Author: Jamie J. Yang, Partner

On May 21 and 22 2026, Taiwan’s Keelung District Prosecutors’ Office executed search warrants across twelve locations, detaining three suspects in what it described as Taiwan’s first formal criminal crackdown on the illegal export of AI servers to China. The hardware in question: approximately fifty Supermicro servers equipped with advanced NVIDIA chips, valued at over US$15 million, allegedly bound for China via Northeast Asia and Hong Kong and Macau under falsified shipping documents.

Photo by Rubén Bagüés on Unsplash

The prosecution is consequential. What is equally consequential, and has attracted less attention than the arrests themselves, is the statutory basis the prosecutors chose. The three suspects were charged under Taiwan’s Criminal Code provisions for document forgery. They were not charged under Article 27 of the Foreign Trade Act for the unauthorized export of strategically controlled goods.

That choice is not just procedural. It reflects a structural feature of Taiwan’s current export control enforcement capacity, and one with direct relevance for foreign companies operating in Taiwan’s technology supply chain.

Two Regimes, One Transaction

The export of advanced AI servers from Taiwan to China involves two separate legal regimes operating at different jurisdictional levels.

The first is the US Export Administration Regulations (EAR). Since October 2022, NVIDIA’s highest-performance computing chips, including the H100, H200, and subsequent generations, have been classified under ECCN 3A090, a control classification that effectively bars their export or re-export to China without a Bureau of Industry and Security license that would not be granted. EAR jurisdiction is not territorial: it follows the item. A US-origin controlled item sitting in a Keelung warehouse is still subject to US re-export controls. Anyone, regardless of nationality or physical location, who re-exports that item to a prohibited destination violates US law.

Taiwan-based companies face no US-side restrictions on acquiring these chips. Taiwan is a recognized partner in the multilateral effort to control advanced semiconductor technology, and the NVIDIA hardware was reportedly purchased in Taiwan through ordinary commercial channels. The restriction that applies to the Keelung suspects arises at the re-export stage: having lawfully purchased the servers in Taiwan, they allegedly attempted to ship them onward to China. That leg of the transaction sits squarely within EAR jurisdiction.

The second regime is Taiwan’s own domestic framework. The Foreign Trade Act (貿易法) vests MOEA with authority to designate controlled export items, implemented through the Strategic High-Tech Goods Export and Import Management Regulations (戰略性高科技貨品輸出入管理辦法). The operative control list, the Military and Commercial Dual-Use Goods and Technology Export Control List(軍商兩用貨品及技術出口管制清單) is structured around the Wassenaar Arrangement’s control categories and updated annually by reference to Wassenaar plenary decisions. Exporting a controlled item to a restricted destination without a MOEA permit violates Article 27 of the Foreign Trade Act, with criminal exposure for serious violations.

If the AI servers at issue appeared on Taiwan’s own Military and Commercial Dual-Use list for exports to China, the Keelung prosecutors had a Taiwan domestic export control charge available to them. They did not use it.

The Technical Difficulty of the Export Control Charge

Understanding why requires attention to how Taiwan’s list and the Wassenaar framework it mirrors actually works.

Category 4 of the Wassenaar Arrangement (Computers) does not name specific products. It controls items based on technical performance parameters: principally, Composite Theoretical Performance thresholds, and for AI hardware, criteria around matrix computation rates for neural network training and inference. Whether a specific system is controlled requires mapping its technical specifications against those criteria, a characterization exercise sitting at the intersection of export law and electrical engineering.

Taiwan’s November 2025 amendment to the Military and Commercial Dual-Use list added eighteen new categories, including advanced semiconductor manufacturing equipment, three-dimensional printing systems, and quantum computing hardware. Advanced AI servers as an assembled product category were not among the additions. The GPUs inside those servers may fall within Taiwan’s semiconductor component controls. Whether the assembled system, the item actually exported, is captured by Taiwan’s own list requires technical evidence, expert characterization, and an export control analytical framework that Taiwan’s prosecutors have not had occasion to build through prior enforcement practice.

