;

17-0927 Wednesday “Daily Bugle”

17-0927 Wednesday “Daily Bugle”

Wednesday, 27 September 2017

TOP
The Daily Bugle is a free daily newsletter from Full Circle Compliance, containing changes to export/import regulations (ATF, Customs, NISPOM, EAR, FACR/OFAC, FTR/AES, HTSUS, and ITAR), plus news and events.  Subscribe 
here for free subscription.  Contact us
for advertising inquiries and rates.

  1. DoD/DARS Seeks Comments on Acquisition of Information Technology 
  1. Ex/Im Items Scheduled for Publication in Future Federal Register Editions
  2. Commerce/BIS: Miltech, Inc. of Northampton, MA, to Pay $230,000 to Settle Alleged Export Violations
  3. DHS/CBP Announces ACE Certification Outage, 27 Sep
  4. DHS/CBP Posts Hurricane Maria Guidance, Census Mailing Address for CBP-214A, CBP-7501 and CBP-226 Paper Documents
  5. DHS/CBP Posts Notice on MID testing in the ACE Certification Environment
  6. OMB/OIRA Reviews of Proposed Ex/Im Regulations
  7. State/DDTC: (No new postings.)
  8. India/DGFT Updates SCOMET Export Control List and Handbook of Procedures of the Foreign Trade Policy
  9. UK/DIT ECO Posts Information on Breaches of Export Control Legislation
  10. Singapore Customs Announces Tradenet Extended Downtime
  1. Defense News: “U.S. State Department Denies Turkish Accusations of Arms Embargo”
  2. Reuters: “Trump Administration Prepares to Ease Export Rules for U.S. Guns”
  3. Wired: “GDPR Will Change Data Protection – Here’s What You Need to Know”
  1. C. Todgham Cherniak: “What Should You Do When Canada Releases a New List of Persons Subject to Economic Sanctions and Asset Freezes?”
  2. D.M. Edelman: “Your Foreign Business Partners Must Choose – Do Business with the U.S. or North Korea”
  3. M. Volkov: “The Five Most Important Issues for a CCO to Report to the Board”
  4. N. Yousef, K. Zelnick & S. Brown Cripps: “The New US Sanctions on North Korea and China’s Response: Top 5 Takeaways”
  1. Bartlett’s Unfamiliar Quotations 
  2. Are Your Copies of Regulations Up to Date? Latest Changes: ATF (15 Jan 2016), Customs (28 Jul 2017), DOD/NISPOM (18 May 2016), EAR (25 Sep 2017), FACR/OFAC (16 Jun 2017), FTR (20 Sep 2017), HTSUS (25 Jul 2017), ITAR (30 Aug 2017) 
  3. Weekly Highlights of the Daily Bugle Top Stories 

EXIMEX/IM ITEMS FROM TODAY’S FEDERAL REGISTER

EXIM_a1
1. DoD/DARS Seeks Comments on Acquisition of Information Technology

(Source: Federal Register) [Excerpts.]
 
82 FR 44996-44997: Information Collection Requirement; Defense Federal Acquisition Regulation Supplement; Acquisition of Information Technology
* AGENCY: Defense Acquisition Regulations System, Department of Defense (DoD).
* ACTION: Notice and request for comments regarding a proposed extension of an approved information collection requirement.
* DATES: DoD will consider all comments received by November 27, 2017. …
* FOR FURTHER INFORMATION CONTACT: Ms. Jennifer Johnson, 571-372-6100. The information collection requirements addressed in this notice are available electronically on the Internet at: http://www.acq.osd.mil/dpap/dfars/index.htm. Paper copies are available from Ms. Jennifer Johnson, OUSD(AT&L) DPAP (DARS), Room 3B941, 3060 Defense Pentagon, Washington, DC 20301-3060.
* SUPPLEMENTARY INFORMATION:
  – Title and OMB Number: Defense Federal Acquisition Regulation Supplement (DFARS) Part 239, Acquisition of Information Technology, and the associated clauses at DFARS 252.239-7000 and 252.239-7006; OMB Control Number 0704-0341.
  – Needs and Uses: This requirement provides for the collection of information from contractors regarding security of information technology; tariffs pertaining to telecommunications services; and proposals from common carriers to perform special construction under contracts for telecommunications services. Contracting officers and other DoD personnel use the information to ensure that information systems are protected; to participate in the establishment of tariffs for telecommunications services; and to establish reasonable prices for special construction by common carriers. …
 
Jennifer L. Hawes, Editor, Defense Acquisition Regulations System.

