Products Intelligence Pricing Methodology Contact
TRADE & GEOPOLITICAL RISK

Software Bill of Materials requirements

Software Bill of Materials requirements are landing squarely in the Trade and Geopolitical Risk sector, driven by parallel mandates from the U.S. Cybersecurity and Infrastructure Security Agency under the Biden-era executive order framework and the European Commission's Cyber Resilience Act, which formally entered force in late 2024. Compliance teams at firms with cross-border technology supply chains are now mapping SBOM disclosure obligations against vendor contracts and export control classifications simultaneously. The friction point is real: an SBOM that satisfies a domestic procurement requirement may expose component-level sourcing data that triggers scrutiny under foreign investment screening regimes.

Watch

  • Cyber Resilience Act SBOM provisions: EU enforcement timeline and importer obligations
  • CISA minimum SBOM element standards applied to federal contractor supply chains
  • Dual-use classification risk when SBOM data discloses controlled technology components
  • OMB Memorandum M-22-18 self-attestation deadline extensions and scope clarifications

Recent material activity in Trade & Geopolitical Risk

  • Apr 13, 2026 MATERIAL

    OFAC designates 14 entities linked to Russian defense procurement network

    The Treasury Department's Office of Foreign Assets Control added 14 entities and 6 individuals to the Specially Designated Nationals list for their roles in procuring critical technology components for Russia's defense i…

    Read a full sample brief →
  • Apr 10, 2026 MATERIAL

    BIS adds 22 Chinese semiconductor entities to Entity List for advanced chip diversion

    The Bureau of Industry and Security expanded export controls targeting Chinese semiconductor entities found to be diverting advanced computing chips through third-country intermediaries. New license requirements affect i…

    Read a full sample brief →