17-0309 Thursday “The Daily Bugle”

17-0309 Thursday “The Daily Bugle”

Thursday, 9 March 2017

TOPThe Daily Bugle is a free daily newsletter from Full Circle Compliance, containing changes to export/import regulations (ATF, Customs, NISPOM, EAR, FACR/OFAC, FTR/AES, HTSUS, and ITAR), plus news and events. Subscribe 
for free subscription.
Contact us
 for advertising inquiries and rates.

[No items of interest noted today.]

  1. Ex/Im Items Scheduled for Publication in Future Federal Register Editions
  2. Commerce/BIS: (No new postings.) 
  3. DHS/CBP Changes ACE Portal Password Rule 
  4. DHS/CBP Sends Out Type 23 TIB Processing – Message Set Correction
  5. State/DDTC: (No new postings.) 
  6. EU Amends and Implements Restrictive Concerning Five Countries
  7. Permanent Mission of France to the UN Posts Interview with Ambassador on Workings of Wassenaar Arrangement 
  1. Courthouse News Service: “Ukrainian Busted on Weapons Charges” 
  2. Expeditors News: “Argentina Removes Certain Goods from Non-Automatic License List” 
  3. Reuters: “China’s Ministry of Commerce Says Opposes U.S. Sanctions on its Firms Under U.S. Laws” 
  4. Reuters: “U.S. Tech Sanctions Will Rattle China’s Firewall” 
  5. ST&R Trade Report: “Import and Export Controls on Substance Used in Epilepsy Drugs” 
  1. D.M. Edelman: “Three Important Lessons to Be Learned from the $1.2 Billion ZTE Settlements” 
  2. G. Husisian: “Private Equity and the New Trump Administration: Your Top Ten Questions Answered” (Part III of IV) 
  3. M. Hibbs: “The Long Demise of the German H-List” 
  4. Quinn Emanuel Trial Lawyers: “French Anti-Corruption Law Reform” 
  1. Bartlett’s Unfamiliar Quotations 
  2. Are Your Copies of Regulations Up to Date? Latest Changes: ATF (15 Jan 2016), Customs (27 Jan 2017), DOD/NISPOM (18 May 2016), EAR (24 Feb 2017), FACR/OFAC (10 Feb 2017), FTR (15 May 2015), HTSUS (10 Feb 2017), ITAR (11 Jan 2017) 


* * * * * * * * * * * * * * * * * * * * 


OGS_a11. Ex/Im Items Scheduled for Publication in Future Federal Register Editions

(Source: Federal Register)

* Commerce Department; NOTICES; Agency Information Collection Activities; Proposals, Submissions, and Approvals [Publication Date: 10 March 2017.]
  – U.S. Census Bureau; 2017 Economic Census
  – U.S. Census Bureau; 2017 Economic Census of Island Areas
* U.S. Customs and Border Protection; NOTICES; Country of Origin Determinations; KC-390 Military Cargo Airplane Converted to a Fire-Fighting Aircraft [Publication Date: 10 March 2017.]

* * * * * * * * * * * * * * * * * * * *

OGS_a22. Commerce/BIS: (No new postings.)

(Source: Commerce/BIS

* * * * * * * * * * * * * * * * * * * *


DHS/CBP Changes ACE Portal Password Rule

CSMS# 17-000133, 8 March 2017.]
Trade Policy Updates
Due to Department Homeland Security (DHS)/U.S. Customs and Border Protection (CBP) Security Policy changes, effective 3/10/2017 all Automated Commercial Environment (ACE) Secure Data Portal account passwords will require a minimum of 12-characters. As of 12:00 P.M. EST on 3/10/2017, the 12-character password requirement will be enforced when your current 8-character password expires or when you manually change your password.
Moving forward, the new DHS/CBP Security Policy rules state that ACE Portal account passwords must:
  – Contain at least 12 characters.
  – Contain at least 2 letters.
  – Contain a combination of uppercase letters, lowercase letters, and numbers.
  – Contain at least one of the following symbols: ! ” # $ % & ‘ ( ) * + , – . / : ; < = > ? @ [ ] ; ^ _ ` { | } ~
Please note that your new password:
  – Cannot contain your User Id.
  – Cannot contain your first or last name.
  – Cannot contain any consecutively repeated characters.
  – Cannot be the same as a previously used password.
  – Cannot be the reverse of a previously used password.
After changing your password, you will receive a confirmation message that states, “Your password change was successful. Please close all browser sessions, and load a new browser session to log in”. If you are experiencing problems changing your password, please contact ACE Support through the instructions at
To access the ACE Portal, please use the following URL:
If you are unable to log in to the ACE Portal with your new password, please ensure not to have any other open browser sessions in the background.

* * * * * * * * * * * * * * * * * * * *


DHS/CBP Sends Out Type 23 TIB Processing – Message Set Correction

CSMS# 17-000135, 9 March 2017.]
New ACE Programming
With the implementation of Automated Commercial Environment (ACE) Cargo Release functionality for all entry types and the subsequent policy decision to no longer require paper CBP Forms 3461 or 7501 at the time of entry, a paperless process is needed for Temporary Importation Bond (TIB) entries to replace the export examination decision and stamp required by CBP regulations. While a fully electronic transaction is being planned for this functionality, there is no known date of deployment or development. In the interim, the following steps should be taken by CBP and the trade for all Type 23, TIB entries presented:
  – All entries are deemed to be “Export Examination Not Required” at the time of release unless designated otherwise.
  – CBP will review submitted TIBs on a regular basis to determine the need for export examination.
  – To maintain paperless process, fully electronic entries will be designated for examination using the text message “Export Examination Required” via the SO20 message set. This will most likely be sent to the filer post release.
  – If paper entries are presented, they should continue to be stamped if an export examination is required.
  – At the time of export, a completed CBP Form 3495 should be presented at the port of export identifying the shipment to be examined and to record examination completion as per current procedures. In lieu of a stamped CBP Form 3461/7501, the original entry number, date of entry and port of entry information should be provided as well as invoices etc. from original importation.
  – CBP will attempt to utilize system information wherever possible but the full automation of this information has not been completed and filers will still need to provide documentation as required.
  – Trade partners may request an export examination for any shipment where the examination was not required via the same process.