* * * * * * * * * * * * * * * * * * * *

OGSOTHER GOVERNMENT SOURCES

OGS_a12. Ex/Im Items Scheduled for Publication in Future Federal Register Editions
(Source: Federal Register

* U.S. Customs and Border Protection; RULES; Changes to In-Bond Process [Publication Date: 28 September 2017.]  

* * * * * * * * * * * * * * * * * * * *

(Source:
Commerce/BIS) [Excerpts.]
 
* Respondent: Miltech, Inc., Northampton, MA
* Charges: 18 Charges of 15 C.F.R. § 764.2(a): Engaging in Prohibited Conduct
   On eighteen occasions between on or about 14 October 2011 and or about 24 July 2014, Miltech engaged in conduct prohibited by the EAR when it exported items subject to the EAR from the United States to China and Russia without the required BIS licenses. Specifically, Miltech exported active multiplier chains, items classified under Export Control Classification Number (“ECCN”) 3A001.b.4, controlled on national security and anti-terrorism grounds, and valued in total at approximately $364,947, without seeking or obtaining the licenses required for these exports pursuant to section 742.4 of the EAR. …
* Penalty: Civil penalty of $230,000, of which $180,000 needs to be paid within 30 days, and the remaining $50,000 will be suspended and waived after two years if Miltech complies with the terms of its settlement agreement and this order.
* Debarred: Not if penalty is paid as agreed, and Miltech complies with the other terms of its settlement agreement and this order.
* Date of Order: 25 September 2017.

* * * * * * * * * * * * * * * * * * * * 

OGS_a3
4. DHS/CBP Announces ACE Certification Outage, 27 Sep

(Source: CSMS #17-000614, 27 Sep 2017.)
 
There will be an ACE CERTIFICATION Outage Wednesday evening, September 27, 2017 from 1700 ET to 2000 ET.

Infrastructure maintenance activities and the following ACE Deployment will take place during this time: 

ACE Import Manifest 
  – CAOM-3479 – Air Manifest: Add FIRMS/Shed to 1F air status notification messages. Also includes the possibility of double slashes in a CSN (status notification) record, in 1F (local transfer authorized) as well as non-1F notifications, when no entry number is output.
  – CAOM-11232: Tickets #7729645, 7607531 and 7529031 — 4E (Entry Deleted) postings with ‘Bill Not on File’ in the Notify Date, resulting in Released quantity over-postings on ocean bills.
  – CAOM-3618: Tickets# 2437752, 8974434 — Line release Rail BOL zeroed out Entered/Released Quantities on Amend. A Line release BOL that was fully closed on consist received a subsequent Delete and Re-add of the BOL. This zeroed out the Entered and Released quantities and opened the BOL.

ACE Portal 
  – CAOM-9829: ACE Portal to restrict the Max Length of General Order number to 15 AN

ACE Accounts 
  – CAOM-12538: Enforce ‘importer type’ as a Required field for US importers on EDI Create/Update Importer (TI/TR) messages.

* * * * * * * * * * * * * * * * * * * *

  

(Source:
CSMS #17-000615, 27 Sep 2017.)
 
