17-0613 Tuesday “Daily Bugle”

17-0613 Tuesday “Daily Bugle”

Tuesday, 13 June 2017

TOPThe Daily Bugle is a free daily newsletter from Full Circle Compliance, containing changes to export/import regulations (ATF, Customs, NISPOM, EAR, FACR/OFAC, FTR/AES, HTSUS, and ITAR), plus news and events. Subscribe 
for free subscription.
Contact us
 for advertising inquiries and rates.

[No items of interest noted today.]  

  1. Ex/Im Items Scheduled for Publication in Future Federal Register Editions
  2. Commerce/BIS: (No new postings.)
  3. DHS/CBP Announces ACE CERTIFICATION Outage, 14 Jun
  4. DOJ’s David Laufman’s Speech to AUECO on 16 May 2017 – Part 2
  5. Justice: “Israeli Executive Sentenced to Prison for Defrauding the Foreign Military Financing Program”
  6. State/DDTC: (No new postings.)
  7. EU Amends Restrictive Measures Concerning North Korea
  1. The Border Mail: “Global Arms Dealer Seeks Right to Racially Discriminate”
  2. Reuters: “U.S. Weighs Sanctions on Countries Doing Business with North Korea”
  1. M. Volkov: “The Challenge of Auditing and Monitoring Your Distributors”
  2. R.C. Burns: “Sales Clerk Charged with Illegal Exports Given New Trial”
  1. Bartlett’s Unfamiliar Quotations 
  2. Are Your Copies of Regulations Up to Date? Latest Changes: ATF (15 Jan 2016), Customs (27 Jan 2017), DOD/NISPOM (18 May 2016), EAR (26 May 2017), FACR/OFAC (10 Feb 2017), FTR (19 Apr 2017), HTSUS (26 Apr 2017), ITAR (11 Jan 2017) 
  3. Weekly Highlights of the Daily Bugle Top Stories 


[No items of interest noted today.]

* * * * * * * * * * * * * * * * * * * * 


OGS_a11. Ex/Im Items Scheduled for Publication in Future Federal Register Editions

(Source: Federal Register)

* Commerce; Industry and Security Bureau; RULES; Wassenaar Arrangement 2015 Plenary Agreements Implementation, Removal of Foreign National Review Requirements, and Information Security Updates; Corrections [Publication Date: 14 June 2017.]
* Commerce; International Trade Administration; NOTICES; Requests for Nominations: District Export Council [Publication Date: 14 June 2017.]
* U.S. Customs and Border Protection; NOTICES; October 2017 Customs Broker’s License Examination [Publication Date: 14 June 2017.]

* * * * * * * * * * * * * * * * * * * *

OGS_a22. Commerce/BIS: (No new postings.)


* * * * * * * * * * * * * * * * * * * *

. DHS/CBP Announces ACE CERTIFICATION Outage, 14 Jun

CSMS #17-000342, 13 June 2017.)
There will be an ACE CERTIFICATION Outage Wednesday evening, 14 June 2017 from 1700 ET to 2000 ET for infrastructure maintenance.

* * * * * * * * * * * * * * * * * * * *

Thank you for the opportunity to talk with you today.  And thanks for everything you do to promote compliance with U.S. export control and sanctions laws.
I’d like to begin by providing a brief orientation on where criminal enforcement of export controls and sanctions fits within the structure of the government writ large and the Department of Justice, what our strategic priorities are at the Justice Department, and what our approach is in working with our enforcement partners.

