U.S. Commerce Department Strengthens Export Controls to Restrict China’s Semiconductor Production

At a Glance

• The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) announced two new rules under the Export Administration Regulations (EAR), which are designed to impair the People’s Republic of China’s (PRC) ability to produce advanced weapons systems, artificial intelligence and other emerging technology. 
• The rules include, among other things: (i) two new Foreign-Direct Product (FDP) rules; (ii) 140 additions to the Entity List; (iii) new controls on certain advanced computing items, including high-bandwidth memory (HBM) commodities, supercomputers and semiconductor manufacturing equipment (SME); and (iv) new “red flag” guidance for compliance programs. The rules are effective December 2, 2024, with a delayed compliance date of December 31, 2024, for certain controls and Entity-List-related requirements. 
• Companies should take steps now to determine the applicability of these new regulations to their business activities and incorporate the new guidance into their compliance programs.

Background

On December 2, 2024, BIS announced two new rules under the EAR targeting the PRC’s ability to produce “advanced-node” semiconductors, including advanced-node integrated circuits (ICs), which can be used in advanced weaponry, artificial intelligence and advanced computing with significant military applications. These new rules build upon a series of rules issued under the EAR in October 2022 and October 2023 concerning advanced semiconductors and related SME. The first rule, an interim final rule (IFR) effective on December 2, 2024, added two new FDP rules and added and refined controls on advanced computing and SME items. BIS will receive public comments on the IFR until January 31, 2025. The second new rule, a final rule with an effective date of December 2, 2024, concerns Entity List additions (Final Rule). The IFR and Final Rule have a delayed compliance date of December 31, 2024, for certain controls and Entity List-related requirements linked to Footnote 5 designations. Certain key provisions of these rules are summarized below. 

Key Provisions

Two New FDP Rules

Under the EAR, FDP rules provide that foreign-produced items are subject to the EAR when they are a direct product of certain U.S.-origin technology or software, or are produced by a plant or major component of a plant that itself is a direct product of certain U.S.-origin technology. The IFR added two new FDP rules in § 734.9 of the EAR for: (i) certain advanced SME that are essential to, or support, producing advanced-node ICs, which have important military applications (SME FDP); and (ii) the entities designated on the Entity List with new “Footnote 5” (FN5 FDP). The IFR also adds new de minimis provisions corresponding to the FN5 and SME FDP rules. Importantly, BIS stated that the agency “has found that there is a significant prevalence of certain types of U.S.-origin tools (or foreign-produced tools that are subject to the EAR) in fabrication facilities [globally] for the production of ICs. It can thus be presumed that any integrated circuit has been produced using at least one U.S. tool qualifying as a major component.” (emphasis added). Therefore, BIS intends its new FDP rules to apply broadly. 

• The IFR implements the FN5 FDP rule to make certain foreign-produced items subject to the EAR (e.g., commodities relevant to semiconductor production and related activities) and requires a license if the exporter, reexporter or transferor has “knowledge” (e.g., reason to know) that: (i) such foreign-produced commodities will be incorporated in any part, component or equipment produced, purchased or ordered by an entity with a Footnote 5 designation; or (ii) any entity with a Footnote 5 designation is a party to any transaction involving such foreign-produced commodities. Notably, Note 3 to § 734.9(e)(3)(i)(B)(2) of the EAR clarifies that if a foreign-produced item contains an IC, and that IC was produced with the use of a tool that itself was a “direct product” of U.S.-origin technology or software specified in the Export Control Classification Numbers (ECCNs) in such section, then the product scope would be met. 
• Under the SME FDP rule, specified foreign-produced commodities of national security concern meet the destination scope of the SME FDP if there is “knowledge” that the foreign-produced commodity is destined to, among other countries, China. As an example of the broad application of the new SME FDP rule in § 734.9(k), BIS explained in the preamble of the IFR that the product scope of paragraph (k)(1) is met if a foreign-produced commodity contains an IC that is produced by a complete plant or major component of a plant that itself is a “direct product” of U.S.-origin technology” or software specified in the ECCNs described in paragraph (k)(1)(ii)(B). Even broader than that example is the fact that the SME FDP rule also controls a foreign-produced commodity which “contains a commodity produced by any complete plant or ‘major component’ of a plant that is located outside the United States when the complete plant or ‘major component’ of a plant, whether made in the U.S. or a foreign country, itself is a ‘direct product’ of [certain] U.S.-origin ‘technology’ or ‘software.’” (emphasis added).

Additions to the Entity List

In the Final Rule, BIS added 140 entities to the Entity List including semiconductor fabricators, tool manufacturers and investment companies in China, Japan, South Korea and Singapore that the U.S. government determined are involved in the development and production of advanced-node ICs and semiconductor manufacturing items in support of the Chinese government’s military modernization initiatives. BIS designated nine of the 140 entities being added to the Entity List with a Footnote 5, which extends the Entity List license requirements to foreign direct products subject to the EAR on the basis of the FN5 FDP rule in § 734.9(e)(3).

New License Exception Restricted Fabrication Facility (RFF)

The IFR adds new License Exception RFF to allow certain items, including specified SME, to be exported, reexported or transferred to certain fabrication facilities that are subject to end-user-based license requirements, but that are not currently producing advanced-node ICs. The license exception excludes, among other things, items essential for producing advanced-node ICs, and will require pre-shipment notifications, end-use monitoring and annual reporting. 