Attention All Ports:
 
Due to Hurricane Maria and until further notice, please mail all NON-ELECTRONIC/NON-ABI import Entry Summaries (CBP Form 7501), Vessel Repair (CBP-226) and Applications for Foreign Trade Zone Admission/and or Status Designation(CBP Form 214A) to the address below:
 
U. S. Census Bureau
ITMD
HENRY L UNG
4600 Silver Hill Rd.
5K164F
Washington, DC 20233-001
 
Questions can be referred to Henry L. Ung, Supervisor, International Trade Management Division, Data Collection Branch, U.S. Census Bureau at Office at 301-763-7018 or E-mail: Henry.L.ung@census.gov

* * * * * * * * * * * * * * * * * * * * 

OGS_a56
. DHS/CBP Posts Notice on MID testing in the ACE Certification Environment

(Source: CSMS #17-000616, 27 Sep 2017.)
 
The ACE Manufacturer Add capability was deployed to ACE Certification on August 1, 2017, as mentioned in CSMS #17-000425.
 
Even though the same application identifiers of $I for the input and $R for the output will continue to be used in ACE the trade is reminded that the ACE ESAR ABI Batch/Block standards will need to be followed to ensure proper processing. ACE will also require all text fields to be transmitted in upper case.
 
The ACE Manufacturer Add input record identifiers of $A through S4 will remain in the same format as used in ACS. The ACE Manufacturer Add output identifier records $5 through $7 will also remain the same format as used in ACS. Trade participants are encouraged to send test data for the ACE Manufacturer Add application to ensure proper processing.
 
The ACE CATAIR Implementation Guide for the ACE Manufacturer Add chapter can be found in the Draft Chapters for Future Capabilities tab.
 
 
If you have any questions, please contact your assigned Client Representative.
 
  – Related CSMS No. 17-000425.

* * * * * * * * * * * * * * * * * * * *

OGS_a67
. OMB/OIRA Reviews of Proposed Ex/Im Regulations

(Source:
OMB/OIRA
)     
 
* TITLE: Revisions to the Export Administration Regulations: Control of Firearms and Related Articles the President Determines No Longer Warrant Control Under the United States Munitions List
  – AGENCY: DOC-BIS
  – STAGE: Proposed Rule
  – RECEIVED DATE: 09/26/2017
  – RIN: 0694-AF47
  – STATUS:
Pending Review
 
* TITLE: International Traffic in Arms Regulations: Categories I, II, and III
  – AGENCY: STATE
  – STAGE: Proposed Rule
  – RECEIVED DATE:
09/26/2017
  – RIN:
1400-AE30
  – STATUS:
Pending Review

* * * * * * * * * * * * * * * * * * * *

OGS_a78
. State/DDTC: (No new postings.)

(Source: State/DDTC)

* * * * * * * * * * * * * * * * * * * *

OGS_a89
. India/DGFT Updates SCOMET Export Control List and Handbook of Procedures of the Foreign Trade Policy

(Source: India/DGFT)
 
On 21 September 2017, the Indian Directorate General of Foreign Trade updated the SCOMET Export Control List and its Handbook of Procedures of the Foreign Trade Policy. Both notifications can be found at:
 

* * * * * * * * * * * * * * * * * * * *

OGS_a910
. UK/DIT ECO Posts Information on Breaches of Export Control Legislation

(Source: UK/DIT ECO)
 
As an exporter, you may discover that you have exported goods or transferred controlled technology without an appropriate export licence in place. It is also possible that a compliance inspector from the export control joint unit will identify an irregularity during a compliance audit.
If this happens, it is very important to report the irregularity to HMRC as soon as possible, as they are responsible for the enforcement of strategic export controls. If the irregularity was found on an ECJU compliance audit, the compliance inspector will have informed HMRC and you are strongly advised to do the same.
 
You should write to HMRC at:
 

HM Revenue & Customs  
Customs Enforcement Policy Team  
1st Floor, Customs House Annex, 32 St Mary At Hill London  
EC3R 8DY

 
You should provide:
  – details of the export – including dates
  – any relevant documents – such as export documentation and commercial invoices
  – details of how the breach was discovered, why it occurred and what steps you have put in place to ensure it does not happen again
  – HMRC will consider the matter and contact you directly, either for more information or to let you know of their decision.

* * * * * * * * * * * * * * * * * * * *

OGS_a1011
. Singapore Customs Announces Tradenet Extended Downtime

(Source: Singapore Customs) [Excerpts.]
 
