On February 9, 2026, the U.S. Department of the Treasury’s (Treasury) Office of Investment Security (OIS) published a request for information (RFI) seeking public comments on how the Committee on Foreign Investment in the United States (CFIUS) might streamline its foreign investment review process, including through the Known Investor Program (KIP). The RFI requests feedback on (1) proposed eligibility criteria and a draft questionnaire for the KIP, including certain defined terms, and (2) other ways that CFIUS and transaction parties can streamline aspects of the foreign investment review process. Written comments are due March 18, 2026.

Click here to continue reading the full version of this alert.

On February 6, 2026, the U.S. Department of Treasury’s Office of Foreign Assets Controls (OFAC) announced the launch of a new online Voluntary Self-Disclosure (VSD) Portal (the “New Portal”) intended to replace and reduce reliance on ad hoc submission methods with a more secure channel for reporting to OFAC potential sanctions violations. OFAC states that moving disclosures into the New Portal should improve process visibility for disclosing parties, including faster acknowledgment and clearer communication during OFAC’s review. Of note, “OFAC strongly encourages parties to begin submitting voluntary self-disclosures through” the New Portal.

From a submission mechanics standpoint, the New Portal’s form is designed to be completed in roughly 30 minutes and asks for core identifying information for the disclosing party and a primary correspondent (for example, if an entity or individual is represented by counsel), plus supporting documentation uploads.  The New Portal limits uploads to 15 files, restricts file size to no larger than 30 megabytes (MB), and accepts only certain common formats (.PDF, .DOC, .DOCX, .XLS, .XLSX, .JPEG, .JPG or .PNG). Previously, there was a 150 MB maximum, with a maximum of 50 MB per email, before OFAC required submitting through a large file transfer system. As before, the New Portal requires optical character recognition (OCR) on all PDFs prior to submission.

For extensive or document-intensive submissions, OFAC requests that submitters continue to use OFAC’s Production Submission Standards, which cover package organization, sequential pagination, Excel-compatible spreadsheets, and transmission protocols, including secure transfers with ID.me authentication. Compliance with these standards may factor into OFAC’s evaluation of cooperation.

The New Portal is a reminder that OFAC’s current Economic Sanctions Enforcement Guidelines (the “Guidelines”) explicitly note that a qualifying VSD is treated as a mitigating factor in any penalty assessment. In addition, where OFAC determines a civil monetary penalty is warranted, a qualifying VSD can result in a 50 percent reduction in the maximum possible penalty (with the precise calculation mechanics depending on whether OFAC treats the case as egregious or non-egregious), provided the VSD meets the criteria in the Guidelines. As we have previously noted, organizations that promptly report potential violations to OFAC may receive reduced penalties or even avoid enforcement altogether.

Crowell & Moring LLP regularly advises U.S. and foreign companies on VSDs to OFAC and related investigations. Please contact the authors regarding questions about VSDs or the New Portal.

On January 21, 2026, U.S. Customs and Border Protection (“CBP”) announced that its Forced Labor Portal is now live. This new online portal provides a single, centralized platform for importers to submit requests for review when their shipments are detained or excluded due to forced labor enforcement actions. By consolidating what was previously a patchwork of email and paper submission processes, the portal is intended to streamline communications and ensure that all forced labor-related documentation reaches the appropriate CBP officials for timely review.

Effective immediately, use of the Forced Labor Portal is mandatory for importers seeking to challenge or obtain exceptions for shipments held under U.S. forced labor laws. This includes filing admissibility review requests for goods detained under Withhold Release Orders (“WROs”) or forced labor findings, as well as review and exception requests related to the Uyghur Forced Labor Prevention Act (“UFLPA”) and other forced labor sanctions.

From a compliance and litigation standpoint, the Forced Labor Portal helps formalize CBP’s administrative record for forced labor enforcement actions. Information submitted through the portal is expected to form the basis of CBP’s admissibility determinations and may be relevant in subsequent administrative protests or judicial review before the U.S. Court of International Trade. As a result, the accuracy, timing, and completeness of portal submissions carry heightened legal significance.

Importers should be mindful of compressed administrative and statutory timelines, particularly for UFLPA detentions, which generally provide a shorter window to submit rebuttal evidence than traditional WRO cases. Companies should ensure that internal procedures and document retention practices are aligned with the portal’s submission requirements.

CBP has published a Quick Reference Guide and an instructional video on its website to assist users with the transition to the portal.

Crowell & Moring LLP continues to monitor developments in forced labor prevention enforcement, including CBP’s implementation of the Forced Labor Portal, and its impact on industry.

On January 29th, 2026 U.S. Customs and Border Protection announced a Withhold Release Order on all shipments of coffee harvested by Finca Monte Grande, a Mexican coffee farm in Chiapas, Mexico. Effectively immediately CBP will detain all shipments of coffee harvested by Finca Monte Grande at any U.S. Port of Entry for probable forced labor violations.

