The University Research Security Challenge: Balancing Collaboration and Compliance

Navigating the New Research Security Mandates

Universities face dual pressures to effectively safeguard research integrity while also maintaining the open academic collaboration that has long enabled research and development leadership throughout the world.

Many institutions still struggle to balance these competing demands effectively, especially as new research security mandates like the U.S. NSPM-33 (which applies to institutions receiving $50 million or more in federal funding), as well as Canada’s Sensitive Technology Research and Affiliations of Concern (STRAC) Policy and Named Research Organizations (NRO) list introduce additional compliance requirements.

The Importance of Research Security — and Why It’s Under Scrutiny

As global scientific collaboration increases, so do concerns about the misuse of academic partnerships and the leakage of sensitive research. At the heart of this issue lies research security, which the OECD has defined as “preventing undesirable foreign state or non-state interference with research.” Per the OECD’s June 2022 policy paper titled Integrity and Security in the Global Research Ecosystem, “the main goal of research security is to protect the research ecosystem and thus protect legitimate national and economic interests.”

In the U.S., research security has become a national priority. The U.S. government is worried about foreign influence on federally funded research and the potential for misuse and exploitation of American research and intellectual property. Agencies such as the National Institutes of Health (NIH), National Science Foundation (NSF), Department of Energy (DOE), Department of Defense (DoD), and the Office of Science and Technology Policy (OSTP) have all issued guidance and implemented new policies to establish clearer compliance expectations for institutions.

Other nations, including Australia, Canada, and the United Kingdom, are taking similar steps to safeguard research from foreign interference. In Australia, the government has issued a series of frameworks to manage national security risks in academia, including the Australian Research Council (ARC) Countering Foreign Interference Framework and the List of Critical Technologies in the National Interest. Canada’s policy links federal funding eligibility to screenings for sensitive research areas and foreign affiliations of concern. In the U.K., updated guidance from the National Protective Security Authority and expanded support from the Research Collaboration Advice Team help institutions assess and respond to risks tied to international partnerships. Together, these efforts reflect a growing global consensus around the importance of research security.

Universities, in particular, face mounting scrutiny as they navigate the dual pressures of maintaining open, collaborative environments while complying with national security obligations. Research Security Officers (RSOs) and Export Control Officers (ECOs) are often tasked with identifying and mitigating risks related to foreign influence. But this is no easy task, particularly if/when partnerships are not technically illegal or explicitly prohibited.

Recent investigations underscore how educational institutions can be vulnerable targets in broader networks of geopolitical competition. A House Select Committee on the Chinese Communist Party (CCP) report detailed how China has exploited U.S. educational partnerships to gain access to advanced military technologies through research collaborations.

Understanding Foreign Influence Compliance

Successful implementation of a research security and foreign influence compliance program requires actionable measures. A comprehensive program provides critical rules and processes to manage external risks, and it explains how an institution actively safeguards its valuable work and intellectual property.

Core components of this compliance ecosystem include export controls and/or research security (which may be housed in separate offices, depending on your institution). Regulations in various jurisdictions govern the transfer of sensitive technologies, software, equipment, and technical data to foreign persons or entities, whether through shipping physical goods, sharing research findings, or even allowing access to labs or digital systems. Institutions rely on export control data to assess risk and make sure that research activities do not inadvertently support sanctioned or trade-restricted parties, or military end use and military end users.

Export controls provide a legal framework to prevent the unauthorized transfer of sensitive technologies, while broader foreign influence regulations address the more subtle and systemic risks posed by foreign entities seeking to exploit academic openness. Foreign influence regulations often mandate detailed disclosure of foreign relationships, funding, and participation in foreign talent programs.

Chinese talent plans have actively recruited U.S.-based researchers, offering incentives to transfer federally funded research and technology to Chinese institutions without proper disclosure. Similarly, Chinese multinational technology company Huawei’s research funding at American universities has drawn scrutiny over whether such partnerships grant the company early access to innovations with potential military applications.

Adherence to these regulations is often a prerequisite for receiving federal research funding, and non-compliance can result in severe penalties.

The High Stakes of Non-Compliance in University Research

As federal agencies intensify scrutiny of foreign influence and research security, universities with weak compliance programs face growing exposure. Educational institutions risk the loss of federal funding, suspension of individual researchers, institutional debarment from future grants, and significant legal liabilities.

Enforcement actions underscore just how real these risks are. In recent years, several prominent universities and researchers have faced investigations for failing to disclose foreign affiliations or funding relationships. For instance, Dr. Song Guo Zheng, a former rheumatology professor at The Ohio State University, was sentenced to 37 months in prison and ordered to pay over $3.8 million in restitution after pleading guilty to making false statements on NIH grant applications. Further, Emory University terminated two NIH-funded faculty members in 2019 for failing to disclose foreign research funding and their involvement with institutions in China. The investigation led to the closure of their laboratory and the departure of four Chinese postdoctoral students.

Due diligence and accurate disclosures are essential. Research administrators and compliance staff must proactively vet international collaborations, track foreign funding sources, and educate faculty about disclosure requirements.

How Universities Can Foster Collaboration Without Compromising Compliance

The traditional openness of academia can sometimes conflict with government expectations for research control and transparency, but with a strategic approach, collaboration and compliance don’t have to be at odds. Clear guidelines and internal review processes can help prevent risk while enabling ongoing academic exchange.

Other ways to strengthen your compliance program without stifling valuable research partnerships include:

• Vet international partners upfront. Before entering into joint projects or grant agreements, screen affiliations for connections to restricted entities, military end users, or sanctioned jurisdictions.
• Establish agreements with built-in compliance mechanisms. These should include clauses around data handling, publication rights, intellectual property, and obligations for disclosure and transparency.
• Ensure regular disclosure and review of foreign affiliations, funding relationships, and external partnerships. Structured processes for continuous reporting can reduce gaps in oversight, and consistent training can foster a culture of compliance that encourages timely self-disclosure from researchers.

