BIS Entity List: Export Compliance for Small Businesses

Understanding export controls and the Bureau of Industry and Security Entity List.

What Is the BIS Entity List?

The Entity List is maintained by the Bureau of Industry and Security (BIS), a division of the U.S. Department of Commerce. It identifies foreign persons, businesses, research institutions, government organizations, and other entities that are involved in, or pose a significant risk of being involved in, activities contrary to the national security or foreign policy interests of the United States.

When an entity is placed on the Entity List, U.S. companies (and foreign companies using U.S.-origin items) are restricted from exporting, re-exporting, or transferring items subject to the Export Administration Regulations (EAR) to that entity without first obtaining a license from BIS. In most cases, the license review policy is “presumption of denial,” meaning the license will likely be denied.

What Are the Export Administration Regulations (EAR)?

The EAR is the set of regulations that governs the export of “dual-use” items — goods, software, and technology that have both civilian and potential military or weapons-related applications. This includes a surprisingly broad range of items:

Computers and electronic equipment above certain performance thresholds
Telecommunications equipment
Encryption software and technology
Aerospace and propulsion technology
Certain chemicals, materials, and manufacturing equipment
Semiconductor manufacturing equipment and advanced chips

Critically, items do not need to be on the Commerce Control List (CCL) to be subject to the EAR. Most commercial items manufactured in the U.S. are “EAR99” — subject to EAR but not requiring a license for most destinations, unless the end user is on the Entity List or the end use is prohibited.

Who Needs to Check the Entity List?

Any U.S. company that exports goods, software, or technology should check the Entity List. This includes:

Manufacturers who sell products to foreign buyers
Software companies that license technology internationally
Distributors and resellers who ship products abroad
SaaS companies providing cloud services to foreign entities (technology exports)
Universities and research institutions sharing research with foreign nationals

Even if you only sell domestically, you can face liability if you know (or should have known) that a domestic buyer intends to re-export items to an Entity List party.

How the Entity List Differs from OFAC SDN

Aspect	OFAC SDN List	BIS Entity List
Agency	Treasury Department	Commerce Department
Scope	All transactions	EAR-controlled items
Effect	Complete block (frozen assets)	License required for exports
License policy	Generally denied	Varies (often presumption of denial)
Applies to	All U.S. persons	Exporters of EAR items
Non-export transactions	Blocked	Generally permitted

The key difference: OFAC blocks all dealings with SDN-listed parties, while BIS restricts exports of controlled items. However, many entities appear on both lists, and a comprehensive compliance program screens against both.

Penalties for Entity List Violations

Exporting EAR-controlled items to an Entity List party without a license violates the Export Administration Regulations. Penalties include:

Civil penalties: Up to $330,947 per violation (adjusted for inflation).
Criminal penalties: Up to $1,000,000 and 20 years imprisonment per violation.
Denial of export privileges: BIS can bar a company from exporting altogether.

BIS has increasingly pursued enforcement actions in recent years, particularly involving semiconductor and advanced technology exports. In 2025–2026, several companies faced multi-million dollar penalties for shipping controlled technology to Entity List parties in China and the Middle East.

Recent Entity List Additions (2025–2026)

The Entity List has grown significantly, with major additions including:

Chinese semiconductor companies — dozens of entities added to restrict access to advanced chip manufacturing technology
Russian defense-adjacent entities — expanded designations related to the Ukraine conflict
Middle Eastern procurement networks — entities acting as intermediaries for sanctioned programs
Chinese AI and surveillance companies — entities involved in human rights abuses in Xinjiang

As of early 2026, the Entity List contains over 700 entities. BIS publishes additions through Federal Register notices, and the full list is available on the BIS website.

Best Practices for Entity List Compliance

Screen before every export — check all parties to the transaction (buyer, consignee, end user, intermediaries) against the Entity List
Know your product classification — determine whether your items are subject to the EAR and their ECCN (Export Control Classification Number)
Document everything — maintain records of all screenings, classifications, and export decisions for at least 5 years
Train your staff — employees who handle international orders should understand red flags and escalation procedures
Use automated screening tools — manual checking is error-prone and does not scale

How ScreenGuard Helps with Entity List Screening

ScreenGuard by NormSuite screens names against the BIS Entity List alongside OFAC SDN and five other major sanctions lists in a single search. Fuzzy matching catches alternate spellings and transliterations, and every screening is logged for your compliance records.

Screen Against the Entity List Free

Frequently Asked Questions

What is the BIS Entity List?

The BIS Entity List is maintained by the Bureau of Industry and Security (part of the U.S. Department of Commerce). It identifies foreign parties that pose a risk of diverting exports to unauthorized end uses, including weapons of mass destruction programs.

How does the BIS Entity List differ from the OFAC SDN list?

OFAC SDN blocks all transactions with listed parties. BIS Entity List restricts exports of items subject to the Export Administration Regulations (EAR) and requires a license. Some non-EAR transactions may still be permitted with Entity List parties.

Do I need to check the BIS Entity List if I only sell domestically?

If you sell only within the U.S. and never export, you are less likely to be affected by the Entity List. However, if you knowingly sell items to a domestic buyer who will re-export them to an Entity List party, you could face liability.

What happens if I export to an Entity List party without a license?

Penalties for violating the Export Administration Regulations can include civil fines up to $330,947 per violation and criminal penalties of up to $1,000,000 and 20 years imprisonment. BIS can also deny export privileges.