Armed for compliance
Rules of engagement

Armed for compliance

Failing to comply with U.S. and EU laws over the sale of defense products, services and the protection of data can result in millions of dollars in fines and even land some in prison. What's the best defense for your company?

An industry on the radar

In late 2017, Airbus made headlines when it reported to American authorities certain ‘’inaccuracies’’ in past statements to the U.S. State Department over the sale of defense products and services.

It’s been widely reported that the U.S. export rules that may have been broken fall under the International Traffic in Arms Regulations, or ITAR, which requires Airbus and any other company engaged in similar business to provide information on third-party agents used to win export deals.

Though companies that violate such restrictions can face fines to the tune of $500,000 per violation, nothing has been decided in the Airbus case by U.S. authorities.

The Airbus announcement though underscores a rash of high-profile ITAR cases in recent years where companies have found themselves on the wrong side of U.S. trade compliance laws.

In fact, experts at AEB, one of Europe's leading providers of supply chain logistics software, say there are common reasons companies can come under fire from regulators, including:

  • A conscious decision to circumvent ITAR regulations.
  • A lack of understanding for recent changes to the regulations.
  • A failure to understand that the laws not only cover the physical movement of goods but the transfer of sensitive data.
  • Insufficient master data maintenance. Some companies don’t properly classify products under ITAR and other similar regulations.
  • And a lack of understanding by non-U.S. firms as to what is expected of them under U.S. law.

‘’I think that most companies dealing with sensitive goods have a general understanding that they may require licenses for the export of these goods,’’ said Mark Brannan, AEB’s International Business Development Director. ‘’However, there is confusion among some companies relative to which legislation applies, ITAR or EAR (Export Administration Regulations). And, some companies are unaware that the control of sensitive data is at least as important as the control of physical goods.’’

Solutions for ITAR challenges

AEB has been delivering solutions to customers for over thirty-five years. The company has over 5,000 customers worldwide, supported by offices in the UK, Germany, Singapore, Switzerland, Sweden, the Netherlands, Czech Republic, France, and the US.

In 2016, AEB released a new software module for efficiently managing goods under ITAR. The product was designed to meet the latest needs of aerospace and defense businesses to automate and safeguard global trade processes in line with U.S. laws.

The company’s ITAR and EAR products, like its other compliance solutions, secure logistics processes against risks and so help companies avoid unintended violations and the potential penalties associated with them.

AEB’s solution suite is fully-integrated into standard business processes. Administrators are able to ensure compliance from the initial point of contact with a prospect during the sales phase right through to shipment of goods to the customer. Importantly, all of this information is retained within a single system. The solution provides, therefore, a single point of audit for European or U.S. government agencies and demonstrates due diligence and compliance, at all times.

Tracking compliance efforts has become a critical element of trade operations in recent years. The number of cases of companies running afoul of ITAR or EAR regulations have been well documented by the business press.

‘’In general, companies that work with defense goods or services must be aware that export controls legislation will apply to them,’’ said Brannan. ‘’Companies that deal with dual-use goods must also check to identify whether export licenses are required to ship their goods to specific countries.

‘’And it is key that companies understand that U.S. export controls legislation is extra-territorial. That is, companies outside of the U.S. need to check whether they need US (re-)export licenses. These may be required if the non-U.S. company has US technology incorporated into their products.’’

Rules of engagement

Last year the State Department hit New Jersey-based Bright Lights USA with a $400,000 civil penalty for exports of unauthorized defense components and technical data in violation of ITAR and the Arms Export Controls Act. Bright Lights was alleged to have made unauthorized exports, included the transfer of ITAR-controlled technical data, to foreign persons in the People’s Republic of China.

Texas-based DefenseDistributed in 2013 uploaded computer-generated files that someone could have used to create a 3D-printed gun. U.S. authorities ordered the files removed because they found that the files were a violation of ITAR, which prevents people from distributing to non-U.S. parties certain data on the construction of arms.

In 2016, the State Department’s reached a settlement with Massachusetts-based MicrowaveEngineering Corp. to pay a $100,000 penalty after a self-disclosed export violation for allowing a Chinese research scientist with an H-1B visa access to controlled technical data. Moreover, the company was said to have also failed to report the issue in a timely manner and its president, in an unusual situation in such cases, was said to be the person who provided the researcher with the unauthorized data.

‘’One interesting thing here is that this company was already under close scrutiny,’’ said Brannan. ‘’Once you’re on the radar of the regulatory authorities, it’s difficult to get away from that situation. Moral of the story: an effective export controls compliance program will ensure that your company doesn’t get on the radar in the first place.’’

Four point strategy

Brannan says there are four key areas any exporter should look at closely when they trade across borders:

  • Understanding that correct classification of products is essential. Are the products military, dual-use or otherwise? The correct export control code (ML or ECCN) must be assigned to the product to ensure effective export controls compliance.
  • Correctly identifying which jurisdiction applies to a particular product is also key. Companies must take note of changes that took place in the Export Control Reform (ECR) rules regarding transition of ITAR-related commodities or technology. That includes the State Department’s U.S. Munitions List and the Commerce Control List.
  • Also, care must be taken to ensure that not just the physical movement of goods is monitored and controlled, but that also non-physical transfer of sensitive data. Therefore, “deemed exports” and technology transfers must be as strictly monitored and controlled as the physical goods.
  • Finally, make sure your firm follows the guidelines issued by DDTC.

‘’The regulations are constantly changing so it’s essential that companies keep up-to-date,’’ said Brannan. ‘’ITAR violations can result in substantial fines and other penalties so companies must ensure they have effective export controls compliance programs in place.’’