Singapore Customs has released the following announcement.
 
In addition to the usual housekeeping time for TradeNet on Sundays from 0400 hours to 0800 hours, we wish to inform you that Singapore Customs will be performing system maintenance work which will affect TradeNet from 0400 hours to 1200 hours on 15 October 2017.
 
As a result of the above maintenance work, applications submitted via TradeNet will not be processed during the above mentioned period. Processing of these applications will resume in TradeNet after 1200 hours on 15 October 2017. …

* * * * * * * * * * * * * * * * * * * *

NWSNEWS

NWS_a1
12. Defense News: “U.S. State Department Denies Turkish Accusations of Arms Embargo”

(Source: Defense News, 26 Sep 2017.)
 
The U.S. State Department is denying charges from Turkish officials that an unofficial arms embargo has been placed against the government of Recep Tayyip Erdogan.
 
Turkish Defence Minister Nurettin Canikli recently claimed that “several U.S. and German companies” were implementing a “covered” [indirect] arms embargo on Turkey. He added that those U.S. and German producers were either halting shipments of spare parts of weapons systems to Turkey, or deliberately delaying them.
 
However, a State Department official, speaking on background to Defense News, flatly denied that charge.
 
  “There is no ‘covered arms embargo’ in place for Turkey,” the official said. “We continue to review all potential arms sales on a case-by-case basis, as is consistent with the U.S. Conventional Arms Transfer Policy.”
 
The official added that the U.S. is in “close communication” with Turkish counterparts to “address any concerns.”
 
While there may not be a state-driven embargo in place, the U.S. has been known to deny requests for equipment from various nations over human rights concerns. Human rights issues have driven a wedge between Turkey and Germany, also the target of Canikli’s claims.
 
The Trump administration last week scuttled a planned U.S. sale of small arms for Erdogan’s bodyguards amid congressional pressure. The sale attracted intense scrutiny in the wake of assaults carried out by Erdogan’s security forces against American protesters during a May visit to Washington.
 
In early September, the Senate Appropriations Committee approved a measure that would ban weapon sales to that group. The House passed similar language earlier in the year, and a $1.2 million sale of handguns for Erdogan’s security forces has been shelved indefinitely as a result of those attacks.
 
In the wake of news the Trump administration is mulling plans to ease export rules for American small arms, the Senate Foreign Relations Committee’s top Democrat, Sen. Ben Cardin, said Tuesday it looked like an effort to skirt congressional oversight for sales like the one to Ankara. The move would shift international non-military firearms sales from the purview of the U.S. State Department, which must seek congressional approval, to the U.S. Commerce Department.
 
  “It does look like an end-run around Congress,” said Cardin, of Maryland, who called the move “a direct affront” to congressional oversight.
 
  “Our strong feeling is that we want the State Department to do what we believe the regulations were intended to do, which is focus on highly-sensitive technologies where our edge or our troops would be endangered,” the State Department’s acting assistant secretary of political-military affairs, Tina Kaidanow, told Cardin at a congressional hearing Tuesday.

* * * * * * * * * * * * * * * * * * * * 

NWS_a213
. Reuters: “Trump Administration Prepares to Ease Export Rules for U.S. Guns”

(Source: Reuters)
 
The Trump administration is preparing to make it easier for American gun makers to sell small arms, including assault rifles and ammunition, to foreign buyers, according to senior U.S. officials.
 
Aides to President Donald Trump are completing a plan to shift oversight of international non-military firearms sales from the State Department to the Commerce Department, four officials told Reuters.
 
While the State Department is primarily concerned about international threats to stability and maintains tight restrictions on weapons deals, the Commerce Department typically focuses more on facilitating trade.
 
The officials from multiple agencies, speaking on condition of anonymity, say the new rules will cut government red tape and regulatory costs, boosting U.S. exports of small arms and creating jobs at home.
 
  “There will be more leeway to do arms sales,” one senior administration official said. “You could really turn the spigot on if you do it the right way.”
 
