To Win the AI Race, Bolster Export Control Enforcement with Intelligence

This article was originally published in Lawfare.

On July 10, the Trump administration released its plan to lead in artificial intelligence (AI). However, the U.S. risks losing this race—not for lack of chips, talent, or capital—but because it is too slowly and reactively enforcing existing export controls on the critical hardware. Current enforcement focuses on investigating and punishing violations after the fact, instead of proactively uncovering and mitigating known ways that adversaries acquire these controlled technologies, such as via smuggling, transshipment, and shell companies. The U.S. cannot afford to stay in such a reactive posture.

The Department of Commerce’s Bureau of Industry and Security (BIS), chronically understaffed and underfunded, cannot keep pace with the scale of the challenge alone. The recent loosening of some export restrictions, such as allowing Nvidia to resume sales of the H20 chip to end users in China, might suggest a reduced need to focus on export control enforcement. In fact, the opposite is true. The narrower the rules, the more essential it becomes to ensure licenses go only to approved recipients, that those “approved recipients” are not users who contribute to China’s use of AI for civil-military fusion, and that monitoring of this occurs continuously rather than as a one-off check. Tighter monitoring will not fully offset the risks created by allowing more AI chips to flow, but it is essential for understanding how these chips are used, by whom, and how they enable downstream capabilities. That intelligence is what makes it possible to design and enforce effective follow-on controls, thus preventing China from acquiring controlled AI chips, high-bandwidth memory, and semiconductor manufacturing equipment (SME) and other chipmaking tools. A renewed enforcement strategy, enabled by whole-of-government capacity, will also be critical to verify that only items approved for export to China, including a potentially new version of the powerful Nvidia Blackwell, are sent there. To start, this could include embedding expertise from the U.S. intelligence community alongside BIS’s legal and technical staff, and shifting enforcement mechanisms from a reactive “punish after violations” model to a proactive “monitor, verify, and prevent” strategy.

In other words, what’s missing is less about drafting new rules and more about consistently executing the ones already on the books. Even the strongest controls fail if enforcement remains reactive. Indeed, the Trump administration’s action plan calls for a partnership between the BIS and the intelligence community for this purpose, but it lacks details on implementation. Ad hoc cooperation already occurs. What’s missing is institutionalized integration at the line level, which is blocked less by technical capacity than by policy trade-offs inside the U.S. government.

Absent clear guidance, well-intentioned leadership in the intelligence community and BIS will almost certainly remain focused on answering today’s mail without planning for a more effective strategy. The capacity for this already exists across the U.S. government—from targeting resources at the CIA and the National Security Agency (NSA) to technical staff at Commerce’s Center for AI Standards and Innovation—but they remain scattered and underused. Intelligence support can help mitigate some of these shortfalls in the near term, though ultimately BIS will need greater resources and modern infrastructure—more secure facilities and classified work stations—to sustain an effective enforcement mission. A serious enforcement strategy will require bringing these efforts under one roof.

Read the full article in Lawfare.