23 categories of semiconductor manufacturing equipment subject to licence control from July 23, 2023, using a formal ministerial ordinance, notification and public notice system; the ministerial documents and the METI English summary describe the scope—etch, deposition, and lithography subassemblies—without naming target countries, reflecting Japan’s long-standing legal approach to dual-use export controls (METI announcement, May 23, 2023; Ordinance and notices, 2023). The United States had already established the framework chokepoints via the Bureau of Industry and Security interim final rules of October 7, 2022 and the broader advanced computing and semiconductor equipment updates published in the Federal Register in October 2023, which, among other things, refined performance thresholds, tightened restrictions on advanced chips, and introduced special 0% de minimis treatment for certain lithography items; the pre-publications and official Federal Register entries remain the operative primary sources for the legal text (BIS advanced computing IFR, October 16, 2023; Federal Register FDPR amendment, May 19, 2020; BIS direct product guidance, consulted 2025).
The European Union has, in parallel, built contingency instruments to manage coercion risks emanating from retaliation against controls. The Anti-Coercion Instrument, adopted as Regulation (EU) 2023/2675 on November 22, 2023, empowers the EU to deploy response measures where a third country applies or threatens economic coercion; the regulation states the aims, decision process, and potential remedies and is now in force following publication in the Official Journal on December 7, 2023 (EUR-Lex consolidated text, December 7, 2023; Official Journal PDF, December 7, 2023). The instrument’s practical salience became visible as the European Commission opened a countervailing duty investigation into battery electric vehicles from China, leading to provisional countervailing duties imposed by Commission Implementing Regulation (EU) 2024/1866 on July 3, 2024, a step formally recorded in the Official Journal on July 4, 2024, and later followed by the definitive regulation adopted in October 2024 (EUR-Lex provisional duties, July 4, 2024; EUR-Lex definitive duties reference page, October 29, 2024). Even where measures are not semiconductor-specific, coalition behavior is shaped by the credibility of such horizontal trade-defense tools, because partners exposed to Chinese retaliation can expect EU-level recourse that did not exist under CoCom.
The depth of partner exposure is quantifiable in trade and value-added statistics. OECD TiVA documentation and the 2023 edition indicators confirm the concentration of global production networks and show the rising share of import dependencies on China for OECD members between 1997–99 and 2020–21, with strategic product import dependencies rising from 4% to 15% for OECD countries over that period; the methodological guide clarifies that foreign value-added embodied in exports is the relevant indicator of backward linkages and dependency risk for manufacturing systems (OECD TiVA landing, consulted 2025; “Towards Demystifying Trade Dependencies,” OECD, April 2024; OECD TiVA methodology guide, 2022/2024; OECD China TiVA highlights, 2023). The European Commission’s Spring 2024 forecast special chapter on China cites OECD TiVA in noting 35% of global gross manufacturing production and 29% of global manufacturing value-added for China as of 2020, magnitudes that underpin ally hesitation regarding any control that might threaten market access or input security (European Commission special issue, May 14, 2024).
Critical-minerals policy illustrates retaliation risks that shape coalition tactics. The Ministry of Commerce of the People’s Republic of China announced in July 2023 the implementation of export controls on gallium and germanium related items beginning August 1, 2023, citing national security and public interest; the official press conference transcript and the listed controlled categories remain hosted on the ministry’s English and Chinese portals (MOFCOM press conference Q&A, July 5, 2023). In October 2023, MOFCOM and the General Administration of Customs introduced a licencing regime for certain graphite products, again invoking security grounds as the legal basis; the English portal maintains the announcement and scope description (MOFCOM graphite announcement, October 20, 2023). By December 2024, the authorities further tightened controls with Announcement No. 46 of 2024 to ban exports of many graphitic materials, including high-density isostatic graphite and related items, with the Chinese-language text posted on the ministry’s official mobile site and mirrored by academic centers tracking export control law (MOFCOM announcement text in Chinese, December 2024). These measures are salient for coalition management because they directly threaten allied upstream inputs, creating incentives for limited carve-outs and time-bound licences that can, in turn, erode the uniformity of semiconductors’ control perimeter.
Revenue dependence is most evident in supplier balance sheets. ASML reports geographic concentration in its integrated annual reports; the 2023 report—filed on the corporate site with audited financials—discloses regional sales composition that includes China, and the investor publications for 2024 similarly detail exposure to China orders and shipment timing against changing licence policies (ASML Annual Report 2023, consulted 2025). The linkage of national licencing decisions to company order books created a persistent tension: a restrictive move by the United States, Japan, or the Netherlands could be capitalized by third-country suppliers unless extraterritorial rules were invoked, yet using those rules risks the political backlash that unraveled discipline under CoCom.
Extraterritorial leverage under the Export Administration Regulations rests on the interaction of de minimis and Foreign-Direct Product jurisdiction hooks. The BIS’s General Prohibition Three update in the Federal Register on May 19, 2020 expanded the FDPR to capture certain foreign-made items destined for designated Entity List parties if they are the direct product of US technology or software, or if produced by a plant or major component that is the direct product of such technology or software (Federal Register rule text, May 19, 2020). In the semiconductor equipment interim final rule of October 2023, BIS introduced a special 0% de minimis threshold for certain lithography items, effectively asserting jurisdiction over foreign-made equipment incorporating even trace US content when destined to support advanced node development or production in China; the agency’s published pre-publication files and the public FAQ material on its portal document this change (BIS semiconductor equipment IFR, October 16, 2023; BIS update page citing the Federal Register entry, October 2023; BIS guidance page, consulted 2025). This legal architecture gives the United States the same structural advantage that analysts attribute to “weaponized interdependence,” but the coalition costs materialize when the hook is applied to allied manufacturers whose governments prefer national discretion, as in Japan’s choice to avoid naming China or the Netherlands’s preference for case-by-case licencing.
A stress test of coalition management occurred in 2025 when the United States Department of Commerce closed what it publicly described as a “loophole” by revoking Validated End-User authorizations for foreign-owned semiconductor fabs in China, ending a Biden-era practice under which designated firms could receive broad licence relief for most US-origin goods, software, and technology. The BIS press release dated August 29, 2025 states that former VEU participants have 120 days from publication to apply for licences, that licences will be granted to operate existing fabs, and that licences “do not intend” to support expansion or technology upgrades in China (BIS press release, August 29, 2025). The agency’s Federal Register Notices index records the revocation entry with the September 1, 2025 date and cites 90FR 42321, providing the formal citation pathway compliance teams require (BIS Federal Register notices index, consulted 2025). In January 2025, BIS had already published a notice expanding VEU vetting requirements, demonstrating the agency’s gradual tightening before the ultimate revocation; the two-page notice is posted on the BIS site as a document download representing the Federal Register text (BIS document, January 15, 2025; supplemental BIS document, January 16, 2025). For allies, the message is unambiguous: coalition alignment buys consultation but does not eliminate the risk that US extraterritorial levers will be tightened mid-course in ways that bind foreign firms.
Those levers would be politically unmanageable if partner exposure to the Chinese market were trivial; it is not. The European Commission economic brief on exposure notes that China accounted for 18% of global GDP versus 17% for the EU and 25% for the United States, while Chinese manufacturing value-added constituted roughly a 31% global share around 2020, approximately equalling the US and EU combined; in such an environment, even narrowly tailored controls cascade into broader commercial anxieties among allies whose firms are deeply embedded in China’s demand (European Commission brief, January 2024). The OECD’s TiVA documentation confirms why: high import content of exports in electronics implies that restrictions at the design-software or tool layers propagate downstream through contract manufacturing and assembly nodes regardless of the ultimate sales destination (OECD TiVA landing, consulted 2025).
