Export Controls and AI Models: How Global Teams Stay Compliant in 2025

When your AI model crosses a border, it’s not just data moving-it’s a legal risk. In 2025, exporting an AI model isn’t like shipping a box of parts. It’s more like sending a weapon blueprint, even if you didn’t intend it that way. The U.S. Bureau of Industry and Security (BIS) updated its rules in February 2025 to block adversaries from using American-trained AI models to build competing systems. And if your team has engineers in Berlin, developers in Bangalore, or researchers in Seoul, you’re already in the middle of this regulatory storm.

What Exactly Is Controlled Now?

It’s not about the name of your model. It’s about how powerful it is. The new rules target AI models trained with more than 10²⁵ integer or floating-point operations. That’s a massive amount of computing power-roughly what you’d need to train something like GPT-4 or larger. But it’s not just about size. If your model can train another AI at a sustained rate of 48,000 AI operations per second per watt, it’s controlled, no matter where it’s hosted.

This isn’t just about big tech. Startups training models on cloud GPUs, universities running research projects, even small AI labs using rented compute clusters-all of them can trigger these thresholds. And once triggered, you can’t just email the model to a colleague in Canada or upload it to a shared server in Singapore. That’s an export. Even if it’s free. Even if it’s open source. Even if you didn’t mean to send it abroad.

Why Your Global Team Is at Risk

Let’s say your engineering team has five people: two in the U.S., one in Germany, one in India, and one in Brazil. Your lead developer in Germany accesses your training code from their home laptop. That’s a “deemed export.” Under U.S. law, sharing controlled technology with a non-U.S. person, even inside the U.S., counts as exporting it to their home country.

And it’s not just people. If your model is hosted on AWS in Frankfurt, and a team member in Tokyo logs in to fine-tune it, that’s another export. Same if you use GitHub with collaborators overseas. The system doesn’t care if you’re collaborating-it cares if a foreign national interacts with a controlled asset.

Companies that ignore this are getting hit hard. Fines under the Export Administration Regulations (EAR) can reach $1 million per violation-or twice the value of the transaction, whichever is higher. In 2024, the Department of Commerce fined a mid-sized AI firm $850,000 for letting a Chinese national access a training dataset that met the 10²⁵ threshold. They didn’t know it was restricted. They didn’t mean to break the law. But ignorance isn’t a defense.

The Two Ways Companies Handle Compliance

There are two main paths: centralize or decentralize.

Centralized control means one compliance team in headquarters handles everything. It’s cheaper-BIS case studies show a 28% cost reduction for companies under $500 million in revenue. But it’s slow. When your team in Tokyo needs to deploy a model update, they wait days for approval from Chicago. By then, the market has moved.

Decentralized control puts compliance officers in each region. Sixty-three percent of Fortune 500 companies use this model. It’s faster. Local teams understand regional nuances. But it’s messy. You get conflicting interpretations. One office says a model is clear to export; another says it’s restricted. In 2025, 78% of compliance officers named “conflicting regulations across jurisdictions” as their biggest headache.

There’s no perfect answer. But the smartest teams combine both. They centralize policy and training, but decentralize execution. They give regional officers the authority to make decisions-within clear guardrails.

Tools That Actually Work

Manual compliance is dead. If you’re still using Excel spreadsheets to track exports, you’re already behind.

Microsoft’s Dynamics 365 Supply Chain Management is one of the most adopted platforms. It connects to SAP, Oracle, and legacy systems. It has over 200 connectors. It can auto-classify exports using AI trained on U.S. EAR and EU dual-use rules. Early adopters report 92% accuracy in initial classification and a 67% reduction in screening time.

But it’s not flawless. Some Asian regulations aren’t built in. And AI tools can be overzealous. Gartner found 42% of users got false positives-systems flagging harmless exports as risky. That means compliance teams still spend 35% of their time manually reviewing flagged items. That’s not automation. That’s assisted manual work.

Smaller companies can’t afford $2 million systems. But they don’t need to. A custom Dataverse solution with a few key connectors can cost $250,000 and still cover 80% of needs. The key isn’t the price tag-it’s integration. Your compliance tool must talk to your code repo, your cloud provider, your HR system (to track foreign nationals), and your procurement platform (to track GPU purchases).

