LawFlash

China Enacts First Comprehensive Regulations on Industrial and Supply Chain Security

April 08, 2026

China’s State Council on April 7, 2026 published the Regulations on Industrial and Supply Chain Security (the Regulations), which took effect immediately upon publication with no transition period. The Regulations elevate existing, disparate legal tools, such as export controls and anti-sanctions provisions, into a unified, national security–driven regulatory framework for supply chain oversight and response.

For multinational companies (MNCs), the Regulations extend potential regulatory scrutiny beyond foreign government measures to include commercial conduct that could be viewed as affecting supply chain stability, particularly where such conduct has a material impact on Chinese counterparties or critical supply chain nodes.

KEY TAKEAWAYS FOR BUSINESSES

Key considerations for MCNs include the following:

The Regulations establish a centralized coordination mechanism among more than 15 government agencies (including MOFCOM, MIIT, and the CAC) to monitor supply chain activities
They expand risk triggers to capture commercial conduct by multinational companies that may be viewed as affecting supply chain security, including decisions to stop supplying Chinese customers or exit China-related supply chains
They impose new restrictions on supply chain data collection, which may have significant implications for how companies conduct environmental, social, and governance (ESG) diligence and supply chain audits in China
Companies may face direct legal conflict where complying with US or EU law could itself trigger enforcement risk in China
Key terms such as “interrupts normal transactions” and “discriminatory measures” are not defined, creating significant interpretive uncertainty for compliance decisions
The Regulations have no grace period and are effective immediately as of April 7

Underlying Policy Objective

While framed as a supply chain security measure, the Regulations are best understood as a strategic response to increasing global supply chain decoupling pressures and foreign regulatory constraints on China-related business activities.

In particular, the Regulations may have the effect of discouraging certain types of conduct by foreign companies, including where such conduct involves the following:

Complying with foreign sanctions or export control measures in a manner that disrupts commercial relationships with Chinese counterparties
Reconfiguring supply chains away from China for geopolitical or regulatory reasons
Conducting extensive supply chain due diligence or data collection activities within China that may expose sensitive industrial or operational information
Engaging in supply chain due diligence that Chinese authorities might deem excessive or aimed at exposing strategic vulnerabilities

In this sense, the Regulations shift China’s regulatory posture from reactive countermeasures to proactive behavioral deterrence, targeting not only foreign government measures but also commercial conduct by multinational companies that may be viewed as affecting supply chain security.

KEY PROVISIONS AND PRACTICAL INTERPRETATION

Countermeasures Against Foreign Companies (Article 15)

Article 15 represents a significant expansion of regulatory reach. Unlike prior frameworks that were triggered primarily by foreign government measures, it allows Chinese authorities to take action based on corporate conduct that may be interpreted as impacting supply chain security.[1]

Article 15 provides that where a foreign organization or individual “interrupts normal transactions” with Chinese counterparties or adopts “discriminatory measures,” and such conduct “causes or may cause substantial harm” to China's supply chain security, Chinese authorities may initiate an investigation and impose countermeasures.[2] The Regulation deliberately uses open-ended language, giving Chinese authorities broad discretion to interpret what constitutes prohibited conduct.

While the provision does not explicitly refer to compliance with foreign sanctions or export controls, these terms are sufficiently broad to potentially capture commercial decisions such as terminating supply relationships or suspending transactions with Chinese counterparties, particularly where such actions are taken in response to foreign regulatory requirements.

In practical terms, this means that decisions such as (1) terminating supply to Chinese customers, (2) exiting China-related supply chains, or (3) adjusting sourcing or customer strategies due to foreign regulatory pressure could themselves become grounds for investigation and potential countermeasures, particularly where such actions may have a material impact on Chinese counterparties or the stability of relevant supply chains.

Notably, Article 15 does not require proof of intent to harm China. The test is whether the commercial decision “causes or may cause substantial harm”—a standard that gives regulators significant interpretive latitude.

