What is the NS&I?

The National Security and Investment Act 2021 (NS&I Act) came into force on 4th January 2022. Under the NS&I, the government can scrutinise and intervene in certain acquisitions made by organisations, including universities, businesses and investors, that could harm the UK’s national security. The NS&I allows the government to impose certain conditions on acquisitions occurring after November 2020, and in rare instances, to unwind or block an acquisition completely. This applies whether the acquisition has been completed or is still in progress or contemplation.Any party acquiring a ‘qualifying entity’ (defined as any entity other than an individual) is legally required to tell the government if it falls into 17 sensitive areas that are more likely to give rise to national security risks. The 17 areas are as follows:

• Advanced Materials
• Advanced Robotics
• Artificial Intelligence
• Civil Nuclear
• Communications
• Computing Hardware
• Critical Suppliers to Government
• Cryptographic Authentication
• Data Infrastructure
• Defence
• Energy
• Military and Dual-Use
• Quantum Technologies
• Satellite and Space Technologies
• Suppliers to the Emergency Services
• Synthetic Biology
• Transport

How might this affect me? 

The NS&I Act directly concerns the LSE with respect to acquisition of an interest in assets, which includes intellectual property rights. Although, as a social science institution there is a lower likelihood that the NS&I Act will impact LSE’s acquisition of an entity due to the nature of our research, and its proximity to the 17 areas. However, all LSE staff supporting and conducting research need to understand any ramifications of sharing LSE research outputs either informally or formally (e.g. collaboration agreements). Below is a list of scenarios of when intellectual property rights may need to be reviewed to ascertain whether a voluntary notification is required under the NS&I Act.

Licenses and Agreements 

For external licences involving third parties, a voluntary notification might arise likely in relation to the 17 areas for:

• a grant of a licence (whether it is an exclusive or non-exclusive licence)
• a licence which may confer an assignment of intellectual property rights
• an increased level of control over the intellectual property rights

Internal licences to LSE staff, where a member of staff licences their intellectual property rights to LSE or where LSE licences its intellectual property rights to a member of staff, are unlikely to be of national security interest.

Collaboration and Consortium Agreements 

Collaboration and consortium agreements between the LSE and a third party which may require control of intellectual property by a lead party.

Commercialisation

Creation of a spin out company where LSE will usually require an equity shareholding. The company will need to maintain its own internal exports control policy. As an equity shareholder, LSE will need to monitor the spin out company’s operations from a NS&I Act perspective. However, the overall responsibility for a voluntary or mandatory notification will remain with the spin out company.

Other agreements

LSE’s sponsored research agreements, gifts agreements where there is an assignment or licence of intellectual property rights, or consultancy agreements.

A voluntary notification will need to be considered where an existing agreement is either being revised (a variation) or rights therein are transferred to a third party (novation).

Where can I get more advice? 

Research & Innovation will work collaboratively with you to identify and work through any potential activities which may come under NSI. Email RI.Security@lse.ac.uk in the first instance.

Trusted Research is a cross government, cross research and innovation sector term for protecting the UK’s intellectual property, sensitive research, infrastructure and its exploitation by a hostile state or other similar actors. It is concerned with potential security threats and risks to international collaborative research and innovation activities. The UK Government has created the Trusted Research guidance and service to help UK researchers and innovators protect the UK’s intellectual property, sensitive research and its exploitation by external hostile actors. Trusted Research is mainly designed to highlight possible national, legal, financial and reputational risks as early as possible.

As a response, UK Research and Innovation (the UK’s public funding body for research and innovation) established its trusted research and innovation (TR&I) work programme in order to:

a) provide guidance to the sector about managing collaborative activities safely and securely

b) minimise the risks UK may face within a global research and innovation ecosystem

UKRI has published a set of principles about how to apply TR&I to new and existing UKRI grants. Organisations funded by the UKRI are required to adopt these principles and be able to evidence the controls and measures that have been put in place. The principles are:

i. Assessment of Partner Suitability

Appropriate due diligence assessment should be undertaken of potential collaborative partner organisations. These include factors such as the nature of the project activity, any envisaged outputs, dual project use (military or civilian use) etc. An assessment must take into consideration the following key issues:

a. Legal framework: collaborator’s governing documents including any formal or informal affiliations with other businesses, government departments or military should be reviewed.

b. Values: democratic and ethical values, and how these may differ from the UK’s values.

c. Conflict of interest: create awareness, in particular evaluation of any risks involving individuals who have interaction with LSE academics, access to organisation via employment, study, collaboration etc.

ii. Managing Information and Knowledge Sharing

a. Cyber Security: development of robust cyber security control (prevention) and security awareness through training programs.

b. Separation of Data: sensitive data (including personal data) must be securely stored and, where a shared platform is used for information exchanged, data should be logically separated into different locations so it is only accessible by authorised individuals.

c. Access to Data: data access only granted to individuals with a clear requirement for access. It is important to understand whether there is any local (overseas) legislation which may allow for release of such data to local government institutions.

d. Project Activity and Outputs: project activity and project outputs to be compliant with export control (including NS&I). Parties should be aware of any dual use and unethical application of the project outputs.

iii. Commercial Application

Appropriate agreements in place to ensure management of sensitive data and any intellectual property rights, particularly where there is future commercial use of the outputs.

a. Intellectual Assets and Intellectual Property Rights (“IPR”): IPR should be managed in professional manner, including deciding when it is most appropriate to seek protection and subsequently how to exploit, assign, license or disseminate it to maximise its impact.

b. Publishing Project Outputs: all commercially sensitive outputs must be appropriately protected prior to publication, and should comply with UKRI’s open access policies once published.

c. Export Controls: an understanding of any relevant export controls which may apply to an organisation’s outputs and activities, including for any knowledge and technology transfer.

