BIS — U.S. Bureau of Industry and Security
The Bureau of Industry and Security is a U.S. Department of Commerce agency responsible for administering and enforcing export controls on dual-use goods, technology, and software with national security implications.
Overview
BIS is not an intelligent document processing vendor. The agency administers the Export Administration Regulations, maintains restricted party lists including the Entity List and Denied Persons List, and investigates export control violations. It appears in this directory because its regulatory actions directly shape the compliance surface for AI infrastructure vendors, cloud providers, and enterprises operating document processing workflows that involve advanced compute hardware with any China-facing exposure.
Two enforcement and regulatory actions in early 2026 define BIS's current posture. In February 2026, BIS reached a $252 million settlement with Applied Materials Inc. and its Korean subsidiary for routing ion implanters from Korea to a Chinese end-user placed on the Entity List in 2020. The shipments occurred in 2021 and 2022. The penalty equals twice the approximately $126 million transaction value, the statutory maximum, and is the second-highest in BIS history. Settlement terms require multiple audits of Applied Materials' export compliance program and annual certifications tied to those audits. Personnel responsible for the illegal shipments, including compliance employees and senior global trade and production executives, are no longer employed at either entity. The structure of the settlement is notable: rather than treating the penalty as a one-time resolution, BIS retains ongoing visibility into Applied Materials' compliance program through the audit and certification requirements.
In January 2026, a final rule effective January 15 (FR Doc. 2026-00789, 91 FR 1684) shifted the license review posture for Nvidia H200- and AMD MI325X-class chips exported to China and Macau from a presumption of denial to case-by-case review, subject to nine certification conditions. A companion Presidential Proclamation signed January 14, 2026 imposed a 25% Section 232 tariff on covered chips not destined for the U.S. supply chain. Congress appropriated at least $10 million in FY26 funding specifically for enforcement of ECCN 3A090 restrictions, signaling that BIS intends to audit compliance with the new conditions rather than merely process license applications.
China's immediate response, halting H200 clearances and instructing domestic companies to avoid the chips unless necessary, suggests Beijing reads the rule's conditions as effectively restrictive rather than permissive. If that posture holds, the practical effect may be closer to the prior presumption of denial than the regulatory text implies.
For companies researching trade compliance document automation, see iCustoms for customs declaration processing or 6Estates for financial document processing in regulated environments.
How BIS — U.S. Bureau of Industry and Security Processes Documents
BIS is a regulatory authority, not a software vendor. It publishes regulatory guidance, enforcement orders, licensing decisions, and Federal Register rules as government documents. No document processing pipeline, OCR engine, or extraction platform exists to describe.
The January 15, 2026 final rule does, however, define document and data obligations that exporters must fulfill to qualify for case-by-case chip export review. These obligations function as a compliance document processing requirement imposed on the industry. Exporters must submit full technical specification disclosures covering total processing performance, total DRAM bandwidth, interconnect bandwidth, copackaged DRAM capacity, and peak power at maximum TPP. They must maintain Know Your Customer records for remote end users, disclose IaaS remote end users in Belarus, China, Cuba, Iran, Macau, North Korea, Russia, and Venezuela, and provide physical security descriptions. Pre-export review by a qualified U.S.-based third-party testing lab is required before each shipment. BIS estimates approximately 100 additional license applications per year under the new framework, adding 28.3 burden hours per application under OMB control number 0694-0088.
The revocability of lab qualifications introduces a structural lever: if BIS revokes a testing lab's qualification, every exporter relying on that lab loses case-by-case review eligibility immediately, with no stated cure period. That feature gives BIS significant administrative leverage over the export pipeline without requiring formal rulemaking.
The pending Remote Access Security Act, which passed the House on January 12, 2026, would extend these controls to cloud-based service delivery. BIS's existing IaaS remote end-user disclosure provisions in the January 15 rule appear designed to anticipate that legislation.
Use Cases
No IDP use cases apply. BIS enforces export controls and administers trade security programs for the U.S. government. Its regulatory actions create compliance obligations that affect vendors in the AI infrastructure and document processing space, but BIS itself does not offer document automation products or services.
Trade Compliance and Export Control
Organizations processing trade documents, customs filings, or cross-border transaction records involving advanced semiconductor hardware must now build KYC workflows for remote end users, engage qualified U.S. testing labs, and maintain TPP accounting across global shipment history to satisfy BIS's January 2026 certification conditions. The $10 million FY26 enforcement appropriation targeting ECCN 3A090 indicates active audit activity, not passive licensing. For vendors offering trade compliance document automation, see iCustoms.
Financial Services and Sanctions Screening
BIS maintains the Entity List, Denied Persons List, and other restricted party databases that financial institutions and document processing platforms must screen against. The March 2026 suspension of License Exception SCP for Cuban-owned bank transactions is one example of the regulatory changes that compliance document workflows must track. For financial document processing in regulated environments, see 6Estates.
Technical Specifications
| Feature | Specification |
|---|---|
| Document Types | Not applicable |
| Input Formats | Not applicable |
| Output Formats | Not applicable |
| Processing Pipeline | Not applicable |
| API/Integration | Not applicable |
| Deployment Options | Not applicable |
| Certifications | Not applicable |
| Claimed Accuracy | Not applicable |
Resources
- BIS Website
- BIS News and Updates
- BIS Media and Guidance
- FR Doc. 2026-00789: Revision to License Review Policy for Advanced Computing Commodities
- Mayer Brown: Administration Policies on Advanced AI Chips Codified
- Contact BIS
Company Information
Washington, D.C., United States. The Bureau of Industry and Security is a component of the U.S. Department of Commerce, founded in 1987. It is a federal regulatory agency, not a commercial software vendor. No IDP product, pricing, or deployment information exists to report. Under Secretary of Commerce for Industry and Security Jeffrey Kessler oversees enforcement activity. The agency's Boston Field Office and Homeland Security Investigations jointly conducted the Applied Materials investigation that resulted in the February 2026 settlement.