New SME and HBM Controls

The IFR adds controls on: (i) certain types of SME and related items that are used to produce advanced-node ICs; and (ii) certain HBM commodities that provide necessary memory capacity and bandwidth needed for advanced artificial intelligence models and supercomputing applications. With regard to SME and related items, the IFR adds new de minimis provisions corresponding to the FN5 and SME FDP rules along with other conforming changes. The IFR also clarifies the end-use controls described in § 744.23 of the EAR, including clarifying that § 744.23(a) restricts the provision of certain types of computer-aided design software and technology when there is “knowledge” that it would be used for the design of advanced-note ICs whose subsequent production will be in certain countries, including China. 

BIS is also revising § 744.23(a)(4) to remove a qualification it had added in the October 2023 rule delineating the application of the rules between “front-end integrated circuit ‘production’ equipment” and “back-end integrated circuit ‘production’ equipment.” It is no longer delineating between the two, to eliminate the risk that “back-end” equipment will be diverted to “front-end” use. 

With regard to HBM commodities, BIS added a new ECCN control on HBM stacks with a specific memory bandwidth density to ECCN 3A090.c. BIS also added License Exception HBM to authorize certain exports, reexports and transfers for some of the new HBM commodities that the IFR adds to ECCN 3A090.c. 

Clarification on Export Controls Applicable to Software Keys

The IFR revises existing § 734.19 of the EAR (transfer of access information) by adding a new note to describe the export control treatment of software license keys. Specifically, a new paragraph was added to state that software keys, which allow users the ability to use software or hardware by providing access to it, are classified and controlled under the same ECCNs as the corresponding software or hardware to which they provide access (e.g., a software license key that allows the use of hardware classified under ECCN 5A992 would be classified under ECCN 5D992).

Revisions to the Commerce Control List

In Category 3 of the Commerce Control List, the IFR revises eight existing ECCNs and adds eight new ECCNs, including new ECCNs 3B993 and 3B994 for items that enable or support advanced-node IC production, but do not warrant nationwide license requirements or a presumption of denial on the basis that BIS believes such items have legitimate applications in non-advanced-node production. 

Additional “Red Flags” for Compliance Guidance

BIS added eight new “Red Flags” to its “Know Your Customer” Guidance and “Red Flags” in supplement no. 3 to part 732 of the EAR, which are intended to help identify potential compliance issues and prevent the diversion of controlled items to unauthorized entities. The “Red Flags” include, among other topics, guidance to assist parties with determining whether their products fall within the new FDP rules and how parties should act under the knowledge standard included in various requirements of the EAR.

Key Takeaways

Companies involved in the semiconductor industry should carefully review the new regulations, including the fact patterns described in the “Red Flags,” and evaluate their applicability to their business activities. In particular, companies should consider the actions below:

1. Evaluate Foreign Direct Product Rule Exposure

The FDP rules are complex and can create significant risk of exposure to U.S. export controls enforcement mechanisms for companies manufacturing foreign-produced items in the semiconductor industry. BIS has levied heavy penalties where companies have done business with restricted parties without a license — even where manufacturing and distribution occurred outside the United States — because some of the equipment used to manufacture and test the goods outside the United States was the “direct product” of U.S.-origin technology. 

Companies should evaluate their manufacturing supply chain in light of these new rules, particularly if they sell equipment used for semiconductor manufacturing that they know is destined for China or other restricted countries or otherwise conduct business with “Footnote 5” entities on the Entity List. When applying these rules, it is important to remember that BIS presumes that “any integrated circuit has been produced using at least one U.S. tool qualifying as a major component.”

2. Update Compliance Guidelines and Screening Tools

Companies should closely review the new “Red Flags” issued by BIS and, to the extent they are relevant, incorporate such concepts into existing compliance programs. Companies should also confirm that their screening tools (which are sometimes provided by third-party vendors) have been updated prior to the delayed December 31, 2024, compliance deadline to include additions (and modifications) to the Entity List, so that no transactions that are now prohibited absent a license are executed. Failure to incorporate the guidance or screening information could be treated as an aggravating factor in any future enforcement activity.

3. License Applications and Advisory Opinions

If the new regulations are likely to affect existing business, companies should consider applying for a license to engage in the transaction(s) notwithstanding the new restrictions. Such licenses are often not granted, but BIS has indicated it will do so in certain circumstances. To the extent companies identify any red flags in light of these new rules that cannot be resolved, companies should consider submitting an advisory opinion to BIS. 

4. Voluntary Self-Disclosure (VSD)

If it comes to a company’s attention that there are potential violations of these new regulations, consider submitting a VSD to BIS and, if the violation appears to be willful or otherwise in violation of the law, submitting a self-disclosure to the Department of Justice (DOJ). Both BIS and the DOJ have emphasized the importance of self-disclosure in their decisions about whether and to what degree to pursue civil or criminal enforcement. For example, in May of this year, DOJ declined prosecution when a company self-reported what it believed to be criminal export violations by an employee. 

5. Submit a Comment

Although the IFR is effective, companies should consider submitting a comment to BIS if certain of the changes are ambiguous and therefore challenging to implement, or unduly burdensome. Comments may lead to adjustments or clarifications by BIS in future rulemaking or guidance.