Unveiling the European Union’s Major Economic Security Update: Is a True Geopolitical Commission Emerging

Commentary by Emily Benson and Federico Steinberg

Published December 4, 2025

On December 3, 2025, the European Commission unveiled a comprehensive update to its Economic Security Strategy, originally introduced in 2023. The European Union, along with countries like Germany and Japan, remains one of the few major actors to maintain and publish an economic security strategy. The newest update, which complements the EU preparedness strategy unveiled in March 2025 and the update of the original strategy of 2024, is a more sober and "assertive" approach to economic engagement than the ones previously unveiled.

The strategy aims to assess where the bloc maintains dangerous dependencies, but also where others depend on it. The updated text focuses on six priority areas: (1) strengthening resilience and counteracting harmful dependencies; (2) securing inbound investment; (3) supporting a vibrant defense industrial base; (4) maintaining leadership across critical technologies; (5) preventing harmful data leaks; and (6) mitigating risk associated with critical infrastructure.

Overall, the new strategy focuses heavily on risk calculation and resiliency methodology, a trend that has proliferated in the corporate sphere since the Covid-19 supply chain disruptions. The latest EU strategy partly focuses on sectoral initiatives, which "will be used to build up the EU's own capacity and strategic capabilities in the high-risk areas identified in the risk assessment process." It will be interesting to see how the European Union proceeds with determining risk and, in turn, identifying priority sectors. The strategy lays out a core methodology, which roughly deems a 60 percent supply chain dependency as high-risk. However, without full supply chain visibility, including deep knowledge of Chinese economic activity several tiers into a supply chain, it will be difficult to ascertain where risks are most acute. Having an accurate-or at least more detailed-picture of risk exposure can directly inform which segments of a supply chain require additional funding or support.

The Competency Question

The European Union has long struggled to formulate a security-driven strategy because national security competencies-like those on foreign policy-sit with member states, whereas trade (and some investment) policy sits with the European Commission. Recent U.S. extraterritorial controls on advanced semiconductors, for example, ran through The Hague rather than Brussels, confusing efforts at the time by the European Commission to stand up a more uniform approach to both export controls and investment screening-two policy areas deeply intertwined with trade, investment, and security. Several elements of the new strategy offer ways to bridge this gap. However, the updated strategy is still a coordination effort, not a legal text, precisely because economic security is part of national security, a national prerogative according to European treaties.

One provision calls on member states to create national economic security advisers that would function akin to an interagency committee. This group of senior government advisers would identify risks and suggest risk mitigation methods. The establishment of this advisory group is in addition to establishing an Economic Security Information Hub inside the intelligence division of the European External Action Service, the European Union's foreign policy wing. Another very concrete and useful EU recommendation is to create a trusted adviser committee of private sector experts, which in turn can provide real-world supply chain data, the absence of which has frustrated past resiliency efforts. While infusing national and economic security competencies will remain a long-term and highly political process, these new measures, when combined, could significantly boost economic intelligence capabilities throughout the European Commission.

Similarities with the United States

A few updates align the European Union more closely with the United States on key priorities. One relates to preventing access to sensitive data. Through this new approach, the European Commission is adopting an instrument similar to one deployed under the Biden administration that sought to constrain the outflow of sensitive commercial and personal data that can be used for nefarious geopolitical ends or to imperil long-term national security. This represents a concrete recognition of data flows as potentially harmful not only in the civil liberties sense but also in the national security domain.

Another major component of the update is that it coincided with the launch of ResourceEU, which allocates €3 billion to critical mineral efforts over the next 12 months, as part of the 2023 Comprehensive Critical Minerals Act. Among other geopolitically noteworthy attributes, ResourceEU will provide funding for a "strategic project" of national security importance in Greenland. This initiative will pool aggregated demand for critical minerals and also work with member states to coordinate stockpiling. The core objective is to reduce dependencies by half by 2029, an ambitious goal that, if realized, could significantly weaken China's stranglehold over the global economy.

A crucial difference with the U.S. approach, though, is that the EU strategy is still "country agnostic," which means it does not mention China explicitly as a threat. This happens in a context in which the European Union, besides trying to de-risk from China (and deter Russia), is also contemplating de-risking from the United States.

