20-1007 Wednesday “Daily Bugle”

20-1007 Wednesday “Daily Bugle”

 this copy of the Daily Bugle to others or share this subscription link
Wednesday, 7 October 2020

  1. Defense Department: “Information Collection on Proposals, Submissions, and Approvals: Buy American, Trade Agreements, and Duty-Free Entry”
  2. USTR: “Product Exclusion Amendment: China’s Acts, Policies, and Practices Related to Technology Transfer, Intellectual Property, and Innovation (I)”
  3. USTR: “Product Exclusion Amendment: China’s Acts, Policies, and Practices Related to Technology Transfer, Intellectual Property, and Innovation (II)”
  1. Items Scheduled for Future Federal Register Edition
  2. Commerce/BIS: (No new postings)
  3. State/DDTC: “Public Discussion on Due Diligence for Exports of Products or Services with Surveillance Capabilities – 9 Oct”
  4. Treasury/OFAC: “Issuance of Venezuela-related General License 5E and Amended Frequently Asked Question”
  5. Canada TID: “Statement from Minister Champagne on Suspension of Export Permits to Turkey”
  6. EU Sanctions Desk: “EU About the Due Diligence HelpDesk on EU Sanctions”
  1. EU Sanctions: “FAC Issues Venezuela-Related General Licence 5E”
  1. Steptoe & Johnson: “Five Key Takeaways from OFAC and FinCEN’s Ransomware Advisories”
  2. Wiggin & Dana: “Key Aspects of U.S. Financial Sanctions Risk for Non-U.S. Companies”
  1. FD Associates Presents: 10 – 12 Nov; “ITAR for the Empowered Official & Compliance Personnel”
  1. Bartlett’s Unfamiliar Quotations 
  2. Are Your Copies of Regulations Up to Date? Find the Latest Amendments Here. 
  3. Weekly Highlights of the Daily Bugle Top Stories 
  4. Submit Your Job Opening and View All Job Openings 
  5. Submit Your Event and View All Approaching Events 

Are You Keeping Up to Date with the Latest Regulations?

Bartlett’s Annotated ITAR and Bartlett’s Annotated FTR are Word documents to down-

load to your laptop to keep you updated on the latest amendments, and contain over 800 footnotes of section history, key cases, practice tips & tricks, and extensive Tables of Contents. The ITAR amendment of the ITAR that took effect on 28 September is included in the current edition of the BITAR.  Subscribers receive updated editions every time the regulations are amended (usually within 24 hours) so you will always have the current versions of the regulations. Subscribe to the BITAR here to guarantee you have an up-to-date ITAR!


1. Defense Department: “Information Collection on Proposals, Submissions, and Approvals: Buy American, Trade Agreements, and Duty-Free Entry”

(Source: Federal Register) [Excerpts]
85 FR 63276: Notice
* AGENCY:Department of Defense (DOD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA).
* ACTION:Notice and request for comments.
* SUMMARY:In accordance with section 3506(c)(2)(A) of the Paperwork Reduction Act of 1995, and the Office of Management and Budget (OMB) regulations, DoD, GSA, and NASA invite the public to comment on a revision and renewal concerning Buy American, trade agreements, and duty-free entry. DoD, GSA, and NASA invite comments on: Whether the proposed collection of information is necessary for the proper performance of the functions of Federal Government acquisitions, including whether the information will have practical utility; the accuracy of the estimate of the burden of the proposed information collection; ways to enhance the quality, utility, and clarity of the information to be collected; and ways to minimize the burden of the information collection on respondents, including the use of automated collection techniques or other forms of information technology. OMB has approved this information collection for use through November 30, 2020. DoD, GSA, and NASA propose that OMB extend its approval for use for three additional years beyond the current expiration date.
* DATES:DoD, GSA, and NASA will consider all comments received by December 7, 2020.

 * * * * * * * * * * * * * * * * * * * *  

2. USTR: “Product Exclusion Amendment: China’s Acts, Policies, and Practices Related to Technology Transfer, Intellectual Property, and Innovation (I)”

(Source: Federal Register) [Excerpts]
85 FR 63331: Notice
* AGENCY:Office of the United States Trade Representative.
* ACTION:Notice.

