Export Controls – how the new BIS ‘50% Rule’ will expand the coverage of US restrictions, creating a new compliance challenge to be solved by November 2026

Introduction

• The Context: The US-BIS maintains both an ‘Entity List’ and a ‘Military End-Users’ (MEUs) list of foreign individuals and entities under the US Export Administration Regulations (US-EAR), which seek to prevent certain US items and IP from being shared with foreign actors of concern. Companies exporting items across various sectors – including semiconductors, aerospace, advanced computing, and defence – must seek a licence before dealing with any party named on these lists.
• What changed in 2025: In September 2025, the US-BIS issued an interim final rule that automatically extends these restrictions to any foreign entity that is 50% owned by listed parties, even if that entity is not named on the list. The new rules will now come into force in November 2026, and will apply to each of the Entity List, the MEU List and certain additional Specially Designated Nationals (SDN).
• The challenged for 2026: Once enforced, the new 50% Rule will create significant new liability when it comes to ensuring compliance with US export control rules. Although covered companies will have well established processes for complying with US-EAR, they have not been required to screen for affiliates previously and this will require further due diligence than the standard screening previously undertaken.
  In this article we discuss what the new US-BIS changes are, and how companies can navigate them.

What changed?

• Ownership-based coverage: If a customer, supplier, JV vehicle or distributor is ≥50% owned by one or more listed parties, that affiliate will soon be treated as listed itself, and so subject to the same licence requirements and restrictions as its owner. Previously, restrictions only applied to the listed entity, which allowed companies to create wholly-owned subsidiaries which could operate without being subject to the rules, provided the affiliate itself was not listed (subject to red flags from self-assessments).
• Direct and indirect ownership are now all in scope: The new rule will capture multi-layer, cross-border chains (for example, listed parent → four separate offshore holding companies in separate locations → regional operational company), requiring a nuanced understanding of the full ownership chain of each third party.
• Individual and aggregate ownership are also both in scope: Entities which are owned by three listed parents holding 17% each will be covered by the new rules, even through no single listed entity has a significant controlling stake in the company. Again, this makes a nuanced understanding of ownership structure crucial.
• Priority is given to the highest level of restriction: If an entity is owned by multiple listed parties with varying levels of restriction, the most restrictive licence requirements and policies within that population will apply to that entity (irrespective of the comparative stakes held).
• Strict liability: Compliance is on a strict liability basis, meaning that entities required to operate under US-EAR are held fully responsible if they accidentally engage with an entity that is 50% or more owned by a listed party, with no defined defences under US-BIS’s new rule.

As a consequence, exporters, re-exporters, and transferors all soon have an affirmative duty to undertake increased due diligence to determine the full ownership structure and percentage of foreign ownership in all of their covered transactions. Covered parties will also need to be cautious of third parties which fall short of the 50% Rule but also have other significant links with listed entities (such as overlapping board members) where it is possible the true ownership is being obscured. 

If an exporter cannot determine the ownership structure, this should itself be considered a ‘Red Flag’, which can be mitigated either by obtaining a license from US-BIS or identifying an applicable license exception before proceeding. This is a time consuming and expensive process, which could be potentially avoided with more careful and in-depth due diligence.

Who is affected?

Industry analysts estimate thousands of additional affiliates could soon be in scope—particularly across Chinese technology ecosystems (e.g., semiconductor supply chains) – with these changes impacting:

• Exporters and re-exporters of US-origin items or foreign-made items subject to the EAR (including software and technology).
• Subsidiaries of US entities based outside of the US that transact with customers or suppliers tied—directly or indirectly—to Entity List or MEU parties.
• Financial institutions, logistics providers, and platform operators (if they want to export related items subject to the EAR) whose screening relied on name-only matching.

Proactive screening will be necessary to protect firms. We recommend firms take the following actions as the deadline for implementation approaches, to be better positioned for this regulatory change.

Key actions for your EAR compliance program for FY 2026

1. Turn on ownership screening
   • Expand denied-party screening from name matching to ownership resolution (direct and indirect) at the 50% aggregated threshold.
   • Understand and include any board members who are linked to listed and affiliates entities.
   • Prioritise high-risk counterparties: such as those linked to Chinese advanced manufacturing, the defence-adjacent sectors, and any counterparty previously associated with the Entity List or MEU List.
2. Refresh KYC/KYS data collection
   • Include beneficial ownership attestations and org-chart exhibits to onboarding; and require update rights for ownership changes.
   • Embed contractual declarations and warranties that a counterparty is not 50% owned, singly or in aggregate, by listed parties—and mandate a notification for any changes.
3. Map your supply chain exposure
   • Build a heat-map of parts, tools, software and services touching newly covered affiliates; identify drop-in substitutes and last-time-buy contingencies.
4. Re-paper critical agreements
   • Insert suspension/termination clauses tied to new EAR coverage.
   • Align incoterms and end-use/end-user statements with the new Affiliates Rule.
5. Recalibrate licensing strategy
   • Where business is strategic and risk-manageable, perform item/jurisdiction/end-use triage and consider targeted license applications—but plan for likely denials for advanced technology.
6. Upgrade controls & systems
   • Integrate ownership graphs into screening tools; log audit trails for determinations (to document “why we concluded < 50% or no aggregation”).
   • Calibrate Red Flag rules for: complex nominee structures, recent restructurings, and unexplained investor syndicates.
7. Train teams and brief management
   • Provide targeted training for sales, sourcing, logistics, treasury, and regional leadership on the Affiliates Rule and the transitional timeline.
8. Ensure your systems capture the correct legal entity names
   • Legal entity name changes can take place, ensure your systems, procurement, legal and trade compliance teams have all the relevant details to identify the correct legal entity, including former names.

How we can help

Deloitte’s Trade Compliance team supports Fortune 500 and global listed companies with:

• Rapid and comprehensive shareholder mapping with exposure scans against the new 50% ownership test
• Counterparty remediation playbooks and contract language
• Licence strategy and dossier preparation
• Screening system enhancements (ownership graphing, rulesets, and audit)
• Targeted training and board-level briefingsFor more information on the new rules and to discuss how 

For more information on the new rules and to discuss how Deloitte can support you with this significant trade compliance change, please contact Julia Hurley (juliahurley@deloitte.co.uk) in our Trade Compliance team.

Author: Dr. Yiyun Ding (yiyunding@deloitte.co.uk Senior Consultant at Deloitte Corporate Intelligence Service)

Author: Roopa Lentini (rlentini@deloitte.co.uk Senior Manager at Deloitte Export Control)