Two pieces of US legislation that advanced in early 2026 are directly reshaping how companies access AI compute. The Remote Access Security Act (RASA) and the AI Overwatch Act together close a gap that US export controls had left wide open: physically shipping advanced AI chips was restricted, but renting remote access to those same chips via offshore data centres was perfectly legal.
That gap is now closed.
If you’re making any kind of cloud vs owned hardware decision framework for AI infrastructure in 2026, understanding what these laws actually do is no longer optional.
What is the AI Overwatch Act, and what would Congressional veto power over chip exports actually mean?
The AI Overwatch Act (H.R. 6875) gives Congress a 30-day review period over executive-branch decisions to export advanced AI chips to countries of concern. Even if the White House or the Bureau of Industry and Security (BIS) approves a chip sale, Congress can block it through a joint resolution of disapproval.
The bill was introduced by House Foreign Affairs Committee Chairman Brian Mast on 19 December 2025 and co-sponsored by John Moolenaar. It advanced out of committee 42-2-1 on 21 January 2026. The mechanism is modelled directly on the Arms Export Control Act — the same oversight framework used for US arms sales since 1976. Covered chips include everything under ECCNs 3A090 and 4A090: Nvidia H200, GB200/Blackwell, AMD MI325X, and next-generation Vera Rubin.
The trigger was a BIS January 2026 rule that shifted from automatically denying H200 and MI325X export licences to China to reviewing them case by case. Congress treated this as executive overreach. The bill would freeze approvals until Commerce submits an “American Artificial Intelligence Victory Strategy,” and lock technical thresholds for 24 months.
David Sacks called the bill an assault on presidential authority. Jensen Huang lobbied against it. Dario Amodei of Anthropic countered at Davos 2026: “Shipping chips to China is like selling nuclear weapons to North Korea.” The 42-2-1 margin signals durable bipartisan support.
For infrastructure planning, the practical implication is this: multi-year hardware investments built around specific chip availability become harder to underwrite with confidence.
What is the Remote Access Security Act, and what loophole does it close?
The Remote Access Security Act (RASA, H.R. 2683) passed the US House 369-22 on 12 January 2026. It extends the Export Control Reform Act (ECRA) to treat remote access to export-controlled AI chips as an export event. In plain terms: renting cloud GPU time on restricted chips is now legally equivalent to physically importing them. The underlying tariff mechanics that give these controls their teeth are covered in detail in how the 25 percent AI chip tariff actually works and what it means for GPU procurement.
Sponsored by Mike Lawler (R-NY) with unanimous 51-0 committee approval, it has a Senate companion introduced by Dave McCormick (R-PA) and Ron Wyden (D-OR).
The loophole existed because BIS advisory opinions from 2009 to 2014 established that cloud providers are not “exporters” under the Export Administration Regulations (EAR). A 2016 encryption safe harbour further allowed companies to store EAR-regulated technology in cloud infrastructure without triggering controls. RASA supersedes both.
Here’s the four-step mechanism that was entirely legal before RASA:
- Nvidia sells chips to an authorised partner in a third country
- That partner builds a data centre
- A Chinese company rents cloud computing time — not an “export”
- AI training runs on export-controlled hardware — no statute violated
RASA amends ECRA to add remote cloud access by foreign persons to the scope of regulated exports. BIS must still issue implementation regulations after enactment.
The INF Tech case: how a Shanghai startup renting servers in Indonesia prompted new US legislation
INF Tech is a Shanghai-based AI startup founded by Qi Yuan, a Fudan University professor with an MIT PhD. In October 2025, INF Tech rented 2,304 Nvidia GB200 GPUs from a Jakarta data centre operated by Indosat Ooredoo Hutchison for approximately $100 million.
The supply chain that made this legal ran through four entities, each step individually permissible:
- Nvidia sold chips to Aivres, a Silicon Valley server builder partially owned by Inspur — blacklisted for Chinese military ties
- Aivres sold 32 GB200 NVL72 racks to Indosat Ooredoo Hutchison
- Indosat rented compute time to INF Tech in Jakarta
- INF Tech ran AI training on export-controlled hardware from Shanghai
INF Tech stated its purposes as financial AI and drug discovery. The problem: China’s civil-military fusion policy means commercial AI development may serve military purposes. KYC checks cannot reliably distinguish end use when Beijing’s policy deliberately blurs the line.
The INF Tech case was the specific legislative trigger for RASA — but it was not isolated. Tencent, designated a “Chinese Military Company” by the US DoD, secured $1.2 billion in cloud rental contracts with Datasection Inc. of Japan for 15,000 Blackwell B200 processors in Osaka. Alibaba and ByteDance were separately identified training Qwen and Doubao via Southeast Asian data centres. The full picture of why Chinese tech companies ordered two million Nvidia H200s despite tariffs and regulatory risk explains the broader offshore GPU training strategy that made this legislation inevitable. In March 2026, the DOJ unsealed criminal charges against three individuals for conspiring to divert $2.5 billion worth of AI servers to China. Enforcement is already active.