On August 20, 2019, at the direction of the President, the U.S. Trade Representative determined to modify the action being taken in the Section 301 investigation of China’s acts, policies, and practices related to technology transfer, intellectual property, and innovation by imposing additional duties of 10 percent ad valorem on goods of China with an annual trade value of approximately $300 billion. The additional duties on products in List 1, which is set out in Annex A of that action, became effective on September 1, 2019. On August 30, 2019, at the direction of the President, the U.S. Trade Representative determined to increase the rate of the additional duty applicable to the tariff subheadings covered by the action announced in the August 20 notice from 10 to 15 percent. On January 22, 2020, the U.S. Trade Representative determined to reduce the rate from 15 to 7.5 percent.  
The U.S. Trade Representative initiated a product exclusion process in October 2019, and interested persons have submitted requests for the exclusion of specific products. This notice announces the U.S. Trade Representative’s determination to make one technical amendment to a previously granted exclusion.
* DATES:The amendment announced in this notice applies as of September 1, 2019, the effective date of List 1 of the $300 billion action. It is retroactive to the date the original exclusion was published and does not further extend the period for the original exclusion. U.S. Customs and Border Protection will issue instructions on entry guidance and implementation.

 * * * * * * * * * * * * * * * * * * * *  

(Source: Federal Register) [Excerpts]
85 FR 63332: Notice
* AGENCY:Office of the United States Trade Representative.
* ACTION:Notice.
* SUMMARY:Effective September 24, 2018, the U.S. Trade Representative imposed additional duties on goods of China with an annual trade value of approximately $200 billion as part of the action in the Section 301 investigation of China’s acts, policies, and practices related to technology transfer, intellectual property, and innovation. The U.S. Trade Representative initiated an exclusion process on June 24, 2019, and has granted 16 sets of exclusions under the $200 billion action. These exclusions expired on August 7, 2020. On May 6 and June 3, 2020, the U.S. Trade Representative invited the public to comment on whether to extend particular granted exclusions. On August 11, 2020, the U.S. Trade Representative announced a determination to extend certain previously granted exclusions. This notice announces the U.S. Trade Representatives determination to make two technical amendments to previously extended exclusions.
* DATES:The amendments announced in this notice apply as of August 7, 2020, and continue through December 31, 2020. This notice does not further extend the period for product exclusion extensions. U.S. Customs and Border Protection will issue instructions on entry guidance and implementation.

 * * * * * * * * * * * * * * * * * * * *  


(Source: Federal Register)
* Commerce/BIS; PROPOSED RULES; Identification and Review of Controls for Certain Foundational Technologies:Correction; [Pub.  Date: 9 Oct 2020]

 * * * * * * * * * * * * * * * * * * * *  

OGS_a25. Commerce/BIS: (No new postings)

 * * * * * * * * * * * * * * * * * * * *  

Subject: Invitation: Briefing and discussion regarding the due diligence guidance for products or services with surveillance capabilities,
Please join us on Friday, October 9, 1:00-2:00 pm EST, for a discussion on the U.S. Department of State Guidance on Implementing the UN Guiding Principles for Transactions Linked to Foreign Government End-Users for Products or Services with Surveillance Capabilities.  This will be an opportunity to discuss the document in more detail and ask questions related to its release. This discussion is off-the-record and Chatham House Rule. Register HERE

* * * * * * * * * * * * * * * * * * * *  

(Source: Treasury/OFAC, 6 Oct 2020)
The Department of the Treasury’s Office of Foreign Assets Control (OFAC) is issuing General License 5E, “Authorizing Certain Transactions Related to the Petróleos de Venezuela, S.A. 2020 8.5 Percent Bond on or After January 19, 2021.”  In addition, OFAC is amending a related Frequently Asked Question

* * * * * * * * * * * * * * * * * * * *  

(Source: Canada TID, 5 Oct 2020)
 “Over the last several days, certain allegations have been made regarding Canadian technology being used in the military conflict in Nagorno-Karabakh.
“Upon learning of these allegations, I immediately directed Global Affairs Canada to investigate these claims.
“In line with Canada’s robust export control regime and due to the ongoing hostilities, I have suspended the relevant export permits to Turkey, so as to allow time to further assess the situation.
“Canada continues to be concerned by the ongoing conflict in Nagorno-Karabakh resulting in shelling of communities and civilian casualties.
 “We call for measures to be taken immediately to stabilize the situation on the ground and reiterate that there is no alternative to a peaceful, negotiated solution to this conflict.

