On September 29, the Commerce Department’s Bureau of Industry and Security (BIS) issued a rule that has significantly expanded the reach of existing US export controls by targeting subsidiaries of already blacklisted foreign firms. Any entity that is at least 50 percent owned (directly or indirectly) by one or more entities on the US Entity List or the Military End-User (MEU) List will now also be blacklisted and subject to stringent export restrictions. In addition, an entity with “significant minority ownership” by an Entity List/MEU List company is a “red flag” that requires additional due diligence by US exporters. These lists had previously excluded all entities that were not specifically named, even if they had extensive corporate and financial ties with the listed entities. The new rule is intended to address circumvention concerns, but the policy as written goes too far, punishing exporters and the rule’s targets for relatively benign activities and hurting US interests. The rule is akin to switching a sniper rifle for a shotgun that hits too many targets.
The rule targets business entities in many countries but with high impact on China. According to estimates by WireScreen, the number of Chinese entities blacklisted could surge from roughly 1,300 currently to more than 20,000, expanding the blast radius of Chinese firms off-limits to US exports 15-fold. Some of these targeted entities surely deserve to be on the blacklist, subject to export bans, but many are benign subsidiaries that could include schools and hospitals. Even exports to firms without any concerning links will face fallout because US firms will now have to look beyond immediate parent companies to verify they are complying with export controls. Any US firm exporting even a soybean to China now needs to engage in lengthy corporate sleuthing to follow complex webs of Chinese customers’ entire ownership chain to avoid the risk of being hit with fines or even jail time.
The new rule further disadvantages US firms because US allies do not tend to have such entity-based restrictions, giving them a competitive edge. While the rule will make some circumvention of export controls more difficult, it will require the BIS to use its limited resources on enforcing a broad new ban that is not targeted to the most critical technologies. Chinese firms aiming to evade the restrictions still can hire a company they do not own to buy for them, making such leakage inevitable.
The US public discussion has overlooked the severity of the BIS rule, focusing instead on China’s response. On October 9 Beijing implemented its most comprehensive export restrictions to date on rare earths and related technologies, which threaten to upend industries around the world. While China’s measures had been in the works and may have eventually come out anyway, their quick promulgation as well as Chinese government statements suggest Beijing’s action was linked to the BIS affiliates rule.
It is not yet clear what was agreed in the latest talks between the US and China in Malaysia on October 26. Treasury Secretary Scott Bessent claimed China has agreed to delay its rare earth export controls by a year, while China’s top trade negotiator, Li Chenggang, hinted at “each side” having to take some action “to fulfill their respective domestic approval procedures,” which could refer to yet unreported US commitments related to the BIS affiliates rule. Either way, the US should more carefully target its export controls to reduce unintended consequences.
Why did the US introduce the 50 percent rule?
The 50 percent affiliates rule attempts to tackle a real “whack-a-mole” problem in enforcing export controls. Previously, only a specific blacklisted entity (firm, individual, or research institution like a university) would be cut off from US technology or goods specified on the list. But that entity could create new subsidiaries that could then legally get their hands on the goods or technology much faster than the BIS could add those new entities to the list. Research presented in a December 2024 PIIE Policy Brief shows, for example, that 149 different Huawei entities are on the list after multiple rounds of additions to stop circumvention.
The new rule aims to prevent subsidiaries from buying goods/technology and “diverting” them to their blacklisted corporate parents. A blacklisted entity could still circumvent this rule with a 49.9 percent-owned shell company, so the BIS has also declared that “significant ties” to a blacklisted firm, including shared members of a board, is now a “red flag” that requires extensive due diligence before an export can proceed.
Chain reaction for China decoupling
The 50 percent rule might seem like a small technical tweak, but the impact, especially on China, will be immense. Chinese companies tend to be sprawling networks of subsidiaries that might have a defense supplier subject to a US cutoff as well as numerous other subsidiaries with no security implications other than the risk of diversion to the listed corporate relative. For example, 264 large state companies alone had nearly 56,000 subsidiaries in 2019. An academic research paper has found that 5.5 million Chinese firms are part of big business groups.
The question then arises: Since sensitive goods can be transferred between Chinese entities, particularly subsidiaries, how should the government minimize unintended consequences on subsidiaries in industries unrelated to the entity-listed firm that would be cut off from exports of even harmless US-origin goods like word processing software?
The BIS can target controls along two dimensions: the scope of entities and severity of restrictions. Generally, the BIS has in the past more narrowly targeted specific entities with severe restrictions. More than 80 percent of entity-listed firms are subject to a blanket denial on US-origin goods that would not even allow them to buy US beef.