The Hidden Risk: Catch-All Controls

Most companies focus on the big list: the 10²⁵ threshold, the 48,000 ops/watt rule. But that’s only part of the story.

The real danger is “catch-all” controls. These apply to any item-not just AI models-that could be used in weapons, surveillance, or mass repression. Even if your model isn’t on the official list, if a customer in Russia uses it to track dissidents, you’re in violation.

Dr. Sarah Chen from CSET Georgetown says companies focusing only on listed models miss 68% of compliance risks. That’s not a typo. Two-thirds of violations come from things that weren’t supposed to be controlled-but were used in ways that made them dangerous.

This means you need to ask: Who is using this? Where are they? What are they doing with it? Not just during deployment, but after. That’s why export compliance now needs monitoring, not just screening.

How to Build a Real Compliance Program

The Bureau of Industry and Security lists eight essentials for an effective program. Here’s what they mean in practice:

1. Management Commitment - Your CEO has to say this matters. Not your compliance officer. Not legal. The CEO.
2. Risk Assessment - Map every team, every location, every model. Know where your exposure is.
3. Export Authorization - Don’t guess. If you’re unsure, apply for a license. It takes 30-90 days. Start early.
4. Recordkeeping - Keep logs of who accessed what, when, and why. For five years. No exceptions.
5. Training - Every engineer, every salesperson, every intern needs 4-6 hours of training per year. Microsoft’s certification requires 80 hours just for AI controls.
6. Audits - Do them quarterly. Randomly. Even if you think you’re clean.
7. Handling Violations - Have a plan. Report yourself. The BIS rewards self-disclosure.
8. Formalized Structure - Don’t make compliance a side duty. Assign a lead. Give them budget. Let them report directly to the board.

Companies that do this right don’t just avoid fines. They win. McKinsey found that teams embedding compliance into R&D and sales workflows get to market 3.2x faster than those treating it as a hurdle. Why? Because they don’t get blocked by last-minute surprises. They build compliance into the design.

What’s Coming Next

The rules aren’t static. In Q2 2025, BIS will release clearer guidance on the 10²⁵ threshold. The EU’s Critical Entities Resilience Act (CERA) launches in Q1 2026 and will add new restrictions. And the Wassenaar Arrangement-42 countries including the U.S., EU, Japan, and Australia-just harmonized their AI export rules in November 2024.

But Asia is still diverging. China, India, and Singapore haven’t adopted the same thresholds. That means if you’re selling to all three, you need three different compliance strategies.

McKinsey predicts a 220% spike in AI export license applications between 2025 and 2027. The market for compliance tools will grow from $4.2 billion in 2022 to $7.8 billion in 2025. And yet, only 37% of Fortune 500 companies have staff trained on AI-specific controls.

That’s your edge. If you’re ahead of this curve, you don’t just avoid penalties-you gain trust. Customers in regulated markets will choose you over competitors who are still guessing.

Start Now, Before You’re Forced To

You don’t need a $2 million system. You don’t need a team of lawyers. But you do need to act.

Here’s your 30-day plan:

1. Day 1-5: List every AI model your team has trained or is training. Note the compute power used.
2. Day 6-10: Identify every foreign national on your team. Track where they’re located and what systems they access.
3. Day 11-15: Check your cloud providers. Are any models hosted outside the U.S.? If yes, document why.
4. Day 16-20: Run a mock export. Try to send a model to a colleague in another country. Did the system block it? Did anyone notice?
5. Day 21-30: Schedule a meeting with legal, engineering, and HR. Ask: “What’s our plan if we get audited tomorrow?”

If you can answer those questions confidently, you’re already ahead of 80% of companies. If you can’t, you’re not just at risk-you’re already exposed.

Export controls aren’t about stopping innovation. They’re about making sure innovation doesn’t accidentally fuel harm. The teams that succeed aren’t the ones with the biggest budgets. They’re the ones who treat compliance like a product feature-not a legal afterthought.