* * * * * * * * * * * * * * * * * * * *  

(Source: EU Sanctions Desk, 6 Oct 2020)
The Due Diligence Helpdesk on EU Sanctions is an initiative funded by the European Union. It aims to support EU businesses, in particular Small and Medium-sized Enterprises (SMEs) that are willing to engage with Iran, to do so legitimately in compliance with EU law and in the framework of the Joint Comprehensive Plan of Action (JCPoA). The Helpdesk provides free-of-charge support to EU SMEs on how to complete due diligence checks on EU restrictive measures (sanctions) compliance for specific business projects in Iran. The Helpdesk facilitates the efforts of EU SMEs in realising legitimate business opportunities in Iran and the financing of legitimate business activities in Iran by European banks, thus demonstrating the EU’s continued commitment to the JCPoA.
The free-of-charge services of the Due Diligence Helpdesk on EU Sanctions include:
Helpdesk Enquiry Service – Confidential Consultation
Individual SMEs can submit enquiries via a query form on the Helpdesk website, accessing a panel of experts to receive confidential first-line information on their specific business case. The Helpdesk can inform EU SMEs about whether their planned business activities fall under EU sanctions, and the level of due diligence check required. Queries can be sent using the link to receive an expert reply within a few working days.
Information Materials
EU SMEs can download information materials from the website concerning EU sanctions and due diligence requirements pertaining to Iran’s business environment. The Helpdesk also publishes a regular newsletter which describes the due diligence approaches generally adopted in the emerging business sectors or interest to EU SMEs. News items are regularly posted on the Helpdesk website to keep EU SMEs up-to-date with the most important developments in the Iranian business environment.
The Helpdesk delivers webinars for EU SMEs conducting business in Iran. Introduced by renowned experts, they cover EU sanctions and other due diligence compliance requirements when conducting business in Iran.

* * * * * * * * * * * * * * * * * * * *  


(Source: EU Sanctions, 7 Oct 2020)
OFAC has issued General Licence 5E, which postpones until 19 January 2021 the authorisation for US persons to engage in transactions relating to the PdVSA 8.5 percent bond that that would otherwise be prohibited by Subsection 1(a)(iii) of Executive Order 13835 (as amended). General Licence 5E replaces and supersedes 5D in its entirety. A related FAQ has also been updated to reflect the new effective date of the licence. See Notice.