Within the U.S. Government, responsibility for the criminal enforcement of U.S. export control and sanctions laws is vested in the Justice Department.  And within the Justice Department, that responsibility is vested in the National Security Division (“NSD”) — because we regard this enforcement mission as a matter of national security.  NSD was established by Congress in 2006 as the Justice Department’s first new litigating division in almost 50 years, and its organizing principle is to unite prosecutors and law enforcement officers with the U.S. Intelligence Community to ensure that we approach national security threats using every tool and resource available to the federal government.
          The enforcement of export control and sanctions laws is among the highest priorities of NSD- – as evidenced by the name of the section within NSD that I lead:  the Counterintelligence and Export Section (“CES”).  And we regard the enforcement of U.S. export control and sanctions laws as part of a seamless effort to protect critical national assets.
CES has responsibility for investigating and prosecuting all national security matters other than terrorism.  In addition to our responsibility for enforcing export control and sanctions laws, CES is responsible for investigating and prosecuting espionage; the mishandling of classified information; economic espionage (i.e., the theft of trade secrets benefiting a foreign government, instrumentality, or agent); and cyber offenses committed by nation states and their proxies. 
          In the export control and sanctions arena, we investigate and prosecute violations of:
  • The Arms Export Control Act, and the International Traffic and Arms Regulations (“ITAR”);
  • The Export Administration Regulations, currently in force through executive orders issued under the International Emergency Economic Powers Act (“IEEPA”);
  • Various sanctions programs subject to IEEPA, administered by the Department of the Treasury; and
  • The Trading with the Enemy Act.
We investigate and prosecute a broad spectrum of conduct for violations of these statutes and regulations.  But we have established several strategic enforcement priorities:
  • First:  export control and sanctions violations involving weapons of mass destruction.
  • Second:  export control and sanctions violations relating to terrorist activities.
  • Third:  export control violations involving China’s defense establishment.
  • Fourth:  the cyber exfiltration of export-controlled data.
  • Fifth:  violations of export control and sanctions laws by corporate entities and officials.
  • Sixth:  proliferation financing.
In carrying out our enforcement mission, we partner with other federal prosecutors in U.S. Attorney’s Offices throughout the United States.  We also work closely with our law enforcement and regulatory partners, such as the FBI, the Bureau of Industry and Security at the Commerce Department, the Office of Foreign Assets Control (“OFAC”) at the Department of the Treasury; and the Directorate of Defense Trade Controls at the State Department.  Our work also requires us to coordinate closely with the U.S. Intelligence Community.
This dynamic connectivity with our partners throughout the U.S. government is now engrained in our enforcement operations.  Because while we will exhaust all viable options for bringing criminal prosecutions, criminal prosecution sometimes may not be an option; or, in a given case, other options may be preferable.  We therefore pursue a whole-of-government approach in which all levers of federal legal authority are considered.  This approach was on display most recently in the landmark prosecution of Chinese telecommunications giant ZTE, in which the Commerce Department’s use of the Entity List played a critical role in bringing about ZTE’S cooperation in our criminal investigation and, ultimately, a global resolution of the case involving the Justice Department, the Commerce Department, and the Department of the Treasury.

          The challenges you face as compliance professionals at American universities need to be considered in the broader context of the national security threats the United States is facing today.  Our adversaries are engaged in a relentless effort to steal U.S. technology and proprietary intellectual property, including information controlled for export.  I particularly want to raise your consciousness regarding the cyber threat, because the cyber-enabled theft of export-controlled data is a growing problem.
          Every sector of our economy is now a target of malicious cyber activity:
  • energy industry
  • financial institutions
  • healthcare industry
  • agriculture
  • biotechnology
  • defense industry
  • critical infrastructure
  • and, as seen in the 2014 North Korean attack on Sony Pictures Entertainment, even the entertainment industry
Experience has now demonstrated that academic institutions in the United States are also vulnerable, and subject to cyber attacks and intrusions by nation states and their proxies.  You’re an attractive target:  your faculty members engage in cutting-edge research and development with commercial and sometimes military applications — which resides on your computer networks.  Vulnerability to cyber attacks and intrusions comes in many forms:  inadequate network security, poor cyber security hygiene by faculty members or administrative personnel, and the compromise of supply chains.
In May 2015, Penn State University publicly announced that it had been the victim of two cyber attacks at its College of Engineering, including one in 2012 that originated in China.  In August 2015, the University of Virginia announced that it had experienced an intrusion originating in China, causing it to shut down portions of its technology systems.  In July 2015, the Defense Department issued a warning about “hackers affiliated with a known foreign intelligence agency” who were targeting academic institutions as well as government contractors.
          But the risk of losing export-controlled information through malicious cyber activity is only one among several vulnerabilities you confront.  More obvious risks concern the very nature of academic institutions, which, naturally, place a high premium on an open environment facilitating a free flow of information and ideas.  That worthy ideal can sometimes be in tension with the need to protect against the unlawful export of controlled information or data.  As I mentioned previously, some of your schools are engaged in research involving export-controlled information.  Faculty members working on projects involving export-controlled technology may seek to travel overseas for conferences with digital devices or media containing such information.  Foreign students may be serving as research assistants and be exposed to export-controlled information.  
The latter, of course, implicates the risk of “deemed exports.”  As you know, the Export Administration Regulations define a deemed export as the release of technology or source code subject to the E.A.R. to a foreign national in the United States, as such a release is “deemed” to be an export to the home country of the foreign national.  Situations that can involve the release of U.S. technology or software constituting an unlawful deemed export may include research and development activities, tours of laboratories, the hosting of foreign scientists, and — as mentioned previously — foreign students or scholars conducting, or being exposed to, research.
Similar restrictions exist under the ITAR, as seen in the successful prosecution of John Roth, a professor at the University of Tennessee, several years ago.  As you know, “defense articles” subject to ITAR controls include “technical data,” which is defined to include “information, other than [certain] software…which is required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of defense articles.”  No technical data may be exported from the United States without a license or written approval from the U.S. Department of State, and the term “export” is defined to include the disclosure or transfer of technical data to a foreign person, whether in the United States or abroad.
Working with foreign universities — which might otherwise seem like the normal exchange of academic research — also presents risks.  In September 2016, in Orlando, Florida, an individual by the name of Amin Yu was convicted, by means of a guilty plea, of acting in the United States as an illegal agent of a foreign government — China — without prior notification to the Attorney General.  Yu also was convicted of conspiring to commit international money laundering. 
I mention this case because of the foreign academic institution involved in the case.  According to her plea agreement, from at least 2002 to February 2014, at the direction of co-conspirators working for Harbin Engineering University in China — a Chinese government controlled entity — Yu obtained systems and components for marine submersible vehicles from companies in the United States.  She then sent those items to China for use by her co-conspirators in the development of marine submersible vehicles, including unmanned underwater vehicles, remotely operated vehicles, and autonomous underwater vehicles for Harbin and other state-controlled entities.  Yu violated U.S. laws by failing to file Electronic Export Information (“EEI”), as required by U.S. law, and by also filing false EEI.  Specifically, she completed and caused the completion of export-related documents in which she significantly undervalued the items that she had exported.