The countermeasures can also apply to entities controlled by the foreign organization (Article 15, final paragraph), potentially reaching subsidiaries, joint ventures, or portfolio companies globally.

Restrictions on Supply Chain Information Collection (Article 13)

Article 13 prohibits any entity from conducting supply chain-related “investigations or information collection” within China “in violation of relevant state provisions.”[3] While the regulation does not define these terms, the language is broad enough to potentially cover the following:

ESG audits (e.g., forced labor, carbon footprint mapping)
UFLPA or CSDDD compliance due diligence
Supply chain mapping that identifies critical nodes, capacities, or substitution plans
Questionnaires or on-site inspections of Chinese suppliers by foreign buyers

Until implementing rules clarify the scope, MNCs should assume that any structured data collection about a Chinese counterparty's supply chain could trigger scrutiny, particularly if the data is shared cross-border or used for foreign regulatory compliance.

Mandatory Domestic Execution (Article 16)

Article 16 requires that relevant organizations and individuals within China must “strictly execute” the countermeasures and emergency response measures adopted by the government.[4]

In practice, regulators may interpret this to mean that the China-based subsidiaries and executives of MNCs are legally mandated to comply with Chinese countermeasures, even if those measures directly conflict with foreign sanctions or the MNC’s global compliance policies. This creates a direct legal conflict where complying with US or EU law could itself trigger enforcement risk in China for local personnel.

Notably, Article 16 does not limit enforcement to entities. Individuals—including China-based managers and representatives of foreign companies—may face travel bans, visa restrictions, or data transfer prohibitions for non-compliance. This elevates the issue from corporate risk to personal risk for on-the-ground personnel.

Penalties, Enforcement, and Comparison

It is also important to note that Article 15 is broader than existing mechanisms like the Unreliable Entity List because it can be triggered by ordinary commercial decisions, not only by compliance with foreign sanctions.

Additionally, Article 12 encourages but does not mandate that enterprises adopt internal risk controls for core technology and data. However, failure to do so could be cited as an aggravating factor in an investigation.

PRACTICAL RISK SCENARIOS FOR MNCs

The following types of conduct may present heightened risk under the Regulations:

Suspending or terminating supply to Chinese customers due to foreign sanctions or export control concerns
Reconfiguring supply chains to reduce China exposure for geopolitical or regulatory reasons
Refusing to transact with Chinese counterparties based on internal compliance policies aligned with foreign regulations
Conducting detailed supply chain mapping, audits, or ESG investigations within China without careful legal structuring
Sharing supply chain data or operational information across borders in ways that may be viewed as sensitive
Conducting internal investigations or forensic audits in China that involve reviewing supplier transaction data or production capacity information
Transferring supply chain data from China to parent company servers outside China without explicit authorization

Immediate Considerations for MNCs

Review existing supply chain due diligence protocols conducted in China; consider legal review before launching new audits or data collection exercises
For any decision to suspend or redirect supply from Chinese customers, document the commercial rationale independently of foreign regulatory pressure
Assess whether China-based subsidiaries could be compelled to disregard home-country sanctions; evaluate governance structures that might mitigate direct conflict (e.g., separate legal entity operations, local board oversight)
Monitor for implementing rules and for any public enforcement actions that signal how broadly Chinese authorities will interpret Articles 13 and 15

HOW WE CAN HELP

Our team can assist with assessing China supply chain activities under the new framework, reviewing subsidiary governance structures, and evaluating compliance protocols.

The Regulations reflect a significant shift: certain supply chain decisions are now treated as matters with national security implications. MNCs should reassess not only their compliance with foreign laws but also how their business activities in and with China may be perceived under this new framework.

Contacts

If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following:

Todd Liao (Shanghai)

Margaret Luo (Shanghai)

Mudan He (Shanghai)

Sylvia Hu (Shanghai)

Fan Shi (Shanghai)

[1] Regulations on Industrial and Supply Chain Security (State Council Decree No. 834), Art. 15.

[2] Id.

[3] Id., Art. 13.

[4] Id., Art. 16.