As a result of CBP investigation into the Finca Monte Grande plantation, evidence demonstrates that workers are subject to 6 of the 11 indicators of forced labor including:

  • Abusive Working and Living Conditions
  • Abuse of Vulnerability
  • Debt Bondage
  • Excessive Overtime
  • Retention of Identify Documents
  • Withholding of Wages

Under 19 U.S.C. § 1307, any good that is produced wholly or in part with forced labor is prohibited from entering the United States and if violations are found, goods are subject to detention and seizure at the time of importation. A 2024 US Department of Labor report found that multiple industries in Mexico engage in child labor and forced labor violations with the agricultural sector being the largest risk. These affected commodities include coffee, melons, sugarcane and other agricultural products.

This is the first issued WRO in 2026 and emphasizes the importance of supply chain tracing by importers to ensure compliance with US regulations, avoiding unnecessary disruptions and costly delays. For more information on implementing due diligence and supply chain management, please feel free to reach out to Crowell & Moring for assistance.

From Wednesday, 28 January 2026, the UK Sanctions List (“UKSL”), published by the Foreign, Commonwealth and Development Office, will act as the sole source of UK sanctions designations made under the Sanctions and Anti-Money Laundering Act 2018 (“SAMLA”). OFSI’s Consolidated List of Asset Freeze Targets (the “OFSI List”) and its search tool will not be updated beyond 28 January 2026.

The move to a single sanctions list is intended to simplify how businesses and individuals subject to sanction designations are identified, without altering sanctions scope or business obligations under UK law. The format of the UKSL will remain unchanged. This transition is a direct result of industry feedback received during a 2025 cross-government review, with an emphasis on removing the need to cross-reference multiple sources in hopes of reducing the risk of non-compliance.

Businesses should ensure that any internal systems which draw on the data from the OFSI List now draw from the UKSL. The UKSL will continue to be updated, and will be available in seven data formats.

In addition to these changes, any newly designated persons (DPs) subject to financial sanctions will no longer be assigned an OFSI Group ID; instead they will only have a Unique ID as an identifier. All UKSL formats will retain the historic OFSI Group ID data, meaning any historic Group IDs will continue to be valid for use.

On January 21, 2026, the U.S. Office of Foreign Assets Control (OFAC) announced the removal of Greek maritime company Altomare SA and its vessel, Kallista, from the Specially Designated Nationals and Blocked Persons Lists (SDN List).

OFAC originally designated Altomare SA and Kallista in November 2025 as part of a counter terrorism sanctions action targeting Iran’s “shadow fleet” and associated networks. OFAC alleged that Kallista had transported nearly four million barrels of Iranian oil on behalf of Sepehr Energy Jahan, a U.S.-sanctioned entity, between January and February 2025. Altomare SA publicly challenged OFAC’s allegations and sought review of the designation.

While OFAC never publicly comments on the reason for a delisting, Altomare SA stated that the company was the victim of maritime identity theft. It asserted that a U.S.-sanctioned vessel (Limas) posed as Kallista while trading to Iran, using fake AIS tracking signals and forged documents. OFAC did not confirm whether this information was the reason for OFAC’s decision to delist Altomare SA and Kallista.

This development underscores the increasing sophistication of sanctions evasion tactics, including spoofing and documentation fraud, particularly with respect to sanctioned vessels. Companies engaged in maritime trade should continue to closely monitor vessel activity (e.g., their AIS data, whether the timelines of their shipments make sense, whether the ports visited make sense), check for adverse information, and conduct due diligence screenings regularly. The delisting also highlights the value of prompt engagement and transparent communication with OFAC when parties believe they have been misidentified or otherwise designated based on inaccurate information.

Crowell & Moring will continue to monitor developments related to sanctions and their potential impact to industry.

On January 12, 2026, the U.S. House of Representatives overwhelming passed (369-22) the Remote Access Security Act, modernizing U.S. export controls to address foreign adversaries’ remote access to controlled technologies through cloud computing services.  

Currently, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) does not consider the provision of cloud computing services to be exports. If passed into law, the bill (H.R. 2683) would modify the Export Control Reform Act of 2018 to authorize BIS to regulate the remote access of items, in addition to the export, reexport, and transfer of items, as well as issue licenses and impose penalties related to remote access of export controlled items.

The bill, sponsored by Rep. Michael Lawler (R-NY-17), directly responds to concerns that Chinese entities have exploited cloud services to evade U.S. export controls on advanced semiconductors and AI technologies by accessing computing power remotely through offshore data centers. It would apply U.S. export control restrictions to remote access and cloud-based exposure of controlled items—including advanced AI chips and semiconductors. In addition, the bill could significantly disrupt cloud computing companies’ compliance operations, which have been based on the understanding that the provision of cloud computing power does not qualify as an export for nearly twenty years.

The Remote Access Security Act would not become law until passage in the Senate and signature by the President. Senators David McCormick (R-PA), Ron Wyden (D-OR), Tom Cotton (R-AR), and Chris Coons (D-DE) and the sponsors and cosponsors of the Senate version (S. 3519).

Key Takeaways

  • Companies should expect increased regulatory scrutiny of cloud service arrangements involving foreign users, particularly those with potential ties to China. Enhanced due diligence, customer verification, and transaction-level documentation procedures will be necessary for compliance.
  • The policy implications of this bill extend beyond traditional hardware manufacturers to cloud service providers, data center operators, and technology platforms offering remote computing capabilities.