Leaning on external resources can also significantly streamline these efforts. Third-party platforms like Kharon enable rapid vetting and affiliation monitoring, delivering relevant real-time insights without slowing down research or creating additional administrative burdens.

The Need for a Robust Research Security Program

Educational institutions must move beyond ad hoc compliance efforts and toward building comprehensive, institutionalized research security programs.

A successful research security program weaves together multiple disciplines, policies, and systems to provide continuous oversight and risk mitigation. Common to the strongest programs are several core components:

• Risk assessment: This involves identifying vulnerable research areas, mapping external partnerships, and tracking the flow of sensitive information.
• Training: Researchers, administrative staff, and leadership must be equipped with up-to-date knowledge of relevant compliance obligations.
• Screening: Proactive vetting of foreign partners, visiting scholars, and international funding sources is critical. Screening tools and watchlists, often supported by third-party platforms, can help identify ties to sanctioned entities, military end users, or other high-risk affiliations that may pose national security or compliance concerns.
• Internal reporting: Clear protocols must be in place for reporting potential violations, foreign affiliations, and conflicts of interest.

So, who’s responsible for this oversight? The most successful programs are built on cross-functional coordination among key stakeholders like Departmental Export Officers (DEOs), Facility Security Officers (FSOs), and Research Compliance Officers (RCOs).

Managing Controlled Unclassified Information (CUI) and complying with export control regulations are particularly critical for any federally funded projects. Institutions must implement tracking systems to ensure that CUI is not exposed to unauthorized parties, including foreign nationals on campus or in distance collaborations.

Unique Challenges Facing RSOs and ECOs on Campuses

RSOs and ECOs face complex challenges when evaluating foreign research partnerships, especially in sensitive geopolitical contexts. Kharon helps address several of the most pressing issues:

• Pressure to justify risk-based decisions: Universities may stand to lose millions of dollars in funding or collaboration opportunities if they walk away from a partnership. RSOs must often justify a “no” recommendation even when an engagement isn’t technically illegal. Kharon provides citation-backed, factual insights that make it easier to defend a decision based on risk.
• Manual, time-consuming research: Many RSOs rely on basic web searches, academic databases, and machine translation tools to conduct research. This is especially true when they are dealing with institutions that are not on any government watchlist. Kharon replaces this manual lift with analyst-vetted insights, multilingual source collection, and unparalleled support from subject matter experts.
• Language barriers, misinformation: Chinese university and corporate websites have been known to present sanitized information on their English-language pages, while disclosing more sensitive affiliations, such as ties to the People’s Liberation Army (PLA), on their Chinese-language versions. Kharon’s multilingual research team helps surface these discrepancies and provides verifiable documentation.
• Advisory vs. decisional roles: Not all RSOs have the authority to block a partnership. Many can only advise researchers or administrators. The visual nature of Kharon ClearView makes complex risk assessments easier to understand, analyze, and communicate to researchers and other stakeholders.

How Kharon Supports Research Security and Foreign Influence Compliance

Modern research security programs are only as effective as the tools supporting them. Designed for compliance teams operating at the intersection of academia, national security, and global research collaboration, Kharon supports institutions in identifying and mitigating foreign influence risks.

Kharon provides advanced screening and network analysis capabilities. The platform goes beyond surface-level checks, enabling university users to:

• Detect connections to sanctioned entities, parties subject to export controls, and military end users
• Identify beneficial ownership links to high-risk actors
• Allow for more informed decision-making in gray areas. When partnerships aren’t explicitly prohibited but raise concern, RSOs must still present compelling, evidence-based justifications to leadership. Kharon supports these decisions with clear, citation-backed network intelligence that turns “gut feelings” into defensible recommendations.

Kharon’s tools are designed to work alongside the processes and systems that universities already use. As part of this effort, Kharon is used by over 25 leading global research universities and partners with the U.K.-based Higher Education Export Controls Association (HEECA) to ensure that its capabilities fit the needs of the higher education community and align with evolving research security standards.

Building a Future-Proof Research Security Framework

Foreign influence risks are becoming more sophisticated, and government oversight continues to sharpen. Universities must take a proactive, systems-level approach to research security. The goal for universities is not only to comply with current regulations, but to build a durable compliance program that can evolve alongside new risks, regulations, and research trends.

To future-proof their compliance efforts, institutions should focus on establishing integrated frameworks that embed foreign influence and export control risk assessments into every stage of the research lifecycle, from grant application to publication. At the same time, they must enable collaboration without compromising security by implementing internal review processes, structured disclosure protocols, and rigorous vetting of international partners. Simultaneously, institutions must ensure that compliance responsibilities are effectively managed across the organization by instituting cross-functional coordination among compliance officers, legal counsel, department leadership, and research faculty.

As academic partnerships grow more global and geopolitical tensions rise, universities that invest in strong compliance programs today will be better positioned to lead responsibly tomorrow.

Research Security with Kharon

Safeguarding academic integrity requires not just policy, but precision intelligence. Kharon’s data and analytics empower research compliance teams to:

• Screen academic partners and funding sources for ties to sanctioned entities, parties subject to export controls, and military end users
• Map indirect affiliations through advanced network analysis and relationship mapping
• Identify beneficial ownership links
• Integrate risk insights into grant review, export control, and collaboration approval workflows

With Kharon’s ClearView platform, universities can uncover hidden risks, ensure defensible disclosures, and protect their eligibility for federal research funding.

Stay ahead of research security expectations and use Kharon to build a strong compliance program. Learn more about how Kharon supports research security and export control functions here.