XClose

Research and Innovation Services

Menu

National Security and Investment Act

The National Security and Investment (NSI) Act allows the UK government to check and intervene in deals with overseas parties to protect national security.

The NSI Act covers the acquisition of entities such as businesses, partnerships, trusts, and assets like equipment, technology, and intellectual property. It complements the existing export controls legislation and underpins the Trusted Research agenda.

Determining national security threats

The NSI Act identifies 17 sensitive sectors, many of which apply to UCL research and innovation activities:

  • Advanced materials
  • Advanced robotics
  • Artificial intelligence
  • Civil nuclear
  • Communications
  • Computing hardware
  • Critical suppliers to the government
  • Cryptographic authentication
  • Data infrastructure
  • Defence
  • Energy
  • Military and dual use
  • Quantum technologies
  • Satellite and space technologies
  • Suppliers to emergency services
  • Synthetic biology
  • Transport

To determine if an acquisition is subject to the NSI Act, assessments consider:

  • Target risk: What asset or entity is being acquired? Does it fall within a sensitive sector?
  • Acquirer risk: Who is acquiring the asset or entity? Could they pose a threat to national security?
  • Control risk: What level of control will the acquirer have over the asset or entity?

Our Compliance and Assurance team will assess whether an activity is subject to the Act in the first instance and seek further support and advice from the UK Government as needed.

If a research or innovation activity you are involved in could be subject to the NSI Act, contact our Compliance and Assurance team at ris.complianceandassurance@ucl.ac.uk for support. 

Impact on higher education research and innovation

The NSI Act applies to research and innovation in several ways:

  • Entities: Academic spinouts and startups may be subject to the NSI Act if partially or wholly sold to other parties. Contact UCL Business for further information and support on spinouts and startups.
  • Assets: Research and innovation projects involve sharing knowledge and intellectual property, and may also involve the development, licensing, or sale of prototype designs or devices, which might be subject to the NSI Act. Consultancy projects are particularly at risk as the ownership of the intellectual property generated is often transferred to the client. Contact the UCL Consultants team for further information and support on consultancy projects.

The GOV.UK website has guidance and case studies on the NSI Act for higher education. 

Due diligence

Our Compliance and Assurance team manages UCL’s due diligence for research funders and partners, identifying risks related to third parties. Principal Investigators (PIs) should check the organisation's due diligence report in Worktribe and contact our Compliance and Assurance team if it is rated as high-risk or a compliance risk is identified.

Our how-to guide on searching and exporting data explains how to find an organisation in Worktribe. Due diligence reports are located under the documents tab in the organisation's profile.

Enforcement of the Act

PIs are responsible for ensuring compliance with the NSI Act. If an activity might be subject to the Act, UCL is required to notify the UK Government’s Investment Security Unit (ISU) for review. The ISU may impose special conditions if necessary. In rare cases, the activity may be prohibited from going ahead.

Our Compliance and Assurance team manage the notification process on behalf of UCL. Approval from the UCL Research and Innovation Security Committee (RISC) is needed before submitting a notification. The activity will be presented to RISC by our Compliance and Assurance team on behalf of the PI.

Who to contact for support

Should you have any questions about the NSI Act or require support, contact our Compliance and Assurance team at ris.complianceandassurance@ucl.ac.uk.

Page last updated: May 2025