The Remote Access Security Act amends the Export Control Reform Act of 2018 (ECRA) to establish controls over remote access to certain items subject to U.S. jurisdiction. This legislation aims to prevent foreign adversaries from remotely accessing sensitive U.S. technology and data through cloud infrastructure services, thereby addressing evolving national security and foreign policy threats. It defines "remote access" as access by a foreign person of concern from outside the U.S. to items on the Commerce Control List via cloud infrastructure, where such use poses a serious risk to national security. Specifically, the bill targets remote access that could facilitate the training of artificial intelligence models for designing weapons of mass destruction, conducting offensive cyber operations, or enabling surveillance that undermines human rights. A "foreign person of concern" includes governments and entities from countries like China, Russia, Iran, and North Korea, or individuals subject to their jurisdiction. The bill integrates these new controls throughout the ECRA, affecting policy statements, presidential authority, licensing requirements, compliance, penalties, and enforcement actions. The authority to impose these controls is set to terminate after 10 years. Furthermore, the Secretary of Commerce is mandated to keep Congress informed about the promulgation of related regulations, including their national security rationale and economic impact. The bill also requires a comprehensive report within one year, assessing implementation, recommending ways to streamline licensing, and ensuring consistency and clarity in these new export controls.