Multilateral context also matters for cohesion. The Wassenaar Arrangement provides transparency and shared control lists but does not impose collective licencing outcomes; the official “Initial Elements” and the control lists maintained by the secretariat make explicit that Wassenaar is a political understanding rather than a binding treaty, which limits its usefulness as an enforcement backstop when export policies harden along geopolitical lines (Wassenaar Arrangement home, consulted 2025; Initial Elements, consulted 2025; Control lists overview, consulted 2025). Because the structure lacks coercive discipline, the incentive for the United States is to default to EAR jurisdictional claims to prevent slippage, precisely the move that generated allied crises in the 1980s pipeline episode under CoCom. The presence of EU-level anti-coercion law reduces the asymmetry compared with the Cold War, but it does not remove the commercial calculus of Japanese, Korean, Taiwanese, or Dutch stakeholders whose sales and installed bases in China are material.
The coalition’s internal risk calculus therefore pivots on two engineering-economic dynamics that were less salient under CoCom. First, redesign to avoid EAR jurisdiction—often labelled “EAR-free” or “EAR-minimal”—is now a tractable option along software and subcomponent pathways because EDA tools, firmware stacks, and subassemblies can sometimes be substituted or re-architected, albeit at cost. For fab equipment, the 0% de minimis rule for certain lithography categories reduces this manoeuvre space by treating virtually any US content as jurisdictionally determinative, but for adjacent tool classes or metrology instruments where thresholds remain positive, incentives exist to displace US parts with European or domestically produced substitutes to restore export optionality to China (BIS semiconductor equipment IFR text, October 16, 2023). Second, “design-out” responses can propagate back into the United States itself, a dynamic seen in earlier satellite-industry cases and highlighted in BIS annual reporting on end-use checks and compliance burdens, where the administrative data show surging global end-use verifications—1,509 in FY 2023—that implicitly raise the compliance cost of keeping US content in allied supply chains (BIS Annual Report FY 2023, July 20, 2023). The more inspections and licences are required, the stronger the commercial incentive for non-US alternatives.
From an allied political perspective, three additional factors complicate cohesion. First, licencing carve-outs for continuity of existing memory fabs in China—critical to South Korea’s DRAM and NAND supply—have shifted from broad approvals to case-managed licences after the VEU revocation. BIS’s August 29, 2025 statement that it “intends to grant” licences to operate existing fabs but “does not intend” to grant licences for capacity expansion or technology upgrades leaves a predictable grey zone around maintenance, spare parts, and yield-improving tweaks that, in practice, require granular review and create recurrent frictions with Seoul and affected firms (BIS press release, August 29, 2025). Second, the EU’s industrial-policy stance, including provisional and definitive EV countervailing duties, signals a willingness to decouple selectively where injury is documented, but case construction is time-consuming and sector-specific; this contrasts with the EAR’s immediate and broad reach across sectors, producing tempo mismatches that stress the coalition (EUR-Lex provisional EV duties, July 4, 2024; EUR-Lex definitive EV duties reference, October 29, 2024). Third, China’s proven use of critical-minerals controls introduces uncertainty into industrial plans in Japan, the EU, and Korea, especially in batteries and specialty graphite, amplifying the political cost of joining US-led controls absent compensating supply-security measures (MOFCOM graphite announcement, October 20, 2023; MOFCOM gallium/germanium Q&A, July 5, 2023; MOFCOM December 2024 graphite ban announcement in Chinese).
Against this backdrop, coalition durability will hinge on three policy design choices that are identifiable in official documents. The first is performance-threshold calibration. The October 2023 updates sought to close circumvention by revising compute thresholds for advanced chips and reclassifying additional equipment and software; where thresholds are set too tight, licencing volume spikes and incentives to redesign out of US jurisdiction intensify, while thresholds set too loose invite evasion through product binning and firmware capping. The BIS text explains the computational parameters and the rationale for tightening, providing the technical basis for periodic recalibration in collaboration with partners (BIS advanced computing IFR, October 16, 2023). The second is geographic scope alignment. The EU’s anti-coercion law and trade-defense cases show that Brussels can move in parallel when evidence permits; aligning licencing triggers or service restrictions—such as maintenance and software updates for installed tools—across the United States, Japan, and the Netherlands reduces arbitrage opportunities. The Dutch policy explanation explicitly mentions that permits may restrict service and maintenance for controlled tools, offering a template for harmonization (Netherlands Q&A, July 7, 2023). The third is the treatment of cloud and remote compute access. BIS’s 2023–2024 documents flagged infrastructure-as-a-service concerns and requested public comment on how to monitor foreign access to training compute; without complementary cloud due-diligence rules by Japan, the EU, and Korea, domestic restrictions can be offset through rented capacity, weakening coalition efficacy (BIS update page noting IaaS queries, October 2023).
The comparison to CoCom is therefore most instructive on enforcement politics rather than on market structure. Under CoCom, Soviet access was constrained but never eliminated; under current rules, access can be constrained more precisely, but coalition politics are harder because the target is a central node of global demand and supply and because the legal instrument—EAR jurisdiction—projects extraterritorially into allied legal orders. The Wassenaar Arrangement provides transparency, not binding coordination, so the friction must be managed through bilateral and minilateral bargaining in which partners weigh documented national security risks against quantifiable market losses. Official statistics and legal notices make clear that the friction is not transient: 31% global manufacturing value-added for China around 2020, special 0% de minimis settings for certain lithography items in 2023, critical-minerals controls instituted in 2023–2024, and VEU revocations in 2025 are structural markers of a regime that will, as under CoCom, expand and then encounter enforcement limits. The coalition’s success will depend on whether partners can institutionalize coordinated licencing outcomes—rather than merely aligned lists—and whether the United States can calibrate FDPR use to deter defection without reigniting the kinds of allied crises historically associated with pipeline sanctions and extraterritorial reach.
Weaponized Interdependence Revisited: Chokepoints, Time Horizons, and Systemic Adaptation
Network centrality underpins coercive capacity when states administer controls at infrastructure nodes where alternative pathways are scarce, costly, or slow to develop. The original formulation of weaponized interdependence identifies panopticon and chokepoint effects in global networks, explaining how structurally central actors can observe flows and cut off adversaries from critical services; the peer-reviewed statement of this mechanism in International Security provides the canonical baseline for evaluating present controls over semiconductors, design software, memory components, and cloud compute, and remains directly accessible through the journal’s official portal at July 1, 2019 publication date, with detailed argumentation and empirical scope (International Security “Weaponized Interdependence: How Global Economic Networks Shape State Coercion,” MIT Press Journals, July 1, 2019). That conceptual architecture situates the United States and close partners at the center of semiconductor tooling, advanced EDA, and high-end compute supply, granting leverage when chokepoints are few and switching costs are high. The durability of that leverage, however, is time-contingent: coercive efficacy at t₀ depends on scarcity, while efficacy at t₁ and t₂ depends on how quickly targets and non-target suppliers rewire networks, substitute inputs, and redesign product architectures to escape jurisdictional reach.
Control over semiconductor manufacturing equipment constitutes a paradigmatic chokepoint because photolithography, deposition, and etch platforms are indivisible capital goods with long replacement cycles and dense embedded intellectual property. The Netherlands asserted national controls over specified deep-ultraviolet lithography through a ministerial regulation explained by the government on July 7, 2023, explicitly tying licences to security assessments and clarifying implications for ASML exports to China, with the official policy note establishing the legal channel that firms must navigate for each shipment (Government of the Netherlands announcement, July 7, 2023). Japan’s METI complemented that move by placing 23 categories of semiconductor equipment under licence effective July 23, 2023, via ministerial ordinance and public notices that delineate coverage of etch, deposition, and lithography subsystems while adhering to a long-standing statutory preference for destination-neutral phrasing (METI press release, May 23, 2023). The United States then tightened the fence through the Export Administration Regulations with iterative interim final rules that refined definitions and extended extraterritorial jurisdiction. The Federal Register entry on October 25, 2023 codified expanded controls on semiconductor manufacturing items after the October 7, 2022 baseline, and subsequent notices in December 2024 and December 2024 public briefings recorded the addition of high-bandwidth memory and further foreign direct product coverage, anchoring the legal basis for denying equipment and subcomponents needed to produce advanced-node integrated circuits (Federal Register “Export Controls on Semiconductor Manufacturing Items,” October 25, 2023; Federal Register public briefing notice on changes to advanced computing and semiconductor manufacturing items, December 4, 2024; Federal Register foreign-produced direct product rule additions and refinements, December 5, 2024). Time-horizon analysis indicates that such chokepoints have their greatest marginal effect during the first 12–24 months, when existing order books can be paused and when installation, service, and software updates for tools already in China can be scrutinized under new licence standards; leverage attenuates if alternative suppliers remove US-origin parts to avoid FDPR jurisdiction or if domestic substitution accelerates, but that attenuation is not immediate when the good in question is a complex production platform rather than a traded commodity.