What the United States Can Learn from the European Union

The United States can learn from the European Union in ways big and small. At the macro end of the spectrum, a striking feature of the European Economic Security Strategy is that it exists at all. With 27 countries and no national security competencies, the document is an impressive feat. The closest U.S. equivalent is the Quadrennial Supply Chain Review, completed under the Biden administration. The U.S. Quad Report, mandated by executive order following Covid-19 disruptions, captured four years of U.S. government efforts to build more resilient supply chains. While overtly focused on averting future disruptions of pandemic nature, the report captures more systemic anxieties about relying on countries of concern and maintaining single-source supplies in critical sectors. A document that takes stock of current vulnerabilities and evaluates the suitability of legal instruments for countering economic coercion in a context of increased weaponization of the global economy would no doubt benefit U.S. policymaking.

The United States can also learn from the European Commission on information-gathering, a central feature of the updated strategy. The European Commission "speed up the mapping of strategic dependencies along value chains that lead to vulnerabilities for the European Union's economy and strengthen monitoring and anticipation of third country actions to create new dependencies or sustain existing ones." Indeed, strategic foresight, particularly in relation to retaliatory trade measures, should be a core function of any government. The European Union learned this lesson the hard way in the fall of 2025, when the Dutch government invoked a dusty statute to claw back semiconductor company Nexperia from Chinese ownership. Not only did the Chinese respond, but they took an unusually strong posture: For the first time, the Chinese government invoked facility-level export bans that prevented all Nexperia exports from exiting the country. The strategic error in clawing back a strategic asset (which Germany probably wishes it could invoke to reclaim KUKA robotics) lies in the government's failure to plan for retaliation.

U.S. efforts to gain information about supply chain vulnerabilities are often thwarted by the private sector's reluctance to share additional information with the government. To the extent the U.S. government does succeed in obtaining necessary information, it is often siloed across specific teams, sometimes leaving teams in the same agency unaware that the information already exists. The United States also lacks a reflexive muscle for scenario-planning. This was made viscerally clear in the April tit-for-tat trade exchange between the United States and China, where the world economy peered briefly, to quote CSIS's William A. Reinsch, into a downward "death spiral" with seemingly no end in sight. Building-and maintaining-an agile muscle for these assessments would benefit overall strategic planning. Due to staffing constraints at the National Security Council, such a team could instead coordinate from the Department of State's Office of Policy Planning.

The United States should also take this opportunity to refurbish its own economic intelligence capabilities. State-level economic security engagement has been relatively scant; most governors, for example, lack proactive ways to mitigate risk associated with foreign investments, whether land acquisitions near sensitive installations or acquisition of surveillance tech that produces long-term strategic vulnerabilities. Additionally, the United States has recently dismantled a number of technical advisory committees (TACs), including at the Bureau of Industry and Security (BIS). While TACs have had varying degrees of relevance over time, establishing a cleared adviser system for matters of economic security would benefit the country in the long term, not least because it builds trust between the government and the private sector.

In addition to considering additional economic security outreach at the state level and revisiting a cleared adviser system, the United States should continue to work toward declassifying information where possible. A persistent problem, particularly relating to export controls and advanced semiconductors, is that allies and partners have been left with incomplete information about the underlying justifications for trade restrictions. More liberally releasing certain information-under strict security parameters-could improve trust and foment greater economic security cooperation.

Parting Thoughts

There is more to come, both from the European Union and the United States. As part of its economic security announcement, the European Commission previewed other forthcoming initiatives aimed at inducing greater resiliency. This includes Security Action for Europe to boost defense industrial base resiliency, the Cloud and AI Development Act to bolster sovereign tech capabilities, a CHIPS 2.0 Act to secure additional semiconductor production capacity, and other measures pertaining to renewable energy, critical raw materials, and the acceleration of industrial capacity. All this is happening in a context in which the European Union is trying to improve the functioning of its single market by simplifying regulation and polishing its capital markets union to increase economic growth. The perception in Brussels is that without these measures, the European Union risks becoming a playground of U.S.-China rivalry instead of a player in the international political economy.

On the U.S. side, despite a relatively stable-if temporary-economic détente with China, additional measures aimed at de-risking are all but certain. These include existing measures soon entering into force, such as the NDAA Section 5949 provision to de-risk from Chinese semiconductors or new BIS Office of Information and Communications Technology and Services investigations into connected devices.

As long as vulnerabilities persist, the European Union and the United States will continue to pursue mitigating measures. The open question for now is how closely the two will collaborate and which risks may soon intercede.

Emily Benson is a senior associate (non-resident) with the Europe, Russia, and Eurasia Program at the Center for Strategic and International Studies (CSIS) in Washington, D.C. Federico Steinberg is a visiting fellow with the Europe, Russia, and Eurasia Program at CSIS.

Programs & Projects