The push fits both Trump’s support for the gun lobby espoused on the campaign trail and his “Buy American” agenda.
 
But critics, including some lawmakers and arms control advocates, have expressed concern that any easing of export rules could make powerful weapons of the type often used in U.S. mass shootings more accessible to criminal gangs and militant groups that Trump has vowed to fight.
The administration has all but finalized a draft of the new rules, which could be sent to the White House budget office for review within days, one U.S. official said.
 
The changes – which can be enacted without congressional approval – could be made public this fall, followed by a period of public comment, with implementation as early as the first half of next year, the officials said.
 
The officials stressed, however, that the proposed shift in oversight was not a blanket deregulation of firearms.
 
  “The NSC is working through the interagency process with the State Department and the Department of Commerce to ensure that U.S. industries have every advantage in the global marketplace, while at the same time ensuring the responsible export of arms,” said an official with the White House National Security Council.
 
Slack U.S. Sales
 
The move, part of a broader Trump administration overhaul of weapons export policy that the officials say is also nearing completion, comes at a time when U.S. gun makers could use the help.
 
Domestic gun sales have fallen significantly after soaring under President Barack Obama, when gun enthusiasts stockpiled weapons and ammunition out of fear that the government would tighten gun laws.
 
Since Trump was elected in November, the share price for Smith & Wesson owner American Outdoor Brands Corp is down 50 percent and Sturm Ruger has fallen 26 percent.
 
On Tuesday, following Reuters report on the administration’s plans, the share prices of Sturm Ruger and American Outdoor surged as much as 18 percent.
 
Both stand to benefit from easier export protocols, alongside Vista Outdoor and the private equity firm Cerberus Capital Management, which owns Bushmaster, a brand of AR-15 assault rifle.
 
The powerful U.S. gun lobby backed Trump in the 2016 election. The National Rifle Association spent more than $30 million in support of his candidacy. “I am going to come through for you,” Trump told the NRA convention in April.
 
The State Department licensed an estimated $4 billion in commercial firearms exports last year, of which $3.2 billion would shift to Commerce under the new arrangement, one U.S. official said.
 
In recent years, Canada, Australia, Thailand and Saudi Arabia have been among the top destination countries for U.S. non-military firearms exports, according to U.S. Census data.
 
The shift to Commerce could increase sales by 15-20 percent annually, predicted Lawrence Keane, senior vice president for the National Shooting Sports Foundation, a firearms industry trade association.
 
The effort to streamline U.S. small arms export controls dates back to an Obama administration initiative begun in 2009, but which was never translated into policy.
 
The process was repeatedly stalled by a series of U.S. mass shootings, including one at the Sandy Hook Elementary School in Newtown, Connecticut, in 2012 in which 20 children and six adults were killed by a gunman using an AR-15-style assault rifle.
 
Assault rifles like the Bushmaster would be some of the most powerful weapons expected to be more readily available for commercial export under the new rules, which are largely in line with proposals the Obama administration had crafted.
 
Stress Test
 
Democratic Senators Ben Cardin, Dianne Feinstein and Patrick Leahy urged against any rash regulatory changes in a letter to Secretary of State Rex Tillerson on Friday, saying combat firearms are the “primary means of injury and destruction in civil and military conflicts throughout the world.”
 
Zlatko Hadzismajlovic, a New York attorney specializing in export controls, said the changes would be a tough “stress test” for U.S. arms policy.
 
  “The transition appears particularly ill-timed,” he said, citing recent Islamist militant attacks in Europe and heightened regional tensions on the borders of NATO members such as Turkey and the Baltic states.
 
Administration officials say they are not looking to green-light dangerous sales but that it is unrealistic to continue to hamstring U.S. gun makers in foreign markets.
 
They point out, for instance, that AR-15 rifles are already readily available worldwide since the technology is decades old, the weapons are sold in U.S. sporting goods stores and parts can be reproduced using a 3D printer.
 