back to top 

* * * * * * * * * * * * * * * * * * * *

back to top 

* * * * * * * * * * * * * * * * * * * *

6. EU Amends and Implements Restrictive Measures Concerning Five Countries

Council Regulation (EU) 2017/400 of 7 March 2017 amending Regulation (EU) No 224/2014 concerning restrictive measures in view of the situation in the Central African Republic
Council Implementing Regulation (EU) 2017/401 of 7 March 2017 implementing Article 15(3) of Regulation (EU) No 747/2014 concerning restrictive measures in view of the situation in Sudan
Council Implementing Regulation (EU) 2017/402 of 7 March 2017 implementing Article 20(3) of Regulation (EU) 2015/735 concerning restrictive measures in respect of the situation in South Sudan
Council Implementing Regulation (EU) 2017/403 of 7 March 2017 implementing Article 11(1) of Regulation (EU) No 377/2012 concerning restrictive measures directed against certain persons, entities and bodies threatening the peace, security or stability of the Republic of Guinea-Bissau
Council Implementing Regulation (EU) 2017/404 of 7 March 2017 implementing Article 11(4) of Regulation (EU) No 753/2011 concerning restrictive measures directed against certain individuals, groups, undertakings and entities in view of the situation in Afghanistan
Council Decision (CFSP) 2017/412 of 7 March 2017 amending Decision 2013/798/CFSP concerning restrictive measures against the Central African Republic
Council Implementing Decision (CFSP) 2017/413 of 7 March 2017 implementing Decision 2014/450/CFSP concerning restrictive measures in view of the situation in Sudan
Council Implementing Decision (CFSP) 2017/414 of 7 March 2017 implementing Decision (CFSP) 2015/740 concerning restrictive measures in view of the situation in South Sudan
Council Implementing Decision (CFSP) 2017/415 of 7 March 2017 implementing Decision 2012/285/CFSP concerning restrictive measures directed against certain persons, entities and bodies threatening the peace, security or stability of the Republic of Guinea-Bissau
Council Implementing Decision (CFSP) 2017/416 of 7 March 2017 implementing Decision 2011/486/CFSP concerning restrictive measures directed against certain individuals, groups, undertakings and entities in view of the situation in Afghanistan
[Editor’s note: earlier this week, the EU amended restrictive sanctions against Somalia and the Democratic Republic of Congo.  See item #6 in the Daily Bugle of Wednesday, 8 March 2017.]

back to top 

* * * * * * * * * * * * * * * * * * * *

7. Permanent Mission of France to the UN Posts Interview with Ambassador on Workings of Wassenaar Arrangement

The Permanent Mission of France to the UN has posted an interview with Ambassador Falconi Jean-Louis Falconi of France, who holds the 2017 Wassenaar Arrangement Plenary Chair, and Ambassador Philip Griffiths, the Head of the Vienna-based Secretariat, on the workings of the Wassenaar Arrangement. The Wassenaar Arrangement plays a crucial role for export controls of conventional arms and dual-use goods, preventing them from falling into the wrong hands.

The full text of the interview, published in Issue 01/2017 of Le Cercle Diplomatique, is freely accessible on the source link above and on the website of the Wassenaar Arrangement. 

back to top 

* * * * * * * * * * * * * * * * * * * *


NEWS_18Courthouse News Service: “Ukrainian Busted on Weapons Charges”

Courthouse News Service) [Excerpts.]
A Ukrainian man legally living in Queens was arrested Tuesday and charged with funneling sophisticated, weapons-grade military equipment to his native country for at least the past two years.
Volodymyr Nedoviz, 32, was charged with conspiracy and knowingly and intentionally exporting rifle scopes and thermal imaging equipment without a license.
His twin brother, identified as R.N. and living in Kiev, and several other unnamed cohorts also were implicated in a 38-page, arrest warrant that was unsealed by U.S. Magistrate Judge Ramon E. Reyes with the Eastern District of New York.
According to the indictment, Nedoviz and others sought to circumvent federal laws by playing fast and loose with the U.S. postal system, packaging and repackaging the artillery that would eventually land in the hands of people fighting the United States overseas. … 

* * * * * * * * * * * * * * * * * * * *

NEWS_29. Expeditors News: “Argentina Removes Certain Goods from Non-Automatic License List”

Expeditors News)
On March 2, 2017 the Argentinian Secretary of Commerce published Ruling 152-E/2017 listing 11 statistical breakouts that will be eliminated from the list of goods subject to Non-Automatic License requirements. This ruling modifies the previously issued Ruling 5/2015 that covered the submission guidelines of Automatic and Non-Automatic Licenses for goods imported into Argentina.
The breakouts effected by Ruling 152-E/2017 include:
   – Portable automatic data processing machines, not weighing more than 10 kg
   – Non-Portable automatic data processing machines comprising in the same housing at least a central processing unit and an input/output unit, whether or not combined and other types in the form of systems
   – Static converters
   – Monitors using automatic data processing machines
   – Insulated electric conductors fitted with connectors
The breakouts removed from the Non Automatic License list are now subject to an Automatic License (SIMI) before they can be imported into Argentina.
This ruling came into effect on March 3, 2017. The published ruling can be accessed

* * * * * * * * * * * * * * * * * * * *

NEWS_310. Reuters: “China’s Ministry of Commerce Says Opposes U.S. Sanctions on its Firms Under U.S. Laws”

China’s Ministry of Commerce (MOFCOM) said on Thursday it is opposed to the United States sanctioning Chinese firms under its domestic laws, and that it hoped that country would handle ZTE Corp’s $892 million settlement case “appropriately”.
The comment comes after Chinese telecom equipment maker ZTE earlier this week agreed to plead guilty and pay the record fine to settle charges that it violated U.S. export restrictions to Iran and North Korea.
  “We hope the U.S. would protect overall Sino-US trade relations, handle this matter appropriately so as to create a favorable atmosphere for the development of stable and healthy bilateral trade ties,” the official Xinhua news agency reported commerce ministry spokesman Sun Jiwen as saying.
Sun’s comments followed remarks from Chinese foreign minister Wang Yi on Wednesday who had said China’s government “consistently opposes foreign governments putting unilateral sanctions on Chinese companies.”
ZTE did not respond to a request for comment on Sun’s remarks. Its chairman and CEO Zhao Xianming said in a statement after the settlement that “ZTE has created strong partnerships with many U.S. suppliers that support nearly 130,000 high-tech jobs.”

