International Traffic in Arms Regulations compliance
Technology and AI companies operating in dual-use hardware, software, and data transfers face direct exposure under the International Traffic in Arms Regulations, administered by the U.S. Department of State Directorate of Defense Trade Controls with enforcement coordination from the U.S. Department of Justice. The DDTC's 2023 proposed rule on emerging technology controls and ongoing Category XIII and Category XIV revisions to the U.S. Munitions List are forcing compliance teams to re-examine how AI model weights, semiconductor tooling, and cybersecurity software are classified before any cross-border transaction closes. Classification errors here carry criminal exposure, not just civil penalties.
Watch
- USML Category XIII revisions: pending changes to how AI-enabled defense articles are classified
- DDTC enforcement pattern: voluntary disclosures spiking in software-defined radio and dual-use AI tooling
- EAR-ITAR jurisdictional boundary disputes on large language model exports to non-Five Eyes partners
- Proposed rule on foreign national access controls for cloud-hosted ITAR-controlled technical data
Recent material activity in Technology, AI & Competition
-
NIST releases updated AI Risk Management Framework companion guide for critical infrastructure
NIST published AI RMF 1.1 companion guidance specifically addressing AI deployment in critical infrastructure sectors including energy, financial services, and healthcare. The guide introduces mandatory risk assessment c…
Read a full sample brief →