NIH officials are telling individual grantees to seek advance permission before listing a foreign-affiliated co-author on a paper, even when all the work was done inside the United States. According to Inside Higher Ed’s May 22 report1, grantees who publish without that blessing are being ordered to strip those papers from their annual progress reports. The directive landed three days before NIH’s mandatory research security training requirement takes effect May 25, and it has university compliance offices scrambling to build a pre-submission review step that nobody staffed or budgeted for.
What changed
NIH program staff have begun contacting individual grantees to require advance permission for any co-authorship involving a scholar affiliated with a foreign institution, according to Science’s reporting cited by Inside Higher Ed1. The scope is broad: the restriction could apply to foreign students working in US labs and to researchers who have already left the country after completing the work.
Separately, grantees are being told to remove from their annual progress reports any publications that include foreign-affiliated co-authors if the grant did not previously have an approved “foreign component” on file. A progress report that omits publications is a progress report that understates output, which affects renewal decisions and grant scoring. The compliance burden falls directly on PIs who are already navigating NIH and NSF reporting requirements.
The IDeA dispute: clarification or new mandate
An NIH spokesperson told Inside Higher Ed that the update applies only to IDeA (Institutional Development Award) programs, which cover 23 states and Puerto Rico1 with historically low NIH funding. The spokesperson called it a “clarification of longstanding policy” rather than a new directive.
The problem: Science’s reporting suggests NIH officials are extending the requirement to individual grantees beyond the IDeA program. If the policy were genuinely limited to IDeA, the individual contacts to non-IDeA grantees would not be happening. NIH did not address other grant programs in its statement, which leaves research offices without a clear boundary. “Clarification of longstanding policy” is the kind of phrasing that can mean almost anything when the underlying policy was never written down in a way that required pre-publication clearance for co-authorship.
The timing compounds the confusion. NIH’s May 12, 2026 update2 introduced enhanced disclosure requirements for all sources of research support, foreign components, and active commitments, using updated Biographical Sketch and CPOS Common Forms that took effect January 25. That update was a formal, documented change. The co-authorship directive, by contrast, appears to be operating through informal communication, which is a different regulatory category with different enforcement characteristics.
NASA enters the frame
NASA has separately told some funded institutions that their researchers may have violated federal law by co-authoring papers with scientists holding Chinese institutional affiliations, according to a COGR director cited in the same report1. NASA did not respond to press inquiries.
This is worth flagging for two reasons. First, invoking “federal law violations” over co-authorship is a significant escalation from administrative compliance questions. Second, the warning is reaching institutions through informal channels rather than through a published NASA policy or Office of Inspector General investigation. When compliance requirements arrive via phone calls and individual letters rather than formal guidance, universities cannot build consistent review processes around them.
The compliance gap
University research offices now face an operational problem: insert a disclosure or pre-clearance step between manuscript draft and journal submission, for any paper with a foreign-affiliated co-author. Nobody staffed for this.
The mechanics are straightforward but the volume is not. A lab that publishes 15 papers a year, 10 of them with at least one international co-author, now needs 10 pre-clearance interactions per year with NIH program staff. Multiply that across a research university with hundreds of active NIH grants and you are looking at thousands of clearance requests, each requiring determination of whether the co-author’s affiliation triggers the policy, whether the grant has an approved foreign component on file, and whether the paper needs to be flagged or withheld from the progress report.
NIH introduced a Foreign Interference Assessment Tool2 as part of its May update, described as a decision matrix clarifying when NIH may request additional information and how disclosures influence funding decisions. Whether this tool covers the co-authorship pre-clearance scenario is unclear. The tool was designed for grant-application-stage disclosures, not for the manuscript-submission stage, which is where the current pressure is landing.
The per-paper compliance cost is real but unquantified. It includes staff time in the research office, PI time for the clearance request, delay to journal submission while awaiting NIH response, and the risk calculus of publishing without clearance versus losing the paper from the progress report.
What PIs should do right now
For labs with active international collaborations, the practical steps are limited but necessary:
-
Audit your co-author lists. Identify which papers in preparation or under review include foreign-affiliated co-authors. Check whether the relevant NIH grant has an approved foreign component.
