Eight Elements of Effective Export Control Compliance
The export of goods and services is an inevitable part of the economy. The Internet and other modern technology make it very easy to market, sell, and transfer goods to other countries. We can purchase almost anything on the Internet, including dual-use items that the US government considers sensitive in terms of national security. In 2018, US companies exported goods worth approximately $1.7 trillion, of which 0.4 percent was exported under a Bureau of Industry and Security (BIS) license. Restricted transfers are only a small fraction of US exports, so people rarely discuss these regulations. As a result, many companies, especially small companies and start-ups, tend not to be compliant with ITAR and Export Administration Regulations (EAR). Especially space startups are exposed to punitive sanctions for lack of compliance. The purpose of the short article is to raise awareness of the actions necessary for EAR compliance and give some pointers based on BIS guidelines to build effective corporate export control policy.
- Management Awareness and Commitment
Whenever a company shares goods, software, or knowledge with a foreign counterpart, the management must consider whether the export transaction is in compliance with the International Traffic in Arms Regulations (ITAR) and/or EAR. These regulations are applicable to all companies regardless of the volume of the export activity. Even one single isolated transaction may trigger compliance obligations. Therefore, company management should consider export compliance each time a transaction involves some international element.
If a company has continuous international exposure, management must make a serious commitment to building an effective compliance policy. It must ensure that its compliance managers have the resources, budget, and tools to monitor and run the compliance program. It must also monitor the relevant agencies’ activities and follow changes in regulations.
2. Risk Assessment
The BIS administers and enforces export controls on dual-use and certain military items, including such item’s parts and components. Dual-use items are commodities, software, or technology that have both commercial and military or proliferation applications. Many components of every day materials are listed as dual use. For example, carbon fiber is used to manufacture golf clubs, tennis rackets, and bicycles, but at a certain grade, carbon fiber can be used to make nose cones for long-range missiles or rotors in centrifuges that enrich uranium. Therefore, a company must be able to identify preventable risks and build safeguards to minimize vulnerabilities. Compliance managers need to know the potential alternative applications of their company’s products, and they need to know as much about their customer as is possible.
3. Export Authorization
Export authorization includes determination of jurisdiction, item classification, license determination, and a customer screening process. When determining which agency can exercise jurisdiction over the transaction, the first step is to review the US Munitions List (USML). The USML is a list of critical defense articles and services. If the item is listed on the USML, it is subject to ITAR. If the item is not listed on the USML, you must ensure that it is not subject to another agency’s jurisdiction before concluding that it is subject to EAR. Other relevant agencies with export jurisdiction include the Treasury Department, the Office of Foreign Asset Controls, Nuclear Regulatory Commission, the Department of Energy, and the Department of Defense.
Once it is determined that the item to be exported is subject to EAR, the classification is determined by reviewing the Commerce Control List, which is prepared by the Department of Commerce’s International Trade Administration. The exporter may use BIS website to classify the item; or exporter can ask the manufacturer or supplier to provide the item’s classification. Alternatively, the exporter may submit a formal classification request to the BIS in which case the BIS officials make the product classification. In case of defense articles and defense services, the Directorate of Defense Trade Control has a similar procedure to help determine whether an article or service is covered by the U.S. Munition List. This procedure is called commodity jurisdiction procedure. Formal classification request and commodity jurisdiction procedure are great tools for beginner traders to properly classify their products.
Once the exporter has classified its item, it can determine whether a license is required. The fact that the item is subject to EAR does not automatically mean that a license is required. The license requirement is determined by the following criteria: the item, the destination end user, and the end use.
Finally, the exporter must follow a rigorous KYC (know your customer) policy. Employees must be able to identify red flags such as orders for items that are inconsistent with the purchaser’s needs or a customer that declines customary installation/testing that is normally provided by the seller. Online databases like the Consolidated Screening List are valuable tools for KYC background checks.
4. Record Keeping
Exporters are required to keep a record of exports for five years. The company must ensure that its record keeping and retention policies are in compliance with all the relevant agencies’ applicable requirements.
5. Training
Training is the most important element of a company’s compliance program. Training should be job specific and focused on the area of compliance that is relevant for the employee in that job. For example, a salesperson needs to know which countries require an export license, but they are less concerned about export clearance requirements. As mentioned earlier, employees must be able to identify red flags. It is essential that the training program include best practices and examples of suspicious customer behaviors that would help reduce risks and vulnerability.
6. Audits
The purpose of an audit is to identify deficiencies, risks, and inconsistencies between policies and practices in the compliance program. We advise engaging a third-party auditor to review the company’s compliance program and point out its strengths and weaknesses. The auditing firm can provide valuable input to improve the compliance program.
7. Export Violations and Corrective Actions
Sometimes inadvertent violations occur in reporting and compliance. The company program must include clear policies on what action should be taken to correct violations. Voluntary self-disclosure is a very important corrective measure. The disclosure report can be submitted online through the BIS’s website. The disclosure report reveals potential damage to national security and the information included in the report may help prevent future or ongoing security threats. Even if the law imposes strict liability to the exporter to comply with the regulations, practices show that 99 percent of the cases close with warnings or no action if the company discloses the violation, cooperates with the authorities, and takes preventative measures to avoid future violations.
8. Create and Maintain a Manual
Companies are strongly encouraged to develop an export compliance program (ECP). The purpose of an ECP is to create a series of procedures that help organizations operate their export activities in accordance with the EAR. The program must be company specific and incorporate all relevant export-related regulations. An effective ECP helps organizations integrate requirements from export controls with their business operations. This minimizes the risk of violating EAR and streamlines export operations.
In summary, violation of export-control regulations may lead to serious civil and criminal liability, and the company could lose its export privileges. Most importantly, these rules serve an important national security interest and help prevent terrorist activity. Therefore, compliance is important not only to avoid penalties but also to help protect our society. Compliance could be overwhelming especially for small businesses and start-ups, but experienced professionals can build a scalable program tailored to the business’s needs and financial means.