* * * * * * * * * * * * * * * * * * * *

NEWS_411. Reuters: “U.S. Tech Sanctions Will Rattle China’s Firewall”

China has been giving fair warning. Telecoms equipment maker ZTE has agreed to plead guilty for violating U.S. export controls. The charges could have been more severe and the $892 million fine is manageable for the $9 billion company. More powerful is the message: the new U.S. administration is prepared to take action against corporate giants to rein in troublesome nations.
The plea caps a five-year probe into the Shenzhen-based group over its business dealings with Iran and North Korea. Following a 2012 Reuters report, U.S. agencies have been investigating ZTE for selling telecommunications equipment with American technology to countries under U.S. economic sanctions. One year ago, the Commerce Department briefly banned all stateside firms from selling to the Chinese company, which relies on U.S. suppliers like Qualcomm and Intel for up to 30 percent of its components.
ZTE will now plead guilty to unlawful export – shipping goods to countries without proper licenses – as well as lying about it. And it will be placed on an embarrassingly tight leash. It will agree to a three-year probation period and a seven-year suspended “denial of export privileges”. That means if ZTE does not meet certain conditions over this period, or further violates U.S. export laws, regulators could remove the suspension and deal a potentially lethal blow to ZTE’s supply chain.
The financial hit is not so bad. On Wednesday, ZTE estimated a full-year net loss of 2.4 billion yuan ($342 million) for 2016 after taking into account the fines. But it is already forecasting nearly a 32 percent year-on-year jump in net profit for the three months to March. The company’s Hong Kong shares rose as much as 8 percent on the news of the fine and its earnings.
Relief is justified because the outcome could have been worse: French bank BNP Paribas was slapped with a mega $8.9 billion fine in 2014 for breaching similar U.S. sanctions. Still, after North Korea’s recent provocations, including firing four ballistic missiles toward Japan this week, now is opportune time for the United States to remind distant neighbours just how far its reach can go.

* * * * * * * * * * * * * * * * * * * *

NEWS_512. ST&R Trade Report: “Import and Export Controls on Substance Used in Epilepsy Drugs”

The Drug Enforcement Administration has adopted as final without change a May 2016 interim final rule placing brivaracetam, including its salts, into schedule V of the Controlled Substances Act. As a result, this substance will continue to be subject to the regulatory controls and administrative, civil, and criminal sanctions applicable to the importation, exportation, manufacture, distribution, reverse distribution, dispensation, research, and conduct of instructional activities and chemical analysis of schedule V substances. These include the following.
  – All importation and exportation of this substance must be in compliance with 21 USC 952, 953, 957, and 958 and in accordance with 21 CFR part 1312; 
  – Any activity involving this substance that is not authorized by, or is in violation of, the Controlled Substances Act or its implementing regulations is unlawful and may subject the person to administrative, civil, or criminal sanctions;
  – Any person who handles or desires to handle this substance must be registered with the DEA to conduct such activities;
  – All labels, labeling, and packaging for commercial containers of this substance must comply with 21 USC 825 and 958(e) and be in accordance with 21 CFR part 1302; and
  – Every DEA registrant who possesses any quantity of this substance must take an initial inventory and update it every two years. 

* * * * * * * * * * * * * * * * * * * *


COMM_113. D.M. Edelman: “Three Important Lessons to Be Learned from the $1.2 Billion ZTE Settlements”

* Author: Doreen M. Edelman, Esq., Baker Donelson LLP, 202-508-3460,
On March 7, we learned that Zhongxing Telecommunications Equipment Corporation (ZTE) concluded 3 settlement agreements resulting in nearly $1.2 billion in penalties for its violations of U.S. sanctions and export controls laws. Although the amount of the fines results from particularly egregious conduct on the part of ZTE to conceal its violations even during the period of investigation,  the case highlights three valuable lessons for all exporters. This is especially true given Secretary of Commerce Wilbur Ross’s pronouncement that the case signals the new Administration will be “aggressively enforcing strong trade policies with the dual purpose of protecting American national security and protecting American workers.”
(1) Disclosure is Key
The Department of Treasury’s Office of Foreign Assets Control (OFAC) subjected ZTE to a maximum civil penalty of just over $106 million (the largest ever for a non-financial institution) because the company did not make a voluntary disclosure and because the violations were particularly egregious. Under OFAC’s penalty guidelines, when companies voluntarily disclose and cooperate with OFAC, penalties can be significantly reduced. Of particular importance to OFAC was that not only did the company fail to disclose but it also took elaborate steps to conceal its violations. Although the extent of ZTE’s cover-up is uniquely remarkable, the substantial penalties are a valuable reminder of the carrots and sticks at play in determining penalties under both sanctions and export controls laws. For some understanding of how these regimes work, see my post from
last July on the Department of Commerce’s Bureau of Industry and Security (BIS)’s penalty guidelines, which largely mirror those used by OFAC.
(2) Enhanced Coordination Between Agencies
The Department of Justice’s national security team collaborated closely with both OFAC and BIS, throughout the five-year investigation of ZTE. This collaboration marks enhanced cooperation between DOJ, OFAC, and BIS not only during investigations but also in detecting violations of sanctions and export control laws. In recent years there has been increased training of U.S. Attorney offices on export controls and sanctions law and national security attorneys at DOJ have become increasingly involved in detecting violations of and enforcing sanctions and export control laws.
(3) Supply Chain Compliance
ZTE used several companies that it effectively controlled and that were in its distribution network to conceal the fact that it was selling U.S.-controlled goods to Iran. These companies served as end-user intermediaries and helped ZTE stay under the radar of U.S. authorities. Companies that have distribution networks must be diligent to ensure that their supply chain members do not transship U.S.-controlled goods in violation of U.S. sanctions and export control laws. Due diligence with regard to ultimate country of destination has long been a part of an effective sanctions and export controls compliance program. ZTE teaches that supply chain and end user awareness should be a priority given the seeming increased capacity of the U.S. government to go after foreign entities, detect violations and target distributor relationships that arguably evade sanctions and export control laws.

