ETI Home
  • About
    • About ETI
    • Staff
    • Advisory Board
    • Careers
  • Events
    • Upcoming ETI Events
    • Digital Transformation for Acquisition Series
    • Past ETI Events
  • Publications
    • Reports
    • Magazine Articles
    • ETI Brief Series
    • ETI Insights
  • YouTube
    • Podcast
      • In The News
        • Contact Us

        DoD Implements New Memorandum for Fundamental Research Security

        What it Means for Universities and Firms

        On January 7th, 2026, the Department of Defense (DoD) issued a comprehensive memorandum, “Fundamental Research Security Initiatives and Implementation,” establishing new research security requirements that will significantly impact anyone conducting or managing DoD-funded research. This directive, signed by the Under Secretary of Defense for Research and Engineering (USD(R&E)), is a substantial update to DoD research security protocols. It implements nine major initiatives that will affect how DoD-funded fundamental research is managed, how risk reviews are conducted, how compliance activities are reported, and how grant records are maintained. The measures are designed to protect DoD fundamental research from malign foreign influence, intellectual property (IP) theft, and research exploitation more generally. The following is an overview of these initiatives and their implications for universities and firms.

        The Nine Major Provisions:

        1. Entity Exclusions from DoD Funding

        DoD Component Heads such as the Secretaries of the Military Departments and the Directors of the Defense Agencies must prohibit two categories of entities from receiving fundamental research assistance awards:

        • Entities on the “Chinese Military Companies Operating in the United States” list (required under Section 1260H of FY2021 NDAA, as amended) (10 USC 113 note)
        • Entities with documented histories of patent or IP theft.

        Universities and firms must immediately review all current and pending DoD fundamental research awards to identify collaborations, subcontracts, or partnerships with entities on the Section 1260H list of the FY21 NDAA. The list includes major Chinese technology companies such as Huawei, Hikvision, DJI, BGI Genomics, SMIC, and dozens of others. Universities and firms should establish processes to screen potential collaborators against this list before proposals are submitted. This provision effectively creates a “do not fund” list for Department research offices and is functionally similar to export control restrictions.

        1. Enhanced Compliance Auditing and Reporting

        DoD Component Heads must conduct annual spot checks of all fundamental research awards with mitigation measures and at least 25% of all other research awards. Additionally, Component Heads must provide semiannual reports on enforcement activities to OUSD(R&E). Research personnel within the DoD, in industry, or in academia who are working on Department-funded project must report all sources of current and pending support, including funding for students and postdoctoral researchers from external entities.

        This provision increases oversight of DoD funded research by making ongoing compliance monitoring mandatory. Universities and firms should expect regular audits of their DoD funded projects and must maintain detailed documentation of all risk mitigation measures.

        1. Department-Wide Fundamental Research Risk Review Repository

        Each DoD Component Head must identify a “Component Office” to execute Fundamental Research Risk Reviews. Component Offices must submit relevant information such as disclosure forms, documented risk-based reviews, mitigation plans, and compliance documentation to OUSD(R&E)’s Science and Technology Program Protection (S&TPP) office.

        This is step one in the creation of a centralized database to track all fundamental research risk reviews across the Department. This will enable cross-component information sharing and pattern analysis that was not previously possible. Universities and firms should be aware that if research security issues are identified in one DoD-funded project, those issues will affect eligibility for awards from other components.

        1. Annual Data Call on Research Security Activities

        This provision primarily impacts DoD Component Offices and directs them to provide detailed information on research security operations as part of the annual OUSD(R&E) Basic Research Office data call.

        1. Entity Nominations for Section 1286 List

        Section 1286 of the FY19 NDAA as amended (“Initiative To Support Protection of National Security Academic Researchers From Undue Influence and Other Security Threats” - 10 USC 4001 note) requires the Department to maintain a list of “foreign entities associated with foreign governments that conduct significant military research and development.” This provision creates a formal process for Component Offices to nominate new entities to the Section 1286 list.

        1. Standardized Training for Research Security Personnel 

        This provision requires Component Offices to provide annual training to research security personnel within the Department and states that OUSD(R&E) will explore standardized training requirements across the department. This could lead to certification requirements or mandatory training modules that research security personnel must complete to work on DoD-funded projects.

        1. Grant Transparency and Database Requirements

        OUSD(R&E) will issue a Grant Instruction Notice requiring grant number acknowledgements in all publications funded by the DoD. OUSD(R&E) Basic Research Office, CDAO, and Component Offices will define requirements for a common research grant database.

        This administrative requirement has significant implications for research transparency and accountability. Currently, many publications acknowledge DoD support generically (e.g., “supported by the Air Force Office of Scientific Research”). This new requirement applies to any entity or individual that uses funds received by the DoD to carry out R&D activities (“Disclosure requirements for recipients of research and development funds” 10 USC 4027 note). This change will enable more precise assessments of research outcomes, identify potential unauthorized technology transfer, and evaluate return on investment for specific programs.

        1. One-Year “Damage Assessment” of Selected Cases

        OUSD(R&E) will conduct a one-year damage assessment that will include cases identified in recent reports by the House Select Committee on Strategic Competition. These reports have highlighted numerous cases of alleged technology transfer, unauthorized collaborations, and failures to disclose foreign connections at institutions receiving federal research funding. This assessment will identify whether sensitive research findings were shared with foreign entities and evaluate the effectiveness of institutional research security measures and may inform future DoD policy on research security.  

        1. Automated Vetting and Continuous Monitoring Capabilities

        The Chief Digital and Artificial Intelligence Office (CDAO) will identify and develop automated vetting and continuous monitoring capabilities within the DoD. These capabilities may include automated screening of researcher affiliations and publications, analysis of disclosure forms for inconsistencies, and pattern recognition to identify problematic networks or relationships. This provision underscores the Department’s prioritization of real-time monitoring of research activities as it invests in data-driven and continuous capabilities to measure compliance and surface at-risk research relationships.  

        Conclusion

        The January 7th, 2026 memorandum signals a shift from ad-hoc research security practices toward a standardized, enforceable, and increasingly data-driven compliance regime across DoD-funded fundamental research. According to the National Center for Science and Engineering Statistics, the DoD allocated 54 percent of fundamental research funds to universities, 15 percent to industry, 22 percent to DoD labs, 5 percent to other nonprofits, and the other 4 percent to state, local, and foreign governments. The implications of the new provisions will impact these organizations differently. For universities and firms, a new operating model will need to be created to include pre-award screening against excluded entity lists, keeping documentation that can withstand routine spot checks, and disciplined disclosure and publication practices that enable traceability at the grant-number level.

        Leaders in universities and firms should begin integrating entity screening and documentation into proposal workflows; standardize the collection of disclosures of external funding to support future audits; and prepare faculty and research staff for new publication attribution requirements and continuous monitoring expectations. Care needs to be taken when implementing these requirements. DoD needs to ensure that a perception to avoid international collaborations is not created due to a culture of risk aversion within academia and industry. Moreover, the near-term cost for firms and other universities needs to be considered, as repeatable disclosure processes will need to be created. The firms and universities that work to understand these requirements and modify appropriate processes will be best positioned to sustain DoD research partnerships in the future.

        2101 Wilson Blvd Ste 700
        Arlington, VA 22201-3060
        Tel: (703) 522-1820


        Affiliate Associations
        National Defense Industrial AssociationNational Training and Simulation AssociationWomen In Defense, A National Security Organization

        © 2026 ETI. All Rights Reserved. Privacy PolicyTerms of Use