Skip to main content

View more from News & Articles or Primerus Weekly

Written By: Alan M. Dunn, Jennifer M. Smith & Jumana M. Misleh

Stewart and Stewart

Washington, DC

U.S. Export Control Laws: 5 Things Every Company Engaged in International Transactions and Trade Should Know and Best Practices for Compliance

This is the first in a series of articles by Stewart and Stewart on Best Practices in International Transactions and Trade.  In this first article of the series, we address what every company engaged in international transactions and trade needs to know about U.S. export control laws covering commercial products, software, and technology as well as export controls covering defense related products and technical data and best practices for compliance with these laws.

Do you engage in international transactions or trade?  Are you a U.S. business that employs or regularly works with any foreign national who is not a lawful permanent resident or asylee?  If the answer to either of these questions is yes, you need to know about the U.S. export control laws, and the best practices for complying with them.

Five Things Every Company Engaged in International Transactions and Trade Should Know About U.S. Export Control Laws

1.  The export control laws cover a wide range of goods, software, technology and technical data.

Export controls are restrictions on exports that have been implemented to advance certain U.S. interests, such as anti-terrorism, non-proliferation of weapons, weapon-making materials and technologies, as well as other national security concerns.

The Export Administration Regulations (EAR) are administered by the Department of Commerce’s Bureau of Industry and Security (BIS) in accordance with the export controls set forth for each of the items listed on the Commerce Control List (CCL).  A basket category under the CCL — EAR99 — covers everything not specified or controlled by another agency (e.g., nuclear materials or munitions).

The International Traffic in Arms Regulations (ITAR), which are administered by the State Department’s Directorate of Defense Trade Controls (DDTC), control exports of defense/military and space items and related parts, components, accessories, attachments,  technical data, and services listed on the U.S. Munitions List (USML).  Manufacturers (even those that do not export) as well as exporters and brokers of items listed on the USML must register with the State Department.

The Department of Energy and the Nuclear Regulatory Commission administer nuclear export controls, and the ATF administers controls regarding permanent imports of items listed on the U.S. Munitions Import List.

 2.  Releasing controlled technology, technical data, or software source code to a foreign national is “deemed” to be an export to his or her home country, even if the person is inside the United States.

Under the U.S. export control laws, if a license would be required to export technology, technical data, or software source code to a given country, you also need a license before you can release it to a national of that country, even if the person is located in the United States or in a country that would not require a license.  This rule applies to all foreign nationals other than lawful permanent residents or protected persons (e.g., persons granted asylum) under 8 U.S.C. § 1324b(a)(3), including employees of U.S. companies.

Under the export control laws, the meaning of “release” is very broad and can cover visual inspection by a foreign national of documents, equipment, or facilities; talking with a foreign national about controlled technology, technical data, or software source code; providing tech support to a foreign national; or the ability of a foreign national to physically and/or electronically access controlled technology, technical data, or software source code.

3.  Right now, export controls are changing in a major way (but not going away entirely).

Right now, a major export control reform effort is being implemented.  Through this effort, certain items have transitioned from coverage under the USML to the CCL, and other items will transition soon.  The new reforms, however, will not de-control items that were previously controlled.

4.  The laws control certain items even after they cross the border.

U.S. export control laws also apply to so-called “reexports” of certain items to a third country or a national of a third country after the initial export.

5.  Violations of export control laws can result in severe civil and criminal penalties.

A violation of the ITAR can result in criminal fines of up to $1 million, up to 20 years in prison, and/or civil penalties of up to $500,000.  As currently enforced, a violation of the EAR can result in criminal fines of up to $1 million, up to 20 years in prison, and/or civil penalties of up to $250,000 or twice the amount of the transaction.

In many instances, violations of the export control regulations are also accompanied by mistakes on export documentation submitted via the Automated Export System (AES).  Submitting incorrect information via AES is a violation of the Foreign Trade Regulations and may result in civil penalties of up to $10,000 per violation and for knowingly submitting false information, criminal fines of up to $10,000, imprisonment up to five years, or both.

Best Practices for Compliance with Export Control Laws

  1. Determine the classification of all products manufactured or exported and all technology or technical data to which foreign nationals have access based on up-to-date versions of the regulations before each export or “deemed export” (i.e., know what Export Control Classification Number(s) (ECCNs) and/or USML Categories are applicable to your products and technologies).
  2. If you are acquiring materials, products, software or technology, obtain and document relevant export control classification information from your suppliers.
  3. Obtain formal classification determinations by submitting Commodity Classification requests to BIS and/or Commodity Jurisdiction requests to DDTC.  (Note:  Make sure your classification determination(s) is (are) from the correct U.S. agency because reliance on a Commodity Classification determination from BIS alone will not immunize you from liability if the item exported is later determined to be ITAR-controlled.)
  4. Maintain full and accurate records of each export or reexport transaction for at least 5 years.  For ITAR-controlled items, defense services, and political contributions, also maintain records concerning the manufacture, acquisition, and disposition for at least 5 years.
  5. Adopt a formal compliance program, consisting of:
    a. A formal, written policy statement from the Chairman, Chief Executive Officer, and/or President disseminated to all employees, and particularly employees involved in export transaction-related functions.
    b. Conduct continuous risk assessments for potential violations.
    c. A detailed, formal, written export compliance manual that serves as the standard operating procedure guidelines for all employees.
    d. Identification of individuals responsible for administering the compliance program, including a contact person for anyone with questions, concerns, or information about compliance and a person responsible for maintaining compliance related records.
    e. Initial and ongoing training of all employees involved in export-related functions.
    f. Documented compliance safeguards regarding product development, manufacture, jurisdiction and classification determinations, sales, license decisions and licensing, supply chain, servicing channels, and post-shipment activity.
    g. Documented screening of all employees, contractors, customers, products, transactions, end-uses, end-users, final destinations, shipping procedures, and terms of sale.
    h. Formal, written procedures for addressing “red flags.”
    i. Formal, written procedures for record-keeping.
    j. Internal and external monitoring and audits of export compliance, compliance procedures, and the company’s compliance with the procedures.
    k. Procedures for promptly and properly handling and reporting export compliance problems and violations and taking corrective actions. 

6.  Develop a formal customs AES training manual and train employees responsible for filing export documents via AES.

7.  Provide your foreign customers with the export control classification (ECCN or USML Category) of items to be exported.

8.  Know whether your foreign customers will reexport controlled items, technology, or technical data and whether your foreign customers are obligated to obtain licenses.

9.  Request a copy of any required licenses from your foreign customers.  Failure of a foreign customer to honor such a request is a “red flag” indicating that an export may be destined for an inappropriate end use, end user or destination.

10.  Monitor BIS and DDTC Federal Register notices for changes in applicable controls and update your classifications, compliance manual, and training accordingly.

11.  If you need outside help, get it.

For more information about Stewart and Stewart, please visit the International Society of Primerus Law Firms.

Disclaimer:  This material is for the reader's information only. It is not to be construed as legal advice.