(Source: Steptoe, 6 Oct 2020)
* Principal Author: Edward J. Krauland

, Esq., 1-202-429-8083, Steptoe & Johnson LLP 
On October 1, 2020, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) and Financial Crimes Enforcement Network (FinCEN) published advisories on the sanctions and anti-money laundering (AML) risks of facilitating ransomware payments.
Ransomware attacks have become increasingly common in recent years with malicious attacks targeting companies in a variety of industries, including healthcare, technology, and education, among others.  Ransomware attacks typically involve a hacker breaching a company’s information technology (IT) infrastructure and encrypting a company’s data or other systems. The attacker then typically demands the victim pay a ransom in exchange for a decryption key that allows the victim to unlock the IT systems or data.  Such attacks can have severe consequences for the victim, often preventing the victim from being able to conduct business operations in whole or in part, and, in the case of healthcare companies such as hospitals, can potentially lead to loss of life, as reportedly occurred recently with a ransomware attack on a hospital in Germany.  Such inability to conduct business can also have ripple effects on other companies or individuals whose data is affected.  In some instances, an attacker may also threaten to disclose private information or data unless the ransom is paid.
As a result, victims of ransomware attacks often choose to pay the ransom.  However, because ransomware attackers rarely, if ever, identify themselves, and often demand payment in cryptocurrency, victims making such payments are generally forced to do so without a clear understanding of the recipient.  Such conduct potentially exposes the victim, and third party service providers (including financial institutions and incident response consultants, among others), to violations of and obligations under US sanctions and/or AML laws.
The OFAC and FinCEN advisories provide information to the public regarding the sanctions and AML risks to victims and third party service providers, including US financial institutions, who assist victims in responding to ransomware attacks.  While in many respects the guidance does not break new regulatory ground, it is a stark reminder of the way that those trying to deal with the consequences of a ransomware attack can find themselves in trouble with the US government.  This puts victims and companies that assist them in a difficult conundrum: don’t pay the ransom and potentially watch the victim company’s business get destroyed, or pay the ransom and run the risk of violating US sanctions and AML laws.  It is therefore imperative that victim companies and those in the business of facilitating ransom payments carefully consider the legal risks and evaluate potential ways to avoid or minimize them.
(1) Making or Facilitating Ransomware Payments May Violate OFAC Sanctions
The OFAC advisory notes that OFAC has designated a number of ransomware attackers as Specially Designed Nationals and Blocked Persons (SDNs).  US persons are generally prohibited from dealing with SDNs.  In addition, property and interest in property of SDNs must be blocked (i.e. frozen) when within the possession or control of a US person or within the United States, and must be reported by US persons to OFAC within 10 days after blocking.  Entities owned 50% or more by one or more SDNs are subject to the same restrictions.  Other attackers may not be included on the SDN List, but could be located in a jurisdiction subject to comprehensive US sanctions – currently, Iran, North Korea, Syria, Cuba, and the Crimea region of Ukraine – or could be affiliated with the governments of those jurisdictions, including any department, branches, state-owned enterprise, officers, or agents of the foregoing (and increasingly, Venezuela).  Generally speaking, US persons cannot engage in transactions with entities or persons in such jurisdictions, including the governments of such jurisdictions (and their state-owned or controlled entities).  There are no general licenses or exemptions available to US persons specific to ransomware attacks.
Dealings with SDNs and comprehensively sanctioned jurisdictions can also present risks to non-US persons when (1) their dealings have a US nexus, including use of the US financial system, which may “cause” a US person to violate sanctions, or (2) their dealings have no US nexus but are sanctionable under OFAC’s so-called “secondary sanctions” authorities, which target non-US persons who deal with SDNs, participate in specified industries in sanctioned countries, or support certain end uses of concern.
The OFAC advisory highlights that OFAC primary sanctions are a strict liability regime, meaning “that a person subject to U.S. jurisdiction may be held civilly liable even if it did not know or have reason to know it was engaging in a transaction with a person that is prohibited under sanctions laws and regulations administered by OFAC.”  This strict liability regime can present significant complications for victims of ransomware attacks and those assisting victims, who are often unable to definitively determine the identity of the attacker.
The OFAC advisory further notes that “financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”  It adds that “companies that engage with victims of ransomware attacks” should implement a “risk-based compliance program to mitigate exposure to sanctions-related violations” to “account for the risk that a ransomware payment may involve an SDN or blocked person, or a comprehensively embargoed jurisdiction.” Although it may be possible to identify the apparent jurisdiction of a ransomware attacker and/or where payments to the attacker are destined, this is not always the case given attackers’ ability to obfuscate their physical location.  Likewise, it may be very difficult to develop a risk-based compliance program when dealing with individuals or entities whose identity may be unknowable, even after extensive diligence efforts.  These risk-based compliance efforts are further complicated by the fact that victims of ransomware attacks, and the third parties who support them, are often given very little time to assess the situation and make a determination regarding how to respond.
(2) OFAC Encourages Victims to Report Ransomware Attacks
OFAC’s advisory notes:
Under OFAC’s Enforcement Guidelines, OFAC will also consider a company’s self-initiated, timely, and complete report of a ransomware attack to law enforcement to be a significant mitigating factor in determining an appropriate enforcement outcome if the situation is later determined to have a sanctions nexus. OFAC will also consider a company’s full and timely cooperation with law enforcement both during and after a ransomware attack to be a significant mitigating factor when evaluating a possible enforcement outcome.
OFAC seems to acknowledge the difficulty in obtaining certainty regarding the identity of ransomware attackers and indicates that it will take that difficulty into account so long as a self-initiated, timely, and complete report is made to law enforcement.  OFAC’s enforcement guidelines, including other enumerated mitigating and aggravating factors, are available here.
