Skip to main content

Regulatory Background

Key Federal Initiatives

To safeguard research integrity, protect U.S. assets, and maintain eligibility for federal funding, the government has implemented key directives and legislation establishing the framework for institutional research security programs.

National Security Presidential Memorandum-33
(NSPM-33, 2021)

What It Means for Research

NSPM-33 directs all federal research funding agencies to standardize disclosure requirements and expectations for transparency in federally funded research.

Impact on Institutions

Institutions receiving more than $50 million annually in federal research funding must certify that they have implemented a research security program.

Guidance for Implementation

The Joint Committee on the Research Environment (JCORE), under the National Science and Technology Council, issued recommendations outlining best practices for meeting NSPM-33 requirements and strengthening research security.

CHIPS and Science Act of 2022

What It Means for Research

The CHIPS and Science Act reinforces and expands upon NSPM-33 by codifying research security expectations into law for federally funded researchers and institutions.

Key Provisions

  • Annual Research Security Training:

    Requires ongoing training for personnel engaged in federally funded research to increase awareness of security risks and institutional policies (Sec. 10634).

  • Malign Foreign Talent Recruitment Program (MFTRP) Restrictions:

    Prohibits participation in MFTRPs and requires researchers to certify compliance as a condition of eligibility for federal funding (Sec. 10632).

Office of Science and Technology Policy (OSTP) Final Implementation Guidance (2024)

What It Means for Research

OSTP released final guidance directing federal agencies to implement the research security program requirements established under NSPM-33 and the CHIPS and Science Act. The guidance mandates that covered institutions certify their research security programs include four core elements: cybersecurity, foreign travel security, research security training, and—where applicable—export control training.