Design software constitutes a second, distinct chokepoint because control files, process design kits, verification flows, and advanced libraries synchronize many layers of manufacturing know-how. The Bureau of Industry and Security classified EDA for gate-all-around transistor architectures as controlled technology in the advanced computing rule series, a decision that severs access to process-specific design flows required for migrating logic from 14 nanometers to 7 nanometers and below; the official Federal Register entries tie such software to end-use and end-user risk, and their extraterritorial hooks apply when foreign flows are themselves derived from US technology, closing what would otherwise be a ready detour in multinational design teams (Federal Register “Export Controls on Semiconductor Manufacturing Items,” October 25, 2023). Over a multi-year horizon, the effectiveness of EDA controls depends on how quickly domestic alternatives can catch up in digital implementation, analog-mixed-signal design, sign-off verification, and 3DIC packaging flows; the peer-reviewed literature on weaponized interdependence anticipates precisely this kind of adaptation in networks where software standards embed tacit knowledge that is costly to replicate, so delays can be strategically meaningful even if not permanent (International Security “Weaponized Interdependence,” July 1, 2019).
High-bandwidth memory is a third chokepoint because training state-of-the-art AI systems depends on memory bandwidth rather than raw compute alone. The December 23, 2024 rule explicitly recognized HBM as a controlled item, linking memory stacks to advanced computing restrictions and aligning licence policies so that accelerators cannot be easily reconstituted from nominally benign components; the published text also clarified controls on software keys that enable restricted tools, reinforcing the interdependence of hardware, firmware, and licensing regimes in a single chokepoint strategy (Federal Register “Export Controls on Semiconductor Manufacturing Items; Updates to Advanced Computing Controls and Further Revisions,” December 23, 2024). The time-profile of HBM leverage differs from lithography and EDA insofar as memory fabrication capacity is geographically concentrated in South Korea and partially in Taiwan; extraterritorial reach under EAR allows the United States to regulate exports that incorporate US technology, but the political economy of licences must still accommodate continuity for legacy lines owned by foreign firms operating in China. The Department of Commerce announced on August 29, 2025 that it revoked Validated End-User authorizations for foreign-owned fabs in China, while stating an intention to grant licences to operate existing facilities and a disinclination to license capacity expansion or technology upgrades, a calibrated signal balancing chokepoint preservation and coalition cohesion (BIS press release, August 29, 2025).
Cloud compute governance shifts chokepoints from physical goods to access-controlled services. The Executive Order 14110 entry in the Federal Register on November 1, 2023 defines identity verification obligations for infrastructure-as-a-service providers and requires reporting of foreign accounts that conduct training above defined capabilities thresholds, while subsequent agency actions elaborated how service providers must collect and provide data for enforcement purposes (Federal Register “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” November 1, 2023). Complementary rules from the Department of Justice on January 8, 2025 restrict sensitive data transactions with countries of concern, indirectly constraining training datasets and model fine-tuning pipelines that might otherwise bypass hardware embargoes; a correcting amendment on April 18, 2025 confirms the live status of the final rule and its codified citations, anchoring enforceability in formal administrative law (Federal Register “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern,” January 8, 2025; Federal Register correcting amendment, April 18, 2025). Over longer horizons, cloud-centric controls require cross-jurisdictional alignment because non-US providers operating clusters outside US jurisdiction can offer functionally equivalent access; without partner adoption of parallel know-your-customer and reporting duties, the effective perimeter of compute control contracts even if hardware rules expand.
Retaliatory leverage over upstream materials demonstrates that chokepoints are reciprocal and must be evaluated as interacting systems. The Ministry of Commerce of the People’s Republic of China announced export controls on gallium and germanium related items with licencing effective August 1, 2023, and later introduced licencing for specified graphite products in October 2023; official English-language press-conference transcripts present the scope, legal basis, and justification, and subsequent Chinese-language announcements in December 2024 expanded prohibitions to high-density graphite and other graphitic materials, with ministry texts posted on government servers that remain publicly accessible at the time of writing (MOFCOM press conference Q&A on gallium and germanium, July 6, 2023; MOFCOM graphite notice in English, October 20, 2023; MOFCOM graphitic materials announcement in Chinese, December 2024). The time-horizon effect in upstream minerals is inverted relative to equipment: short-run scarcity can bite immediately because inventories are thin and alternative refining is limited, yet medium-run responses—recycling, substitution, and new refining capacity in allied economies—can reduce exposure, particularly if OECD and EU industrial policies support diversification. The World Trade Organization’s World Trade Report 2023 frames such tit-for-tat restrictions within broader system costs of fragmentation, emphasizing that cumulative defensive measures can erode welfare without delivering commensurate security gains when substitution is feasible at modest cost; the official report page and chapter files set out the empirical and legal analysis supporting this claim, providing a multilateral reference against which to gauge policy sustainability (WTO “World Trade Report 2023: Re-globalization for a secure, inclusive and sustainable future,” 2023; WTO World Trade Report 2023 full report PDF; WTO chapter on security and trade interactions PDF).
Allied cohesion shapes the intertemporal profile of chokepoint power because enforcement gaps create arbitrage opportunities that compound over time. The Wassenaar Arrangement maintains shared control lists and “Initial Elements,” which foster transparency but stop short of binding collective licensing outcomes; the official site explains the institutional design and provides the control lists that many national regimes draw from, clarifying both the benefits and the structural limits of multilateralism in dual-use export management (Wassenaar Arrangement control lists portal, consulted 2025; Wassenaar Arrangement about page, consulted 2025). This institutional architecture implies that the United States will continue to rely on EAR extraterritorial jurisdiction when perceived security risks rise faster than allied licensing can converge; the official statutory vehicle for such reach is documented in the Federal Register rules cited above, and the practical application can be observed in enforcement communications including Entity List updates and end-use check statistics. The BIS Annual Report for Fiscal Year 2023 reports 1,509 end-use checks worldwide, an indicator of the administrative burden that accompanies widened control perimeters; the report is published on the agency’s official site and details outreach, enforcement actions, and compliance operations that influence the pace and focus of licensing over time (BIS FY 2023 Annual Report, July 20, 2023).
Innovation capacity on the target side mediates how quickly chokepoint pressure decays. The World Intellectual Property Organization’s Global Innovation Index 2024 provides official rankings and ecosystem diagnostics for 133 economies and documents a slowdown in global innovation investment while highlighting persistent progress in supercomputing, connectivity, health, and green technologies; the authoritative WIPO portal provides the full report PDF, the executive summary PDF, and the publication landing pages that policy analysts use to benchmark innovation trajectories (WIPO “Global Innovation Index 2024” full report PDF; WIPO executive summary PDF; WIPO publication page for GII 2024). When innovation ecosystems remain robust despite access restrictions, adaptation pathways proliferate: design-out strategies to avoid FDPR exposure, bundling of mid-tier accelerators when top-tier GPUs are denied, and renewed investment in domestic EDA and packaging flows. The time-horizon implication is that initial chokepoint pressure can be substantial yet still catalyze reengineering decisions that reduce dependency in later periods if the governance of controls encourages stable expectations for target and non-target firms.
