University
5 min read

Aligned With Current Government Funding Agency Expectations

Written by
Alok Patel
Published on
January 28, 2026

Meeting New Research Security Mandates

Why DoW’s New Rules Matter, and How Azymmetric’s Tyr Helps

In January 2026, the U.S. Department of War (DoW) dramatically raised the bar for research security compliance. A memorandum titled “Fundamental Research Security Initiatives and Implementation” issued by the Under Secretary for Research & Engineering, Emil Michael, sets strict new requirements that universities and research institutions must meet to receive DoW funding.

The memo directs immediate steps to protect DoW‑funded fundamental research from foreign threats such as intellectual property theft and malign foreign influence, and it aligns with heightened congressional scrutiny of research security. For universities, especially those seeking U.S. federal research grants, robust research security practices are now a non‑negotiable prerequisite for funding, on par with scientific merit.

Core New Requirements for Universities

The memo introduces nine initiatives; several are particularly consequential for universities and research organizations.

“Do‑Not‑Fund” Entity Restrictions

Within 60 days, DoW agencies must bar fundamental research funding from going to certain high‑risk entities, such as companies on the U.S. government’s list of Chinese military‑linked firms (NDAA FY21 §1260H) and organizations with histories of IP or patent theft.

Why it matters:
Universities must now:

  • Screen all partners, sub‑awardees, and vendors against government lists.
  • Prevent blacklisted entities from appearing anywhere in the proposal ecosystem.

A single ineligible collaborator can disqualify a project. This requires systematic, auditable vetting of international partners upfront, not ad hoc checks at proposal time.

2. Strict Disclosure and Audit Regime

DoWnow requires full transparency of research funding and affiliations. All project personnel (“covered individuals”) must disclose

  • All current and pending support
  • Any foreign scholarships or grants supporting students and postdocs on the project

In addition

  • At least 25% of ongoing fundamental research awards without special risk measures will be spot‑audited  annually.
  • 100% of projects with formal risk mitigation plans will be audited.
  • DoW Components must file semi‑annual reports on their research security enforcement actions.

Why it matters:

Compliance is shifting from trust‑based to evidence‑based:

  • Universities must maintain up‑to‑date disclosure records for each investigator and each award.
  • Documentation of risk assessments and mitigation measures must be complete,  consistent, and retrievable.
  • Failures to disclose outside funding or conflicts of interest risk loss of funding  and reputational damage.

Transparency and record‑keeping are now as important to program survival as the technical work itself.

Centralized Fundamental Research Risk Repository

The memo directs creation of a Department‑wide Fundamental Research Risk Review Repository. Each DoW funding office will designate a Component Office to upload

  • Disclosure forms
  • Institutional risk assessments
  • Risk mitigation plans
  • Other review documentation

For every award, within tight timeframes (e.g., clearing initial backlog within 60 days and new awards within 30 days).

Why it matters:

  • Any security issue flagged on one project becomes visible across all of DoW.
  • A lapse on a single award can affect an institution’s broader funding posture
  • Conversely, strong, timely submissions create a positive compliance track record in a Department‑wide system.

Universities need consistent, high‑quality, and timely risk documentation for every award, built on processes that scale.

Enhanced Training and Reporting Expectations

The memo:

  • Requires components to report annually on research‑security metrics (staffing levels, tools used, volumes of proposals needing mitigation, etc.).
  • Pushes toward standardized training requirements across DoW for research security     personnel.

Why it matters:

  • Research security is being professionalized as a discipline.
  • Funding agencies will increasingly expect universities to have
    • Named research security officers and teams
    • Documented training programs for faculty and staff
    • Modern compliance tooling, not just policy binder

Institutions that invest in training and tooling will stand out as low‑risk, high‑trust partners.

Greater Transparency in Publications and Past Security Failures

Within 45 days of the memo, DoW will require researchers to:

  • Cite the specific grant number in any publication arising from DoW‑funded work.

DoW is also initiating a one‑year “damage assessment” of recent research‑security failures (for example, undisclosed foreign ties that enabled illicit technology transfer), including high‑profile cases raised in Congress.

Why it matters:

  • Universities must monitor publications to ensure correct grant‑number citation; this is a new, ongoing administrative requirement.
  • The retrospective review signals that past cases are being systematically examined, not treated as isolated incidents.

Institutions should proactively address known issues now, and harden policies to prevent recurrences, rather than waiting to be contacted by DoW.

6. Toward Continuous, Automated Monitoring

DoW’s Chief Digital and AI Office (CDAO) is tasked with developing:

  • Automated vetting
  • Continuous monitoring tools for research security

with an initial report due in 180 days.

Why it matters

  • Compliance is moving from periodic, form‑based checks to continuous, data‑driven monitoring.
  • Machine‑assisted checks will look for red flags like undisclosed foreign grants, unexpected co‑publications, or connections to restricted entities.

Manual,spreadsheet‑driven approaches will struggle to meet expectations as these tools mature.

