Rescind and Replace: Commerce Department Issues New Guidance To Curb Adversaries’ Access To Advanced AI Technologies

In the last days of the Biden administration, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published an interim final rule (IFR) to further stem the flow of advanced computing integrated circuits (IC) and other artificial intelligence (AI) technologies to U.S. adversaries. The IFR, known as the “Framework for AI Diffusion” (which Arnold & Porter discussed in our January 2025 Advisory), would have imposed a global license requirement for the exportation of advanced ICs. The rule received significant pushback from U.S. industry. On May 12, 2025, just three days before most of the Framework for AI Diffusion’s provisions were set to come into effect, BIS, now under the Trump administration, announced it would rescind the rule and issue a replacement rule at some point in the future, but offered no additional information or timeline. The next day, on May 13, 2025, BIS issued three new sets of guidance to strengthen export controls on AI chips. These guidance documents signal a potentially new regulatory approach by BIS. Instead of trying to control worldwide shipment allocations, as under the prior rule, the guidance documents suggest the Trump administration will attempt to elicit more stringent voluntary due diligence from companies under a threat of ramped up enforcement. The guidance may also portend additional export licensing requirements for AI transactions. The three new guidance documents are summarized below.

Guidance on Application of General Prohibition 10 to Chinese Advanced ICs

This guidance warns persons and companies in the United States and abroad of the potential enforcement risks they face in choosing to use Chinese-origin advanced computing ICs and products that incorporate Chinese advanced ICs. In particular, the guidance targets Huawei’s Ascend 910B, 910C, and 910D ICs.

General Prohibition 10 (GP10) of the Export Administration Regulations (EAR) provides, in relevant part, “You may not sell, transfer, export, reexport, finance, order, buy, remove, conceal, store, use, loan, dispose of, transport, forward, or otherwise service, in whole or in part, any item subject to the EAR and exported or to be exported with knowledge that a violation of the EAR … is about to occur, or is intended to occur in connection with the item.” See 15 C.F.R. § 736.2(b)(10). According to BIS, GP10 likely applies to most advanced ICs (controlled under Export Control Classification Number 3A090) that have been developed or produced by companies located in, headquartered in, or whose ultimate parent company is headquartered in Country Group D:5 destinations (including China).

Because BIS believes that U.S.-origin software or technology — and/or semiconductor manufacturing equipment that is the direct product of certain U.S.-origin software or technology¹ — likely contributed to the design and production of many Chinese advanced ICs, including Huawei’s Ascend 910B, 910C, and 910D chips, BIS asserts that licenses were likely required during such design and production. Where licenses were not granted prior to exports, reexports, or transfers (in-country) during the design and production process, BIS expresses the view that violations likely occurred. According to BIS, any subsequent engagement with the ICs would constitute a GP10 violation. This renders any entity that uses or otherwise engages with the chips open to potential administrative or criminal penalties.

Therefore, this guidance warns everyone worldwide that engaging in GP10 activities with Chinese advanced computing ICs, including but not limited to the Huawei Ascend 910B, 910C, and 910D chips, without prior authorization from BIS may result in BIS enforcement actions including imprisonment, fines, loss of export privileges, and other restrictions. BIS strongly recommends that parties intending to take action with respect to Chinese 3A090 ICs without prior BIS authorization seek supplier confirmation that BIS authorization was obtained for the export, reexport, or transfer (in-country) of both the production technology from the designer to the fabricator and the chip itself from the fabricator to the supplier.

BIS clarified that it would not pursue enforcement actions against parties that obtained Chinese 3A090 chips solely for the purpose of technical analysis or evaluation to determine the technical capabilities of an individual IC.

Guidance on the Dangers of Providing Advanced ICs to Train AI Models

This guidance asserts that providing certain advanced computing ICs and related commodities for the purpose of training AI models for or on behalf of parties headquartered in D:5 countries (including China) implicates Section 744 when there is “knowledge” that the AI model will be used for a military-intelligence end use/user or otherwise used for weapons of mass destruction (WMD).² The EAR-controlled items implicated in the guidance are 3A090.a ICs, 4A090.a computers, and .z items in Categories 3, 4, and 5, such as servers classified as 5A992.z.

The guidance also warns against any U.S. person’s “support” (as defined in Section 744.6(b)(6) of the EAR) associated with a contract, service, or employment when there is “knowledge” that the support would assist with the training of AI models for or on behalf of parties headquartered in D:5 countries for WMD or military-intelligence purposes. Note that the “support” restriction is related to items not subject to the EAR, meaning that U.S. persons are subject to these 744.6 restrictions with respect to items that fall outside of the EAR’s extensive jurisdictional scope.

