U.S. Government Adopts New 50% Ownership Rule for Export Controls

Broader Reach, Heightened Risk for Trade Compliance and Supply Chains

Client Alert

September 30, 2025

Kit

Conklin

Senior Vice President, Risk & Compliance

Executive Summary

The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) has adopted a new 50% Ownership Rule that automatically extends export-control restrictions to any company majority-owned by a BIS-listed entity. This shift from name-based to ownership-based enforcement dramatically broadens compliance obligations, exposing thousands of hidden subsidiaries worldwide and creating new risks for trade, supply chains, and due diligence programs.

The U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) recently finalized a significant expansion of its export-control regime. Under the new rule, any company that is at least 50% owned (directly or indirectly) by one or more parties on the BIS Entity List or the Military End-User (MEU) List will itself become subject to the same restrictions — even if that subsidiary was never individually named.

This change represents a fundamental shift in how BIS enforces export controls, and it has immediate implications for how thousands of companies worldwide must rethink their compliance and supply chain risk strategies.

Below is an overview of the new rule, how it differs from the prior regime, who is newly in scope, and what risks arise for trade compliance and supply chain risk management.

What Is the New BIS 50% Rule?

Bottom line up front: In effect, transitioning from a name-based export control model toward an ownership-based regime that targets a “policy loophole” criticized by the U.S. Congress.
Automatic coverage of majority-owned affiliates. Under the new rule, any entity that is 50% or more owned by one or more listed entities (on the Entity List or MEU List) will itself automatically become subject to the same license and transfer restrictions placed on the listed entity.
Significant minority ownership triggers red flags. Even if ownership is below 50%, an investment or control link from a listed party becomes a “red flag” requiring enhanced due diligence (though not automatic listing).
Closing the “whack-a-mole” loophole. Previously, BIS restrictions applied only to parties explicitly named on the Entity List. That left room for listed entities to continue operations via newly formed or restructured subsidiaries not yet on the list. The 50% rule is modeled after similar ownership rules in U.S. sanctions (e.g., OFAC’s 50% rule) and is meant to undercut that evasion strategy.
Broad reach. Because it is ownership-based rather than name-based, the population of covered entities expands by orders of magnitude.

Why This Rule Is Different - What Changes

Feature	Prior Regime	New 50% Ownership Rule
Basis of control	Only entities explicitly listed on the BIS Entity List / MEU List	Entities meeting the ≥ 50% ownership threshold by one or more listed parties, whether named or not
Treatment of affiliates	Affiliates only if explicitly added to the list	Automatic inclusion by ownership, regardless of naming
Screening approach	Name matching + list checks	Must evaluate ownership structures, intermediate holdings, and layers of indirect control
Speed of coverage	BIS adds affiliates case by case (often slowly)	Coverage becomes automatic upon ownership threshold being met

Who Gets Pulled Into Scope - The Scale of Impact

Billions of dollars of supply chains impacted: Newly blacklisted companies include large state-owned and publicly traded companies that have material global supply chains that now pose risk for tens of thousands of U.S. and Western companies.
Thousands of entities newly covered. Exiger data identified thousands of subsidiaries across dozens of countries which will now be subject to BIS export controls – many of which have never appeared on other U.S. or international government blacklists.
Hidden subsidiaries. Many of these new affiliates are not obvious — shell companies, holding companies, foreign subsidiaries, joint ventures, or intermediate holding vehicles are frequently used by military end-users in China and Russia. For example, some PRC state-owned enterprises have hundreds of subsidiaries – many of which are now subject to controls.
Expanded geographic risk. The rule’s ownership logic means hundreds of companies in Europe, North America, South America and other “lower-risk” jurisdictions now pose risk.
Cross-industry impact. While the heightened risk is greatest in sectors dealing with advanced technologies, dual-use goods, semiconductors, and defense-related inputs, all industries sourcing U.S.-origin goods or technology must pay attention.
Burden on due diligence and screening. Exporters, logistics providers, distributors, and even financial intermediaries must update screening systems and compliance protocols to detect ownership links, not just entity names.

Because most compliance programs today rely heavily on name-based screening, the new rule will force many organizations to revisit and expand their denied-party screening logic, beneficial‐ownership maps, and escalation triggers.

Risk Considerations for Covered Entities

Automatic licensing obligations
Once a subsidiary crosses the 50% ownership threshold under the new rule, exports, reexports, or transfers to that subsidiary may require BIS licenses — with the same presumption of denial that applies to listed entities.
Heightened scrutiny and enforcement risk
A majority-owned affiliate will attract extra regulatory scrutiny — any transaction involving U.S.-origin goods, software, technology, or Intellectual Property (IP) with that affiliate could be more closely scrutinized, audited, or selected for national security or broader supply chain regulation enforcement.
Supply chain liability and downstream exposure
While the BIS 50% Rule focuses on export controls, newly designated subsidiaries now also pose risk for global supply chains. Companies should map their supply chain to identify if any sub-tier suppliers are now blacklisted. If so, companies should take a risk-based approach to mitigating that risk and/or finding alternative suppliers in order to comply with various federal acquisition regulations.
Rescreening past and current customers
Thousands of companies are now subject to controls. A customer that was legal to do business with earlier this year may have just become blacklisted – companies must ensure that past customers and third parties are rescreened to identify these new risks.
Continuous Monitoring
Corporate networks constantly change, especially in China and Russia. The need to perform continuous ownership tracking, escalations, screening updates, and legal review across your global supply chain requires scalable AI-powered solutions.

What You Should Do Now

This is not a future hypothetical — the rule is live now. As your supply chain analytics partner, Exiger recommends the following strategic steps immediately:

Map ownership chains. Identify any subsidiaries, joint ventures, or affiliates that are 50% or more owned (in any combination) by entities who may themselves be on BIS Lists (or potential future listings).
Upgrade screening and due diligence tooling. Ensure your denied-party screening engine tracks beneficial ownership, not just names, and flags aggregated ownership or partial stakes that together reach thresholds.
Reassess supplier contracts and visibility. Insert clauses requiring upstream notification of ownership changes, transparency of ownership, and compliance with export controls.
Create escalation and red-flag rules. Develop internal triggers when any counterparty’s ownership structure changes or becomes ambiguous.
Engage legal review and carve-out analysis. For any affiliate in your chain nearing 50% ownership, evaluate whether a restructuring is prudent or feasible — and whether internal firewalls or carve-outs may mitigate risk.
Train your compliance, trade, and legal teams. Make sure the relevant personnel understand not just which entities are on lists, but how ownership and control now matter.