What does the Remote Access Security Act mean for companies renting cloud GPUs in Southeast Asia?
Non-Chinese companies renting cloud GPU compute from Southeast Asian providers carry real operational risk under RASA — not because of their own end use, but because their provider may be serving clients whose access is now restricted. If that provider faces BIS licence revocations, the downstream effect is service disruption for everyone on the same infrastructure, including you.
Indonesia-specific risk: Indosat Ooredoo Hutchison is now named in the legislative record. Indonesian providers face heightened BIS scrutiny and need rigorous KYC programmes to stay in the US semiconductor supply chain.
Singapore-specific risk: Singapore is explicitly named in US export control concerns as a regional transshipment hub. Providers face both US pressure and domestic regulatory alignment. Malaysia and Thailand face similar scrutiny. The risk is regional, not just one country.
Here are four questions to raise with your provider now:
- Does your provider have a published RASA compliance programme?
- Does the provider screen customers against restricted party lists?
- What rights does the provider have to suspend service to non-compliant customers — and what notice will you receive?
- Is the GPU infrastructure dedicated exclusively to your account, or shared?
These are due diligence questions for your cloud provider and legal teams. But raising them before Senate passage is a lot easier than doing so mid-disruption.
How does the Remote Access Security Act change the cloud vs owned hardware calculus?
Before RASA, the cloud versus owned hardware decision had two variables: unit economics (cost per GPU-hour versus upfront capital expenditure) and scalability (on-demand access versus fixed capacity).
RASA introduces a third variable that simply did not exist before 2026: legislative compliance risk — the risk that your cloud provider’s regulatory exposure disrupts your access through no fault of your own.
Owned hardware eliminates the provider compliance risk variable. BIS controls apply to the purchase transaction, which is complete once hardware is delivered. The trade-off is exposure to AI Overwatch Act procurement uncertainty: availability timelines become less predictable when chip purchases face a 30-day Congressional review window.
Cloud compute risk varies significantly by provider. AWS, Microsoft Azure, Google Cloud, and Oracle have the compliance infrastructure to implement RASA at scale. Regional Southeast Asian providers face greater difficulty with KYC, restricted party screening, and audit logging — and greater exposure if compliance falls short.
RASA does not make cloud GPU access illegal for non-Chinese companies. It changes which providers are worth choosing. The cost differential between a US-owned provider and a regional provider now needs to be assessed alongside the compliance risk differential. That’s the new maths.
What is the “trusted US person” framework — and could it become the new model for cloud GPU access?
Most coverage of the AI Overwatch Act focuses on the restrictions. The trusted US person framework is the part most coverage has missed — and it is actually the more interesting development.
Under the framework, qualifying US-owned cloud providers can deploy AI GPUs that would otherwise require individual export licences to allied markets — including Southeast Asia — provided the hardware remains under US ownership, the provider is not in a country of concern, and strict security and audit requirements are met. Tier 3 countries (China, Russia, etc.) are excluded.
The four named qualifying entities are AWS, Microsoft Azure, Google Cloud, and Oracle. The strategic logic is to anchor allied markets to the American AI stack — and position US cloud as the delivery mechanism for frontier AI compute in non-adversary markets.
For companies in Indonesia, Singapore, Australia, and elsewhere in Southeast Asia, this matters practically. If the framework is enacted, accessing Blackwell and Rubin-class compute via one of the four US providers may be the most reliable and compliant path to frontier GPU access in the region. The US-owned provider relationship becomes the compliance solution rather than the compliance problem.
The AI Overwatch Act has passed committee but not the Senate — the framework is not yet law. Watch how AWS, Azure, Google Cloud, and Oracle position their Southeast Asian data centre capacity as Senate progress unfolds.
What do these new laws mean for AI infrastructure planning in 2026?
Three practical shifts did not exist in any earlier version of AI infrastructure planning.
Cloud GPU access in Southeast Asia now carries provider compliance risk. Any company renting GPU compute from a Southeast Asian provider needs to assess that provider’s compliance posture — not because of its own end use, but because of the provider’s exposure to restricted clients. This assessment is easier now, while compliance programmes are being built, than after a BIS enforcement action.
Procurement timelines for purchased hardware face Congressional review uncertainty. If the AI Overwatch Act advances, chip sales approved by BIS face an additional 30-day window. No resolution of disapproval has blocked a sale under AECA in 50 years — but the friction is real.
