The White House’s Framework for Nucleic Acid Synthesis Screening requires companies working with academic institutions, federal contractors, and government partners to attest to screening. Compliance is crucial to avoid contract disruptions and reputational risks.

In this guide, we will walk you through the process and help you prepare for the October 2024 deadline.

The synthesis screening process

The screening process generally includes: defining the scope of covered products, assessing your current compliance position, preparing your team, integrating screening into existing workflows, preparing for attestation, and staying on top of evolving practices, research, and regulations. We’ll break down each step in the following sections:

1. Define the scope of covered products

Synthetic nucleic acid products synthesized directly or received from a third party and distributed are covered by the framework, including genes, oligos, viral vectors, and plasmids. This applies to both research-grade and cGMP/GMP-grade products.

If you receive federal funds directly through a federal contract or grant, or indirectly through a customer like a university or federal contractor, you need to prove your screening compliance starting in October. You also need to identify your vendors of covered products and ensure they have a screening attestation.

2. Assess your current compliance position

Next, evaluate your organization’s biosecurity compliance by assessing current practices in customer and sequence screening.

Customer screening helps life sciences vendors identify potential risks and ensure responsible product and service use. Here's what you need to consider:

Watchlist Screening

Implement a robust system to screen customers against relevant watchlists:

• Bureau of Industry and Security (BIS) lists of parties of concern
• Bureau of International Security and Nonproliferation sanctions list
• Directorate of Defense Trade Controls debarred parties list
• Office of Foreign Assets Control (OFAC) sanctions lists
• Other international and biosecurity-specific watchlists

Legitimate Use Assessment

This is a critical aspect of customer screening in biosecurity and involves a thorough Know Your Customer (KYC) and Know Your Business (KYB) process tailored for life sciences:

• Verify the identity and credentials of researchers and institutions, including history, affiliations, and documentation establishing the institution’s legal status.
• Ensure the nucleic acid order matches the customer's known research activities.
• Assess the potential dual-use applications of the requested nucleic acid products and confirm that the end-use matches declared intentions.
• Review supporting documentation, including: Federal awards or grants, Institutional biosafety committee (IBC) approvals, Federal Select Agent Program (FSAP) licenses, and proof of appropriate biosafety level facilities.

Customer screening and legitimate use assessment work with your sequence screening processes to mitigate biosecurity risks.

The assessment focuses on identifying recombinant products containing regulated agents, such as export-controlled materials or select agents. Sequence screening includes:

Identifying Sequences of Concern (SOCs)

Regulated nucleotide or amino acid sequences, such as those in the Biological Select Agents and Toxins (BSAT) list or the Commerce Control List (CCL) except when the sequence is identical to a sequence found in an unregulated organism or toxin.

• For U.S.-based orders of BSAT-regulated agents, you may need to verify the recipient’s registration with the U.S. Federal Select Agent Program.
• For international orders of CCL regulated agents, you may need an export license with the originating country’s export authority.

Detecting Potential for Assembly

When multiple synthetic nucleic acid sequences are ordered by the same customer, screening methods should detect the potential for sequences to be assembled into SOCs.

Retaining Records

Orders with SOCs should be archived for a minimum of three years, including customer contact, sequence, and order information (e.g., data placed and shipped, shipping address).

3. Prepare your team

Achieving and maintaining biosecurity compliance requires a combination of people and technology. This includes implementing sanctions and watchlist screening software to vet customers, DNA/RNA screening tools to identify regulated genetic materials, and researcher verification systems to authenticate client credentials.

Consider training your support staff or assemble a dedicated team to review and verify orders, especially for non-automated processes. If in-house expertise is limited, consider partnerships with external vendors that specialize in biosecurity compliance to bridge any gaps.

4. Integrate screening into existing workflows

Effective biosecurity compliance involves multiple systems and departments in your organization.

Start by incorporating biosecurity screening into customer-facing tools such as your ordering platform. Integrate with internal systems, including your Customer Relationship Management (CRM), Order Management System (OMS), Enterprise Resource Planning (ERP), and Manufacturing Execution System (MES), to ensure biosecurity checks are part of your operational processes.

Certain elements of your screening compliance require action from your product, customer support, sales, and R&D teams. Each team plays a unique and critical role in the process:

Product

Evaluate how biosecurity screening impacts current customers and determine the best time to introduce these checks in the product experience.

Customer Support

Equip the team with tools and knowledge to evaluate orders and follow up on flagged items. Orders with suspicious activity should be paused and reported to your local Weapons of Mass Destruction (WMD) Coordinator at the nearest FBI Field Office.

Sales

Ensure the team understands compliance measures to effectively communicate your organization's biosecurity posture to customers.

Research & Development (R&D)

Position R&D as a central support unit. R&D should work closely with Product and Support teams to implement and refine screening methods, leveraging their technical expertise to enhance biosecurity measures.

5. Prepare for your attestation 

Allocate more time than you expect for the full implementation process, including system integration, testing, and the official launch of your biosecurity solution.

When you’re ready, prepare for the assessment and complete your attestation. Use the NIST Conformity Assessment to validate your biosecurity measures and fulfill the requirements for your attestation.

By completing the attestation, you’re making a formal declaration of your compliance, ensuring you meet regulatory requirements and building trust with customers.

6. Stay informed about evolving practices, research, and regulations

Consider joining the International Gene Synthesis Consortium (IGSC). Membership provides ongoing access to biosecurity resources and best practices.

You should also consider establishing a relationship with your local WMD coordinator at the nearest FBI Field Office before a flagged order occurs. This will help you develop criteria to determine when not to fill an order and stay compliant by reporting suspicious activity.

Get started on your screening compliance

With Aclid, you can streamline your screening process and automate more than 80% of the work. Here’s what automated screening looks like:

• Integrate your ordering platform and internal systems with the Aclid platform through built-in integrations or our API.
• Screen customers by name, institution, and address against relevant watchlists.
• Screen your sequences against all major international biosecurity lists.
• Automate your legitimate use assessment with our real-time researcher verifications.
• Assess your risk from one unified view.
• Identify and fulfill trade compliance requirements on the platform.

With Aclid, you can save valuable time and money on screening compliance. Learn how you can get your screening attestation faster by requesting a demo.

Subscribe to our newsletter for regular industry and regulatory updates.