          As I mentioned, the Justice Department investigates and prosecutes potential criminal violations of the Arms Export Control Act and the ITAR, violations of the Export Administration Regulations, and violations of IEEPA in connection with sanctions programs administered by OFAC.   But there is a significant factor that must be present in a case in order for us to pursue a criminal prosecution.  Regardless of which statutory or regulatory regime is at issue, in each case we must be able to prove, beyond a reasonable doubt:
  • That an export or attempted export occurred;
  • That the item exported was a defense article on the U.S. Munitions List, was on the Commerce Control List, or went to a prohibited destination;
  • That the defendant failed to get a license from the Department of State, Department of Commerce, or Department of Treasury;
  • And that the defendant acted willfully.
Willfulness is often the key issue in our criminal prosecutions of export control and sanctions violations, and there is a consensus among the courts on how willfulness should be defined.  An act is done willfully if it is committed with the knowledge that it was prohibited by law, or was done in disregard of a known legal obligation.  The government must prove that the defendant acted with knowledge that his conduct was unlawful.  While the government must show that the defendant knew his conduct was unlawful, it is not necessary for the government to show that the defendant was aware of the specific law or rule that his conduct violated.  In other words, the government is not required to prove that the defendant had read, was aware of, or had consulted the U.S. Munitions List, the Commerce Control List, Treasury sanctions regulations, or the licensing provisions of ITAR, the Export Administration Regulations, or OFAC.  The government simply must prove, beyond a reasonable doubt, by reference to facts and circumstances surrounding the case, that the defendant knew his conduct was unlawful.
The Roth case provides a good example of the application of the willfulness standard.  In that case, the government charged Roth, among other things, with conspiracy to commit an offense against the United States with regard to the violation of the Arms Export Control Act to defraud the United States.  Roth was also charged with fifteen counts of separate unlawful exports of defense articles and services in violation of the AECA.  As the U.S. Court of Appeals for the Sixth Circuit made clear in its opinion affirming Roth’s conviction – following a jury trial in which Roth was convicted on all counts — the record contained ample evidence of willfulness.
Roth was a professor of electrical engineering at the University of Tennessee at Knoxville, and a published author in the field of plasma technology.  He worked as a consultant on a U.S. Air Force defense research project which had been awarded to Atmospheric Glow Technologies, Inc. (“Atmospheric”) in Knoxville, which concerned developing plasma technology for use on military aircraft.  The government charged Roth with exporting data from the project on a trip to China, and with giving two foreign nationals in Knoxville access to certain data and equipment in violation of the AECA.
Evidence of willfulness included the following:
  • At or around the time that Atmospheric was awarded the Air Force contract, an official at Atmospheric (who was a former student of Roth) told Roth that the project would be paid for with “6.2” funds, which Roth knew meant that the research would be subject to export control laws prohibiting allowing access to the research outside the United States or to foreign nationals unless a license had been obtained.
  • Roth knew the project was military in nature, and signed a subcontract between him and Atmospheric acknowledging that work on a portion of the project was subject to export controls.
  • Both Atmospheric’s contract with the Air Force, and its subcontract with Roth, incorporated federal regulations prohibiting foreign nationals from working on the project. 
  • Roth did not believe that one of his graduate research assistants, a Chinese national, needed to be shielded from project data that was export-controlled, and gave the Chinese research assistant access to such data.  Roth also gave the Chinese research assistant, as well as an Iranian graduate student, access to a device developed for the project that was a defense article.
  • The university officer in charge of export controls explicitly told Roth that she had determined that data from the research project was export-controlled, resulting in the removal of the Chinese national from the project.  Knowing of Roth’s upcoming trip to China, the university officer also obtained Roth’s agreement that he would not take any data from the project to China.
  • Nonetheless, when Roth subsequently traveled to China to lecture at universities regarding his work, he took with him both hard copies and digital media containing project information controlled for export, as well as a laptop computer containing a copy of a proposal for another contract with the Defense Advance Research Projects Agency containing marked, export-controlled information from Boeing’s Weapons Division. 
  • While in China, Roth had his Chinese research assistant send him a copy of a paper containing export-controlled data from the Atmospheric project for the Air Force, by way of a Chinese professor’s email address.  He also later gave his Iranian graduate student access to the paper.
In sum, given all this, it’s not hard to understand why the Sixth Circuit rejected Roth’s claim on appeal that there was insufficient evidence to support the jury’s finding that he acted willfully.