* * * * * * * * * * * * * * * * * * * *

COMM_214G. Husisian: “Private Equity and the New Trump Administration: Your Top Ten Questions Answered” (Part III of IV)

* Author: Gregory Husisian, Esq., Foley & Lardner LLP,
ghusisian@foley.com, 202-945-6149.
[Editor’s note: This client alert is the sixth of a series of Foley & Lardner LLP Alerts being prepared to help companies navigate the uncertain international trade and regulatory environment. Due to space limitations, this alert is divided into four parts. Part I and Part II were posted in the Daily Bugle of Tuesday, 7 March and Wednesday, 8 March, respectively. Part IV will be posted in the Daily Bugle of Friday, 10 March.]
(6) “Sounds scary! What can I do to prevent purchasing trouble?”
As noted above, liability for issues can be purchased. The U.S. Government, however, has some sympathy for the lack of transparency enjoyed in many deals and does allow for the need to get the acquired company’s compliance house in order – provided it is done the right way. The FCPA Resource Guide provides for the following tips to minimize risks, which are equally applicable to any high-risk legal regime:
  – Conduct thorough risk-based due diligence.
  – Ensure the acquiring company applies its code of conduct and compliance policies to the target as quickly as possible or otherwise ensures strong compliance is in place soon after the acquisition.
  – Train the directors, officers, and employees of newly acquired businesses or merged entities regarding high-risk regulations and risks of its business model (which hopefully were identified as part of a searching due diligence inquiry prior to acquisition); consider training agents and business partners where the risk is high.
  – Conduct a compliance audit of all newly acquired or merged businesses as quickly as practicable.
  – Consider disclosing any issues discovered as part of the due diligence or post-acquisition compliance implementation to relevant regulatory authorities. [FN/11]
As can be seen, the recommendations center on the conduct of effective due diligence and the implementation of the learnings of that due diligence after the acquisition. The role of due diligence in this process cannot be overstated, as effective due diligence actually has seven rationales: (1) to determine the risk of the acquisition; (2) to ensure proper valuation of the acquired company; (3) to determine the potential liability for violations; (4) to minimize unexpected surprises; (5) to minimize liability for past conduct; (6) to identify future compliance issues; and (7) to assist in post-acquisition planning.
To avoid unpleasant surprises, the following are the general topics the due diligence inquiry should address:
  – Evaluating the risk profile of the target including with regard to its industry, countries of sales and operation, use of third parties/consultants/joint ventures, and so forth.
Evaluating the structure of the target’s operations, including its customer base, its non-U.S. operations and the countries in which it operates, sells, and to which it exports.
  – Determining how the target does business with third parties, what due diligence was performed on them, and the extent of business that relies on agents or distributors.
  – Determining the rigor of the target’s recordkeeping and accounting procedures.
  – Determining whether the target has appropriate compliance and training procedures.
  – Determining whether the target conducts periodic reviews and certifications of its third-party intermediaries and whether the target has contractual provisions that allow termination based upon suspected legal violations.
  – Determining whether the target has procedures to help identify red flags for high-risk areas (FCPA, export controls, sanctions, AML, and antitrust/fair competition, among others) with appropriate follow up.
  – Determining whether the target has been the subject of any investigation by any government that potentially could lead to significant risk and penalty exposure under legal regimes of concern.
  – Determining whether the target’s compliance structure is appropriate, including with regard to compliance resources located outside of headquarters, and whether it is run, in an independent fashion, by a senior management-level employee who is backed with appropriate resources.
  – Determining whether the target conducts periodic internal compliance assessments and compliance audits and follows up on identified compliance gaps with compliance improvements to identify known compliance issues.
(7) “What can I do to prevent problems in my portfolio companies?”
Too many companies view due diligence as a check-off item that begins and ends at discrete portions of the deal. The best practice in the area, however, is to view due diligence as an entrée not only to identification of risk, but also the first step in the administration of the to-be acquired company’s compliance efforts. To take full advantage of the efforts put into due diligence, acquiring companies should have a well-thought due diligence and compliance integration plan. Some guideposts to consider along the way include:
Determine the Scope of Due Diligence. The degree of due diligence to be conducted, and the areas of concentration, should be based upon the size of the transaction, its risk profile, and the business profile of the target. Targets that operate in high-risk environments like China, the Middle East, Russia, Latin America, or Africa, or make significant sales into them, require more careful scrutiny. The same is true of targets that operate in the export controlled (ITAR or EAR) or classified arenas or that are government contractors.
Keep a Fluid View of the Developing Risk Profile of the Target. Due diligence should not be a check-off item. As information is developed, an evolving view of the target’s business and risk profile should be constructed and modified, so as to determine areas of potential regulatory risks and likely compliance lapses.
Conduct a Compliance Gap Analysis. The due diligence inquiry should include an inquiry into the compliance environment at the target for all high-risk areas, which often are international in scope (anti-corruption, economic sanctions, antitrust/fair competition, export controls, AML, and so forth). The scope of the compliance measures in place, as well as related internal controls and training, should be compared to the risk profile of the target.
Prepare an Integration Plan. Often, integration “plans” for PE firm acquisitions consist of nothing more than stating that the target will be integrated into the compliance program of the acquiring company (if an acquisition by an existing portfolio company) or using a generic compliance template that the acquiring PE firm digs up from a prior deal and indiscriminately applies. But integration into a purchasing entity or the implementation of a new compliance plan should not occur without first considering such issues as whether the compliance omissions in the target’s compliance measures potentially created issues that require investigation, evaluating whether the prior training had gaps in coverage or personnel trained, and whether the internal controls matched up with the compliance objectives and the target’s risk profile. Even absent such compliance lapses, integration of compliance programs should not occur without first giving thought to whether the risk profile of the combined entity changes based upon the new acquisition, thus potentially making a mismatch between the acquiring company’s compliance measures and the merged entity.
Follow up on Identified Issues. Make certain there is a thorough and timely follow up on any issues identified during the course of the acquisition, especially for high-risk legal regimes. Any ongoing investigation will need to be completed in a timely fashion; issues not thoroughly investigated by the prior management may need to be fast tracked. Similarly, gaps in compliance identified through due diligence also should be evaluated to determine if they likely have led to compliance lapses that need to be addressed.
