International Engagement

Federal Agency-Specific Research Security Activities, Policies, and Requirements

Federal agencies have undertaken a number of efforts to harmonize research security requirements, guidance, and forms. However, some noteworthy agency-specific requirements persist. See the sections below for more information. 

Department of Defense (DoD)

The Department of Defense (DoD) released Countering Unwanted Foreign Influence in DoD funded Research at Institutions of Higher Education on June 30, 2023. The document includes:

  • A Policy on Risk-based Security Reviews of Fundamental Research
  • An associated Decision Matrix to Inform Fundamental Research Proposal Mitigation,
  • A list of foreign institutions identified by DoD as engaging in problematic activity, and
  • A list of foreign talent recruitment programs identified by DoD as posing a threat to U.S. national security interests (Part 3, Tables 1 and 2).

The policy is part of the Department’s effort to counter unwanted foreign influence in, and misappropriation of, DoD-funded research to the detriment of national or economic security. 

The Decision Matrix contains four factors for assessing senior/key personnel disclosures: 

  1. Participation in foreign talent recruitment programs
  2. Current or prior funding from “foreign countries of concern” (FCOCs).  FCOCs are currently defined as China, Russia, North Korea, and Iran per section 10612 of the CHIPS Act of 2022.
  3. Filing a patent in an FCOC or on behalf of an FCOC-connected entity, or in a non-FCOC country without disclosure, and
  4. Associations or affiliations with organizations on U.S. Entity (trade restriction) and other indicated lists.

The policy document and matrix serve as a guide to assist DoD program managers in reviewing fundamental research (that is, not classified or controlled unclassified) proposals selected for award for potential conflicts of interest and commitment using information disclosed by senior/key personnel. The policy and matrix were released publicly to provide researchers with a better understanding of factors of concern to the DoD with respect to international engagement. The policy provides central coordination and will eventually supersede existing matrices such as those of the Defense Advanced Research Projects Agency and Army Research Lab. Per DoD, updates to the matrix will be made available on DOD’s Basic Research webpage.

 1 National Security Presidential Memorandum-33 (NSPM-33) Implementation Guidance defines a Foreign Talent Recruitment Program as an “Effort organized, managed, or funded by a foreign government, or a foreign government instrumentality or entity, to recruit science and technology professionals or students.”

Department of Energy (DoE)

The Department of Energy (DoE) has created an Office of Research Technology and Economic Security (RTES). In an October 2023 presentation, DoE representatives noted that much of the agency’s portfolio includes critical and emerging technologies. Examples included:

  • Advanced batteries
  • Advanced computing
  • Advanced engineering materials
  • Advanced manufacturing
  • Artificial intelligence/machine learning
  • Autonomous systems and robotics
  • Biotechnologies
  • Quantum information technologies
  • Next generation renewable energy generation and storage
  • Semiconductors and microelectronics

A slide on DoE’s “due diligence reviews” notes that, like DoD, risk reviews will be conducted on applications reviewed favorably for technical merit and, if awarded, any subsequent changes will likewise be reviewed. Representatives from RTES indicated that the agency wants to have greater consistency across the department, more transparency, and due process. They noted that different components of DoE have different risk thresholds and funding opportunity announcements may have different requirements depending on potential risk.

National Aeronautics and Space Administration (NASA)

Beginning in 2011, appropriations law (Section 1340 of Public Law 112-10) prohibits participation, collaboration, or coordination bilaterally with China or any Chinese-owned company on any NASA project at the prime or subrecipient level. In a September 2022 presentation (49:32 in the video), NASA clarified that the agency defines a ‘Chinese-owned company’ as any company owned by China, or any company incorporated under the laws of China, and that Chinese universities and similar institutions are considered to be incorporated under the laws of China and therefore the funding restrictions apply. Similar language is included as a footnote in section 2.16, Current and Pending Support, of NASA’s Proposer’s Guide. Per the footnote, “’China or Chinese-owned Company’ means the People’s Republic of China (PRC), any company owned by the PRC, or any company incorporated under the laws of the PRC. Chinese universities and other similar institutions are considered to be incorporated under the laws of the PRC and, therefore, the funding restrictions apply to grants and cooperative agreements that include bilateral participation, collaboration, or coordination with Chinese universities.” 

National Institutes of Health (NIH)

NIH requires prior approval for a “foreign component,” defined as “performance of any significant element or segment of the project outside the United States either by the recipient or by a researcher employed by a foreign organization, whether or not grant funds are expended.” This definition and examples of activities that would meet, or that may be deemed significant under, this definition can be found here

If you believe your project involves a foreign component, answer “yes” to question 5.13 on the proposal approval form (PAF) in eResearch Proposal Management (eRPM). Additional information can be found on the Office of Research and Sponsored Projects (ORSP) website here.  If a proposed change to your project would create a “foreign component” after the project is underway, prior approval for the foreign component can be sought by submitting an award change request (ACR) to ORSP in the eRPM system. Allow several weeks for agency approval.

Post-Award Disclosure

NIH requires immediate notification of undisclosed Other Support as indicated on the NIH Other Support webpage and in NOT-OD-21-073. If a recipient discovers Other Support information on an active NIH grant that should have been, but was not, disclosed during just-in-time or in an annual progress report, updated Other Support must be submitted to the Grants Management Specialist as soon as the undisclosed information is known.  If you become aware of Other Support information that should have been disclosed to NIH but was not, contact the U-M Other Support team at  for additional guidance.

National Science Foundation (NSF)

Post-Award Disclosure

NSF released updated guidelines on research security analytics in February 2023 regarding advanced monitoring and verification activities of NSF proposals and awards. The guidelines largely serve to provide transparency and identify guardrails NSF has put in place around the use of data analytics to monitor and validate information disclosed (e.g., in biosketches and current and pending support). For example, the activities are not investigative and cannot be incorporated into the merit review process. Sources of information include SCOPUS, Web of Science, and the U.S. Patent and Trademark Office Patent Database.

NSF Mandated Use of SciENcv for Biosketches and Current and Pending Support

NSF mandated use of SciENcv for the preparation of Current and Pending (Other) Support and biosketches for new proposals submitted or due on or after October 23, 2023. (NSF 23-1, 11-23 and 11-26) 

Post-Award Disclosure

NSF requires post-award notification if an organization discovers that a PI or co-PI on an active award failed to disclose current support or in-kind contributions as part of the proposal submission process. The undisclosed information must be submitted by an ORSP representative within 30 calendar days of identification.

NSF Risk Assessment Rubric

NSF representatives indicated in a Sept. 2023 Meeting that the agency is developing a risk assessment rubric. Risk factors may include human rights or military or intelligence considerations and critical technologies. A report from the JASON advisory group commissioned by NSF to inform the rubric, Safeguarding the Research Enterprise was published on March 21, 2024.