Regulators Talk Export Control

Laws put in place to keep sensitive technology secrets away from unfriendly nations or to restrict companies from doing business with enemy regimes and individuals can be a compliance minefield for companies that operate around the globe. And regulators have stepped up their efforts to crack down on scofflaws.

A trio of regulators from the Commerce, Justice, and Treasury departments appeared at the Compliance Week 2011 conference to offer their advice on preventing such export-control violations, and on reporting them when a violation does occur.

Jonathan Poling, a trial lawyer in the Justice Department's National Security Division, said the first step is to put your export controls officer in the right place within the company. That person should be part of the internal audit or compliance function, he said, and should move beyond once-a-year training via PowerPoint presentation. “The export control officers in the good companies I see are going out there, they understand what the staff is doing, they know the people, and they know what they're dealing with,” he said.

The panelists all agreed that coordinating an export-control compliance program across a geographically diverse area is the biggest challenge facing companies today. “You can't … just have ‘Compliance in Canada' and ‘Compliance in North America' and never have those two talking to each other,” Poling said. Globalized corporations with business units following different compliance programs in different areas of the world are particularly vulnerable, he warned.

That exercise of sitting in the corporate parent, trying to view all export-control rules from various regulatory regimes holistically rather than the rules applying to your home country, can be hugely difficult, Poling said.

For example, the control lists for the European Union and the United States don't necessarily align—so what might be a legal transaction in one part of the corporation could raise red flags elsewhere.

“In a lot of situations that we encounter, when you have a compliance program that is following E.U. control laws, but ordering stuff from the U.S., and that European unit is dealing with places like Iran—their solution is to not tell the U.S. company what they're dealing in, because that's how they think they can comply with it,” said Poling. “So we're seeing all sorts of false documents filed with the U.S. government about where this is going.”

When breakdowns do occur, the panelists urged companies to self-report.“If you think there's been an issue, the best advice is to disclose and to engage the agency right away,” said Rick Shimon, a criminal investigator in the Commerce Department's Office of Export Controls.

And Thomas Feddo, acting associate director for enforcement at the Office of Foreign Assets Control, said the proof is in the numbers: “More than 75 of the penalties that we've administered every year have been in cases where there was no voluntary disclosure and where we found out about the violation in another context.” 

One fast-moving challenge for export-control compliance is how to handle OFAC's Specially Designated Nationals list, a compendium of shady characters the government considers red-flags for possible money laundering. The list, which is featured on OFAC's website, is updated several times per week. “There are a lot of software products to keep updated; if you're not a sophisticated entity, you can download that list on a regular basis and do a text search on foreign entities that you're doing business with, Feddo recommended.

“If you think there's been an issue, the best advice is to disclose and to engage the agency right away.”

—Rick Shimon,

Criminal Investigator, Export Controls Office,

Commerce Department

Shimon was also asked to explain the new “deemed export” Form I-129 requirement, which “is going to be a big deal coming up,” he said. This measure applies to companies that bring foreign persons into the United States as employees, who then work on some sensitive technology the government would rather keep in the confines of the United States. Should that person return home to a questionable country—China, Iran, or Pakistan, for example—that technology is a deemed export and could be a violation.

“We have a declaration now when you do the visa application for those folks coming in, that talks about export compliance and asks that you have affirmatively determined the export requirements for the technology that you're going to be talking about,” Shimon explained. “That goes an awful long way in establishing that knowledge [of a violation] and that you actually commit a willful act by bringing them in.”

Shimon urged anyone who hasn't heard about the requirement, which “circulated around the bar with wildfire speed,” to check it out.

The Obama Administration has begun a push for dramatic overhaul of the export-control regime, which would generally establish fewer, clearer controls, and much stricter penalties, Poling said. The down-side: “It's still in the sausage-making process,” Poling said. “Some folks on the Hill are not very optimistic about the prospect of actually getting it done.”

At left, Jonathan Poling, a trial lawyer in the Justice Department's National Security Division, spoke on the export officer's role, while Rick Shimon, special agent in charge at the Department of Commerce, listened in.

Poling did recommend, however, examining a Nov. 9 executive order from the White House that establishes—“at least on paper”—the Export Enforcement Coordination Center. This center, to be administered by the Department of Homeland Security, would “coordinate on matters relating to export enforcement” among relevant agencies, according to the document. “From a conceptual standpoint, it's going to make industry's life a little bit easier, if it works,” Poling said. “At this stage, one of the primary motives of this is to coordinate industry outreach, so that you will have one person coming to you on behalf of the U.S. government.” Given that federal agencies still send so many different messages to companies, the center would represent “a huge step forward,” he said.

Compliance officers in the audience were eager to know which companies do export control well. One sector worth emulating, Shimon said, is the overnight-delivery business.

“They deal in tremendous overseas volume, they have some of the best screening, they have some of the best compliance programs—and frankly, when you look at their numbers for compliance versus the amount of product going out the door, it appears they're doing a remarkable job,” he said. Banks are also very good at complying with the rules, Poling added—“going forward, at least.”

Attendees also heard from Thomas Feddo, acting associate director at the Office of Foreign Asset Controls.

The audience also asked for guidance on how to handle resellers or overseas partners who might be selling goods to prohibited destinations, or might be violating anti-boycott laws in the Middle East or elsewhere.

Poling reassured the audience that firms with good internal compliance programs that have sold to a questionable reseller “are never more than a witness in these cases, and in some cases, victims of a fraud perpetrated on them.”

He even went a step further: “We're hoping to have U.S. companies do front-line detection for us. Often they hear in the industry that something that they've sold went to some place it shouldn't have and their initial reaction is to hunker down, to say ‘We did something wrong'—when in reality, they didn't know. They were just selling to a company in Singapore or Hong Kong.”