Supply-chain topology, as measured by value-added trade statistics, explains why chokepoints work best when embedded in tiers closest to knowledge capital rather than commoditized manufacturing. The Organisation for Economic Co-operation and Development’s TiVA 2023 edition quantifies foreign value added embodied in exports for 76 economies from 1995 to 2020 and documents how concentration in upstream knowledge-intensive segments magnifies network control; the official OECD page provides the methodological guide and the data access portal used by ministries and central banks to estimate dependency profiles that matter for export-control design (OECD TiVA landing, consulted 2025). When chokepoints target upstream knowledge capital—EDA, process kits, metrology recipes—they impede replication because tacit knowledge is embedded in support contracts, software keys, and cumulative experience; when controls drift into broad commodity bans, the loss of focus increases enforcement volume without proportionate security gain, raising the probability that administrative overload yields uneven application across jurisdictions and time.
The advanced computing rulemakings since 2022 illustrate how legal thresholds and definitions interact with adaptation incentives over successive updates. The October 2023 interim final rule adjusted compute performance thresholds and expanded the categories of covered semiconductor manufacturing items; the December 2024 notices incorporated HBM, refined FDPR application, and clarified controls on software keys; subsequent entries in January 2025 and July 2025 made conforming edits and corrections recorded in official Federal Register pdfs. The cumulative effect is a move from one-off entity targeting to a layered perimeter around capabilities, where the intertemporal design problem is to deny access to a function rather than to a part number, while minimizing spillovers on allied firms that service global installed bases (Federal Register “Export Controls on Semiconductor Manufacturing Items,” October 25, 2023; Federal Register public briefing on amendments, December 4, 2024; Federal Register foreign-produced direct product additions, December 5, 2024; Federal Register conforming amendments January 16, 2025 PDF; Federal Register July 18, 2025 conforming rule reference, consulted 2025). Time-horizon evaluation suggests that such iterative calibration can preserve leverage if cycles are faster than adversary adaptation; if cycles lag, thresholds invite product binning, firmware-capping, or relocation of training to unaligned cloud providers.
Coalition dynamics influence the slope of leverage decay because partner policies determine whether evasion flows can persist through third-country transshipment. The United States has expanded the Entity List to include shell companies in Malaysia, the United Arab Emirates, and Singapore serving as pass-throughs for advanced GPUs and components destined for restricted end users in China; the official Federal Register update on March 28, 2025 catalogs these additions and provides public legal citations that compliance teams can program into screening systems, reducing the half-life of diversion channels when partners cooperate on end-use checks (Federal Register “Additions and Modifications to the Entity List,” March 28, 2025). The time-horizon lesson from transshipment control is that early enforcement surges can disrupt established routes, yet sustained effectiveness depends on alignment of re-export rules and on the capacity to verify end use in free-trade zones where corporate opacity is high.
The European Union’s institutionalization of anti-coercion measures adds a distinct coalition-stability instrument with implications for the longevity of chokepoint strategies. Regulation (EU) 2023/2675 on the Anti-Coercion Instrument entered into force following publication in the Official Journal on December 7, 2023, authorizing responsive measures when a third country applies or threatens economic coercion; the legal text and consolidated EUR-Lex page provide the formal framework through which the EU can mitigate retaliation risks faced by member-state exporters, thereby lowering the political cost of aligning with US-led controls over longer periods (EUR-Lex consolidated text of Regulation (EU) 2023/2675, December 7, 2023; Official Journal publication PDF, December 7, 2023). When partner governments can credibly threaten proportionate remedies against coercive countermeasures, firms are less likely to defect from coalitions as sectoral pressure accumulates, which in turn slows adversary adaptation by reducing available alternative suppliers.
Congressional research provides a synchronized view of the policy system and its trajectory as of August 22, 2025. The Congressional Research Service report on “U.S. Export Controls and China: Advanced Semiconductors” summarizes statutory authorities, rulemakings, and foreign partner alignment while citing the official Federal Register entries that define the live obligations for exporters; the Library of Congress page hosts the most recent version and the PDF used by committees and oversight staff, providing a nonpartisan digest of the architecture that governs chokepoints over the next appropriations cycle (CRS “U.S. Export Controls and China: Advanced Semiconductors,” August 22, 2025). Such institutional documentation matters for time-horizon analysis because durable leverage requires stable, well-communicated standards that firms can embed in compliance systems without frequent, unpredictable reversals that would otherwise invite hedging and redesign away from US inputs.
The intertemporal behavior of weaponized interdependence can be summarized as a sequence of three dynamics supported by official data. First, initial disruptions are strongest when chokepoints sit at knowledge-dense layers where replication is slow; ASML exclusivity in EUV, the dominance of US firms in advanced EDA, and concentrated HBM capacity produce delays measured in years rather than quarters, a claim supported by licensing records and rule text that affirm the scarcity of substitutes in the near term through 2024 and 2025 (Government of the Netherlands announcement, July 7, 2023; Federal Register December 23, 2024 HBM addition). Second, medium-run attenuation arises when firms and governments invest in design-out strategies and legal workarounds to escape FDPR and de minimis jurisdiction; the very existence of 0% thresholds for select equipment underscores that regulators anticipate such redesign, using the rule to keep even minimal US content inside the jurisdictional fence while acknowledging that suppliers may still pursue non-US alternatives over 3–5 years (Federal Register foreign-produced direct product additions, December 5, 2024). Third, long-run equilibrium depends on whether innovation leadership remains concentrated among controllers or progressively diffuses; WIPO’s GII 2024 and OECD’s TiVA materials provide the indicators used to judge whether the target’s innovation capacity and embeddedness in value-added networks are rising faster than the controllers’ ability to refresh and coordinate controls, a condition that would shorten the half-life of chokepoint leverage after 2025 (WIPO GII 2024 full report PDF; OECD TiVA landing).
The overarching implication for strategic competition is that weaponized interdependence remains a powerful but wasting asset when applied to technologically dynamic sectors. The formal legal scaffolding in the United States—from EAR extraterritorial tools to cloud-governance rules—creates immediate and medium-term friction for targeted capabilities. The multilateral scaffolding—from the Wassenaar Arrangement transparency regime to EU anti-coercion law—reduces opportunities for evasion and cushions partners against retaliation. The target’s innovation system, however, can treat scarcity as a forcing function for substitution, and upstream counter-chokepoints in critical minerals complicate coalition cost-benefit calculations. The durability of leverage after 2025 will therefore depend on whether controllers maintain focus on narrow, high-value nodes, rotate thresholds fast enough to outrun product binning and service migration, and institutionalize interoperable licensing and cloud-access governance across principal supplier jurisdictions using the official instruments and reporting channels evidenced in the Federal Register, BIS annual reporting, OECD value-added statistics, WTO analytical chapters, and WIPO innovation diagnostics (Federal Register entries cited 2023–2025; BIS FY 2023 Annual Report; OECD TiVA landing; WTO World Trade Report 2023; WIPO GII 2024).
Implications for US Economic Security: Prioritizing Bottlenecks, Licensing Strategy, and Alliance Management
A strategic export control posture that advances United States economic security must concentrate scarce enforcement capacity on a handful of irreplaceable production nodes where substitution timelines are long and switching costs are high. The contemporary rulemaking record demonstrates that chokepoint leverage is greatest where the controller community anchors exclusive capabilities in semiconductor manufacturing equipment, advanced design software and process knowledge, and memory subsystems that enable high-throughput training of complex models. The operative legal spine for this architecture is the series of interim and final rules issued by the Bureau of Industry and Security under the Export Administration Regulations, beginning with the advanced computing and supercomputing measures and then the targeted expansion to semiconductor manufacturing items. The publicly accessible administrative texts for these measures remain the baseline references for compliance programs and for allied coordination. The authoritative entries are hosted on the Federal Register portals, including the October 2023 manufacturing-items rule and the December 2024 updates that embedded high-bandwidth memory within the control perimeter and refined extraterritorial reach through the foreign-direct-product doctrine and de minimis settings. The rule texts are available at Federal Register “Export Controls on Semiconductor Manufacturing Items” and Federal Register “Export Controls on Semiconductor Manufacturing Items; Updates to Advanced Computing Controls and Further Revisions”.