Conduct a Compliance Audit/Risk Assessment. Acquiring companies should not assume that all issues were identified during the due diligence process. A compliance audit/risk assessment, conducted within 30 to 90 days of acquisition, often is appropriate, especially for target companies that have a heightened risk profile or that represent a significant addition of business to the PE firm’s portfolio.
Review Company Culture. Consideration all she should be given to whether the company’s culture was one of appliance. A company that did not set a tone at the top supporting compliance, for example, will often require significant intervention to establish the right culture of compliance. This cannot be accomplished merely by conducting a few training sessions.
Set a Training Schedule. The company should establish a training schedule. This will require a review of the training performed by the target prior to the acquisition to determine whether the correct personnel were receiving tailored training in the correct areas. The goal should be to identify within 30-60 days any significant training omissions and to ensure these employees (and perhaps consultants and other third parties) are trained in all high-risk areas pertinent to their responsibilities.
(8) “Compliance at portfolio companies sounds complicated! Has anyone ever thought of putting together a twelve-step program to provide guideposts for an effective risk mitigation?”
The author of this client alert has an international compliance guide that include just such a twelve-step program; a copy is available by request. [FN/12] The headlines of this twelve-step program are as follows:
Step 1: Secure Buy-In at the Top. This include not only taking steps to secure the appropriate “tone at the top” and support for compliance efforts, but also securing adequate resources to support compliance efforts.
Step 2: Perform a Risk Assessment. The second step for most organization is to perform a risk assessment (a survey of the company’s operations to determine the exposure of the organization to various forms of regulatory risk, considering both the likelihood and severity of possible violations and the current enforcement priorities of the relevant authority). Once the risk assessment is complete, the results should be carefully evaluated to determine where the areas of greatest compliance concern lie through the preparation of a company-wide risk profile, which can guide the allocation of compliance resources.
Step 3: Survey Current Controls. Step 3 involves surveying current compliance procedures and internal controls to determine whether the compliance measures in place properly cover the circumstances that may put the organization at risk of violations.
Step 4: Identify Available Resources. After an inventory of compliance procedures in place has occurred, a key next step is to ensure the organization has not fallen into the classic compliance trap of over-promising and under-delivering by imposing compliance requirements and then failing to implement them. To avoid these and other promise-resource mismatches, the company should, with a clear and open mind, compare its identified risk profile with the inventory of current policies and internal controls to determine whether there are any gaps between the two. Funding adequate to cover all necessary compliance efforts should be in place and, if not, should become a funding priority.
Step 5: Assess Local Oversight. The state of compliance as envisioned at corporate headquarters, and the actual state of compliance as implemented in the field, far too often diverge. It accordingly is often necessary, at least at larger companies, to set up a compliance infrastructure that includes compliance liaisons and various local resources that can ensure effective implementation of compliance dictates. These resources also can be invaluable in identifying compliance lapses before they grow and become a large problem.
Step 6: Create a Written Compliance Policy. It is an unfortunate fact that Step 6-the drafting of the compliance manual-is often Step 1 for many companies. But there is considerable groundwork to cover before the organization should begin the actual drafting of the compliance manual, including the performance of a risk assessment and establishment of the culture of compliance. The written manual should accurately summarize the regulations, using plain language that employees without legal training can readily follow. The focus should be on readability and tailoring the policy to the risk and business profile of the company, not trying to cover every nuance of the legal regime at issue.
Step 7: Establish Internal Controls. Although internal controls (called standard operating procedures at some companies) are one of the three pillars of compliance (along with the written policy and training), they often are the most neglected. But internal controls provide procedures that are essential to implement the dictates of the compliance program. Systematizing compliance through internal controls also gives the company the ability to audit compliance and determine how effective the procedures actually are.
Step 8: Training, Training, Training. The basic task of training is to ensure, in conjunction with a well-written compliance program and appropriate internal controls, that employees and agents have sufficient knowledge to recognize red flags and other problematic situations, and understand what they need to do to comply with regulations and company policy. The goal is not to create legal experts all across the company; rather, it is to sensitize people to the law so they know when to seek counsel from the appropriate compliance or legal personnel. No compliance regime will be successful unless the appropriate individuals are identified and trained regarding the company’s compliance efforts and the operation of its compliance program.
Step 9: Integrate Outsiders. Outsiders-third parties who act (or could be construed as acting) for the organization-are often a key source of risk. Companies accordingly should take steps to ensure that outsiders acting on their behalf are trained in the key compliance requirements, whether through the imposition of an obligation of the outside actor to receive training or through direct integration of the outsider into the company’s compliance program.
Step 10: Auditing and Checkups. It is difficult to have a strong compliance program unless it is regularly tested and probed, with the results analyzed to come up with compliance improvement action items. As companies realize the dangers of letting their compliance program run on auto-pilot, it has become common for companies to use risk-based auditing principles to determine the countries, divisions, subsidiaries, and third parties who should be monitored through audits and compliance check-ups. Companies that do so reap considerable compliance dividends.
Step 11: Monitor Red Flags. The identification of red flags and ensuring appropriate follow-up are the keystones to a well-functioning compliance system. One of the most important tasks when implementing international compliance accordingly is to train relevant stakeholders regarding the transactions and conduct that are suspicious given the regulatory requirements.
Step 12: Communicate with Board & Senior Management. In corporations that set the proper compliance tone, board-level involvement is regular and institutionalized. The key areas for board-level involvement include thorough oversight of compliance initiatives, quarterly reports of compliance activities, and special communications for potentially serious matters. Compliance conversations with senior management should be routine and compliance counsel consistently heeded.
  [FN/11] FCPA Resource Guide at 29.
  [FN/12] Please contact the author to receive a copy.