          So:  what steps can your universities take to avoid becoming the subject of a judicial opinion on export control or sanctions violations?  It begins, of course, with creating a culture of compliance.  And what’s needed at universities is no different than what we preach to U.S. corporations.  It starts with tone at the top:  a clear commitment from senior university officials that faculty members and staff are expected to comply with all applicable laws relating to their work.  That means empowering compliance officers with the necessary resources and authority to promote compliance, and providing appropriate training and guidance for faculty members engaged in work with export control or sanctions implications.  It means implementing and maintaining appropriate, lawful auditing mechanisms to monitor compliance as needed.  It means the implementation of meaningful remedial measures if unlawful conduct is discovered, including appropriate accountability for faculty members or staff who may have violated the law.
          And finally, a fully robust export control and sanctions compliance program now means also having in place strong computer network defense measures, as well as a cyber incident defense plan.

Meanwhile, with respect to your own networks, there are certain best practices that you should have in effect.
  • First:  Identify critical data on your networks (i.e., your “crown jewels”), and institute appropriate security measures to appropriately protect that data.
  • Second:  Review and adopt risk management practices found in guidance such as the cybersecurity framework developed by the National Institute of Standards and Technology.
  • Third:  Create an actionable incident response plan, with specific procedures to follow in the event of a cyber incident, including procedures for notifying law enforcement.  Rehearse that plan.  And make sure you have a hard copy of the plan in case your network is disabled.
  • Fourth:  Have the technology in place (or ensure it is easily obtainable) that will be used to address an incident.
  • Fifth:  Have authorizations in place to permit lawful network monitoring.
  • Sixth:  Ensure that legal counsel is sufficiently familiar with technology and cyber incident management to minimize response time during an incident.
  • Seventh:  Align other university policies with your incident response plan, such as human resources and personnel policies.
  • EighthBefore a cyber incident occurs, establish relationships with relevant law enforcement agencies, outside counsel, and investigative and cybersecurity firms that you may require in the event of a cyber incident.  The former General Counsel and Executive Vice President of Sony has publicly stated that contact information she had obtained from an FBI official during a previous non-cyber security incident proved vital in the immediate aftermath of the cyber attack when she needed immediate government assistance.  If you don’t know the name and contact information of who you will call in the event of a cyber incident, then you don’t yet have an incident response plan.
And let me say a few words about the benefits of working closely with the government in the event of a cyber incident.  First, when it comes to our working with you in the wake of a cyber incident, we abide by the Hippocratic Oath:  “First, do no harm.”  We understand that a university which has experienced a significant cyber attack or intrusion already has suffered a serious trauma.  And neither the Justice Department, nor the FBI, has any desire to re-victimize the university.  We take all reasonable measures, for example, to minimize any disruptions to your networks or university operations.  FBI agents won’t show up at the university wearing raid jackets, nor will they need to box up and remove your servers.  For reasons I’ll describe momentarily, agents will need access to your networks to deal with the intrusion; but all they will need, at least initially, is information contained on your network logs – not the substantive content of files.
There are substantial benefits to working with the government early, and collaboratively, after a cyber incident.
When cyber intrusions occur, it is critically important to establish attribution — that is, to be able to attribute online intrusions with confidence down to the country, government agency, organization, or even individuals involved.  By working with law enforcement from the inception of a cyber incident, you put your yourselves and the government in the best possible position to find out exactly what happened — and to remediate and prevent further damage.  Critical forensic evidence is often fleeting.  Consequently, early notification and access to the data is extremely important.  The government may have seen the same indicators of malicious cyber activity in other contexts.  Combining your information with other information the government possesses may enable us to determine who was responsible — and to identify possible impacts to your computer network and means of remediation.  Keep in mind that because we investigate numerous cyber incidents every year, we have the advantage of seeing the big picture across a wide spectrum of incidents nationally and internationally — giving us insights that can quickly be applied to your cyber incident.
Working with the government may allow us to share information with you to take necessary remedial measures and protect against future intrusions – and, from a broader, national security perspective, to identify other potential victims who are vulnerable to similar attacks.  For example, within 24 hours of learning about the Sony Pictures Entertainment attack, the U.S. government disseminated information and malware signatures to other companies to update their cyber defenses so they could take preventive action. 
We don’t want our partnership with victims of cyber incidents to be a one-way street, and we have repeatedly demonstrated that commitment.  In the case involving Iranian cyber attacks on the New York financial sector, the government worked closely with over forty financial institutions that were victimized in the attacks to share indicators that they could use to mitigate those attacks, and to address their concerns about cooperating with the government.  In the Sony case – according to the victim itself — the Department of Justice and FBI, in particular, surged resources in the immediate aftermath of the attack and engaged with the victim in an extraordinary partnership that was instrumental in helping Sony identify and respond to damage to its network — while enabling the government to obtain information necessary to attribute responsibility for the attack.
We can provide you with information to protect your networks, and may be able to take actions to disrupt and deter the attackers that you cannot take by yourselves under applicable laws.  Law enforcement may be able to use legal authorities and tools that are unavailable to non-governmental entities, and to enlist the assistance of international law enforcement partners to locate stolen data or identify the perpetrator.
The government also is not limited to helping you solely in the aftermath of a cyber intrusion.  As I mentioned earlier, we can share sensitive information to help you defend against attacks in real time, and to engage in appropriate disruption efforts.  In the past year alone, the FBI presented over three dozen classified, sector-specific briefings to companies.  Again:  the threat you face may include hackers with the full backing of their government and sophisticated, international criminal syndicates.  You should not have to face that threat alone.
          Ultimately, the goal here is to enable universities to thrive as marketplaces of ideas and engines of research and development, while ensuring that any work performed with implications for U.S. export control or sanctions programs is conducted in a manner consistent with the law and our national security interests.
Thank you again for the work you do in furtherance of compliance, and thanks again for inviting me to be with you today.

