LenzoBlogChina Export Controls: Products Requiring BIS Licenses
Last updated:
January 13, 2026

China Export Controls: Products Requiring BIS Licenses

Lenzo Compliance Team
China Export Controls
Export License
BIS Entity List
Export Compliance
ECCN Classification

A semiconductor equipment distributor in San Jose shipped deposition tools to a long-standing customer in Shenzhen last spring. Routine transaction. Same buyer they'd worked with for eight years. Except the buyer's parent company had landed on the Entity List two weeks prior. Nobody caught it. The shipment cleared U.S. customs before BIS enforcement tracked it down.

Now they're staring at $374,474 per violation. The shipment had 47 units.

We've watched companies make this exact mistake. Not because they're careless — because China export controls have become a minefield that shifts faster than most compliance teams can map.

Key Takeaways

  • China (including Hong Kong and Macau) sits in Country Group D:1 and D:5, triggering license requirements across most controlled ECCNs (15 CFR 738, Supplement No. 1)
  • BIS maintains 900+ Chinese entities on the Entity List as of early this year, with 80+ added last spring alone targeting AI, quantum, and hypersonic weapons programs
  • Advanced computing items (ECCN 3A090, 4A090) face presumption of denial; don't expect approval
  • Military End Use restrictions under EAR §744.21 require licenses for 31 item categories regardless of your ECCN

Which Product Categories Trigger China License Requirements?

EAR99 items — the catch-all for commercial goods without a specific classification — don't get a free pass either. If your customer sits on the Entity List, even EAR99 stuff needs a license. And that list grows every quarter.

  • Semiconductors and Manufacturing Equipment. ECCNs 3B001, 3B002, 3B090 — etching, deposition, lithography, inspection gear. License required. Presumption of denial. High-bandwidth memory under the new controls? BIS wants to see your paperwork regardless of specs. We talked to a fab equipment company last fall that had three license applications pending for seven months. Still waiting.
  • Advanced Computing. ECCN 3A090 catches integrated circuits above certain Total Processing Performance thresholds. ECCN 4A090 covers computers containing those chips. The rules that dropped early last year expanded these controls and created License Exception NAC — but NAC requires 25-day advance notice to BIS, and China shipments get case-by-case scrutiny. Not automatic. Not fast.
  • Quantum Computing. Dilution refrigerators, ion trap systems, cryogenic equipment — all licensed now under ECCNs 3B904 and 3A904. BIS added seven Chinese quantum companies to the Entity List last spring specifically because they were acquiring U.S. cryogenic gear. The message was clear.
  • Test and Production Equipment. Machine tools, measuring instruments, precision manufacturing equipment in CCL Categories 2B and 3B. License requirements depend on accuracy specs and control system capabilities. The technical thresholds trip up companies that haven't updated their classification reviews in a while.

How Does the Entity List Change Things?

The Entity List works as a bolt-on license requirement targeting specific parties. It overrides everything else. An item that would normally ship No License Required suddenly needs BIS approval if the consignee, end user, or any transaction party appears on the list.

BIS added over 80 entities last spring across two final rules. Twelve targeted AI and exascale supercomputer development. Twenty-seven went after hypersonic weapons programs. Seven hit quantum technology — specifically companies that had been supplying dilution refrigerators to already-listed research institutes.

That pattern wasn't new. BIS has been adding Chinese entities in virtually every quarterly update since advanced computing controls kicked in. The list now tops 900 Chinese entries: semiconductor fabs, research universities, defense institutes, trading companies, subsidiaries.

Two things we've seen trip up compliance teams repeatedly:

First, subsidiaries and affiliates get added quietly. The parent company makes headlines; the subsidiary listings show up weeks later with less fanfare. Inspur Group got listed a couple years back. Its cloud computing subsidiaries appeared in subsequent updates. If you're only screening the parent, you're exposed.

Second, trading companies and distributors now land on the list. Scikro Instruments — both the Hong Kong and Shanghai entities — got added for supplying dilution refrigerators to listed parties. Companies that supply Entity List parties can become Entity List parties themselves. Think about what that means for your distribution network.

The practical reality: screening Chinese customers against a static quarterly download doesn't cut it anymore. You need real-time monitoring that catches additions between your quote and your shipment. We've seen deals fall apart because the customer got listed during the contract negotiation phase.

What About Military End Use Restrictions?

BIS publishes "Know Your Customer" guidance and a red flags list. Worth reading. Ignoring obvious warning signs creates willful violation exposure even when your customer doesn't appear on any screening list. "We didn't know" stops working as a defense when the signs were there.

China's military-civil fusion strategy deliberately erases boundaries between commercial enterprises and military applications. That nominally private Chinese company might have institutional investors, board members, or research partnerships that tie directly to defense programs. Due diligence for China means looking past the corporate registration documents.

  • Customer won't provide end-use information
  • Delivery address matches a known military facility or research institute
  • Order quantity doesn't fit normal commercial patterns
  • Customer wants unusual shipping routes or documentation
  • Deal involves intermediaries in countries known for transshipment

How Have Controls Changed Recently?

The regulatory environment has shifted dramatically over the past twelve months. If you're working from guidelines written before last January, you're behind.

