Cross-border data transfer compliance
Cross-border data transfer compliance in Trade and Geopolitical Risk is being reshaped by hard enforcement, not guidance memos. The U.S. Department of Justice's newly operative data transfer restrictions under Executive Order 14117 and the European Data Protection Board's binding adequacy decisions are forcing compliance teams to audit every vendor contract touching sensitive trade data before transfers trigger liability. China's Cyberspace Administration of China has added a separate security assessment layer for outbound data that intersects directly with supply chain and sanctions screening workflows.
Watch
- EO 14117 implementing regulations: which data categories and covered persons trigger restrictions
- EU-U.S. Data Privacy Framework adequacy decision: exposure if the framework faces legal challenge again
- CAC outbound data security assessment deadlines for firms operating cross-border trade platforms in China
- DOJ Enforcement Policy on foreign adversary data: civil penalty risk for trade-adjacent data processors
- EDPB guidance on transfers to third countries via cloud vendors used in sanctions screening tools
Recent material activity in Trade & Geopolitical Risk
-
OFAC designates 14 entities linked to Russian defense procurement network
The Treasury Department's Office of Foreign Assets Control added 14 entities and 6 individuals to the Specially Designated Nationals list for their roles in procuring critical technology components for Russia's defense i…
Read a full sample brief → -
BIS adds 22 Chinese semiconductor entities to Entity List for advanced chip diversion
The Bureau of Industry and Security expanded export controls targeting Chinese semiconductor entities found to be diverting advanced computing chips through third-country intermediaries. New license requirements affect i…
Read a full sample brief →