* * * * * * * * * * * * * * * * * * * * 

. Justice: “Israeli Executive Sentenced to Prison for Defrauding the Foreign Military Financing Program”

(Source: Justice) [Excerpts.]
A former executive of an Israel-based defense contractor was sentenced today to 30 months in prison for his role in multiple schemes to defraud a multi-billion dollar United States foreign aid program, the Department of Justice announced.
After being extradited from Bulgaria in October 2016, Yuval Marshak pleaded guilty to one count of mail fraud, two counts of wire fraud and one count of major fraud against the United States in U.S. District Court for the District of Connecticut on 13 March 2017. In addition to his prison sentence, he was ordered to pay restitution to the U.S. Department of Defense (DoD) in the amount of $41,170 and pay a criminal fine of $7,500. …
According to court documents, Marshak carried out three separate schemes between 2009 and 2014 to defraud the DoD’s Foreign Military Financing (FMF) program. Marshak and others falsified bid documents to make it appear that certain FMF contracts had been competitively bid when they had not. Marshak further caused false certifications to be made to the DoD stating that no commissions were being paid and no non-U.S. content was used in these contracts, when, in fact, Marshak had arranged to receive commissions and to have services performed outside the United States, all in violation of the DoD’s rules and regulations. Marshak arranged for these undisclosed commission payments to be made to a Connecticut-based company that was owned by a close relative to disguise the true nature and destination of these payments.
The United States spends billions of dollars each year through the FMF program to provide foreign governments, including Israel, with money which must be used to purchase American-made military goods and services. The rules and regulations of the FMF program require the disclosure of and approval for any FMF-funded commissions and require that all goods and services be of U.S. origin to qualify for FMF funding. These same rules also strongly encourage the use of competitive bidding in the award of all FMF contracts. American vendors who receive FMF funded contracts are required to certify their compliance with these regulations to the DoD. …

* * * * * * * * * * * * * * * * * * * *

. State/DDTC: (No new postings.)

(Source: State/DDTC)

* * * * * * * * * * * * * * * * * * * *

. EU Amends Restrictive Measures Concerning North Korea

  – Commission Implementing Regulation (EU) 2017/993 of 12 June 2017 amending Council Regulation (EC) No 329/2007 concerning restrictive measures against the Democratic People’s Republic of Korea
  – Council Decision (CFSP) 2017/994 of 12 June 2017 amending Decision (CFSP) 2016/849 concerning restrictive measures against the Democratic People’s Republic of Korea

* * * * * * * * * * * * * * * * * * * *


NWS_a18. The Border Mail: “Global Arms Dealer Seeks Right to Racially Discriminate”