However, it is unclear if such mitigation credit is available only when “the situation is later determined to have a sanctions nexus” (emphasis added) as the first sentence quoted above indicates, as opposed to situations in which a sanctions nexus is known or suspected prior to making the payment.  The second sentence in the quoted language suggests that as long as there is cooperation with law enforcement “during and after” the attack, OFAC will take that into account.  On the other hand, OFAC would typically expect any person knowingly dealing with an SDN or other blocked person to apply for a specific license (i.e., written approval), regardless of any exigent circumstances, unless a general license or regulatory exemption exists.
(3) License Applications for Payments to Sanctioned Actors Subject to Presumption of Denial
In situations in which a party wishes to engage in conduct that would otherwise be prohibited, it is possible to request a specific license from OFAC authorizing such conduct.  However, OFAC’s guidance states “license applications involving ransomware payments demanded as a result of malicious cyber-enabled activities will be reviewed by OFAC on a case-by-case basis with a presumption of denial.”  This suggests OFAC will not generally approve license applications for ransomware payments to sanctioned persons, but may approve a license in certain limited instances depending upon the facts and circumstances.
The guidance also states, “OFAC encourages victims and those involved with addressing ransomware attacks to contact OFAC immediately if they believe a request for a ransomware payment may involve a sanctions nexus.”  OFAC’s licensing policy and request that parties contact OFAC as soon as a potential sanctions risks is identified has the potential to create a difficult bind for companies.  OFAC often takes weeks if not months to respond to license requests.  Such delay may be manageable in a normal commercial context where business transactions can be scheduled to take into account the long license application processing times of OFAC.  This typically is not the case, however, for a victim dealing with a ransomware attack that could have immediate and devastating business consequences for the victim and longer lasting liability and reputational consequences.  Moreover, as a recent ransomware attack on a German hospital reportedly shows, ransomware attacks can even threaten human life in some instances in the case of healthcare providers, if not addressed in a matter of hours.  It is possible OFAC would fast-track such license applications, but it did not explicitly state this contingency in the advisory.  But even an administrative fast track may not be fast enough to prevent severe consequences.
A further complication may exist in situations in which the connection to a sanctioned person is unclear.  OFAC generally refuses to issue licenses for theoretical or potential scenarios or where US jurisdiction is uncertain.  Perhaps OFAC would be willing to issue a license under a more uncertain set of facts when involving ransomware attacks, but this is not stated in the advisory.
(4) Entities Facilitating Ransomware Payments Could be Money Transmitters
Subject to FinCEN Registration and AML Compliance Requirements
FinCEN’s advisory notes that a number of third party service providers, including digital forensics companies, cyber security firms, and insurance companies, often assist victims in making payments of cryptocurrency to attackers.  According to FinCEN, “Depending on the particular facts and circumstances, this activity could constitute money transmission.”  Money transmitters acting in whole or in substantial part in the United States are considered a money services business (MSB), which is a type of US financial institution subject to AML regulations promulgated by FinCEN.  Among other requirements, MSBs must register with FinCEN, adopt a written AML compliance program with adequate policies and procedures, designate a chief compliance officer, provide training to appropriate personnel, and subject the compliance program to independent testing.  MSBs are also required to implement internal controls to assess risks and file suspicious activity reports (SARs) with FinCEN for transactions it believes may involve suspicious conduct, potentially including ransomware-related payments.
(5) FinCEN Publishes Red Flags for Financial Institutions
FinCEN’s advisory contains a list of 10 “red flag indicators” to “assist financial institutions in detecting, preventing, and reporting suspicious transactions associated with ransomware attacks.”  For example, red flag 5 describes a situation in which a financial institution’s customer “receives funds from a customer company and shortly after receipt of funds sends equivalent amounts to a [cryptocurrency] exchange.”  Red flag 4 states, “A transaction occurs between an organization, especially an organization from a sector at high risk for targeting by ransomware (e.g., government, financial, educational, healthcare), and [a digital forensics and incident response company or a cyber insurance company], especially one known to facilitate ransomware payments.”  Therefore, US financial institutions subject to AML compliance program requirements, including but not limited to MSBs, should consider whether these red flag indicators exist when deciding whether or not to file a SAR about a transfer.  As a result, victims should understand that a service provider may submit a SAR to FinCEN, even if a ransomware payment is processed and not blocked or reported to OFAC.
Concluding Observations
Both OFAC’s and FinCEN’s guidance may make financial institutions, including banks and MSBs, such as payment processors and cryptocurrency exchanges, reluctant or unwilling to handle payments related to ransomware and, potentially, unwilling to provide financial services to companies involved in assisting ransomware victims. Victims of ransomware may be paralyzed in how to address these situations if there is some red flag indicator of a potential sanctions or money laundering risk and, potentially, even in the absence of a red flag given the strict liability approach to sanctions enforcement.  As OFAC designates individuals and entities responsible for ransomware or other forms of cyber-related attacks, those victims threatened by ransomware need to be attentive of the risks.  In addition, payments to ransomware attackers located in comprehensively-sanctioned countries present significant risks to US persons, and potentially non-US persons.
A premium will be placed on conducting as much due diligence as possible, documenting those efforts, and contacting OFAC, FinCEN, and other US law enforcement as appropriate.  It is also possible that an emergency authorization from OFAC could be pursued.
From a broader policy perspective, it may be useful for OFAC to set up a special unit to handle such requests from ransomware victims in an expedited manner, and without a presumption of denial given the severe consequences of refusing ransom demands. The application of strict liability in enforcement actions involving activity that can often be conducted in an anonymous or pseudonymous manner may not be appropriate and OFAC could consider adopting an “actual knowledge” standard in these circumstances.  OFAC could also consider crafting an appropriate general license with a reporting obligation, which would serve OFAC’s interest in receiving potentially helpful information for the administration of its sanctions programs.  Given the truly “between a rock and a hard place” situation in which ransomware victims and those assisting them find themselves, some rethinking of this aspect of US sanctions programs may be warranted.  Similarly, FinCEN could consider issuing guidance that it will not penalize financial institutions that process transactions on behalf of ransomware victims so long as the financial institution makes a timely report to FinCEN and/or law enforcement regarding the transaction.

