
On June 8, the Pentagon added 64 Chinese companies to its Chinese Military Companies list, bringing the total to 188 entities. The scale of the expansion drew attention, but not because of new sanctions. The CMC list does not, by itself, prohibit any commercial transactions.
What it does is classify.
The list, maintained under Section 1260H of the FY2021 National Defense Authorization Act, identifies companies that the Pentagon believes directly or indirectly support China’s military-civil fusion strategy, the government’s decades-long effort to integrate civilian technological innovation with military development.
The June expansion drew particular attention because it included household names: Tencent, Alibaba, DJI (the world’s largest drone maker), and Unitree Robotics. These are not state-owned defense contractors. They are private companies that make social media apps, e-commerce platforms, and consumer robots.
A Risk Assessment, Not a Policy Response
The CMC list is best understood as infrastructure for future action. It provides a common framework across US government agencies for identifying which Chinese firms may pose national security risks, reducing the coordination costs of future policy.
“As AI, robotics, and cloud computing become central to strategic competition, the line between commercial innovation and military capability blurs,” write Yuxin Lu, Runyu Huang, and Dingding Chen of the Intellisia Institute in The Diplomat. “The CMC list is more of a risk assessment than a policy response.”
Once a company is on the list, it becomes eligible for inclusion in other regulatory regimes. The BIOSECURE Act, for example, is expected to put CMC-listed entities “front of the line” for designation as biotechnology companies of concern. Successive NDAA provisions have attached real consequences: restrictions on Defense Department procurement, limits on lobbying activities, and phased prohibitions on technology acquisitions.
The lobbying restriction has already had effects. US lobbying firms that work with Defense Department contractors face a choice: keep the Chinese client or keep the Pentagon contract. Brownstein Hyatt Farber Schreck and Mercury Public Affairs both dropped Alibaba and Tencent.
Market Signals Without Legal Force
Even without direct legal prohibitions, the list shapes behavior.
WuXi AppTec, a Chinese pharmaceutical company designated on the CMC list, filed a legal challenge stating that within 10 days of its designation, customers expressed concern, suspended collaborations, and one supplier halted shipments citing the CMC designation alone.
Alibaba’s complaint said the designation damaged its reputation, heightened investor concerns, and prompted business partners to reassess their relationships.
“Markets respond to expectations long before governments impose restrictions,” the authors note.
Companies can sue to challenge their designation. Alibaba won a temporary suspension of the lobbying restriction in a federal court on July 5. Xiaomi successfully challenged its military-related designation in 2021. But removal does not prevent re-designation: Hesai, a lidar maker, was removed and then added again.
The Bigger Picture
The CMC list is not a sanctions regime. It is a classification system that functions as scaffolding for future regulation. As USC law professor Angela Zhang argues, US restrictions on Chinese technology are increasingly forming an interconnected regulatory architecture rather than isolated policy instruments.
The list’s real power is that it can expand without a vote, without a public hearing, and without a clear legal standard for what counts as “military-civil fusion.” Any company that works on AI, cloud computing, robotics, or biotech, which is to say, any ambitious Chinese tech company, can find itself on the list. And once on the list, the consequences grow over time.