Early last year brought two interim final rules expanding advanced computing controls. Compliance deadlines hit by late spring. BIS introduced License Exception NAC and new notification requirements for foundries. The rules moved fast.

Spring brought 80+ Entity List additions targeting AI development, quantum computing, hypersonic weapons, and companies supplying already-listed parties.

By fall, BIS removed Samsung and SK Hynix facilities from the Validated End User program, effective end of last year. Foreign fabs in China that had operated under simplified authorization now need individual licenses.

This January brought a partial policy shift for certain AI chips. BIS moved from presumption of denial to case-by-case review for chips below specified TPP thresholds. But that case-by-case process requires third-party testing in the United States and documented compliance procedures at the Chinese purchaser. The door cracked open. The paperwork pile got bigger.

What Steps Actually Reduce Risk?

Start with classification accuracy. China's framework makes your ECCN consequential in ways that don't apply to allied destinations. The difference between 3A991 and 3A001 determines whether you ship next week or wait months for BIS review. Get the classification wrong and everything downstream breaks.

Screen every party to the transaction. Not just the end user. Consignees, freight forwarders, banks, intermediate consignees — they all matter now. Entity List additions increasingly target trading companies and distributors, not just the final recipient.

Real-time monitoring beats point-in-time screening. BIS updates the Entity List through Federal Register notices that take effect immediately or within 30 days. A customer you cleared last month might be restricted today. We've seen it happen mid-shipment.

Document everything. License applications require detailed end-use statements, and BIS enforcement relies heavily on what the exporter knew or should have known. If your customer gives you weird answers to end-use questions, write down the questions and the responses. If red flags appear and you decide to proceed anyway, document the additional diligence you performed. Paper trails save companies.

And honestly? Consider whether the deal makes business sense given the compliance burden. Some China opportunities cost more in overhead and risk exposure than they generate in margin. Not every sale is worth chasing.

FAQ

  • Does EAR99 classification mean no license is needed for China? Not automatically. EAR99 means no ECCN-based requirement, but Entity List restrictions override that classification. If your Chinese customer appears on the Entity List, you need a license regardless of EAR99 status. Military end use controls also apply to EAR99 items when you have knowledge of restricted applications.
  • What happened to the Validated End User program for China? The VEU program let pre-approved end users receive controlled items without individual export licenses. Several Chinese semiconductor facilities operated under VEU authorization. BIS pulled Samsung and SK Hynix China facilities from the program effective late last year. Remaining authorizations are narrow and under ongoing review. Don't count on VEU as a reliable path.
  • How long does BIS take to process China license applications? Standard timelines run 30-90 days, but China applications frequently stretch longer due to interagency review. Applications involving advanced computing, semiconductor manufacturing equipment, or Entity List parties can take 120+ days. BIS provides no guaranteed timeline, and applications get returned without action for incomplete information. Build buffer into your delivery commitments.

China export controls keep moving. Regulations change quarterly. Entity List additions drop monthly. Enforcement priorities shift with the political winds. Screening platforms — Lenzo, Descartes, Visual Compliance, and others — help automate restricted party checks and classification lookups. But the underlying judgment call — whether a transaction creates unacceptable risk — still comes down to human expertise and your organization's risk appetite. Software flags the problem. People have to decide what to do about it.

Sources

More to explore

View all
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Trade Compliance FAQ: 25 Questions Every SMB Exporter Gets Wrong

OFAC's maximum civil penalty hit $377,700 per violation in January 2025. BIS bumped its ECRA penalty cap to $374,474 the same month. The questions compliance teams ask haven't changed much over the years. They've just gotten a lot more expensive to answer wrong.
Last updated:
November 27, 2025
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Trade Compliance Glossary: Terms Every Exporter Needs

Your customs broker just emailed about an ECCN classification conflict with the freight forwarder's HTS determination. Legal wants to know if the end-user triggers EAR99 or needs a BIS license review. And someone in accounting keeps confusing OFAC with OFCCP. Again.
Last updated:
November 28, 2025
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

Best Trade Compliance Software for SMB Exporters (2026)

OFAC civil penalties blew past $254M by mid-2025. BIS piled on with over 170 Entity List additions across 6 separate rulings between January and October. And the part that keeps compliance teams awake: none of those penalties landed because someone forgot to screen a counterparty.
Last updated:
February 12, 2026
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.
This is some text inside of a div block.

License Exception Eligibility: Quick Reference

BIS published 2,847 updates to the Export Administration Regulations in 2025. Seventeen directly affected license exception eligibility for at least one ECCN category. For compliance teams processing 50–200 shipments monthly, tracking which exceptions apply to which items has turned into a puzzle that resets every few weeks.
Last updated:
February 11, 2026
Lenzo — Trade Compliance Platform
TOOLS
Tariff CalculatorCompliance ServiceCanada TariffsHS CodeUS Tariffs on ChinaOFAC SearchMexico TariffsHSN Code List
Legal
Acceptable Use PolicyAI Data Usage PolicyBilling & Refund PolicyCookies PolicyData Processing AddendumPrivacy PolicyTerms of Service
Lenzo - Trade Compliance © 2026 All rights reserved
Secure read-only integrations
AES-256 encrypted data
OAuth 2.0 access