Skip to main content
v2026.1714 entries · CC-BY 4.0
CASRAI

Editorial · CASRAI

NSPM-33 Disclosure and Compliance: A Roadmap for US Research Security and Administrative Teams

Introduction to NSPM-33 and Research Security National Security Presidential Memorandum 33 (NSPM-33) directs key United States federal funding agencies to establish unified, robust requirements for research security. Primarily targeting academic institutions receiving more than $50 million in annual federal research and development funding, NSPM-33 mandates the implementation of standardized disclosure requirements and formal Research Security […]

ByCASRAI Editorial Board
Published 12 Jun 2026· Last updated 25 Jun 2026· 3 minute read

Introduction to NSPM-33 and Research Security

National Security Presidential Memorandum 33 (NSPM-33) directs key United States federal funding agencies to establish unified, robust requirements for research security. Primarily targeting academic institutions receiving more than $50 million in annual federal research and development funding, NSPM-33 mandates the implementation of standardized disclosure requirements and formal Research Security Programs. For research administrators, compliance is a high-stakes endeavor—non-compliance risks the loss of millions in federal grants and severe reputational damage.

This roadmap provides US research security teams with a step-by-step compliance guide, analyzing disclosure mandates, programmatic requirements, and technological solutions.

Core Pillars of NSPM-33 Compliance

The White House Office of Science and Technology Policy (OSTP) has organized NSPM-33 execution into two fundamental pillars: Disclosures and Institutional Programs.

Pillar Key Requirements Primary Administrative Impact
Unified Disclosures Standardized formats (SciENcv) for Biosketches, Current and Pending Support, and digital persistent identifiers (PIDs). Eliminates agency-specific variation; mandates complete disclosure of foreign affiliations and funding.
Institutional Programs Formal research security programs addressing cybersecurity, foreign travel, export control, and insider threat training. Requires a designated Research Security Officer (RSO) and mandatory annual training for research staff.

Standardizing Disclosures: The Role of SciENcv and PIDs

To eliminate administrative complexity, NSPM-33 guidelines enforce the use of standardized digital formats across major federal agencies, including the NSF, NIH, DOE, and DoD:

  • SciENcv Integration: Investigators must use the Science Experts Network Curriculum Vitae (SciENcv) tool to generate Biosketches and Current and Pending Support documents. Hand-written or custom-formatted PDFs are no longer accepted.
  • Digital Persistent Identifiers (PIDs): The implementation guidelines highly encourage or mandate the use of authenticated persistent identifiers, such as ORCID iDs, to link researchers to their affiliations, grants, and publications. This digital lineage allows automated compliance checking and reduces the risk of omitted disclosures.
  • Failing to Disclose: Omissions—whether accidental or intentional—regarding foreign talent recruitment programs, international laboratory space, or non-monetary support (e.g., equipment, postdocs funded by external governments) are subject to civil and criminal penalties.

Implementing a Certified Research Security Program

For universities exceeding the $50M federal funding threshold, research administrators must implement and document a comprehensive Research Security Program covering four core areas:

1. Cybersecurity Safeguards

The institution must provide a secure IT network compliant with NIST SP 800-171 or CMMC standards. This includes multi-factor authentication, end-to-end data encryption for research data, and regular vulnerability scanning.

2. Foreign Travel Security

Establish travel registry policies requiring researchers to register international travel funded by federal grants. Provide mandatory pre-travel briefings, security training, and clean loaner devices (laptops/phones) for travel to high-risk nations.

3. Export Control & Disclosure Oversight

Implement rigorous export control protocols (covering ITAR and EAR) to track dual-use technologies, sensitive biological agents, and advanced aerospace designs. Insist on annual audits of international collaborative agreements.

4. Insider Threat and Research Integrity Training

Deploy mandatory training modules for all faculty, postdocs, and graduate students working on federal grants. The curriculum must cover intellectual property theft, ethical collaboration boundaries, and disclosure reporting mechanisms.

Conclusion: Building a Culture of Trustworthy Science

NSPM-33 compliance should not be viewed simply as a bureaucratic burden. When implemented correctly, a robust Research Security Program protects researchers’ intellectual property, safeguards tax-payer-funded discoveries, and ensures academic freedom is preserved. By leveraging modern digital tools like SciENcv, ORCID, and robust encryption protocols, US institutions can secure their research pipelines while maintaining their position as global leaders in scientific collaboration.

LAC

Partner Deal

LAC Health Supplies Mobile App

Referenced across the research world

University of Cambridge logoColumbia University logoUniversity of Edinburgh logoHarvard University logoUniversity of Oxford logoPrinceton University logoStanford School of Medicine logoUniversity College London logoORCID logoCrossref logoUniversity of Cambridge logoColumbia University logoUniversity of Edinburgh logoHarvard University logoUniversity of Oxford logoPrinceton University logoStanford School of Medicine logoUniversity College London logoORCID logoCrossref logo
  • University of Cambridge logo
  • Columbia University logo
  • University of Edinburgh logo
  • Harvard University logo
  • University of Oxford logo
  • Princeton University logo
  • Stanford School of Medicine logo
  • University College London logo
  • ORCID logo
  • Crossref logo

View CASRAI adoption →