Decoding the Foreign Direct Product Rule (FDPR)

U.S. export control laws have evolved from a primarily domestic-focused framework to a broad-reaching, extraterritorial regime covering a wide array of non-U.S. items. This shift is driven by the rising global demand for sensitive and emerging U.S. technologies and the increasing availability of dual-use goods, necessitating stricter U.S. oversight to safeguard national security interests. Furthermore, export controls are now used to promote strategic objectives, including crime control, regional stability, and human rights, fueling their expansion.

Both the Trump and Biden administrations have leveraged extraterritorial export controls to curb adversarial access to critical technologies. This strategy targets supply chain “choke points,” limiting the flow of advanced technology to specific countries—most notably China. The effectiveness of this approach hinges on the U.S. technology sector’s dominance in the global ecosystem.

A key tool in this strategy is the Foreign Direct Product Rule (FDPR), which extends U.S. export controls to foreign-made items incorporating U.S. technology, software, or manufacturing equipment. Since 2020, the FDPR has expanded significantly to cover a wide range of technologies, including advanced semiconductors, AI models, and supercomputers. This article provides an overview of these rules to help companies design effective compliance programs and determine when to seek review by qualified outside counsel.

U.S. Export Controls 101

The Export Administration Regulations (EAR) regulates the export, reexport, and transfer of commercial and dual-use goods. They apply to:

1. Items in or in transiting through the U.S. that are not controlled by the Department of Energy (DOE), the Nuclear Regulatory Commission (NRC), or under the International Traffic in Arms Regulations (ITAR).

2. U.S.-origin items, regardless of location.

3. Non-U.S. items with more than a de minimis amount of U.S. content (10% for sanctioned countries; 25% for others).

4. Foreign-made items that are direct products of certain U.S. technology, software, or manufacturing equipment (the focus of FDPR).

The Commerce Control List (CCL) determines EAR export control requirements based on an item’s Export Control Classification Number (ECCN). Items not classified under an ECCN are labeled EAR99, meaning they generally do not require a license unless destined for embargoed countries, prohibited users (e.g., on the Entity List), or to support restricted uses (e.g., the production of weapons of mass destruction).

Many U.S. companies seek to classify products as EAR99 to simplify compliance. However, the FDPR can subject EAR99 items to stricter controls, like those under the CCL, significantly complicating compliance. To comply with the FDPR, companies must conduct a thorough analysis of export control applicability, enhance supply chain visibility, and implement cross-functional coordination.

FDPR Legal Framework

Under 15 CFR § 734.3(a), the FDPR extends U.S. export controls to foreign-produced items if:

1. The item is a direct product of U.S.-origin technology or software, or

2. The item is manufactured using equipment that is a direct product of U.S.-origin technology or software.

This means that even goods produced outside the U.S. may fall under U.S. jurisdiction if they rely on U.S.-origin technology during any stage of production or development. The EAR defines “direct product" as any item that is an immediate result of using U.S.-origin technology or software.

Originally introduced in the 1950s, the FDPR remained largely unchanged until 2020, when it was expanded to address national security risks associated with adversarial nations. If U.S.-origin technology is used in the development or manufacturing process of a product, the U.S. can assert jurisdiction under the EAR—even if the final product does not meet de minimis U.S. content thresholds. By defining end-users and product scope under the FDPR, BIS can impose licensing requirements on a broad range of foreign transactions and technology transfers, significantly expanding the reach of U.S. export controls.

To determine FDPR applicability, companies must evaluate their supply chains, logistics, and manufacturing processes. The analysis typically begins with assessing product scope and then extends to other key factors:

1. Product Scope – Does the item incorporate, rely on, or derive from U.S.-controlled technology as defined by a specific FDPR rule?

2. Country Scope – Where is the final destination of the export?

3. End-User Scope – Who will ultimately use the item?

4. Intended Use – What is the final purpose of the item?

Key FDPR Amendments

The FDPR has recently expanded to address national security concerns, restricting China, Russia, and Belarus from accessing critical U.S. technologies. These amendments prevent foreign-made products incorporating U.S. inputs from bypassing export controls.

Footnote 1: Curbing Huawei’s Access to U.S. Technology

In May 2020, BIS introduced Footnote 1, initially applied only to Huawei and its non-U.S. affiliates. However, BIS can extend it to other Entity List entities, subjecting them to similar FDPR restrictions. Under this rule, foreign-made products are subject to the EAR if they:

• Are direct products of specific U.S.-origin technology or software, or

• Are manufactured using equipment that is itself a direct product of U.S.-origin technology or software.

In August 2020, BIS expanded these restrictions by:

• Adding 38 additional Huawei affiliates to the Entity List.

• Eliminating the requirement that foreign-made items be produced or developed by Huawei or based on Huawei software or.

• Imposing a license requirement on foreign-made items if there is knowledge that:

  • The item will be incorporated into Huawei’s production or development processes.