The new rules would move both the licensing and supervision for export of most non-military firearms and ammunition to Commerce officials, who have been directed by Trump to ease the overall regulatory burden on U.S. exporters.
 
Commercial gun exports would no longer be given the same scrutiny as missile and fighter jet sales, which often require congressional approval.
 
  “Commerce wants more exports to help reduce the trade deficit. And State wants to stop things because it sees (arms) proliferation as inherently bad,” one of the officials said.
 
  “We want to make a decision that prioritizes what’s more important,” the official said. “This will allow us to get in the (small arms sales) game for the first time ever.”
 
The shift would officially move weapons like assault rifles and handguns from State’s tightly restricted Munitions List to the Commerce Control List (CCL), which allows for more streamlined licensing for overseas sales.
 
U.S. companies compete for foreign market share with companies such as Austrian manufacturer Glock and Italian gun maker Beretta.

* * * * * * * * * * * * * * * * * * * * 

NWS_a314
. Wired: “GDPR Will Change Data Protection – Here’s What You Need to Know”

(Source: Wired)
 
In less than a year, Europe’s data protection rules will undergo their biggest changes in two decades. Since they were created in the 90s, the amount of digital information we create, capture, and store has vastly increased. Simply put, the old regime was no longer fit for purpose.
 
The solution is the mutually agreed European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. It will change how businesses and public sector organisations can handle the information of customers.
 
The regulation has spawned a raft of GDPR experts who want to help businesses prepare for the changes GDPR will bring – and make a tidy sum for their expertise.
 
Elizabeth Denham, the UK’s information commissioner, who is in charge of data protection enforcement, says she is frustrated by the amount of “scaremongering” around the potential impact for businesses. “The GDPR is a step change for data protection,” she says. “It’s still an evolution, not a revolution”. She adds that for businesses and organisations already complying with existing data protection laws the new regulation is only a “step change”.
 
Still, plenty of confusion remains. To help clear things up, here’s WIRED’s guide to the GDPR.
 
What is GDPR exactly?
 
The GDPR is Europe’s new framework for data protection laws – it replaces the previous 1995 data protection directive, which current UK law is based upon.
 
The EU’s GDPR website says the legislation is designed to “harmonise” data privacy laws across Europe as well as give greater protection and rights to individuals. Within the GDPR there are large changes for the public as well as businesses and bodies that handle personal information, which we’ll explain in more detail later.
 
After more than four years of discussion and negotiation, GDPR was adopted by both the European Parliament and the European Council in April 2016. The underpinning regulation and directive were published at the end of that month.
 
After publication of GDPR in the EU Official Journal in May 2016, it will come into force on May 25, 2018. The two year preparation period has given businesses and public bodies covered by the regulation to prepare for the changes.
 
Don’t we already have data protection laws?
 
Each member state in the EU operates under the current 1995 data protection regulation and has its own national laws. In the UK, the current Data Protection Act 1998 sets out how your personal information can be used by companies, government and other organisations.
 
GDPR changes how personal data can be used. Its provisions in the UK will be covered by a new Data Protection Bill, which has now been published by the government. As noted by data protection expert Jon Baines, the UK’s data protection plans include everything within the GDPR – although there are some minor changes.
 
The new UK data protection bill
 
The UK government’s new data protection legislation, which will implement the vast majority of GDPR was published on September 14, 2017. The bill must pass through the House of Commons and the House of Lords before it becomes law.
 
The government says the law sets out a number of exemptions from GDPR, which include added protections for journalists, scientific and historical researchers, and anti-doping agencies who handle people’s personal information.
 
Is my company/startup/charity going to be impacted?
 
In short, yes. Individuals, organisations, and companies that are either ‘controllers’ or ‘processors’ of personal data will be covered by the GDPR. “If you are currently subject to the DPA, it is likely that you will also be subject to the GDPR,” the ICO says on its website.
 
Both personal data and sensitive personal data are covered by GDPR. Personal data, a complex category of information, broadly means a piece of information that can be used to identify a person. This can be a name, address, IP address… you name it. Sensitive personal data encompasses genetic data, information about religious and political views, sexual orientation, and more.
 