How might this affect me? 

As a researcher, you should work with R&I to: 

• Assess if your research is sensitive, including the assessment of commercial sensitivity
• Ensure your partners are suitable according to the Trusted Research principles
• Have due diligence checks done on research funders or collaborators you want to engage (which are usually done by using publicly available information)
• Consider the data and information sharing arrangements with your partners carefully
• Make sure you comply with UK regulations and Acts (specifically the NS&I Act), GDPR, other policies. Depending on your collaborators and their countries, check if you need to comply with their home country legal frameworks

For more information

Read the Government’s Trusted Research Guidance for Academia.

Use the Trusted Research Checklist for Academia to assess your international project’s risk levels which can be downloaded from the same link above.

Consult the Research Due Diligence Manager for help to run LSE’s due diligence checks on your partners and funding sources.

What is FIRS? 

The Foreign Influence Registration Scheme (FIRS) is a statutory two-tier scheme under the National Security Act 2023.  It aims to strengthen the UK’s resilience against covert foreign influence and increase transparency around activities of foreign powers or entities that may pose a national security risk.

FIRS came into force on 1 July 2025, and the online registration portal and public register are now live.

• Political Influence Tier: Requires registration of arrangements to carry out political influence activities in the UK at the direction of any foreign power.
• Enhanced Tier: Applies to specified foreign powers or foreign power-controlled entities (currently Russia and Iran), requiring registration of a broader range of activities where necessary to protect the UK’s safety or interests.

A “direction” means an order, instruction, or request where a power relationship exists (such as through a contract, payment, coercion, or promise of future benefit).

How might this affect me?

• FIRS does not prohibit activities, it requires transparency. Registered activities can still proceed as normal, provided all relevant arrangements are declared (either by appearing on the public register or by meeting a public transparency threshold).
• Registration is required if:
  • You have an arrangement with any foreign power to influence UK politics.
  • You have an arrangement with Russia, Iran, or an entity they control, to do activities in the UK.
  • A specified foreign power-controlled entity is doing activities in the UK.
  • You work for a foreign power and misrepresent your identity or capacity in the UK.
• Most academic and research activities are unaffected. Routine collaboration or funding from overseas partners does not require registration unless there is a direction to undertake registerable activities.
• Registration deadlines: 28 days for the political influence tier; 10 days for the enhanced tier.

How do I register an activity?  

• LSE has registered an institutional account and will handle registrations for activities on behalf of the School.
• If you are entering into a registerable arrangement in a personal capacity, you will be responsible for registering yourself via the Home Office portal.
•  If you are unsure whether your situation requires institutional or personal registration, please contact in the first instance:  
  • For research-related FIRS queries:  ri.security@lse.ac.uk and cc: ethics@lse.ac.uk. 
  • For general FIRS queries, or questions relating to students, teaching, or your course of study: ethics@lse.ac.uk. 

Not sure if you need to register?

• Use the Home Office Registration Checker Tool
• Contact usfor support. We have a dedicated intake/query process to help you assess whether your activity falls within FIRS scope:
  • For research-related FIRS queries:  ri.security@lse.ac.uk and cc: ethics@lse.ac.uk. 
  • For the FIRS Task Force: ethics@lse.ac.uk. 

The Two Tiers Explained

Political Influence Tier

• Requires registration of arrangements to carry out political influence activities in the UK at the direction of a foreign power.
• Registration must be completed within 28 days of making the arrangement.
• Political influence activities include lobbying or communicating with senior decision makers (e.g., ministers, MPs, senior civil servants), election candidates, or the public, where the purpose is to influence UK public life (e.g., elections, government decisions).
• Disbursement of money, goods, or services for a political purpose may also be registerable.

Enhanced Tier

• Applies to specified foreign powers and entities (currently Russia and Iran).
• Requires registration of any activities in the UK at the direction of a specified power or entity, or activities carried out in the UK by a specified foreign power-controlled entity.
• Registration must be completed within 10 days of the arrangement or activity.
• The Secretary of State may tailor the activities requiring registration to the risk posed by the specified power or entity.

Exemptions and Examples

• Routine academic activities, such as peer review or reporting on academic progress, are generally exempt unless they involve directed political influence or specified enhanced-tier activities.
• If a researcher or academic is directed by a specified foreign power to engage in political activity (e.g. organising a protest), registration is required.
• Arrangements involving certain organisations may also be exempt (e.g. UKRI).

Penalties

• From 1 July 2025, individuals and organisations must comply with FIRS. Failure to register when required is a criminal offence, with penalties of up to five years’ imprisonment.
• There is a three-month grace period (until 1 October 2025) for registering pre-existing, in-scope activities.

LSE R&I Compliance and Process

Due diligence and Data Review 

• FIRS compliance is now part of our standard due diligence and contract review processes. All new and ongoing collaborations, funding agreements, and partnership arrangements will be screened for FIRS relevance.
• If you are completing an R&I due diligence or contracts form, you will be asked targeted FIRS-related questions to help flag potential registration requirements.

Record Keeping and Audit Readiness 

• Our R&I Due Diligence function will help oversee record-keeping and process improvement for R&I activities.

Where to find more information

• Official Gov.UK FIRS guidance for academia and research (Home Office)
• FIRS Factsheet (Gov.UK)
• Introduction to FIRS (Home Office)
• FIRS Registration Checker Tool (Home Office)
• LSE FIRS Webpage