A global arms dealer is applying to the Victorian Civil and Administrative Tribunal for the right to legally racially discriminate against workers who access top-secret material.
Defence giant BAE Systems will apply for an exemption from the Equal Opportunity Act 2010 at VCAT on 7 August, arguing that only Australian citizens should be permitted to handle sensitive defence material, due to strict US regulations.
  “Heavy fines and other significant penalties may be imposed on the US exporter and on BAE Systems if International Traffic in Arms Regulations (ITAR) controlled material is shared with people of a nationality which has not been approved by the US State Department,” the company states on its website.
  “Such conduct might include taking an employee or applicant’s nationality into account when determining whether that person will be offered a role or allocated work that involves access to ITAR controlled material.”
BAE Systems has its head office in South Australia and a base in Williamstown, Melbourne.
Those with dual citizenship, and people who are “not of Australian national origin” will be excluded from certain jobs, according to BAE’s website.
In 2012, the company was granted a five-year exemption in 2012, following another successful exemption in 2008, granted by then deputy president Cate McKenzie, who referred to the recruitment strategy as a “blunt and imperfect instrument”.
The company has been granted exemptions from sections of equal opportunity legislation in South Australia, New South Wales and the ACT.
In 2015, Sri Lanka-born Gardi Hewapanna Meringnage, known as Mr Gardi, made a submission to the tribunal arguing against the exemption, but was unsuccessful.
VCAT member Anna Dea said his submissions “were a reminder that, in granting an exemption, there is a real risk that Victorians will miss out on the opportunity to find work with BAE Defence. Those matters weigh against granting an exemption.
  “The use of nationality and national origin information to make determinations about access to controlled material is unsatisfactory from a human rights and equal opportunity point of view.
  “However, the current circumstances are such that race-based assessment is still one of the tests which the Australian and US governments have determined to be appropriate in this area.
  “It is to be hoped that more movement towards individual assessment without regard to protected attributes will be the way of the future.”
* * * * * * * * * * * * * * * * * * * *

NWS_a29. Reuters: “U.S. Weighs Sanctions on Countries Doing Business with North Korea”

Reuters) [Excerpts.]
The United States is weighing imposing sanctions on countries that do business with North Korea and looking for ways to revive strained relations with Russia, U.S. Secretary of State Rex Tillerson said on Tuesday. …
Washington has sought to increase economic and political pressure on Pyongyang because of its nuclear and ballistic missile programs. The North has conducted five nuclear tests and is believed to be making progress toward an intercontinental ballistic missile that could hit the United States.
Tillerson said Washington is discussing North Korea with all of its allies, and seeing some response from China, its biggest trading partner. He said North Korea would top the agenda at next week’s high-level talks between U.S. and Chinese officials.
Tillerson said the United States would have to work with other countries to deny North Korea access to basics such as oil and will have to consider whether to impose sanctions on those doing business with North Korea.
  “We are in a stage where we are moving into this next effort of, ‘Are we going to have to, in effect, start taking secondary sanctions because countries we have provided information to have not, or are unwilling, or don’t have the ability to do that?'” Tillerson told the Senate Foreign Relations Committee.
Because the United States has no trade with the North, its strongest way to impose economic pressure is through “secondary sanctions” that threaten companies from third countries with losing access to the U.S. market if they deal with Pyongyang. …
* * * * * * * * * * * * * * * * * * * *


Volkov Law Group Blog. Reprinted by permission.)
* Author: Michael Volkov, Esq., Volkov Law Group, mvolkov@volkovlaw.com, 240-505-1992.
Whether you are in the high-tech industry and managing your channel partners (i.e. third-party distribution network), the pharmaceutical and medical device industry managing a complex network of distributors and sub-distributors, or any other industry relying on third-party distributors, chief compliance officers face a number of challenges managing and mitigating risks.
To state the obvious, a company relying on distributors, by definition, has less control over the conduct of its distributors (and sub-distributors) than its own sales employees. A company has to manage its relationship with distributors primarily through its contracts and informal understandings and communications. The range of such relationships can be informal, without a contract, to a complex set of contracts and formalized understandings.
There are two common types of distributors. From the pure business standpoint, most distributors maintain a buy-sell relationship where they purchase products from the company and resell the items at a price set by the distributor. The “buy-sell” distributors are sometimes characterized as company “customers,” but in fact they are really acting as intermediaries in the sale of company products to sub-distributors and final customers/users. A less common model is for companies to supply a distributor on “consignment,” meaning the distributor does not pay a company for its product until the distributor sells the product.
When assessing bribery risks, it is important to focus on potential sources of funds for distributors to use to pay bribes. First, and most significant, is the margin that distributors earn. The distributor sets the price, subject to competitive forces, and seeks to maximize its profits. Second, some companies provide their distributors with financial and marketing benefits, including rebate programs and marketing/promotion funds. The level of risk requires companies to monitor these programs, audit the use of funds, and make sure that distributors are not siphoning off money to fund bribery schemes.
In the high-tech industry in particular, companies provide significant marketing support to promote business development. Distributors use these funds for a variety of promotional programs, some of which operate close to the line between legitimate marketing and corrupt influence activities. As a consequence, high-tech companies have to audit and monitor their distributors, requiring documentation and proof of legitimate marketing activities.
To address distributor risks, companies rely on a mix of mitigation strategies, including comprehensive written representations and warranties; training; annual certifications; and monitoring of activities; and audit programs.
Companies have to move beyond “standard” contract provisions that have become “routine” over the last few years. Of course, a company has to secure appropriate compliance representations and warranties, and audit and termination provisions. As risk assessments and third-party strategies evolve, companies should look to tailoring additional provisions to the “specific” risk for a distributor.
Additional provisions have to be crafted for distributors’ relationships with sub-distributors, and sub-sub-distributors. Assuming that the company is only in privity with the distributor, the company has to leverage its relationship with the distributor to impose requirements on the distributor to exercise oversight responsibility of the sub and sub-sub-distributors in its distribution chain. In this area, companies should consider requiring distributors to seek company approval of a sub-distributor before engaging the sub-distributor to sell the company’s products.
Many companies have secured appropriate audit provisions from their distributors. Companies have to exercise these audit clauses to maintain their credibility and commitment to risk mitigation, and should include distributors in the development of its annual audit plan. The key here is to conduct compliance and financial audits using a range of tools and strategies. A company that limits its audits to only formal, financial audits is unnecessarily restricting its audit capabilities to mitigate risks.
New and cutting-edge monitoring strategies are being developed to ensure that companies focus on high-risk distributors and flag those for follow-up inquiries and audits. With the advent of third-party management technologies, companies can free up resources to develop monitoring tools to capture and mitigate high-risk distributors.