These definitions are largely the same as those within current data protection laws and can relate to information that is collected through automated processes. Where GDPR differentiates from current data protection laws is that pseudonymised personal data can fall under the law – if it’s possible that a person could be identified by a pseudonym.
 
So, what’s different?
 
In the full text of GDPR there are 99 articles setting out the rights of individuals and obligations placed on organisations covered by the regulation. These include allowing people to have easier access to the data companies hold about them, a new fines regime and a clear responsibility for organisations to obtain the consent of people they collect information about.
 
Helen Dixon, the data protection commissioner for Ireland, who has major technology company offices under her jurisdiction, says the new regulation was needed and is a positive move. However, she adds that while large businesses are aware of the upcoming changes there needs to be a lot more knowledge in smaller companies, including startups. “One of the issues with startups is that when they’re going through all the formalities new businesses go through, there’s no data protection hook at that stage,” Dixon says.
 
So, if you’re only just hearing of GDPR, here are some of the bigger changes to be prepared for.
 
Accountability and compliance
 
Companies covered by the GDPR will be more accountable for their handling of people’s personal information. This can include having data protection policies, data protection impact assessments and having relevant documents on how data is processed.
 
In the last 12 months, there’s been a score of massive data breaches, including millions of Yahoo, LinkedIn, and MySpace account details. Under GDPR, the “destruction, loss, alteration, unauthorised disclosure of, or access to” people’s data has to be reported to a country’s data protection regulator – in the case of the UK, the ICO – where it could have a detrimental impact on those who it is about. This can include, but isn’t limited to, financial loss, confidentiality breaches, damage to reputation and more. The ICO has to be told about a breach 72 hours after an organisation finds out about it and the people it impacts also need to be told.
 
For companies that have more than 250 employees, there’s a need to have documentation of why people’s information is being collected and processed, descriptions of the information that’s held, how long it’s being kept for and descriptions of technical security measures in place.
 
Additionally, companies that have “regular and systematic monitoring” of individuals at a large scale or process a lot of sensitive personal data have to employ a data protection officer (DPO). For many organisations covered by GDPR, this may mean having to hire a new member of staff – although larger businesses and public authorities may already have people in this role. In this job, the person has to report to senior members of staff, monitor compliance with GDPR and be a point of contact for employees and customers. “It means the data protection will be a boardroom issue in a way it hasn’t in the past combined,” Denham says.
 
There’s also a requirement for businesses to obtain consent to process data in some situations. When an organisation is relying on consent to lawfully use a person’s information they have to clearly explain that consent is being given and there has to be a “positive opt-in”. A blog post from Denham explains there are multiple ways for organisations to process people’s data.
 
Access to your data
 
As well putting new obligations on the companies and organisations collecting personal data, the GDPR also gives individuals a lot more power to access the information that’s held about them. At present a Subject Access Request (SAR) allows businesses and public bodies to charge £10 to be given what’s held about them.
 
Under the GDPR this is being scrapped and requests for personal information can be made free-of-charge. When someone asks a business for their data, they must stump up the information within one month. Everyone will have the right to get confirmation that an organisation has information about them, access to this information and any other supplementary information. As Dixon points out, big technology companies, as well as smaller startups, will have to give users more control over their data.
 
As well as this the GDPR bolsters a person’s rights around automated processing of data. The ICO says individuals “have the right not to be subject to a decision” if it is automatic and it produces a significant effect on a person. There are certain exceptions but generally people must be provided with an explanation of a decision made about them.
 
The new regulation also gives individuals the power to get their personal data erased in some circumstances. This includes where it is no longer necessary for the purpose it was collected, if consent is withdrawn, there’s no legitimate interest, and if it was unlawfully processed.
 
GDPR fines
 
One of the biggest, and most talked about, elements of the GDPR is the power for regulators to fine businesses that don’t comply with it. If an organisation doesn’t process an individual’s data in the correct way, it can be fined. If it requires and doesn’t have a data protection officer, it can be fined. If there’s a security breach, it can be fined.
 