This is an observation about the state of Taiwan’s export control enforcement infrastructure at the moment of Taiwan’s first serious test case in this domain. Charging Article 27 of the Foreign Trade Act would have required establishing: (a) that the specific servers, as assembled systems, appeared on Taiwan’s own list for the relevant controlled destination; (b) that no export permit had been obtained; and (c) technical expert evidence on specification characterization, all in a prosecution with no domestic precedent to draw from. The institutional investment required to build that case, in novel legal territory and under time pressure, was considerable.

Why Forgery Is the Clean Charge

Taiwan’s Criminal Code forgery provisions, Articles 210, 214 and 216, require none of that analytical infrastructure. The charge reduces to a factual question: were the shipping documents falsified to misrepresent the goods or destination? The prosecutors evidently concluded they were. Courts have decades of forgery jurisprudence to apply. There is no threshold analysis, no controlled-item characterization, no Wassenaar category mapping. The criminal exposure under the forgery provisions is real and well-understood.

The result is a prosecution that is legally sound and strategically defensible: the government can establish criminal liability on facts it can prove, in a statutory framework it knows, while sending a deterrent signal through Taiwan’s technology supply chain. From a prosecutorial standpoint, that is a rational allocation of institutional resources in a first-of-its-kind case.

The Proxy Enforcement Problem

What the prosecutorial choice reveals, however, is that Taiwan is currently in a position of enforcing US-origin export controls by proxy through domestic criminal law, rather than asserting an independent Taiwan-law export control violation. The underlying wrong, re-exporting US-controlled hardware to a prohibited destination, is primarily a US EAR violation. Taiwan’s prosecution addresses the means by which that violation was accomplished (the forged documents), not the substantive export control breach itself.

This matters for how the enforcement action should be read. It is not Taiwan independently asserting its own strategic technology controls over these goods. It is Taiwan prosecuting the document fraud that enabled the circumvention of US-origin restrictions. The distinction has practical consequences for how future cases might be structured, and for what compliance obligations Taiwan companies can be said to have violated when no documents are forged.

The gap between the two regimes also creates an asymmetry that matters for foreign general counsel assessing compliance risk in Taiwan operations. The forgery exposure is clear, well-understood, and would apply to any document falsification in any export context, existing doctrine, existing enforcement infrastructure. The Taiwan domestic export control exposure, Article 27, on the theory that assembled AI servers independently triggered Taiwan’s own Military and Commercial Dual-Use list, is analytically murkier, depends on technical characterization that has not been litigated, and appears not to have been the basis for prosecution in the case where it would most naturally have been at issue.

The Gap May Narrow

Taiwan’s MOEA has signalled increasing attention to export control compliance following the Keelung case, and the annual amendment cycle for the Military and Commercial Dual-Use list provides a standing mechanism to address gaps in assembled-system coverage. The Wassenaar Arrangement’s own AI hardware control criteria have been evolving through recent plenary sessions, and Taiwan’s mirroring obligation means domestic updates will follow.

There is also the question of whether prosecutors in future cases, with the Keelung precedent in hand and with more time to prepare, will build the technical infrastructure needed to bring the Article 27 charge alongside, or instead of, the forgery count. That development is not inevitable, but it is the logical direction of travel if Taiwan is serious about autonomous export control enforcement capacity rather than reliance on the proxy route.

For companies in Taiwan’s technology supply chain with exposure to controlled hardware, as manufacturers, distributors, logistics providers, or end users, the current picture involves two distinct compliance layers: the US-origin re-export obligation that follows the hardware regardless of where it is physically located, and Taiwan’s own domestic export control framework, whose application to assembled AI systems remains, as of this case, untested at the enforcement level. Both layers warrant assessment. The Keelung case clarifies that one of them is actively enforced; the other is still finding its footing.