A first implication for policy design is triage. A coherent prioritization should elevate extreme-ultraviolet lithography platforms, specific deposition and etch subsystems, and the process control and metrology stacks that convert design intent into reproducible yield. The institutional record confirms that the Netherlands created a national licensing gate for advanced deep-ultraviolet lithography in July 2023, with an official government explainer that sets out the scope of covered tools, the licensing pathway, and the connection to national security considerations that implicate shipments to China. The authoritative public statement is hosted at Government of the Netherlands policy explainer. A complementary policy move in Japan brought 23 categories of semiconductor manufacturing equipment under licensing from July 23, 2023, codified by the Ministry of Economy, Trade and Industry through ministerial ordinance and public notices and summarized in English at METI release. The practical consequence for the United States is that credible control over the top of the lithography stack depends on sustained alignment with these two supplier governments. Economic security planning must therefore accept that enforcement will falter if those two licensing regimes lose focus or drift toward case-by-case permissiveness under commercial pressure.
A second implication is that licensing policy must be engineered for speed, predictability, and concentration. The United States cannot defend its advantage if the control yard expands in ways that multiply application volume faster than adjudication capacity. The public rule texts now include detailed performance definitions for advanced computing items and explicit coverage of high-bandwidth memory. The December 2024 rule embeds a 0% de minimis standard for selected lithography and closely related equipment categories, which clarifies that any trace of United States content triggers jurisdiction for restricted destinations. That approach sharpens the law but raises compliance costs for allied manufacturers that rely on broadly sourced sub-assemblies. The December 2024 text is explicit and is accessible via Federal Register December 2024 updates. Economic security objectives require a countervailing simplification move to offset the cost of sharper hooks. The obvious lever is a differentiated licensing architecture that offers accelerated, template-based approvals for narrowly defined maintenance, safety, and continuity activities at foreign-owned legacy facilities inside China, while preserving a presumption of denial for technology transfers that raise node capability, throughput, or yield. The public enforcement posture already signals a preference to avoid authorizing capacity expansion or node upgrades at such facilities. A durable template approach would reduce frictions with partners while maintaining the strategic lid on technological progression at the target location.
A third implication is that cloud governance must be fully integrated into licensing strategy. The United States has already placed infrastructure-as-a-service obligations within the executive framework for safe and secure artificial intelligence. The authoritative text is the Federal Register entry for Executive Order 14110 from November 1, 2023, which sets identity-verification duties and reporting requirements for providers when foreign accounts conduct significant model training. The official document is available at Federal Register “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence”. The complementary legal layer is the Department of Justice final rule on sensitive personal and government-related data transfers, finalized on January 8, 2025, with a correcting amendment on April 18, 2025. Those texts, hosted by the Federal Register, are accessible at Federal Register final rule January 8, 2025 and Federal Register correcting amendment April 18, 2025. A forward-leaning licensing doctrine should merge hardware and cloud oversight by conditioning specific equipment approvals on verified cloud-access controls at the end-user organization, including identity, logging, and model-weight retention policies. The goal is to prevent “compute laundering” through rented clusters outside the embargo perimeter and to treat trained model weights as controlled technology when those weights derive from restricted compute or restricted datasets.
A fourth implication is that the United States must anticipate reciprocal chokepoints wielded by China across upstream minerals and specialty materials and must hedge those exposures as a prerequisite for alliance management. The official Ministry of Commerce of the People’s Republic of China portals document the gallium and germanium export controls that took effect on August 1, 2023 and the subsequent graphite licensing regime issued in October 2023, followed by expanded prohibitions on graphitic materials in December 2024. The relevant public documents are hosted at MOFCOM gallium and germanium Q&A, MOFCOM graphite licensing notice, and MOFCOM expanded graphitic-materials announcement in Chinese. A credible economic security strategy cannot simply exhort allies to accept export denials while leaving their mineral inputs vulnerable to sudden foreign licensing shocks. The coalition therefore requires an explicit offset package: accelerated permitting for domestic and allied refining, public procurement contracts for substitution-grade materials, and strategic stockpiles sized to withstand a multi-quarter disruption. The macro-level case for such hedging appears in the multilateral analysis of fragmentation costs and retaliation dynamics set out by the World Trade Organization in its World Trade Report 2023, which is publicly available at WTO report portal and at WTO full report PDF.
A fifth implication involves metrics. Economic security debates often rely on qualitative narratives. The controller community needs live, transparent indicators to allocate enforcement effort and to de-escalate when objectives are achieved. The appropriate statistical framework for mapping network-embedded exposure remains the Organisation for Economic Co-operation and Development Trade in Value Added program. The official OECD landing provides the methodology guide and the data access portal used by ministries for supply-chain diagnostics. The references are OECD “Trade in Value Added” and OECD methodology guide. An economic security-relevant indicator suite should include foreign value added from China embodied in allied exports at the four-digit product level, the location of single-supplier dependencies for process chemicals and resists, and a count of maintenance-critical software keys for installed lithography and metrology tools within restricted destinations. Those metrics should be reported quarterly to the interagency and to partner governments through secure channels to calibrate licence issuance and to demonstrate that the control yard remains narrow.
A sixth implication is enforcement governance. Public reporting shows that end-use checks have scaled, with a significant number documented by the Bureau of Industry and Security in its Fiscal Year 2023 annual report. The official document, which details end-use and end-user checks, outreach, and enforcement actions, is posted at BIS annual report FY 2023. Economic security would be strengthened by reallocating inspection resources to the densest diversion hubs identified by anomaly detection in trade data and by formalizing information-sharing agreements that push high-confidence leads to Japan, the Netherlands, and the European Union for reciprocal on-site checks. Targeted design of these checks around firmware, maintenance, and software-license updates for controlled tools will yield larger returns than broad but shallow sampling.
A seventh implication is coalition law. The export-control community cannot rely solely on informal understandings. The Wassenaar Arrangement provides transparency and shared lists but does not bind licensing outcomes. The official secretariat site makes that institutional boundary explicit at Wassenaar Arrangement about page and at Wassenaar Arrangement control lists. Economic security planners should therefore layer the United States bilateral tools with an allied deterrence instrument that reduces the political cost of alignment for partners facing retaliation. The European Union has already legislated such a tool through the Anti-Coercion Instrument, codified as Regulation (EU) 2023/2675 and published in the Official Journal on December 7, 2023. The authoritative consolidated text and the official PDF are available at EUR-Lex consolidated regulation and Official Journal publication. The strategic logic is clear. When retaliation risks are credibly mutualized at the European Union level, alignment with United States controls becomes more politically sustainable for member states, which supports long-run enforcement against the most sensitive nodes.
An eighth implication is the treatment of software and knowledge diffusion. The most acute strategic vulnerabilities reside in tacit process knowledge embedded in service contracts, software keys, and design kits. The public rule series since 2022 already recognizes this by extending foreign-direct-product jurisdiction to software and by clarifying that software keys and related items can be controlled when they enable restricted functionality. The October 2023 manufacturing-items rule text, which remains the core reference, is posted at Federal Register October 2023 rule. Economic security doctrine should now focus on verifiable controls for remote service access, update pathways, and model-weight sharing that avoid over-breadth while closing critical enabling channels. That implies licence conditions that require physical presence for certain classes of tool servicing, mandatory logging of remote sessions, and audit-ready proof that firmware remains on approved versions for the life of the authorisation.
A ninth implication is domestic industrial capacity. Export controls are a wasting asset if domestic inputs erode. The public record demonstrates that global innovation capacity continues to evolve in ways that reward sustained investment in knowledge-intensive segments. The World Intellectual Property Organization documents these trajectories in the Global Innovation Index 2024, including ecosystem diagnostics and sector trendlines. The official publications are hosted at WIPO GII 2024 full report PDF and WIPO publication page. Economic security planning should therefore integrate export-control priorities with targeted public-goods spending on metrology, process integration research, and design-automation testbeds that shrink the incentive for allied suppliers to excise United States content. The policy mechanism is straightforward. Government procurement and research consortia can guarantee a baseline market for high-assurance subassemblies and software toolchains that remain inside United States jurisdiction, which directly counters the commercial logic of redesigning toward so-called “EAR-free” substitutes.