  • Huawei is a party to the transaction—even if it is only a purchaser, intermediate consignee, or end-user.

These changes closed loopholes that previously allowed Huawei to access U.S. technology indirectly. The rule now applies to certain commercial off-the-shelf (COTS) and EAR99 items if they are linked to Huawei’s supply chain.

Footnote 4: Targeting China’s Access to Advanced Chips

In October 2022, BIS introduced Footnote 4, significantly expanding FDPR’s reach over China’s advanced computing, artificial intelligence, and semiconductor industries.

Under Footnote 4, foreign-made items are subject to the EAR if they:

• Are direct products of U.S.-origin semiconductor, computing, telecommunications, or encryption technology/software, or

• Are involved in a transaction where a Footnote 4-listed entity participates in any capacity.

These restrictions specifically target China’s:

• AI development programs,

• Military logistics and intelligence systems,

• Supercomputing and semiconductor production, and

• Encryption and cybersecurity technologies.

BIS initially designated 28 Chinese entities under Footnote 4, making them subject to these restrictions. The rule applies if:

• The foreign-made item is incorporated into any part, system, or equipment used by a Footnote 4 entity.

• A Footnote 4 entity is a party to the transaction, regardless of its role in the supply chain.

Beyond China: FDPR Extensions to Russia, Belarus, and Iran

• Russia/Belarus Footnote 3 FDPR – Extended restrictions to military end users in Russia and Belarus and other Footnote 3-designated entities on the Entity List.

• Iran FDPR – Modeled after the Russia/Belarus Footnote 3 FDPR, this rule targets Iran’s drone manufacturing industry and its supply of drones to Russia. The amendment expands FDPR controls to foreign-made drone components if there is knowledge they will be used in Iran’s drone production or supply chains.

FDPR in Action: The Seagate Case

In April 2023, BIS imposed a $300 million civil penalty against Seagate Technology LLC and its Singapore affiliate for violating FDPR restrictions. Seagate shipped over 7.4 million hard disk drives (HDDs), valued at $1.1 billion, to Huawei, a Footnote 1-listed entity.

Although the HDDs were classified as EAR99 and typically unrestricted, FDPR applied because U.S.-controlled semiconductor fabrication equipment was used in the manufacturing process. Specifically, the overseas facility used U.S.-origin technology in ancillary processes, including coating surfaces and identifying minor defects on Seagate’s HDDs. This connection subjected the HDDs to EAR restrictions, despite their overseas production.

This case underscores an important compliance lesson: even seemingly unrestricted products can require a BIS license if they rely on U.S.-origin technology at any stage of production. Seagate failed to recognize this risk, despite clear industry signals that continuing business with Huawei posed compliance dangers. Unlike peers who chose to disengage from Huawei, Seagate intensified its relationship, ultimately exposing itself to scrutiny by the BIS

The case highlights broader compliance risks for global businesses. Companies must move beyond simply classifying their final products and focus on scrutinizing their entire manufacturing process, supply chain dependencies, and the equipment used. Oversights in any of these areas can lead to severe financial penalties and reputational harm.

Staying Ahead of the FDPR with Proactive Compliance

As FDPR expands, businesses must prepare for new designations under Footnote 1, Footnote 4, and future regulatory extensions. The Seagate case underscores a critical reality: shifting production offshore does not exempt items from U.S. export controls. Even EAR99-classified products, which are generally uncontrolled when shipped from the U.S., can still fall under FDPR and become subject to strict U.S. export controls if any stage of manufacturing involves U.S.-origin technology or equipment. A single factory using controlled U.S. technology can “taint” its entire output, triggering U.S. export jurisdiction and possible license requirements.

To navigate this evolving regulatory landscape, businesses should implement the following strategies:

• Assess Supply Chain Risks – Conduct due diligence to determine whether foreign-produced items incorporate or rely on U.S.-origin technology, software, or manufacturing equipment. Engage early with suppliers and manufacturers to map dependencies and utilize certifications to verify compliance.

• Strengthen Compliance Programs – Enhance internal audits and implement targeted employee training to ensure accountability. Exercise extra caution when interpreting U.S. trade restrictions targeting high-risk jurisdictions, where extraterritorial regulations are complex.

• Engage with Regulators and Industry Peers – Stay proactively informed by following BIS guidance, seeking clarifications on ambiguous regulations, and aligning compliance strategies with evolving regulatory expectations. Leverage industry networks to share best practices and monitor competitor responses and BIS enforcement trends to stay ahead of new restrictions.

With FDPR now extending to emerging technologies, including closed-weight AI models and quantum computing, businesses must adopt proactive compliance frameworks. Failure to adapt can result in severe penalties, regulatory scrutiny, and reputational damage. However, by integrating compliance into their core strategy, companies can effectively mitigate risk while maintaining market access.

---

Disclaimer: The views expressed here are solely my own and do not represent the positions of my employer. They do not constitute legal advice nor create an attorney–client relationship.