Global Context: Australia and the UK Move in Parallel

The U.S. is not alone. Allied governments are moving in the same direction, converging on common research‑security expectations.

Australia

  • In July 2024, the Australian Research Council (ARC) implemented strengthened     security screening following an amendment to the ARC Act.
  • All grant applications now undergo earlier vetting of researchers’ foreign affiliations and funding sources.
  • Applicants must disclose overseas ties at proposal stage and throughout the project.
  • Changes are informed by the University Foreign Interference Taskforce (UFIT)     guidelines, which emphasize risk assessment and transparency in collaborations.

United Kingdom

  • The National Security Act 2023 introduced the Foreign Influence Registration Scheme (FIRS) in July 2025.
  • FIRS requires registration of certain activities directed by foreign governments and complements the UK’s “Trusted Research” guidance for academia.
  • While routine academic work may be outside FIRS’s main scope, the signal is clear: universities are expected to understand and openly report foreign government involvement where it exists.

Implications for Australian and UK universities:

  • Joint projects with U.S. partners will increasingly inherit DoW research‑security     requirements.
  • Domestic rules (ARC, FIRS, Trusted Research) are converging on the same principles: disclosure, vetting, and traceability.

Rigorous security practices are no longer a uniquely American ask; they are becoming the baseline expectation for international research collaboration.

How Azymmetric’s Tyr Platform HelpsUniversities Meet These Expectations

Navigating this new regime is complex:

  • Screening entities against evolving “do‑not‑fund” lists
  • Collecting and updating disclosures from all project personnel
  • Preparing audit‑ready documentation for each award
  • Tracking risks, mitigations, and publications over a multi‑year project life

Azymmetric’sTyris engineered for this environment. It functions as an integrated research/security compliance hub that:

  • Automates repetitive tasks (e.g., screening against restricted lists, flagging incomplete disclosures)
  • Maintains structured, time‑stamped records for every compliance action
  • Generates documentation in formats aligned with funding‑agency audits and repository     submissions
  • Provides configurable workflows so institutions can map Tyr to their own policies and national requirements

In practice, Tyr:

  • Acts as a force multiplier for research security teams
  • Reduces the risk of human error in complex, high‑volume processes
  • Ensures institutions are prepared for random audits, targeted investigations, and future automated checks

AdoptingTyr also sends an external signal, to DoW program officers, ARC panels, and UKRIreviewers, that the institution is serious about research security and aligned with current policy direction.

Strategic Importance of Early Adoption

These mandates are on an aggressive implementation timeline. Institutions that delay:

  • Risk proposal rejections, funding freezes, or heightened scrutiny
  • May find themselves reacting piecemeal to findings from the DoW risk repository or     national security reviews

Universities that invest early in platforms like Tyr will:

  • Gain a competitive edge in DoW and allied funding competitions
  • Be perceived as low‑risk, high‑trust partners in sensitive and high‑value research     areas
  • Allow their researchers to maintain international collaborations without drifting out of compliance as rules tighten

In an era where national security and research funding are tightly coupled,a research‑security platform is becoming as essential as:

  • A grants management system
  • An IRB/HREC process
  • An export‑controls office

From Compliance Burden to Strategic Advantage

For university administrators and research security officers, the takeaway is clear:

  • The rules of the game have changed across the U.S., Australia, the UK, and beyond.
  • Alignment with new research‑security expectations is not just about avoiding penalties;     it is central to sustaining access to top‑tier funding and partnerships.

By understanding DoW’s 2026 memo and allied measures, and by leveraging platforms like Azymmetric’s Tyr, universities can:

  • Protect their intellectual property and reputations
  • Demonstrate leadership in responsible, secure research
  • Turn a daunting compliance mandate into a strategic differentiator in the global     research ecosystem.

Subscribe to newsletter

Subscribe to receive the latest blog posts to your inbox every week.

By subscribing you agree to with our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

More insights on accelerating lethality and fielding the future.

Government
5 min read

Mission-Driven Technology Selection For Emerging Domains

In emerging domains like Quantum and Space, technology selection must shift from chasing novelty to prioritizing mission-fit through disciplined Mission Engineering. This article explores how frameworks like MEIA and platforms like Tyr enable leaders to field high-consequence capabilities by aligning technical potential with validated mission outcomes.
Read more
Coalition
5 min read

NATO Standards Alignment and Rapid Capability Deployment

NATO is transforming standards from slow, procedural checklists into enablers of rapid, interoperable capability fielding. This article explains how the Rapid Adoption Action Plan, modernized STANAGs, and ACT’s “Innovate-Test-Adopt-Adapt” loop are designed to get AI, autonomy, and C2 technologies into allied formations in 24 months or less.
Read more
Field Tech
5 min read

C2 Modernization at Mission Speed

C2 modernization must move at the speed of the threat, not the speed of the bureaucracy. This article explores how Mission Engineering and MEIA are transforming C2 from a slow-moving program into a high-velocity, evidence-backed capability for the joint and coalition force.
Read more
View all