A tenth implication is legal predictability. The controller community retains leverage only if firms can read, plan, and invest against stable standards. The United States already publishes rule texts through the Federal Register, with conforming amendments and public briefings recorded under unique document identifiers. The December 2024 public briefing notice is posted at Federal Register briefing notice. The policy commitment that strengthens economic security is a steady cadence of predictable updates with ample comment windows and ample implementation lead times, paired with sunset reviews that remove obsolete thresholds or scope entries. A compact of this kind stabilizes allied planning and buttresses the argument for staying inside United States supply chains.
An eleventh implication concerns the treatment of model weights and training artifacts as controlled technology. The technical reality is that trained weights encode access to functionality that chokes hardware pathways are designed to deny. The licensing doctrine should therefore continue to evolve along the path signaled by Executive Order 14110 and subsequent agency guidance. The aim is to protect specific capability thresholds while preserving open academic exchange below those thresholds. That balance reduces the incentive for partners to resist United States-led standards on grounds of scientific freedom and aligns control policy with the broader governance conversation that the United States has anchored in public documents. The relevant Federal Register entry remains the official reference at Federal Register EO 14110.
A twelfth implication is the management of distribution-chain arbitrage. The public enforcement record shows continuing additions to the Entity List for shell companies operating in Malaysia, the United Arab Emirates, and Singapore. The legally operative notice is hosted at Federal Register “Additions and Modifications to the Entity List” March 28, 2025. Economic security requires that the United States couple these listings with compliance partnerships that assist third-country customs and economic agencies in identifying misclassification patterns. The practical tools include harmonized risk indicators for goods that fit within controlled performance envelopes, expanded post-shipment verifications keyed to anomalies in value-to-weight ratios, and shared watchlists for brokers and freight forwarders with recurrent links to diversion cases.
A thirteenth implication is burden balancing for allies. The European Union has moved with sector-specific trade-defense measures in areas such as battery-electric vehicles, with detailed reasoning set out in its published regulations, and it has embedded a legal response to coercion through Regulation (EU) 2023/2675. The existence of these instruments should be leveraged in bilateral dialogues so that United States export-control expectations are paired with European Union mechanisms that cushion partners from foreseeable retaliation. The purpose is not to broaden controls but to make narrow controls politically sustainable over time. The official EUR-Lex consolidation for the anti-coercion instrument is the binding reference at EUR-Lex consolidated regulation.
A fourteenth implication is communication discipline. Economic security depends on the credibility of the small-yard premise. Repeated assertions that everything connected to a rival economy is a national-security risk cannot coexist with a narrow chokepoint strategy. The public documents cited above already encode precision through item definitions, performance thresholds, and structured licensing. Policymakers should limit declaratory policy to the standards expressed in those texts and avoid signaling that broader decoupling is the hidden objective. Clear official linkages to the Federal Register rule texts, to OECD value-added diagnostics, to WTO analyses of fragmentation costs, and to WIPO innovation metrics build an evidentiary narrative that partners can defend domestically.
A fifteenth implication is institutional learning. The United States should formalize after-action reviews at fixed intervals that evaluate whether specific controls slowed target capabilities, raised operating costs at restricted facilities, or shifted design flows away from controlled software without degrading allied competitiveness. Those reviews should be grounded in the public datasets and legal materials already referenced. The Bureau of Industry and Security annual report format can serve as the publishing vehicle for summary indicators and trend narratives that do not disclose sensitive enforcement leads. The most recent complete report is posted at BIS annual report FY 2023.
A sixteenth implication is that critical-node protection should be paired with targeted openness where controls would otherwise damage complementary strengths. An example is research collaboration that improves software verification and secure toolchains for allied fabs and design houses. Where collaboration does not raise node capability inside restricted destinations and where it strengthens compliance and resilience for the controller community, positive-sum openness serves economic security more effectively than blanket restrictions. The policy texts for export control and for artificial intelligence governance can accommodate such calibrated openness because both are expressed as itemized and thresholded regimes rather than as total embargoes.
A seventeenth implication is resource realism. Enforcement capacity is finite. The policy must prefer a small number of deeply enforced denials to a large number of shallow denials. The case for deep enforcement is visible in the way the Netherlands licensing gate and the Japan ordinance shaped industry behavior at the top of the equipment stack. The relevant official documents are Government of the Netherlands policy explainer and METI release on controlled categories. Economic security planning should institutionalize a choke-node tasking that directs investigators and licensing staff primarily toward maintenance, service, and key-management pathways for those nodes rather than swelling lists of lower-impact items.
A final implication is narrative integrity. The export-control system is part of a broader economic strategy. The public documents cited—Federal Register rules with unique identifiers, OECD value-added diagnostics, WTO fragmentation analysis, WIPO innovation reports, Wassenaar Arrangement institutional materials, and national licensing notices from the Netherlands and Japan—allow the controller community to articulate a consistent rationale. The central claim is that the United States will remain open where trade and investment involve no meaningful risk to national power, and will be closed at a small number of production nodes where denial preserves a durable lead. The legal and statistical sources embedded above are the verifiable backbone for that claim. An economic security strategy that stays anchored to these documents, that invests jointly with allies in the knowledge-intensive segments that define the chokepoints, and that manages cloud access and model-weight diffusion with the same care given to the equipment stack will better defend the country’s long-run productive capacity and military-relevant technological advantage without exhausting alliance patience or administrative bandwidth.
| Theme | Specific Measure / Finding (unique, non-duplicative) | Date | Principal Actors / Jurisdictions | Mechanism / Instrument | Quantitative or Technical Detail | Alliance / Political Angle | Primary Source (live official link) |
|---|---|---|---|---|---|---|---|
| Regime scope growth | United States expanded controls on advanced logic and semiconductor manufacturing equipment via an interim final rule updating thresholds and SME coverage. | October 25, 2023 | Bureau of Industry and Security (BIS), United States | Federal Register IFR “Export Controls on Semiconductor Manufacturing Items” | Adds multiple SME categories; codifies performance metrics for advanced computing items; integrates FDPR logic. | Signals start of “small yard” expansion under multilateral pressure. | Federal Register—88 FR 73458 (2023-23049) |
| Closing loopholes & adding memory | Rule further updates advanced computing controls and adds high-bandwidth memory coverage; broadens FDPR logic for tools and components. | December 23, 2024 | BIS, United States | Federal Register IFR “Export Controls on Semiconductor Manufacturing Items; Updates to the Advanced Computing Controls…” | Expands controlled HBM and SME items; extends extraterritorial triggers (de minimis and FDPR) to more tool chains. | Tightening created additional compliance burdens across allied firms. | Federal Register—89 FR 93628 (2024-31320) |
| Netherlands national measures | Netherlands introduced national export control measures for advanced chipmaking equipment, aligning with partner concerns over China-bound tooling. | June 30, 2023 | Kingdom of the Netherlands, Ministry of Foreign Affairs | Public announcement of national regulation (DUV categories) | Covers select DUV immersion tools supporting sub-10 nm processes when multi-patterned. | Coordination with United States and Japan signaled via diplomatic statements. | Government of the Netherlands notice |