* * * * * * * * * * * * * * * * * * * *

COMM_a211. R.C. Burns: “Sales Clerk Charged with Illegal Exports Given New Trial”
Export Law Blog
. Reprinted by permission.)
* Author: R. Clifton Burns, Esq., Bryan Cave LLP, Wash DC,
, 202-508-6067) [Excerpts.]
Almost a year ago, I commented on the fate of a lowly sales clerk, Anastasia Diatlova, in the prosecution of Alexander Fishenko, his company Arc Electronics, and employees of Arc for exports of various items to Russia without a license. Ms. Diatlova, the most junior sales clerk in the organization, had refused a plea of time served and gone to trial. This infuriated the prosecutors who took that offer off the table when a jury convicted Ms. Diatlova. Last month, however, Ms. Diatlova was granted a new trial on the export charges. The district court, in granting the new trial, held that there was insufficient evidence that Ms. Diatlova knew that it was illegal to ship the item in question.
The court described the evidence of criminal intent presented by the prosecution as follows:
(1) Diatlova received training on export controls and was aware that microelectronics, when mailed to Russia, are “generally subject to U.S. export control laws (emphasis added);” (2) the higher-ups at Arc (Fishenko, Posobilov and Abdullaev) “routinely lied and fabricated documents in order to evade export control restrictions”; (3) Diatlova filled out a “End-Use Certification/Statement of Assurance” indicating that the end user was Izhevsky Radio Plant, when the recipient was instead Atrilor, LTD, making her, at a minimum, guilty of aiding and abetting the illegal shipment of that part; and that proof exists that she was aware in April of 2012, upon arrest, that the part at issue was restricted.
The court held that allowing the jury verdict to stand “would constitute a ‘manifest injustice’ in light of the flimsiness of this evidence,” noting quite reasonably that her knowledge about the export at the time of arrest had little bearing on her knowledge as of the time of the export. Nor could the illegal intent of other employees be attributed to her. The court did not even comment on the export control training, implicitly rejecting the notion that training alone can lay the groundwork for subsequent criminal prosecution. Finally, putting the wrong end-user on the end-use certificate was seen as the court as a sufficient predicate to let Ms. Diatlova’s conviction for wire fraud stand but not as proof that she knew the export was illegal. ….
* * * * * * * * * * * * * * * * * * * *


* * * * * * * * * * * * * * * * * * * *

. Are Your Copies of Regulations Up to Date?
(Source: Editor)

The official versions of the following regulations are published annually in the U.S. Code of Federal Regulations (C.F.R.), but are updated as amended in the Federal Register.  Changes to applicable regulations are listed below.
: 27 CFR Part 447-Importation of Arms, Ammunition, and Implements of War
  – Last Amendment: 15 Jan 2016: 81 FR 2657-2723: Machineguns, Destructive Devices and Certain Other Firearms; Background Checks for Responsible Persons of a Trust or Legal Entity With Respect To Making or Transferring a Firearm 
: 19 CFR, Ch. 1, Pts. 0-199
  – Last Amendment: 27 Jan 2017: 82 FR 8589-8590: Delay of Effective Date for Importations of Certain Vehicles and Engines Subject to Federal Antipollution Emission Standards [New effective date: 21 March 2017.]; and 82 FR 8590: Delay of Effective Date for Toxic Substance Control Act Chemical Substance Import Certification Process Revisions [New effective date: 21 March 2017.]

