Office of the Vice President forResearch and Innovation

Research security is crucial to a university because it directly safeguards its financial and legal stability. Federal funding is now directly contingent upon robust security compliance. Federal mandates like National Security Presidential Memorandum 33 (NSPM-33) and the CHIPS and Science Act require universities to certify that they have comprehensive Research Security Programs. These programs include standardized disclosure procedures, export controls, and foreign travel protocols.

Failure to enforce these measures can lead to administrative actions, such as suspension of grant funding or the debarment of key faculty. These penalties would destabilize the institution's financial model and reputation. By prioritizing security, the university protects its eligibility for the federal support that sustains its entire research enterprise.

Beyond financial necessity, research security is essential for preserving the university's intellectual property and academic integrity. In today's competitive environment, unauthorized access or transfer of research data or proprietary materials by foreign actors poses a severe risk of economic espionage. This theft can compromise the university's ability to secure patents, license technology, and realize the commercial value of its discoveries.

Furthermore, research security enforces transparency against undisclosed foreign affiliations and conflicts of commitment, ensuring that all publicly funded work adheres to the highest ethical standards. Maintaining this integrity is vital for attracting top talent, building public trust, and sustaining the collaborative, yet secure, environment necessary for innovation.

National Security Presidential Memorandum 33 (NSPM-33) is a U.S. government directive aimed at strengthening the security and integrity of federally-funded research and development against foreign government interference and exploitation, while maintaining the openness essential to the U.S. research enterprise.

The core intent is to protect intellectual capital, prevent research misappropriation, and ensure responsible management of taxpayer dollars by increasing transparency, standardization, and accountability.

NSPM-33 requires:

• Universities that receive federal funding to implement research security programs.
• Adopt and standardize disclosure requirements for researchers.
• Require recipients of funding to use Digital Persistent Identifiers (ie. ORCiDs).
• Define a clear, tiered structure for violation of disclosure requirements and engagement in activities that threaten research security.
• Information sharing between agencies about violators or potential threats to research security.

Pursuant to NSPM-33 and 42 U.S.C. sec. 19234 of the CHIPS and Science Act, agencies will require all “covered individuals” who are engaged in federally funded research to complete research security training. "Covered individuals" are those who contribute significantly to the scientific development or execution of a research and development project, including:

• Principal Investigators (PIs) 
• Co-PIs
• Senior/Key research personnel 
• Any other specifically designated personnel

Covered personnel are required to complete the Research Security Training (Combined) provided by CITI.

International travel poses an intelligence threat to U.S. researchers primarily because it creates a high-risk environment where foreign intelligence services, competing institutions, and other adversaries can attempt to steal sensitive research, recruit personnel, or install surveillance.

The threat is compounded by the fact that researchers often travel with valuable data and are accustomed to the open, collaborative nature of academia, which foreign adversaries can exploit.

Tactics include:

• Elicitation
• Talent recruitment programs
• Financial incentives
• Compromise of electronic devices

VCU has provided useful information to help you prepare for international travel.

IT security and equipment

If you are planning to travel to High IT Risk Countries (China or Russia), VCU can provide you with a loaner laptop. Please contact Taron James for assistance.

A Malign Foreign Talent Recruitment Program (MFTRP) is a prohibited foreign government sponsored initiative that poses a significant risk to U.S. research security. As defined by the CHIPS and Science Act, a program is considered malign if it is sponsored by a foreign country of concern (such as China, Russia, Iran, or North Korea) and involves problematic obligations that compromise a researcher's integrity or duty.

These problematic terms often include providing compensation in exchange for the unauthorized transfer of U.S. intellectual property, requiring the researcher to not disclose their participation, or demanding that they accept a severe conflict of interest or commitment. Ultimately, this leads to a lack of transparency and a threat of misappropriation of federally funded research.

Not all foreign talent recruitment programs are malign. Only those that are linked to a country of concern and include specific terms that promote secrecy, theft, or dual loyalties are classified as MFTRPs.