* * * * * * * * * * * * * * * * * * * *

15. M. Hibbs: “The Long Demise of the German H-List”

Arms Control Wonk)
* Author: Mark Hibbs, Senior Fellow, Carnegie Endowment for International Peace (Berlin, Germany),

At a meeting in Berlin today I was privy to an update, from someone who really knows this stuff, on the European Union’s efforts to amend its dual-use export control regime. The key document is called Regulation 428/2009 and the review of it, which is mandated by its Article 25, turns out to be a very complex matter indeed.
Not only have the technologies requiring export controls evolved since the regulation was enacted eight years ago, but other issues have emerged for EU member states to worry about: How to deal with new challenging technologies, 3D printing and cloud computing, for example. What to do about transboundary movements of intangible goods? Gaps in the separation between nuclear, biological, and chemical regimes? Transactions involving brokers, banks, and other third parties? And then there’s the impact of the Arab Spring and its aftermath; increasingly since, export controllers are pondering what official documents call “the use of sensitive technologies in violation of human rights.” At issue here are chemicals that can be made into noxious gases, and exceptionally intrusive information and communications technologies, that can be applied by strongmen to oppress their populations, through activities that may defy a binary characterization as either military or civilian.
When the EU in the early 2010s prepared to undertake its review of 428/2009, there were a number of scenarios describing what the consequences might be. These ranged from business as usual all the way up to a dramatic rethinking of Europe’s entire export control regime. Neither extreme is likely, but at the political level of the EU’s 28 member countries, it would appear that the review is now just getting up to speed, following from a 2011 Green Paper issued by the European Commission that has served as a bone of contention for lots of intervenors since. (I participated in one 2012 EU expert gathering where stakeholders debated this text by cutting it as fine as possible). The current conundrum over the link between export controls and human rights, we learned today, might even lead to efforts to redefine what is a dual-use commodity under European law. In a nutshell, the review might take awhile before all these issues are laid to rest.
The Withering of the German Lists 
So it wasn’t a surprise to hear participants during our discussion today refer to views expressed by frustrated customs officials who, if they had it their way, would sooner chuck the whole finely-diced trade control regime of commodity control lists and end-user certificates and the rest, and instead embargo members of a rogues’ gallery. “Why not just limit trade controls to the ten or so countries that we know are the offenders?”
It doesn’t work that way in practice. But during the formative years of WMD export controls, a number of countries included elements of a blanket country-specific approach in their export control toolbox.
Germany for instance. During the 1980s and into the 1990s German export controllers were preoccupied with an instrument called the H-List, or in German the Laenderliste-H.  This was a fairly succinct list of countries where any prospective export of a sensitive good, for example an item controlled for WMD proliferation, must trigger extreme scrutiny. In practice, administering the H-list could be frought with risks and political pressure. Lobbyists for industry and foreign governments could be counted on to line up to get exceptions made (and for German trading partners that had so-called “parallel” nuclear programs outside of IAEA safeguards, a certain amount of diplomatic elbow grease might be applied to try to make sure that they wouldn’t find themselves on the list). This was a clumsy and messy way of trying to keep track of trade. And it didn’t appeal to a certain German deep-seated preference for procedures that are applied with consistency. Controlling trade the H-List way, I heard a friend say today, “hat keinen ordnungspolitischen Sinn.” There you have it. An American export controller would say instead: “Hey, where are the criteria for doing this?”
The H-List is no longer with us. It was scuttled in 1995 when Germany’s Foreign Trade Act was harmonized with EU export control regulations. Some people at the time weren’t completely happy with getting rid of the H-List. German Social Democrats
objected that dropping the H-List might mean lifting controls for exports to Algeria, China, and India, destinations that in their view then were “not unprobablematic.”
So the H-List in 1995 became the K-List. It stayed on the books until 2013.
During its 18-year term, however, the K-List shrank and shrank. It’s life expectancy may have been shortened when speechwriter
David Frum suggested to U.S. President George W. Bush that he include in his 2002 State of the Union address the assertion that Iran, Iraq, and North Korea were linked in an “axis of evil.” In any case during the 2000s, the  Laenderliste-K slowly evaporated: In 2006, North Korea and Lebanon were taken off the list, followed one year later by the removal of Mozambique and Iran. Syria, the second-to-last country on the K-List, was removed in 2011. When it was ditched for good in 2013, the only country left on the list was Cuba.
What replaced the K-List in 2013? That’s right: the EU export control regime, led off by Regulation 428/2009.