(Source: Wiggin, 6 Oct 2020) [Excerpts]
* Principal Author: Tahlia Townsend, Esq., 1-202-800-2473, Wiggin & Dana
Since January 2018, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), which administers most U.S. financial sanctions programmes, has imposed approximately $1.3 billion of civil penalties for violations of U.S. sanctions on non-U.S. companies or on U.S. companies based on the actions of their non-U.S. subsidiaries. 
The U.S. government has also imposed financial sanctions (asset freezes and inability to do any business with U.S. parties) on a significant number of foreign companies and individuals because they engaged in dealings with or for the benefit of targets of U.S. financial sanctions. The U.S. government has repeatedly demonstrated its intent to vigorously pursue foreign parties who engage in conduct contrary to U.S. financial sanctions. In the words of Deputy Assistant Secretary of State David Peyman: 
“[W]e are going to continue to aggressively enforce sanctions wherever a private sector or a government actor may be violating them. And we’re going to look towards enforcing them in a strategic way … to send a message across [] industry.” 1
The United States’ forceful assertion of authority to enforce U.S. financial sanctions programmes against non-U.S. parties is a significant trap for the unwary, with the potential for far-reaching adverse consequences. In addition to large fines, dealings with targets of U.S. sanctions – even when completely lawful in the jurisdiction where a party operates – may: create barriers to attracting U.S. investment, doing business with U.S. companies, or investing in U.S. businesses; put companies in breach of contractual obligations to their financial institutions; or even result in the imposition of financial sanctions. 