Major US cloud providers may become the gateway to frontier compute in allied markets. The trusted US person framework, if enacted, positions AWS, Azure, Google Cloud, and Oracle as the compliant delivery mechanism for Blackwell and Rubin-class access in non-adversary markets. For companies in Southeast Asia, this is not purely a restriction story — it may be the more reliable path.
Legislative status as of April 2026: RASA has passed the House 369-22 and awaits the Senate Banking Committee. The AI Overwatch Act has passed committee 42-2-1. BIS’s FY2026 budget includes $10 million specifically for enforcement of ECCN 3A090 chip restrictions.
The direction of US policy is toward tighter AI compute controls. For a full framework for evaluating infrastructure options in this environment, see the how to evaluate AI infrastructure options post-RASA planning guide.
Frequently Asked Questions
What chips does the Remote Access Security Act cover?
Chips designated under ECCNs 3A090 and 4A090 — Nvidia Blackwell/GB200, Nvidia Vera Rubin, and AMD MI325X are firmly within scope. Nvidia H20 and AMD MI308 fall below the Total Processing Performance (TPP) thresholds. Future chips meeting those thresholds are automatically covered.
What is the current legislative status of the Remote Access Security Act?
RASA passed the House 369-22 on 12 January 2026 and is with the Senate Banking, Housing, and Urban Affairs Committee. Senate companion S. 3519 was introduced by Dave McCormick (R-PA) and Ron Wyden (D-OR), with Tom Cotton and Chris Coons as co-sponsors.
Does the Remote Access Security Act affect companies that are not Chinese?
RASA targets foreign persons accessing export-controlled chips via cloud — Chinese entities are the primary target. Non-Chinese companies are not the direct target, but if their Southeast Asian cloud GPU provider is found to be serving restricted clients, BIS action against that provider could disrupt service for everyone on the same infrastructure.
What is the AI Overwatch Act’s relationship to existing BIS rules?
The AI Overwatch Act adds a Congressional layer above BIS licensing — a 30-day review window above BIS approvals for covered chip exports to countries of concern. The specific trigger was BIS’s January 2026 case-by-case licensing rule for H200 and MI325X exports to China, which Congress interpreted as executive overreach.
How does the AI Overwatch Act compare to the SAFE Chips Act?
The SAFE Chips Act (December 2025) proposed a substantive cap: restrict AMD and Nvidia to H20 and MI308-class chips to China until 2028. The AI Overwatch Act takes a procedural approach: Congress reviews and can veto individual executive-branch chip export decisions. The AI Overwatch Act is explicitly modelled on AECA arms sales oversight.
Can Chinese companies still rent cloud GPUs after RASA passes?
If RASA is enacted, Chinese entities accessing US-jurisdiction AI chips via cloud face the same restrictions as physically importing them. Cloud providers must implement KYC and restricted party screening. Chips below the export thresholds (H20, MI308) remain accessible. Blackwell/GB200 and Rubin-class access would be prohibited.
What should companies with existing cloud GPU contracts in Southeast Asia do now?
RASA has not yet passed the Senate; existing contracts are not immediately affected. Use the four questions in the main body above as your due diligence framework. Frame this as a procurement risk assessment now, while provider compliance programmes are being built — it is easier to ask these questions before Senate passage than after.
What is the cloud GPU loophole that these laws address?
Pre-RASA, US export controls prohibited physical shipment of advanced AI chips to restricted parties but said nothing about renting remote access to those chips in offshore data centres. BIS advisory opinions from 2009 to 2014 established that cloud providers are not “exporters” under the EAR. The INF Tech case is the definitive example: a Shanghai startup legally rented 2,304 GB200 GPUs from an Indonesian data centre because each step in the supply chain was individually permissible.
What is the Export Control Reform Act and why does it matter for these laws?
ECRA (Export Control Reform Act, 2018) gives BIS permanent authority to regulate US exports and is the foundation for all AI chip export controls. RASA amends ECRA — adding “remote access by foreign persons” to the definition of regulated export activities. The AI Overwatch Act adds Congressional review above BIS’s ECRA licensing authority.
How does Nvidia fit into the AI Overwatch Act debate?
Jensen Huang met with Trump in December 2025 to lobby for loosened export controls. Brian Mast accused Huang of running a “paid minions” campaign: “Jensen Huang, since you’re not on X, I’ll tag your company @nvidia. You and your paid minions are fighting to sell millions of advanced AI chips to Chinese military companies like Alibaba and Tencent.” Nvidia’s concern is straightforward — the review period reduces its addressable market in China. Anthropic’s counterargument (Dario Amodei, Matt Pottinger): maintaining Chinese access to US frontier chips funds AI development that may serve military purposes.