-
Contact your program officer before submitting. If the grant lacks a foreign component approval and a foreign-affiliated co-author is on the manuscript, request written guidance from the program officer before the paper goes to journal. Keep the correspondence.
-
Flag the gap to your institutional research office. Most offices do not yet have a workflow for this. The earlier they know about the volume, the faster they can build one.
-
Track which papers appear in progress reports. If NIH orders removal of a publication, document the removal and the stated reason. This matters for renewal applications where publication records are scored.
-
Separate NIH co-authorship policy from the broader security requirements. NIH’s mandatory research security training2, effective May 25, requires all senior and key personnel to certify completion within 12 months of application submission. NSF, DOE, DOD, and USDA all recognize the condensed SECURE Center training module. This training requirement is separate from the co-authorship disclosure issue, but the two are landing simultaneously and compounding the administrative load on PIs.
The research security stack already in place
The co-authorship directive did not appear from nothing. It sits on top of an expanding compliance architecture that has been under construction since the CHIPS and Science Act of 2022 and National Security Presidential Memorandum 33.
NSF Important Notice No. 1493, updated November 24, 2025, established research security assessments, mandatory training (effective December 2, 2025), prohibitions on malign foreign talent recruitment programs, and foreign financial disclosure reporting for gifts and contracts from countries of concern. NSF’s requirements are formal, documented, and tied to specific statutory authority.
NIH’s co-authorship directive, by contrast, appears to lack any of those anchors. It is not (so far) tied to a Federal Register notice, a specific statutory provision, or a formal agency-wide policy update. NIH calls it a clarification of longstanding IDeA policy. Grantees outside IDeA are receiving the same instruction. That gap between what NIH says publicly and what NIH staff are telling individual PIs is the core ambiguity, and it is the ambiguity that compliance offices have to resolve without guidance.
The second-order consequence is predictable: labs that publish regularly with EU, UK, Canadian, and Chinese collaborators will face the most friction. The compliance cost per paper will push some collaborations below the threshold of viability, not because the science is sensitive, but because the administrative overhead of clearing each co-authorship exceeds what the collaboration can sustain. Research offices that build a working pre-submission gate quickly will protect their PIs’ publication records. Those that wait for formal guidance may find their grant portfolios quietly eroded by progress-report deletions in the meantime.
Frequently Asked Questions
Is the $50,000 foreign disclosure threshold from NSF’s rules mirrored in NIH’s co-authorship policy?
No. NSF Important Notice No. 149 requires disclosure of foreign gifts and contracts exceeding $50,000 from countries of concern, with a defined statutory basis in the CHIPS and Science Act. NIH’s co-authorship directive has no dollar threshold and no published country list—it sweeps in any foreign institutional affiliation, including EU and UK collaborators. PIs holding both NSF and NIH awards must track two entirely separate disclosure regimes.
Can one training certification satisfy the security requirements across multiple federal agencies?
Yes. The SECURE Center’s condensed training module is recognized as compliant by all five major research-funding agencies—NSF, NIH, DOE, DOD, and USDA. A PI with cross-agency funding needs only one certification to satisfy the training mandate across every award, though NIH requires it within 12 months of each application submission.
When does NIH’s Foreign Interference Assessment Tool require formal mitigation strategies?
The tool’s decision matrix defines three tiers: when NIH may request additional information, when mitigation strategies are required, and how disclosures affect funding decisions. It was built for grant-application-stage review, not the manuscript-submission stage where the current co-authorship pressure is landing, so it does not address the pre-clearance scenario PIs now face.
Does the co-authorship directive apply only to collaborators from countries of concern like China?
No country list has been published. NIH has not specified which foreign affiliations trigger the requirement, and the directive’s scope—communicated informally to individual grantees—covers any foreign institutional affiliation. Labs with steady EU, UK, and Canadian collaborators face the same per-paper clearance friction as those working with Chinese institutions.
Are preprints and conference abstracts subject to the same clearance requirement as journal articles?
Because the requirement is being conveyed through individual grantee contacts rather than a formal policy document, there is no written guidance distinguishing between publication types. Preprint servers, conference proceedings, and working papers could all fall under the same pre-clearance obligation absent formal NIH clarification. PIs should assume the broadest scope until an agency-wide directive is issued.