It’s a bird! It’s a plane! It’s….a Chinese spy balloon?
Tensions with China have further escalated in the U.S. since February 4, when the U.S. shot down a Chinese surveillance balloon off the coast of South Carolina. Since then, even more objects have been identified over North American airspace.
The U.S. military shot down the latest unidentified flying object on February 12. This was the fourth object shot down in three days–including one off the coast of Alaska, one over Michigan, and one over Canada–leading many to call for answers from President Biden and additional action against China.
In remarks to the nation on Thursday, February 16, Biden said the three objects recovered over the weekend were not connected to the Chinese and are “most likely tied to private companies, recreation or research institutions.” However, following the destruction of the Chinese balloon, the administration has blocklisted six Chinese military and aerial technology companies “for supporting the PRC’s [People’s Republic of China] military modernization efforts,” including:
Organizations added to the Entity List are restricted from obtaining U.S. items and technologies without U.S. government authorization. In other words, companies may not sell any American parts or technology to entities on the list without a special license (which will be difficult to obtain). While this action escalates U.S.-Chinese economic tensions, it is not the first time the U.S. has used the Entity List to curb the flow of advanced technologies to rivals like China and Russia.
Here’s what agencies and contractors need to know about recent U.S. blacklists and how to comply going forward.
The U.S. blocklisted dozens of Chinese entities well before the balloon program was unearthed. Many firms operating in the Xiajiang region have been blocklisted, primarily in condemnation of the human rights violations against Uygher Muslims in the area. Other Chinese entities and research institutes have been blocklisted for allegedly developing technology that undermines U.S. security, and that may be weaponized in further human rights abuses. This also includes entities that have acquired (or attempted to acquire) U.S. technology to support Chinese military modernization.
In addition to China, the U.S. has also used export controls and the entity list to sanction companies that support the Russian military and to further curb the flow of technology to Russia during the Russia-Ukraine war.
At the start of the Russia-Ukraine war, politically exposed persons and entities were being added to blocklists with heavy frequency, forcing organizations to quickly assess and evaluate their supply chains and vendors for risk. As recently as December 2022, the Biden administration added two dozen companies to the export control list for supporting Russia’s military, supporting Pakistan’s nuclear activities, or supplying the Iranian electronics company Pardazan System Namad Arman (PASNA).
Suppliers of U.S. goods must obtain a license to ship to any companies on the blacklist.
A full list of blocklisted firms can be found here.
But adhering to blocklists and staying ahead of risky foreign ownership altogether requires much more than just checking the list of Tier 1 vendors to see if there is a match. What you’ll need is much more comprehensive.
Today’s supply chains are complex, with multiple layers of suppliers, vendors, and ownership. This can make it difficult for organizations to identify risk within their supplier relationships, especially when it comes to corporate ownership.
For example, the supplier you’re contracting with may be owned by a blocklisted entity. Without careful analysis of corporate structure and ownership, you may be at risk of violating foreign trade agreements and sanctions. In fact, many firms realized their own potential violation of aspects of the Uyghur Forced Labor Prevention Act (UFLPA) only after conducting an Ultimate Beneficial Ownership analysis, which showed that some of their suppliers were either owned by or subsidiaries of well-known Xianjiang refineries and facilities.
Takeaway: Make sure you’re using a supplier intelligence solution that can review the ownership structure of your suppliers.
Emerging regulations surrounding carbon emissions, forced labor, corruption, anti-money laundering, and more mean companies are now responsible for not just tier 1 suppliers but for tier 2 and tier 3 suppliers as well.
For example, the German Supply Chain Act, which imposes strict standards on human rights and sustainability within supply chains, will enforce the oversight of Scope 3 emissions. Scope 3 emissions are indirect value chain emissions, meaning any emissions produced by assets that aren’t owned or controlled by the reporting organization but that the organization indirectly impacts in its value chain. Identifying and reporting these emissions requires n-tier analysis to understand which suppliers are part of your value chain emissions.
Other restrictions compel manufacturers to source responsibly not only to avoid penalties but to ensure continued market demand for their products. For example, under the new Inflation Reduction Act in the U.S., consumers are now only eligible for electric vehicle tax credits if automakers source key materials from specific countries–regardless of whether or not they are a tier 1 supplier.
Takeaway: To comply with regulations and blocklists (and identify companies that may end up blocklisted), you need to have a solid understanding of n-tier suppliers through comprehensive n-tier mapping.
Supplier surveys have long been a mainstay of supplier data collection. However, relying on subjective responses from suppliers on their compliance with ESG regulations is insufficient. Suppliers are incentivized to present themselves in the best light, making survey data inherently biased. Additionally, surveys can only show a point-in-time snapshot of a supplier’s compliance status. With regulations and geopolitical tensions constantly evolving, it’s much too risky to rely on supplier surveys for your risk assessments.
At the same time, using disparate sources of information, even if seemingly objective, is not ideal either. That’s why having a centralized platform that aggregates premium data sources in real time is essential for ongoing compliance.
Takeaway: Use a supplier intelligence platform that lets you simultaneously view your entire value chain and assess the risks associated with politically exposed people, AML (anti-money laundering), cybersecurity scores, blocklisted entities, corporate governance, and ownership structure, all in one place.