Export Control

Export control regulations are federal laws that govern the transfer of certain information, technologies, software, and equipment to foreign persons or outside of the United States. These regulations are designed to protect national security, support foreign policy objectives, and prevent the unauthorized dissemination of sensitive or controlled technologies.

Universities play a critical role in advancing research and innovation, and most of SMU’s academic research qualifies as “fundamental research,” which is generally not subject to export control restrictions. However, certain activities—such as working with controlled technologies, engaging in international collaborations, or traveling abroad with research equipment—may trigger export control requirements.

Export control refers to the regulation of:

  • The physical export of goods, equipment, or materials outside the U.S.
  • The electronic or verbal transfer of controlled information or technical data to foreign nationals, whether in the U.S. or abroad (known as a “deemed export”)
  • Activities involving restricted countries, entities, or individuals

Export Control Flowchart

Export control regulations are designed to protect national security, support foreign policy objectives, and prevent the unauthorized sharing of sensitive or strategic technologies. These laws apply not only to physical exports (such as shipping equipment overseas), but also to “deemed exports,” which occur when controlled information is shared with foreign nationals within the United States.

University research activities are most commonly subject to the following regulations:

  • Export Administration Regulations (EAR)

Administered by the U.S. Department of Commerce, EAR regulates the export of dual-use items—those with both commercial and military applications.

  • International Traffic in Arms (ITAR)

Governed by the U.S. Department of State, ITAR controls defense-related articles, services, and technical data listed on the U.S. Munitions List.

  • Office of Foreign Assets Control (OFAC)

Managed by the U.S. Department of the Treasury, OFAC enforces economic and trade sanctions against specific countries, entities, and individuals.

Export control regulations can impact a wide range of university activities, including:

  • International research collaborations
  • Sharing research data or software with foreign nationals
  • Travel with research equipment (e.g., laptops, prototypes)
  • Hiring or hosting international students and scholars
  • Conducting research involving controlled technologies

Failure to comply with export control laws can result in significant civil and criminal penalties for both the individual and the institution.

Fundamental research refers to basic or applied research in science and engineering where results are ordinarily published and shared broadly within the scientific community. This type of research is distinguished by its openness—there are no restrictions on publication or access to the results.

Under U.S. regulations, fundamental research is not subject to export control restrictions, provided that researchers are free to publish their findings and there are no limitations on the participation of foreign nationals.

Fundamental research plays a critical role in advancing knowledge, innovation, and academic collaboration. Because it is generally excluded from export control regulations, it allows universities to maintain an open research environment that supports international collaboration and the free exchange of ideas.

A project may not qualify as fundamental research if it includes:

  • Restrictions on publication or dissemination of results
  •  Limitations on who may participate in the research
  • Access controls on data, materials, or equipment
  • Sponsor-imposed confidentiality beyond standard protections

In these cases, export control regulations may apply and additional compliance measures (e.g., a Technology Control Plan (TCP)) may be required.

Investigators should be aware of the following export control red flags:

  • International shipping of lab equipment or biological materials
  • Collaboration with researchers in sanctioned countries
  • Foreign sponsors requiring pre-publication approval
  • Use of advanced encryption or dual-use technologies
  • Requests to exclude certain nationalities from research teams

These situations require compliance review before proceeding.

Failure to comply with export control regulations may result in:

  • Significant civil and criminal penalties
  • Loss of research funding
  • Institutional sanctions
  • Personal liability

Export control enforcement is active, and investigators are responsible for compliance.

A Technology Control Plan (TCP) is the university's internal management plan for how export controlled technology will be secured and managed. A TCP specifies the security measures that will be used by the research team from the point that the technology is delivered to or generated by SMU to the return or disposal of the technology when the project is completed.

“Technology” includes, but is not limited to, certain types of export controlled:

  • Equipment (including systems and components)
  • Software (source or object code)
  • Materials and substances
  • Services (e.g., training, instruction)
  • Data or information about an item or material
  • Funds (e.g., payments

Key Components include:

  • Defined project scope (What technologies or information are controlled)
  • Personnel Access (Who can access the controlled data (requires U.S. person status, unless authorization is obtained).
  • Physical and Electronic Security (Labs, computers, and networks must follow secure handling practices.)
  • Procedures for Handling (Documentation, storage, and transmission protocols)
  • Training & Awareness (Researchers must be trained on export control compliance.)
  • Monitoring & Auditing (Procedures to ensure ongoing compliance)

Technology Control Plan (TCP) Template

Technology Control Plan (TCP) is required when research involves export-controlled materials, data, or activities that restrict access or participation.

A TCP is typically required when:

  • Research involves export-controlled materials, software, or technical data
  • Collaboration includes foreign nationals or entities
  • Work is conducted under a federal contract or grant with export control stipulations
  • The project does not qualify as fundamental research

SMU provides Export Control training through CITI Program to ensure compliance with U.S. regulations (EAR, ITAR, OFAC).

Training covers:

  • Key export control regulations (e.g., EAR, ITAR, OFAC) and what they mean
  • Identification of research activities that might trigger export control requirements.
  • Institutional policies and compliance procedures for handling controlled items and collaborations.

Who should complete training?

Faculty, staff, and students working with controlled technologies or research.

  • Researchers collaborating with foreign nationals.
  • Personnel handling export-controlled shipments or equipment.
  • Anyone listed on a Technology Control Plan (TCP) or involved in CUI or sensitive research.

LOGIN TO CITI PROGRAM

Export control regulations may apply to exports and imports of items initiated by anyone at the University.

While the Fundamental Research Exclusion may apply to research results, physical shipments (even from fundamental research projects) may still require a license.

Contact the Export Control Officer at researchcompliance@smu.edu for guidance on licensing requirements.