| Japan SME list | Japan added 23 SME categories to its export list, tightening outbound shipments relevant to advanced node fabrication. | May 23, 2023 | Ministry of Economy, Trade and Industry (METI), Japan | Cabinet Order / Ministerial Ordinance revision | 23 categories include deposition, etch, clean, and inspection gear used in sub-14 nm flows. | Crafted without naming China, reflecting market-exposure sensitivity. | METI press release (English) |
| HBM chokepoint | Updated HBM restrictions targeted memory bandwidth essential for AI training clusters, curbing assemblies paired with compliant GPU designs. | December 23, 2024 | BIS, United States | IFR update (advanced computing) | Coverage implicates HBM2E/HBM3 class; raises compliance checks on stack density and IO rates. | Aimed to blunt “bundling” strategies in China using large clusters of lesser GPUs. | Federal Register—89 FR 93628 |
| Extraterritorial reach | 0% de minimis for advanced lithography asserts control even where United States content is minimal; FDPR reach expanded. | October–December 2023–2024 | BIS, United States | De minimis & FDPR tightening in IFRs | 0% threshold for advanced lithography; “single-chip” triggers for certain tooling supply chains. | Heightens friction with Netherlands/Japan when servicing installed bases in China. | Federal Register 88 FR 73458, 89 FR 93628 |
| Cloud & model access guardrails | Executive Order 14110 set AI safety direction, including reporting for large-scale model training and potential cloud access controls. | November 1, 2023 | Executive Office of the President, United States | EO 14110 published in the Federal Register | Establishes reporting thresholds tied to compute; seeds future rules for access-as-a-service risk. | Frames allied cooperation on compute governance. | Federal Register—EO 14110 |
| Data controls (KYC for SPSD) | DOJ final rule restricts transfer of sensitive personal data to countries of concern; mandates KYC controls for intermediaries. | January 8, 2025 | Department of Justice (DOJ), United States | Final Rule “Preventing Access to U.S. Sensitive Personal Data…” | Defines “sensitive personal data,” licensing expectations, and record-keeping; corrective amendment posted April 18, 2025. | Complements tech export controls by constraining data vectors for model training/targeting. | Federal Register—90 FR 1016 (2024-31486), Correction—90 FR 29092 |
| Tightening entity perimeter | Additional Entity List designations added Chinese firms and institutes linked to defense, surveillance, or diversion. | March 28, 2025 | BIS, United States | Federal Register “Additions and Modifications to the Entity List” | Adds multiple PRC entities; imposes license requirements with presumption of denial in specified categories. | Raises compliance risk for third-country distributors funneling to listed parties. | Federal Register—90 FR 22238 (2025-05426) |
| Revoking VEU channel | United States revoked license-free Validated End-User authorizations for foreign-owned fabs operating in China, closing a carve-out. | August 29, 2025 | BIS, United States | Press release plus forthcoming Federal Register conforming rule | Former VEU firms granted 120 days to shift to licensing; no approvals for expansion/upgrades in China. | Levels playing field among allied competitors; may intensify diplomatic pressure. | BIS press release (August 29, 2025) |
| EU anti-coercion backstop | European Union enacted the Anti-Coercion Instrument providing trade retaliation tools when partners face economic coercion. | December 2023 | European Union, European Commission | Regulation (EU) 2023/2675 in OJ | Enables tariffs/quotas/restrictions in response to proven coercion after investigation. | Gives allies a shield if China retaliates over controls. | EUR-Lex—OJ L 2023/2675, European Commission explainer |
| Chinese countermeasures—metals | China imposed export licensing on gallium/germanium citing national security, tightening inputs for RF/power semis. | August 1, 2023 | Ministry of Commerce (MOFCOM), China | Export licensing regime & end-use/end-user checks | Controls affect GaN/GaAs/Ge supply; impacts wide-bandgap device chains. | Response to allied SME controls; increases input price volatility. | MOFCOM Q&A (CN) |
| Chinese countermeasures—graphite | China expanded export controls to graphite products used in EV batteries and anode materials. | October 20, 2023 | MOFCOM, China | Revised catalogue & licensing | Adds natural/synthetic graphite grades, affecting battery supply chains. | Signals leverage over critical raw materials amid tech-trade tensions. | MOFCOM notice (CN) |
| Continuation notice | China confirmed continued implementation and administration of certain graphite measures into 2024. | December 2024 | MOFCOM, China | Implementation communiqué | Maintains licensing rigor into the next calendar cycle. | Sustained use of materials policy in geo-economic bargaining. | MOFCOM implementation note (CN) |
| CoCom successor—scope | Wassenaar Arrangement functions as a transparency forum on dual-use and conventional arms, with 42 participants. | Current | Wassenaar Arrangement participating states | Initial Elements; Control Lists | Control Lists updated annually; no designated “target state.” | Less coercive than CoCom; complicates coalition export denial. | Wassenaar Arrangement—Initial Elements, Control Lists |
| Defense assessment—PRC MCF | DoD reports PRC mobilization of resources under MCF to reduce reliance on foreign chokepoints while acquiring foreign know-how. | December 18, 2024 | Department of Defense (DoD), United States | Annual Report to Congress (CMPR) | Notes PRC focus on technological self-sufficiency; cites efforts to mitigate FDPR exposure. | Reinforces rationale for allied chokepoint protection. | DoD CMPR 2024 (PDF) |
| OECD value-chain visibility | OECD TiVA provides foreign value-added measures enabling identification of chokepoints embedded in trade flows. | Current (maintained) | OECD | TiVA database & methodology | Tracks GVC structure; input-output mapping across industries/countries. | Supports evidence-based targeting to minimize collateral harm. | OECD TiVA portal |
| WTO system view | WTO World Trade Report 2023 analyzes security-trade nexus and argues for “re-globalization” rather than fragmentation. | September 2023 | World Trade Organization (WTO) | Annual flagship report | Situates security-driven measures within multilateral rule tensions. | Frames allied debate on proportionality and multilateral consistency. | WTO WTR 2023 |
| Innovation baseline | WIPO GII 2024 shows China among top regional performers (East Asia) and strong in S&T clusters. | September 2024 | World Intellectual Property Organization (WIPO) | Global Innovation Index report | 133 economies covered; dashboards on R&D, patents, clusters. | Indicates adaptation capacity relevant to sanctions durability. | WIPO GII 2024 (PDF) |
| BIS enforcement posture | BIS ‘Year in Review’ details escalated administrative and criminal actions for diversion and shell-company evasion. | 2023 (published 2024) | BIS, United States | Export Enforcement annual | Documents multi-agency “tri-seal” coordination; highlights SAR typologies. | Underscores enforcement capacity strain as scope widens. | BIS Export Enforcement 2023 (PDF) |
| Tri-seal evasion red flags | Joint compliance note flags third-country transshipment patterns and procurement fronts for restricted tech. | March 2, 2023 | BIS, DOJ, Treasury/FinCEN | Tri-seal compliance note | Enumerates evasion indicators; urges KYC and end-use attestation rigor. | Template later applied in China-focused screening. | BIS Tri-Seal Note (PDF) |
| Financial sector reporting | BIS/FinCEN joint alert guides SAR filings for export control evasion networks tied to high-priority items. | November 6, 2023 | BIS, FinCEN | Joint Notice FIN-2023-NTC2 | Aligns transaction monitoring with restricted items lists; typologies for payment trails. | Bridges trade controls with financial surveillance. | BIS/FinCEN joint alert (PDF) |
| Mature-node exposure | BIS survey/report analyzes mature-node (legacy) chip use in critical US systems and foreign sourcing risk. | December 2024 | BIS, United States | Public Report on Mature-Node Semiconductors | Identifies dependency nodes and options to shift procurement. | Complements leading-edge focus with resilience for legacy demand. | BIS Mature-Node Report (PDF) |
| Industrial base audit | BIS assessment surveys US microelectronics industrial base; maps gaps and vulnerabilities. | December 2023 | BIS, United States | Section 9904 assessment | Calls out visibility gaps into China-based dependencies in defense suppliers. | Motivates domestic incentives and control calibration. | BIS Industrial Base Assessment (PDF) |