* * * * * * * * * * * * * * * * * * * *

16. Quinn Emanuel Trial Lawyers: “French Anti-Corruption Law Reform”

* Author: Unknown, Quinn Emanuel Urquhart & Sullivan LLP.  Contact details of the various office locations are available at
Despite signing the OECD anti-corruption Convention in 1997, France has long been perceived as lacking necessary tools for domestic and international anti-corruption enforcement, particularly in comparison to the US Foreign Corrupt Practices Act of 1977 (“FCPA”) or the UK Bribery Act of 2010 (“UKBA”). The perception that France is lax on corruption was underscored by the fining and monitoring of several French corporations under the FCPA in the recent past (e.g., Alcatel, Alstom, and Technip).
This perception may soon change. On December 9, 2016, France enacted Law No. 2016-1691, entitled “Loi relative à la transparence, à la lutte contre la corruption et à la modernisation de la vie économique” (Transparency, Fight against Corruption, and Economic Modernization Act, which is dubbed “Sapin II” after its primary advocate, the French Minister of Finance, Mr. Sapin (the “Sapin II Act” or “Sapin II”). Although some decrees accessory to the Sapin II Act have yet to be adopted by the executive branch, the act came into effect on December 10, 2016 (save for Article 17 regarding compliance programs, which will become effective on June 9, 2017).
The Sapin II Act constitutes a major shift in French anti-corruption law as it has ambitions to elevate French anti-corruption law to the best international standards through five main changes: it extends the extraterritorial reach of French anti-corruption laws (I), creates a new anti-corruption body replacing the former anti-corruption body with extended powers (II), introduces an obligation to implement anti-corruption corporate compliance programs (III), improves protection for whistle-blowers (IV), and implements a system of deferred prosecution agreements (V). …  
I. Extension of Reach for French Anti-Corruption Regulation
The Sapin II Act provides for a clear expansion of French jurisdictional powers to prosecute corruption-related offenses committed abroad or involving foreign officials. …
In light of these changes, French authorities will now be able to take a more active role in prosecuting corruption acts committed abroad. This should be of particular concern to international corporations active in France, as they now face potential French law liability for corruption acts committed outside of France.
II. Creation of a New Anti-Corruption Authority with Extensive Powers
Article 1 of the Sapin II Act created a new French Anti-Corruption Agency, named the Agence Française Anticorruption (“AFA”). It is placed under the joint supervision of both the Ministries of Justice and of Finance. The AFA replaces the previous Service Central de Prévention de la Corruption (“SCPC”)(Central Service for the Prevention of Corruption). Article 2 of the Sapin II Act subsequently provides the AFA with extensive powers to detect and sanction corruption acts. The AFA will profit from various mechanisms to gather evidence, especially in relation to the new anti-corruption compliance programs [on compliance programs, see also below, III]. …  
III. Implementation of Corporate Compliance Programs
Before the Sapin II Act, French or France-based companies were under no obligation to take proactive steps to prevent corruption. The introduction of mandatory compliance programs for corporations of a certain size is thus another major shift in French anti-corruption law. Pursuant to Article 17 of Sapin II, anti-corruption compliance programs will be required as of June 9, 2017 for both (i) French companies employing 500 or more employees and having a turnover above EUR 100 million and (ii) all subsidiaries of parent companies incorporated in France affiliated with a group of 500 or more employees in total and a consolidated turnover above EUR 100 million. Some 2,000 companies are expected to be implicated and Article 17 specifies that corporate officers will be responsible for implementing the anti-corruption plans. These plans would notably include: an internal code of conduct providing for disciplinary sanctions and corporate investigations in cases of wrongdoing; a reporting system enabling employees to report information regarding suspected wrongdoing [i.e., a sort of whistle-blowing line-on this issue, see below, IV]; a risk-mapping system (with updates every two years); a third-party risk assessment (i.e., due diligence on clients, suppliers and intermediaries); internal and external accounting controls; and training programs for employees most exposed to corruption risks.
Non-compliant corporations will be exposed to injunctions from the AFA and, in case of persisting non-compliance, fines reaching up to EUR 1 million (EUR 200,000 for individuals). In addition, Sapin II will allow the AFA to publish the sanctions issued against the non-compliant corporations.
IV. Improved Protection for Whistle-Blowers
Whistleblower protection programs, rewarding and protecting individuals who take action to report corruption, are well-known in the United States. However, such programs are a relatively new feature in France. In this context, Chapter II of the Sapin II Act, labelled “Protection of whistleblowers,” is remarkable, as it introduces a very strong protection framework for individuals reporting a potential violation of anti-corruption laws or a “serious threat or damage to the public interest.” …
V. Introduction of Deferred Prosecution Agreements in French Law
Amongst the most controversial features of the Sapin II draft bill was the introduction of an Anglo-Saxon style deferred prosecution agreements to French criminal law. Such prosecution agreements, as defined by the UK’s Serious Fraud Office, are understood as “an agreement reached between a prosecutor and an organization which could be prosecuted, under the supervision of a judge. The agreement allows a prosecution to be suspended for a defined period provided the organization meets certain conditions. DPAs can be used for fraud, bribery, and other economic crimes. They apply to organizations, never individuals.” The controversy was in regards to the specific nature of deferred prosecution agreements, i.e., a negotiated settlement whereby a company, without pleading guilty, agrees to a combination of monetary sanctions and compliance measures, which was perceived as “too commercial” for French criminal law. Despite having been removed at some point during the legislative process, deferred prosecution agreements were nonetheless later reintroduced in the final version of the Sapin II Act, under the label of Convention Judiciaire d’Intérêt Public (which may be literally translated as “judicial agreement of public interest,” i.e., a French Deferred Prosecution Agreement (“DPA”)). …
The Sapin II Act contains a number of new anti-corruption instruments largely inspired by US and UK law. As such, Sapin II is undoubtedly a move towards more active anti-corruption enforcement in France. At first glance, corporations may deplore that Sapin II adds an additional burden for ensuring compliance. Nonetheless, the knowledge that French companies are now subject to enhanced domestic anti-corruption oversight may serve to enhance their reputation in the international arena and therefore reduce the number of corruption cases brought by US authorities against French companies operating internationally.