It is thus quite rare for the severity of restrictions to be calibrated for certain goods related to the security risk of a specific entity-listed company. For example, the blacklisting of Chinese chipmaker SMIC required US firms to obtain licenses for all exports to it, while denying exports of semiconductor manufacturing equipment only for production of highly advanced chips at or below 10 nanometers. The strict licensing default[1] made sense with careful subsidiary targeting, but it may be excessive to do so throughout large Chinese conglomerates.
Separate from the blacklists, controls can ban sales of technology with the highest perceived risk of diversion to problematic uses to any Chinese firm or anyone in China. Examples are quite rare and include controls on AI chips and chipmaking equipment or the longstanding US arms embargo on Chinese entities. The new rule does not affect these controls.
The 50 percent rule has a precedent in the separate category of financial sanctions overseen by the Treasury Department. But unlike the BIS, the Treasury has always blacklisted companies knowing that the subsidiaries would also face restrictions. The BIS may have been more careful with listings had it known they would later cascade rather than stay targeted at the named entity. A December 2024 PIIE Policy Brief found that major Chinese tech companies were completely absent from Treasury sanctions lists, possibly to avoid severe escalation and unintended consequences that would ensue for such large conglomerates. BIS blacklisting, however, includes many major Chinese tech companies.
Unintended consequences
US exporters will now bear greater responsibility for identifying problematic foreign firms, shifting the onus away from the US government. Small exporters will struggle to perform these tasks.
To understand why the rule will bog down US exports to China in red tape, consider the perspective of a US firm exporting nonsensitive goods or technology not specifically restricted. Previously, the exporter had to check whether its specific customers were on the US government’s publicly available consolidated blacklist, whether the export was for a banned end use like military applications, or whether the customer had red flags like sharing an address with an entity-listed company that would trigger a need for more due diligence.[2] Now, however, the BIS says, the US firm “has an affirmative responsibility to know the ownership of the foreign companies that are parties to the transaction,” subjecting it to far more risk of inadvertently violating the rules.
It is also not enough to know whether the customer or its owners are on a blacklist. The seller now may need to investigate a widely branching corporate family tree to avoid violating the rule—a nearly impossible task. Before every export, the seller will have to investigate a variety of 50 percent ownership trails, which could be a combination of three entity-listed firms owning 20, 20, and 10 percent flowing from their owners back down to the customer. Even tiny overlaps without ownership, like shared board members, could trip “red flag” guidance that could doom the export to license limbo.[3]
An additional complication is that if a foreign firm is subject to the new rule because overall ownership by affected or listed entities exceeds 50 percent, the strictest limit on any of the parents applies. Thus, a buyer/importer that is 0.1 percent owned by a Chinese semiconductor company on lists that apply the strongest extraterritorial control would face a complete block on chips made anywhere in the world. If a Taiwanese or Korean chipmaker’s due diligence misses that tiny link, they could face consequences.
All these rules impose heavy burdens on US semiconductor equipment companies, which previously have been able to export to facilities for production of less advanced chips. These US exports could now be blocked. Competitors of US firms in Japan and other countries will easily fill the void, and Chinese semiconductor equipment makers will also step in, gaining revenue and experience that aid China in developing a homegrown industry that the US sought to thwart in the first place.
What the BIS should do
The BIS should consider first delaying the 50 percent rule[4] and at least revise the rule to reduce unintended consequences, for example by excluding goods like agriculture and basic software[5] from the ban on exports to affiliates of listed entities. Restrictions, and scarce BIS enforcement resources, should be focused instead on the most sensitive goods sold to Chinese entities. There should also be a minimum threshold, for example 5 or 10 percent ownership, required to trip the most restrictive licensing policy of corporate parents subject to restrictions.
The BIS should also publish more detailed guidance on due diligence it expects, including a safe harbor for exporters who performed proper due diligence but did not catch last minute corporate ownership changes. One way the BIS could reduce uncertainty would be to publish itself more extensive lists of firms it knows should be affected by the rule rather than forcing firms to duplicate efforts to identify all the subsidiary chains themselves each time they export.
Notes
1. There is an even stricter licensing rule applied only to a small subset of entities on “footnote” blacklists, including entities like Huawei, that apply extraterritorial bans to stop them from buying not only US technology but also chips produced in places like Taiwan with US technology.
2. Compliance depending on the good can often be more complex, such as ensuring an unknown company in Southeast Asia is not ordering sensitive AI chips, but this example generally holds for low-sensitivity goods.
3. Exporters have to “resolve” the red flag or need a license from the BIS. Based on my discussions with industry insiders, any red-flagged export is unlikely to receive a license.
4. The temporary general license (TGL) that delays implementation until December 1 applies only to sales to allied countries and entities that are a joint venture with US or allied firms.
5. In export control parlance, most US goods with no clear link to security issues are classified as EAR99, which stands for Export Administration Regulations 99. These goods are not singled out on any control list. The US could exempt EAR99 from the new rule, making the restriction apply only to goods potentially of concern.
Data Disclosure
This publication does not include a replication package.