| Academic & exchanges leakage | DoD identifies PRC talent programs and illicit acquisition vectors under MCF. | December 18, 2024 | DoD, United States | Annual CMPR | Notes recruitment mechanisms and covert procurement to sidestep Entity List. | Justifies allied screening of cross-border research ties. | DoD CMPR 2024 |
| Shell-company latency | Authorities warn it can take illicit actors days to form shells that facilitate procurement; detection may take years. | 2023–2024 | BIS/FinCEN, United States | Tri-seal note; joint alerts | Emphasizes latency gap between evasion and interdiction. | Grounds argument for proactive license presumption and audits. | BIS Tri-Seal Note (PDF), Joint Alert |
| Wassenaar limits | Wassenaar lacks binding denials and has Russia as participant, limiting strategic denial upgrades. | Current | Wassenaar Arrangement | Institutional design (voluntary) | Transparency exchange rather than joint denial decisions. | Necessitates minilateral ad-hoc controls among United States, Japan, Netherlands, Republic of Korea. | Wassenaar—About/Initial Elements |
| EU graphite exposure | EU downstream EV producers exposed to graphite licensing from China, raising supply security stakes. | 2023–2024 | European Union, MOFCOM | Chinese licensing regime; EU ACI backstop | Constrains anode material exports; potential pass-through cost to EU industry. | Supports EU diversification and anti-coercion posture. | MOFCOM graphite notice, EUR-Lex—ACI |
| Dutch service restrictions pressure | United States urged limits on ASML maintenance/software updates for installed tools at PRC fabs to degrade effective capacity. | 2024 (reflected in IFR scope) | BIS, Netherlands | Licensing policy + contractual constraints | Service restrictions reduce uptime/throughput without full tool removal. | Frictions where maintenance contracts meet sanctions. | Federal Register 89 FR 93628 |
| Japan service & parts | Japan implements category controls implying licensing for field support/spares on listed SME. | May 23, 2023 | METI, Japan | Control list expansion | Coverage of sub-systems narrows spare-parts channels to PRC fabs. | Aligns quietly, avoiding explicit country naming. | METI press (EN) |
| US investment guardrails | CHIPS and Science Act includes “guardrails” restricting beneficiaries’ expansion in China. | August 2022 (still operative 2025) | United States | Statutory measure (Treasury/Commerce implementation) | Prohibits “material expansion” of semiconductor capacity in China by subsidy recipients. | Reduces leakage via outbound capacity arbitrage. | Commerce CHIPS guardrails (overview) |
| Enforcement capacity—licenses | BIS reports 1,476 license determinations handled by Office of Export Enforcement (FY 2023), indicative of workload growth. | FY 2023 (posted March 21, 2025) | BIS, United States | Annual Report to Congress | 1,476 LDs; increased enforcement actions year-over-year. | Administrative bandwidth becomes a rate-limiting factor as scope widens. | BIS Annual Report FY 2023 |
| Entity List deterrence | Listing triggers license requirement with presumption of denial for most PRC defense-linked buyers. | Ongoing (2023–2025) | BIS, United States | EAR Entity List authority | Gatekeeps US-origin hardware, software, technology transfers. | Drives rerouting via third-country shells; raises due-diligence costs for allies. | Federal Register—Entity List (example March 28, 2025) |
| FDPR primacy | Virtually all advanced chips anywhere incorporate US EDA/tool chain elements, making FDPR decisive. | 2023–2024 (IFRs) | BIS, United States | FDPR extensions in IFRs | Captures foreign-made items built with US software or equipment. | Core of extraterritorial leverage; creates allied design-out incentives. | Federal Register 88 FR 73458; 89 FR 93628 |
| WIPO clusters & absorptive capacity | WIPO data on S&T clusters indicates strong PRC urban innovation nodes—a proxy for fast technology diffusion. | September 2024 | WIPO | GII 2024 cluster chapter | Shows concentration of patents/publications in PRC metros. | High absorptive capacity reduces control efficacy over long horizons. | WIPO GII 2024 |
| WTO warning on fragmentation | WTO argues fragmentation raises costs and reduces innovation spillovers, complicating long-run security returns. | September 2023 | WTO | World Trade Report 2023 | Models show higher trade costs and slower diffusion under blocs. | Narrows allied room for escalation without economic penalty. | WTO WTR 2023 |
| Finance compliance integration | Joint alerts integrate SAR with control lists to surface evasion typologies tied to high-priority items. | November 6, 2023 | BIS, FinCEN | FIN-2023-NTC2 | Emphasizes vendor financing, freight re-routing, mismatched HS codes. | Encourages banks to become enforcement multipliers. | BIS/FinCEN alert (PDF) |
| Legacy vs leading-edge balance | BIS mature-node report underscores risk in legacy components present in critical US systems. | December 2024 | BIS | Public report to Congress | Highlights need to diversify legacy supply (e.g., 28 nm and above). | Avoids single-minded focus on sub-10 nm. | BIS Mature-Node Report |
| International law setting | Wassenaar lists provide baseline for allied coordination but lack binding denials, requiring “coalitions of the willing.” | Current | Wassenaar Arrangement | Initial Elements, Procedures | Annual updates; consensus challenges amid Russia participation. | Encourages minilateral tech-coalitions outside WA remit. | Wassenaar Initial Elements |
| EU resilience tool | EU’s Anti-Coercion Instrument allows calibrated retaliation to protect EU firms pressured over compliance with allied controls. | December 2023 | EU | Regulation (OJ) | Toolset includes suspension of concessions and public procurement limits. | Shields EU compliance from unilateral retaliation. | EUR-Lex—2023/2675 |
| Service & software leverage | Denial of software updates, spares, and field service for controlled SME degrades line yields even without tool removal. | 2024 | BIS, allied regulators | IFR licensing policies; national measures | Time-dependent erosion of performance as MTBF rises without OEM support. | Minimizes headline “bans” while curbing effective capacity. | Federal Register 89 FR 93628 |
| Data governance complement | DOJ rule curtails cross-border data exposure usable for model training/targeting by countries of concern. | January 8, 2025 | DOJ | Final Rule; correction April 18, 2025 | Requires programmatic controls and reporting; defines covered datasets. | Integral to “compute-model-data” triad risk management. | Federal Register—90 FR 1016, Correction—90 FR 29092 |
| Licensing triage pressure | Rising application volumes increase adjudication times, risking “deny by delay” effects on compliant allied firms. | FY 2023–FY 2025 | BIS | Licensing statistics in annuals | 1,476 LDs (FY 2023); trajectory rising with scope. | Necessitates risk-based triage and red-flag automation. | BIS Annual Report FY 2023 |
| Target adaptability—policy view | DoD emphasizes PRC industrial mobilization and learning under sanctions pressure; warns of diminishing marginal effect of new lists. | December 18, 2024 | DoD | CMPR | Notes parallel investments in local EDA, lithography, and materials. | Foreshadows long-horizon leakage through substitution. | DoD CMPR 2024 |
| Compute governance direction | EO 14110 frames reporting triggers by training compute and potential model capabilities risk. | November 1, 2023 | White House, United States | Executive Order | Encourages cloud providers to monitor high-end GPU/TPU rentals. | Supports allied harmonization on access-as-a-service. | Federal Register—EO 14110 |
| Chokepoint taxonomy | OECD TiVA + national I-O tables enable pinpointing value-added bottlenecks (e.g., photoresists, precursors, metrology). | Current | OECD | Database/methods | Quantifies upstream foreign value-added shares for targeted denial. | Reduces over-breadth—core to “true small yard.” | OECD TiVA |
| Materials leverage | MOFCOM licensing on gallium/germanium/graphite demonstrates commodity-side retaliation capacity. | 2023–2024 | MOFCOM | Export admin notices | Affects RF, power electronics, and battery chains. | Reinforces need for allied resource diversification. | MOFCOM Ga/Ge Q&A, Graphite notice |
| Governance—minilateralism | Institutional gaps at Wassenaar push minilateral control clubs centered on United States, Japan, Netherlands, Republic of Korea. | 2023–2025 | United States/Japan/Netherlands/ROK | Coordinated national rules | Achieves speed at the cost of institutional legitimacy. | Requires careful alliance management to avoid 1980s-style splits. | Wassenaar Initial Elements |
| Enforcement—financial rails | Use of SAR plus commodity-code analytics to trace “high-priority items” procurement cycles. | 2023–2024 | BIS, FinCEN | Joint alerts | Bridges trade and finance surveillance to catch shells faster. | Banking cooperation becomes key ally deliverable. | BIS/FinCEN alert |
| Industrial-policy complement | BIS Section 9904 report underlines domestic capacity gaps requiring subsidies, workforce pipelines, and supplier mapping. | December 2023 | BIS | Assessment report |