Section 744.22 of the EAR prohibits the export, reexport, or transfer (in-country) of any item subject to the EAR without a license from BIS if, at the time, the party has “knowledge” that the item is intended, entirely or in part, for a “military-intelligence end user” or “military-intelligence end use” vis-à-vis certain U.S. adversary destinations. “Knowledge,” defined at Section 772.1 of the EAR, “includes not only positive knowledge that the circumstance exists or is substantially certain to occur, but also an awareness of a high probability of its existence or future occurrence. Such awareness is inferred from evidence of the conscious disregard of facts known to a person and is also inferred from a person’s willful avoidance of facts.”

Therefore, under this guidance, parties that provide 3A090.a, 4A090.a and Category 3, 4, and 5, .z items would be in violation of the EAR if they provide such EAR-controlled items to a party to train an AI model for or on behalf of a D:5 destination with “knowledge” that such model may serve WMD or military-intelligence purposes. Importantly, however, the guidance also warns that BIS may add foreign parties who support training D:5 destinations’ AI models that could support WMD or military-intelligence end uses to the Entity List even where no violation of the EAR occurs. This threatens to punish those parties who lack the requisite “knowledge” requirement or who support AI model training with no other independent nexus to the EAR, and who thus do not commit a formal Section 744 violation. To help parties discern whether their advanced computing ICs and commodities may be used for prohibited purposes or diverted to prohibited parties, the guidance references a new set of transactional and behavioral red flags to watch out for, as discussed below.

Transactional and Behavioral Red Flags That Signal Risk of Illicit Diversion

The final guidance BIS issued on May 13, 2025 contains an illustrative (but non-exhaustive) list of red flags companies should watch out for that may signal a party’s intent to evade export controls and offers due diligence actions companies can take to prevent such evasion. The guidance is intended to complement the “Know Your Customer” and Red Flag Guidance already set forth at Supplement No. 3 to Section 732 of the EAR.

New red flags include:

• The customer either never received exports of advanced computing ICs and/or commodities that contain such ICs prior to October 2022 (when BIS first imposed export restrictions on advanced computing ICs), or the customer saw a significant increase in exports thereafter (to track this red flag, companies will need to monitor their transaction flows).
• The customer’s reported geographical location creates concerns about the customer’s authenticity. Specifically:
  
  
  • A customer exclusively provides a residential address and the quantity of advanced computing ICs ordered does not comport with personal use.
  • The ultimate delivery or installation address is unknown.
  • The customer is coy about providing the location of its headquarters or ultimate parent company.
  • The customer is co-located or has an address similar to a party on the Consolidated Screening List (an interagency combined list of prohibited customers).
  • The address of the purchaser is in a D:1, D:4, or D:5 destination.

• Other parties associated with the transaction may not be legitimate entities. For example:
  
  
  • Consignees in the transaction do not typically engage in business consistent with requiring a large quantity of advanced computing ICs.
  • The reported end user is not a unique storefront for a singular organization.

• A data center customer cannot confirm it has the infrastructure to operate the advanced computing ICs.

• An Infrastructure as a Service (IaaS) customer cannot confirm that its users are not headquartered in China.

Due diligence actions suggested by the guidance include:

• Evaluate the customer’s date of incorporation, ownership structure, and stated end user/end use of the items for inconsistencies, affiliation with D:5 countries, or other red flags.
• Provide appropriate warnings to customers prior to sale that exportation, reexportation, and transfer (in-country) to or within destinations specified in Country Groups D:1, D:4, or D:5 would require a license.
• Require customers to provide end user certifications outlining in detail all proposed transaction parties and certifying that items will not be redirected for WMD or military-intelligence end uses or to such end users.
• If the customer is a data center, require a written attestation that the customer is authorized to operate at its location and has the infrastructure to operate the types of items being purchased.
• Conduct on-site visits and audits of customer data centers to verify attestations.
• Particularly scrutinize data centers that have the infrastructure to operate servers containing advanced ICs greater than 10 megawatts (due to increased risk of subversive AI model training).

Conclusion

The guidance documents published by BIS signal the Trump administration’s intention to use threats of ramped up enforcement to elicit more stringent voluntary due diligence from companies, rather than attempt to control worldwide IC shipments on the front end. As the administration appears intent to punish parties who support Chinese AI development through actions that may not even violate the EAR, the guidance documents collectively put IC manufacturers, users of China’s advanced AI chips, and everyone worldwide on notice to heed not only the letter but also the spirit of the EAR’s restrictions on advanced computing IC exports.

Going forward, it remains prudent for individuals and businesses seeking to export, reexport, or transfer (in-country) advanced ICs and other AI-related technologies to keep abreast of their licensing, disclosure, and reporting obligations. BIS may issue new rules or change rules or guidance at any time. Please contact any author of this Advisory or your Arnold & Porter relationship attorney if you have any questions or to seek further guidance or advice.

© Arnold & Porter Kaye Scholer LLP 2025 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.