Export Auditors as Market-Powered Export Enforcement

Research Report
Written By Onni Aarne

These materials were co-authored by Erich Grunewald.

Read the Report
Read the Issue Brief

US export control enforcement is not as effective as it needs to, and could, be. In a new working paper, we propose that export control enforcement could be aided by independent for-profit export auditors, who would be accredited and overseen by the Bureau of Industry and Security (BIS). Importers would be required to hire an accredited export audit firm for particular classes of exports, and the auditors would then be responsible for detecting potential diversion through on-site inspections and other methods. This would enable BIS to scale enforcement beyond its own limited capacity by harnessing private-sector innovation to develop efficient methods for detecting and deterring diversion. We estimate that export audits would impose negligible compliance costs for high-value exports such as AI chips, while significantly improving enforcement over the status quo.

The problem: US export control enforcement has experienced frequent, significant failures. In the past two years:

  • More than 100,000 advanced AI chips were likely smuggled into China in 2024, worth billions of dollars, according to estimates by the Center for a New American Security. Chinese AI chip smugglers are so unafraid of US enforcement action that they are willing to give interviews detailing their activities to American news outlets.

  • DeepSeek, a leading Chinese AI company, has reportedly been training AI models on Blackwells, the latest generation of NVIDIA chips, smuggled into China.

  • Semiconductor manufacturing equipment (SME) legally exported to China for mature processes has reportedly been diverted to advanced-node chip fabrication, despite such use being prohibited.

With an enforcement budget that has been stagnant in real terms, combined with outdated IT systems, BIS does not have the resources to effectively track millions upon millions of controlled items globally. For example, BIS has a single Export Control Officer responsible for all of Southeast Asia and Australasia, and conducts about 1,500 end-use checks annually—a small number relative to the millions of controlled items exported each year. For AI chips and SME in particular, BIS likely conducts very few routine compliance checks.

Export auditors would be responsible for detecting violations related to goods that they have been hired to audit. For AI chips, this would mainly involve verifying the chips’ end user, and in particular that the chips haven’t been diverted to an illegal location. For SME—which is large, expensive, and rarely smuggled across borders—this would involve verifying end users and/or end use. The basic gold standard should be random on-site inspections, for example, visiting a data center, checking that the number of servers matches expectations, and randomly selecting a small number for closer inspection. But auditors should be free to innovate, and could also develop new, cheaper and more effective means of detecting diversion.

The rate of inspections should be high enough to ensure that diversion is detected with high probability within a reasonable timeframe. For example, we estimate that about 70 inspections per month per million AI chips would achieve 95% probability of detecting a random chip’s diversion within six months, if sites with more chips are inspected more often. We further estimate that achieving this detection rate would cost about $2.5 million per year per million chips monitored, or about 0.005% of the purchase value of those products. These costs should be treated as an upper bound, as auditors would be incentivized to develop more cost-effective methods. Unlike BIS enforcement capacity, an export auditor program would scale naturally with the size of the market.

BIS could introduce export auditing requirements through a license exception or as a condition in licenses. Under the license exception approach, certain exports that would otherwise require a license are made eligible for an exemption if an approved export auditor is used. The auditor would then be responsible for overseeing the exported items according to its audit plan and reporting to BIS if it uncovers evidence suggesting an export control violation.

Auditors would be accredited by BIS, and BIS would also approve their audit plans. Various types of companies could do export audits, including:

  • Professional services firms such as the Big Four

  • Testing, inspection, and certification (TIC) firms such as SGS, Bureau Veritas, and TÜV

  • Manufacturers, or new companies specializing in this kind of auditing

BIS need not decide which of these to choose. Any of these types of companies could apply, and compete for who can provide auditing services most efficiently, while meeting BIS standards. If an auditor fails to execute its approved audit plan, BIS can penalize it.

BIS can likely implement this with its current resources. We estimate, with high uncertainty, that it would take a BIS team of three full-time equivalents (FTE) 2-5 months to start the program, and a team of 6-14 FTE to run it effectively. BIS already has relevant experience through the Validated End-User (VEU) program, whose administrative structure—vetting entities, receiving and analyzing periodic reports, coordinating site visits, and revoking authorizations—resembles what an export auditor program would require.


For more, reach out to Onni Aarne (onni@iaps.ai) or Erich Grunewald (erich@iaps.ai).

Onni Aarne
Next

AI Distillation Attacks: The Case for Targeted Government Intervention