* * * * * * * * * * * * * * * * * * * *


(Source: Editor)

Mickey Spillane (Frank Morrison Spillane, 9 Mar 1918 – 17 Jul 2006, was an American crime novelist, whose stories often feature his signature detective character, Mike Hammer. More than 225 million copies of his books have sold internationally.)
  – “If you’re a singer you lose your voice. A baseball player loses his arm. A writer gets more knowledge, and if he’s good, the older he gets, the better he writes.”
William Cobbett (9 Mar 1763 – 18 Jun 1835, was an English pamphleteer, farmer, journalist and member of parliament.)
  – “Men fail much oftener from want of perseverance than from want of talent.”
  – “You never know what you can do till you try.”

* * * * * * * * * * * * * * * * * * * *

. Are Your Copies of Regulations Up to Date?
(Source: Editor)

The official versions of the following regulations are published annually in the U.S. Code of Federal Regulations (C.F.R.), but are updated as amended in the Federal Register.  Changes to applicable regulations are listed below.
: 27 CFR Part 447-Importation of Arms, Ammunition, and Implements of War
  – Last Amendment: 15 Jan 2016: 81 FR 2657-2723: Machineguns, Destructive Devices and Certain Other Firearms; Background Checks for Responsible Persons of a Trust or Legal Entity With Respect To Making or Transferring a Firearm 
: 19 CFR, Ch. 1, Pts. 0-199
  – Last Amendment: 27 Jan 2017: 82 FR 8589-8590: Delay of Effective Date for Importations of Certain Vehicles and Engines Subject to Federal Antipollution Emission Standards; and 82 FR 8590: Delay of Effective Date for Toxic Substance Control Act Chemical Substance Import Certification Process Revisions 

  – Last Amendment: 18 May 2016: Change 2: Implement an insider threat program; reporting requirements for Cleared Defense Contractors; alignment with Federal standards for classified information systems; incorporated and canceled Supp. 1 to the NISPOM  (Summary here.)

  – Last Amendment: 24 Feb 2017: 82 FR 11505-11506: Temporary General License: Extension of Validity

: 31 CFR, Parts 500-599, Embargoes, Sanctions, Executive Orders
  – Last Amendment: 10 Feb 2017: 82 FR 10434-10440: Inflation Adjustment of Civil Monetary Penalties.  
: 15 CFR Part 30
  – Last Amendment: 15 May 2015; 80 FR 27853-27854: Foreign Trade Regulations (FTR): Reinstatement of Exemptions Related to Temporary Exports, Carnets, and Shipments Under a Temporary Import Bond 
  – HTS codes that are not valid for AES are available
  – The latest edition (9 Mar 2016) of Bartlett’s Annotated FTR (“BAFTR”), by James E. Bartlett III, is available for downloading in Word format. The BAFTR contains all FTR amendments, FTR Letters and Notices, a large Index, and footnotes containing case annotations, practice tips, and Census/AES guidance.  Subscribers receive revised copies every time the FTR is amended. The BAFTR is available by annual subscription from the Full Circle Compliance website.  BITAR subscribers are entitled to a 25% discount on subscriptions to the BAFTR.
, 1 Jan 2017: 19 USC 1202 Annex. (“HTS” and “HTSA” are often seen as abbreviations for the Harmonized Tariff Schedule of the United States Annotated, shortened versions of “HTSUSA”.)

  – Last Amendment: 10 Feb 2017: Harmonized System Update 1701, containing 1,295 ABI records and 293 harmonized tariff records.   

  – HTS codes for AES are available
  – HTS codes that are not valid for AES are available
  – Latest Amendment: 11 Jan 2017: 82 FR 3168-3170: 2017 Civil Monetary Penalties Inflationary Adjustment
 – The only available fully updated copy (latest edition 8 Mar 2017) of the ITAR with all amendments is contained in Bartlett’s Annotated ITAR (“BITAR”), by James E. Bartlett III.  The BITAR contains all ITAR amendments to date, plus a large Index, over 750 footnotes containing case annotations, practice tips, DDTC guidance, and explanations of errors in the official ITAR text.  Subscribers receive updated copies of the BITAR in Word by email, usually revised within 24 hours after every ITAR amendment.  The BITAR is available by annual subscription from the Full Circle Compliance
.  BAFTR subscribers receive a 25% discount on subscriptions to the BITAR, please
contact us
to receive your discount code.  

* * * * * * * * * * * * * * * * * * * *


* The Ex/Im Daily Update is a publication of FCC Advisory B.V., edited by James E. Bartlett III and Alexander Bosch, and emailed every business day to approximately 8,000 subscribers to inform readers of changes to defense and high-tech trade laws and regulations. We check the following sources daily: Federal Register, Congressional Record, Commerce/AES, Commerce/BIS, DHS/CBP, DOJ/ATF, DoD/DSS, DoD/DTSA, State/DDTC, Treasury/OFAC, White House, and similar websites of Australia, Canada, U.K., and other countries and international organizations.  Due to space limitations, we do not post Arms Sales notifications, Denied Party listings, or Customs AD/CVD items.

* RIGHTS & RESTRICTIONS: This email contains no proprietary, classified, or export-controlled information. All items are obtained from public sources or are published with permission of private contributors, and may be freely circulated without further permission. Any further use of contributors’ material, however, must comply with applicable copyright laws.

* CAVEAT: The contents cannot be relied upon as legal or expert advice.  Consult your own legal counsel or compliance specialists before taking actions based upon news items or opinions from this or other unofficial sources.  If any U.S. federal tax issue is discussed in this communication, it was not intended or written by the author or sender for tax or legal advice, and cannot be used for the purpose of avoiding penalties under the Internal Revenue Code or promoting, marketing, or recommending to another party any transaction or tax-related matter.

* SUBSCRIPTIONS: Subscriptions are free.  Subscribe by completing the request form on the Full Circle Compliance website.

* TO UNSUBSCRIBE: Use the Safe Unsubscribe link below.

Scroll to Top