(Source: FD Associates)
* What:  Live Stream Webinar “ITAR for the Empowered Official & Compliance Personnel” — Agenda
* When:  Tues-Thursday 10-12 November 2020
* Where:  Your computer 
* Sponsor:  FD Associates
* Presenters: Jenny Hahn, President, FD Associates.   * Register HERE, call 1-703-847-5801, or email info@fdassociates.net


* * * * * * * * * * * * * * * * * * * *


EN_a114. Bartlett’s Unfamiliar Quotations

(Source: Editor)

James Whitcomb Riley (7 Oct 1849 – 22 Jul 1916; was an American writer, poet, and best-selling author. During his lifetime he was known as the “Hoosier Poet” and “Children’s Poet” for his dialect works and his children’s poetry. His poems tend to be humorous or sentimental. Of the approximately 1,000 poems Riley wrote, the majority are in dialect.)
  – “The most essential factor is persistence – the determination never to allow your energy or enthusiasm to be dampened by the discouragement that must inevitably come.”
Niels Bohr (Niels Henrik David Bohr, 7 Oct 1885–18 Nov 1962, was a Danish physicist who made foundational contributions to understanding atomic structure and quantum theory, for which he received the Nobel Prize in Physics in 1922. Bohr was also a philosopher and a promoter of scientific research.)
  – “An expert is a person who has made all the mistakes that can be made in a very narrow field.”
* * * * * * * * * * * * * * * * * * * *


The official versions of the following regulations are published annually in the U.S. Code of Federal Regulations (C.F.R.), but are updated as amended in the Federal Register.  The latest amendments are listed below.
Latest Update 


5 Apr 2019: 84 FR 13499:

Civil Monetary Penalty Adjustments for Inflation. 
6 Oct 2020: 85 FR 63011:  Information Sharing for Purposes of Judicial Review.

DOC FOREIGN TRADE REGULATIONS (FTR): 15 CFR Part 30.   24 Apr 2018: 83 FR 17749: Foreign Trade Regulations (FTR): Clarification on the Collection and Confidentiality of Kimberley Process Certificates.  

: DoD 5220.22-M. Implemented by Dep’t of Defense. 

18 May 2016: Change 2: Implement an insider threat program; reporting requirements for Cleared Defense Contractors; alignment with Federal standards for classified information systems; incorporated and cancelled Supp. 1 to the NISPOM (Summary here.)  
DOE ASSISTANCE TO FOREIGN ATOMIC ENERGY ACTIVITIES: 10 CFR Part 810.    23 Feb 2015: 80 FR 9359: comprehensive updating of regulations, updates the activities and technologies subject to specific authorization and DOE reporting requirements. 

15 Nov 2017, 82 FR 52823: miscellaneous corrections include correcting references, an address and a misspelling.

DOJ ATF ARMS IMPORT REGULATIONS: 27 CFR Part 447-Importation of Arms, Ammunition, and Implements of War. 
14 Mar 2019: 84 FR 9239: Bump-Stock-Type Devices.


28 Sep 2020: 85 FR 60874: Temporary Amendment for Republic of Cyprus. The latest edition of the BITAR is 28 Sep 2020. 

DOT FOREIGN ASSETS CONTROL REGULATIONS (OFAC FACR): 31 CFR, Parts 500-599, Embargoes, Sanctions, Executive Orders
International Criminal Court-Related Sanctions Regulations.

1 Jan 2019: 19 USC 1202 Annex.
  – HTS codes for AES are available here.
  – HTS codes that are not valid for AES are available here.

* * * * * * * * * * * * * * * * * * * *
The Daily Bugle Archive

Are you searching for updates from the past editions of the Daily Bugle? 

We publish a list of over 100 trade compliance job openings every day.

Submit your job for free.
PermanentJobListView All Job Openings

Are you looking for a new job in trade compliance? Click here to see the current job openings.

We publish a list of over 100 trade compliance events every day. Submit your event for free.

PermanentJobListView All Events

Are you looking for an upcoming event?   Click here to see upcoming events.

Scroll to Top