This is a research prototype. The data and analyses are preliminary and not yet validated — we'd welcome your .
Official name: National Defense Authorization Act for Fiscal Year 2026, Section 8521 ("Prohibition and notification on investments relating to covered national security transactions")
Prohibits U.S. persons from engaging in national security transactions involving prohibited technologies like AI. Requires Secretary of the Treasury to issue regulations, notify Congress of exemptions, and impose penalties. Mandates reporting and facilitates multilateral engagement to control technology risks.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is a binding federal statute enacted by the United States Congress as part of the National Defense Authorization Act for Fiscal Year 2026. It contains mandatory prohibitions, enforcement mechanisms with civil penalties, and regulatory authority delegated to the Secretary of the Treasury.
The document has good coverage of approximately 6-8 subdomains, with strong focus on malicious actors (4.1, 4.2), AI system security (2.2), competitive dynamics (6.4), governance failure (6.5), and dangerous capabilities (7.2). Coverage is concentrated in security, national security threats, and governance domains related to preventing adversarial technology development.
This document governs investment transactions across multiple sectors where AI and other advanced technologies are developed and deployed. The primary focus is on restricting U.S. investments in prohibited and notifiable technologies (AI systems, semiconductors, quantum computing, etc.) in countries of concern. The governance applies broadly to any sector where these technologies enable military, intelligence, surveillance, or cyber capabilities, with particular emphasis on Information (technology development), Scientific Research and Development Services, Manufacturing (semiconductors), and National Security sectors.
The document does not focus on specific AI lifecycle stages but rather on investment transactions and technology transfer restrictions. It addresses the deployment and operational context by prohibiting and requiring notification of investments in prohibited and notifiable AI technologies. The governance applies across the lifecycle by restricting capital flows that could enable development of AI systems with military, intelligence, or surveillance capabilities.
The document explicitly covers AI systems as a prohibited and notifiable technology category. It does not define specific AI model types (frontier, general purpose, task-specific, foundation, generative, predictive) but broadly addresses 'Artificial intelligence systems' as a technology area subject to investment restrictions. No compute thresholds or open-weight model distinctions are mentioned.
United States Congress
The document is Section 8521 of the National Defense Authorization Act for Fiscal Year 2026, which is federal legislation enacted by the United States Congress.
Secretary of the Treasury; Attorney General of the United States; Secretary of Commerce; Secretary of State
The Secretary of the Treasury is designated as the primary enforcement authority with power to prohibit transactions, impose civil penalties, and compel divestment. The Attorney General can seek judicial relief. Other cabinet secretaries have consultative roles.
Secretary of the Treasury; Secretary of Commerce; appropriate congressional committees (Committee on Financial Services, Committee on Foreign Affairs, Committee on Banking, Housing, and Urban Affairs)
The Secretary of the Treasury is required to monitor compliance through notification processes, identify non-notified activity, and submit annual reports to Congress. Congressional committees receive reports and testimony on implementation and enforcement.
United States persons engaging in covered national security transactions with covered foreign persons in countries of concern (People's Republic of China, Republic of Cuba, Islamic Republic of Iran, Democratic People's Republic of Korea, Russian Federation, Bolivarian Republic of Venezuela)
The document explicitly targets United States persons (citizens, permanent residents, and entities organized under U.S. law) who engage in investments or transactions involving prohibited or notifiable technologies with covered foreign persons in countries of concern.
6 subdomains (4 Good, 2 Minimal)