  – Last Amendment: 18 May 2016: Change 2: Implement an insider threat program; reporting requirements for Cleared Defense Contractors; alignment with Federal standards for classified information systems; incorporated and canceled Supp. 1 to the NISPOM  (Summary here.)

  – Last Amendment:
26 May 2017: 82 FR 24242-24248: Addition of Certain Persons and Revisions to Entries on the Entity List

: 31 CFR, Parts 500-599, Embargoes, Sanctions, Executive Orders
  – Last Amendment: 10 Feb 2017: 82 FR 10434-10440: Inflation Adjustment of Civil Monetary Penalties.  
: 15 CFR Part 30
  – Last Amendment: 19 Apr 2017: 82 FR 18383-18393: Foreign Trade Regulations: Clarification on Filing Requirements 
  – HTS codes that are not valid for AES are available
  – The latest edition (19 Apr 2017) of Bartlett’s Annotated FTR (“BAFTR”), by James E. Bartlett III, is available for downloading in Word format. The BAFTR contains all FTR amendments, FTR Letters and Notices, a large Index, and footnotes containing case annotations, practice tips, and Census/AES guidance.  Subscribers receive revised copies every time the FTR is amended. The BAFTR is available by annual subscription from the Full Circle Compliance website.  BITAR subscribers are entitled to a 25% discount on subscriptions to the BAFTR.
, 1 Jan 2017: 19 USC 1202 Annex. (“HTS” and “HTSA” are often seen as abbreviations for the Harmonized Tariff Schedule of the United States Annotated, shortened versions of “HTSUSA”.)

  – Last Amendment: 26 Apr 2017: Harmonized System Update 1703, containing 2,512 ABI records and 395 harmonized tariff records.

  – HTS codes for AES are available
  – HTS codes that are not valid for AES are available
  – Latest Amendment: 11 Jan 2017: 82 FR 3168-3170: 2017 Civil Monetary Penalties Inflationary Adjustment
  – The only available fully updated copy (latest edition 10 Jun 2017) of the ITAR with all amendments is contained in Bartlett’s Annotated ITAR (“BITAR”), by James E. Bartlett III.  The BITAR contains all ITAR amendments to date, plus a large Index, over 800 footnotes containing amendment histories, case annotations, practice tips, DDTC guidance, and explanations of errors in the official ITAR text.  Subscribers receive updated copies of the BITAR in Word by email, usually revised within 24 hours after every ITAR amendment.  The BITAR is available by annual subscription from the Full Circle Compliance
.  BAFTR subscribers receive a 25% discount on subscriptions to the BITAR, please
contact us
to receive your discount code.

* * * * * * * * * * * * * * * * * * * *

4. Weekly Highlights of the Daily Bugle Top Stories
(Source: Editor)

Review last week’s top Ex/Im stories in “Weekly Highlights of the Daily Bugle Top Stories” published 

* * * * * * * * * * * * * * * * * * * *


* The Ex/Im Daily Update is a publication of FCC Advisory B.V., edited by James E. Bartlett III and Alexander Bosch, and emailed every business day to approximately 8,000 subscribers to inform readers of changes to defense and high-tech trade laws and regulations. We check the following sources daily: Federal Register, Congressional Record, Commerce/AES, Commerce/BIS, DHS/CBP, DOJ/ATF, DoD/DSS, DoD/DTSA, State/DDTC, Treasury/OFAC, White House, and similar websites of Australia, Canada, U.K., and other countries and international organizations.  Due to space limitations, we do not post Arms Sales notifications, Denied Party listings, or Customs AD/CVD items.

* RIGHTS & RESTRICTIONS: This email contains no proprietary, classified, or export-controlled information. All items are obtained from public sources or are published with permission of private contributors, and may be freely circulated without further permission. Any further use of contributors’ material, however, must comply with applicable copyright laws.

* CAVEAT: The contents cannot be relied upon as legal or expert advice.  Consult your own legal counsel or compliance specialists before taking actions based upon news items or opinions from this or other unofficial sources.  If any U.S. federal tax issue is discussed in this communication, it was not intended or written by the author or sender for tax or legal advice, and cannot be used for the purpose of avoiding penalties under the Internal Revenue Code or promoting, marketing, or recommending to another party any transaction or tax-related matter.

* SUBSCRIPTIONS: Subscriptions are free.  Subscribe by completing the request form on the Full Circle Compliance website.

* TO UNSUBSCRIBE: Use the Safe Unsubscribe link below.

Scroll to Top