On January 7, 2026, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) imposed a $1.5 million civil penalty on Exyte Management GmbH (“Exyte”), a Germany- headquartered engineering and procurement company, after its Shanghai affiliate Exyte Shanghai Ltd., (“Exyte China”) admitted to illegally causing the transfer of approximately $2.8 million in EAR-subject semiconductor equipment to Semiconductor Manufacturing International Corp. (“SMIC”), China’s largest chip manufacturer. BIS designated SMIC on the Entity List in 2020, resulting in the prohibition of the export, reexport, and transfer of all items subject to the Export Administration Regulations (EAR) to SMIC without specific authorization. Exyte must pay the penalty within 75 days to maintain its BIS export privileges.

The settlement continues an ongoing theme by BIS to enforce provisions of the EAR that prohibit activities other than exports, reexports, or transfers. Here, each of the violations were due to Exyte China “causing” another violation of the EAR, a penalty more akin to what is typical in a U.S. Department of the Treasury Office of Foreign Assets Control (“OFAC”) settlement. It also reflects a continued focus on transactions that involve companies that are listed on the Entity List and on transactions that involve sensitive technologies, including semiconductors.

Between March 2021 and March 2022, Exyte China facilitated 13 in-country transfers totaling 884 items, including voltage sag protectors, programmable logic controllers, flowmeters, and pressure transmitters from Chinese suppliers to SMIC. All items were classified as EAR99 and used in chip fabrication facilities. Despite knowing the items were destined for SMIC, Exyte failed to recognize that an export license was required.

BIS cited Exyte’s “inadequate corporate compliance controls” as the root cause, noting the company “did not appreciate” that EAR licensing requirements applied to in-country transfers from Chinese distributors to Entity List customers. Exyte’s voluntary self-disclosure after discovering the violations influenced the settlement outcome.

This action highlights a critical compliance gap: in-country transfers within China remain subject to the EAR when U.S.-controlled items are destined for Entity List parties, even absent cross-border movement. Companies using local affiliates or distributors in China must ensure their compliance programs capture downstream transfers to restricted end users as BIS continues expanding Entity List designations in the semiconductor sector.

On January 6, 2026, China’s Ministry of Commerce (“MOFCOM”) issued Announcement No. 1 [2026], imposing export controls on dual-use items destined for Japan. The measures took effect immediately, with no wind-down period.

Under the announcement, exports of all dual-use items from China are prohibited where the end user or end use: (i) involves Japanese military users; (ii) supports military end uses; or (iii) otherwise contributes to enhancing Japan’s military capabilities.

The announcement represents a further escalation in China’s use of export controls as a policy tool amid recent heightened tensions with Japan. Several aspects of the measures merit close attention from companies engaged in China-related supply chains.

First, the scope of the restrictions is intentionally broad. The inclusion of end users or end uses that could enhance Japan’s military capabilities expands the controls beyond traditional defense recipients. As a result, exports previously viewed as commercial or civilian in nature may now warrant additional scrutiny.

Second, companies should expect MOFCOM to increase its focus on end-use and end-user due diligence for exports involving Japan. Requests for more detailed certifications, supporting documentation, and transaction-level explanations are likely moving forward. Given the policy sensitivity and ambiguity surrounding the new criteria, exporters should also anticipate longer license review timelines and potential follow-up inquiries.

Third, the scope is not limited to direct exports from China to Japan. The controls also apply extraterritorially, covering transfers of Chinese-origin dual-use items through third countries, as well as in-country transfers, where the end users or end uses fall within the scope of these controls.

Crowell & Moring will continue to monitor developments related to Chinese export controls and their potential impact to industry.

The U.S. Department of the Treasury will cease issuing paper checks for all U.S. Customs and Border Protection (“CBP”) refunds starting on February 6, 2026 according to an Interim Final Rule. A recipient may continue to receive paper checks provided that they have an approved waiver in place in accordance with 31 C.F.R. § 208. Individuals and firms seeking refunds for IEEPA tariffs are unlikely to fall under one of the specific cases provided for in 31 C.F.R. § 208.4(a). Therefore, importers seeking possible refunds of IEEPA tariffs in the event that the Supreme Court finds such tariffs unlawful should ensure that Automated Clearing House (“ACH”) refunds are authorized in the Automated Commercial Environment (“ACE”) Portal.

ACH Refund is available to anyone who has a federally assigned taxpayer identification number, Social Security number, or CBP’s assigned number, and a U.S. bank account with U.S. bank routing number. Trade users can use the new ACH refund authorization tool in ACE to complete this process using the one-page guide provided by CBP.

The basic steps to ensure proper ACH refund receipt are as follows.

  1. Log in to your ACE Portal top account as TAO or as an authorized Proxy TAO or Trade Account User.
  2. Navigate to the importer sub-account view and locate the ACH Refund Authorization tab.
  3. View, add, and update U.S. bank information for receiving refunds

For more information on authorizing ACH refunds and other questions regarding ACE Portal functionality, please feel free to reach out to Crowell & Moring for assistance.