These monetary penalties will be decided upon by Denham’s office and the GDPR states smaller offences could result in fines of up to €10 million or two per cent of a firm’s global turnover (whichever is greater). Those with more serious consequences can have fines of up to €20 million or four per cent of a firm’s global turnover (whichever is greater). These are larger than the £500,000 penalty the ICO can currently wield and, according to analysis, last year’s fines would be 79 times higher under the new regulation.
 
But Denham says speculation that her office will try to make examples of companies by issuing large business-crippling fines isn’t correct. “We will have the possibility of using larger fines when we are unsuccessful in getting compliance in other ways,” she says. “But we’ve always preferred the carrot to the stick”.
 
Denham says there is “no intention” for overhauling how her office hands out fines and regulates data protection across the UK. She adds that the ICO prefers to work with organisations to improve their practices and sometimes a “stern letter” can be enough for this to happen.
 
“Having larger fines is useful but I think fundamentally what I’m saying is it’s scaremongering to suggest that we’re going to be making early examples of organisations that breach the law or that fining a top whack is going to become the norm.” She adds that her office will be more lenient on companies that have shown awareness of the GDPR and tried to implement it, when compared to those that haven’t made any effort.
 
How to prepare your business for GDPR
 
When implemented, GDPR will have a varying impact on businesses and organisations: for instance, not every company will require a data protection officer. To help prepare for the start of GDPR, the ICO has created a 12-step guide.
 
The guide, which is available here, includes steps such as making senior business leaders aware of the regulation, determining which info is held, updating procedures around subject access requests, and what should happen in the event of a data breach. In Ireland, the regulator has also setup a separate website explaining what should change within companies.

 

* * * * * * * * * * * * * * * * * * * * 

COMMCOMMENTARY

COMM_a01
15. C. Todgham Cherniak: “What Should You Do When Canada Releases a New List of Persons Subject to Economic Sanctions and Asset Freezes?”

 
* Author: Cyndee Todgham Cherniak, Esq, LexSage PC, cyndee@lexsage.com, 416-307-4168.
 
On September 22, 2017, Canada imposed unilateral economic sanctions and asset freezes against 40 officials in the Venezuelan Maduro regime. Prior to the September 22, 2017 sanctions, Canada did not impose any economic sanctions against foreign officials in Venezuela.  
 
Canada released a new list of designated persons (Canada’s term for sanctioned persons – the persons against whom the unilateral economic sanctions, trade restrictions and asset freezes would be imposed).   See Canada Has Imposed Economic Sanctions and Asset Freezes On The Venezuelan Maduro Regime for the list of individuals subject to economic sanctions, trade restrictions and asset freezes.
 
Canada does not have a consolidated list of designated persons – so, this is a brand new list to be reviewed, implemented and monitored.  Canada also has not released guidance to Canadian businesses setting out what is expected of them when a new list of designated persons is released – Canadian companies are just expected to know and get it right immediately.
 
Many Canadian companies (especially small and medium sized businesses) do not know what they should do or how they should start implementing new economic sanctions, trade restrictions and asset freezes.  The first step is to review the Global Affairs announcement concerning the sanctions, the Backgrounder and any other information released by Global Affairs Canada.  Next, review the regulations promulgated by Canada’s Governor-in-Council to implement the economic sanctions, trade restrictions and asset freezes in Canadian law. Regulations are published in the Canada Gazette and posted online.
 
The next step is conducting due diligence and implementation on internal controls to abide by the new economic sanctions, trade restrictions and asset freezes.  Canadian businesses are the primary point of enforcement of economic sanctions, trade restrictions and asset freezes.  You get into trouble and could end up in jail in you ignore the economic sanctions, trade restrictions and asset freezes and engage in business with designated persons.
 
We have put together a short list of recommendations on how to implement the economic sanctions, trade restrictions and asset freezes (which does not cover every step required):
 
  (1) Arrange an internal meeting and bring together of team of people within your organization to implement the required changes to your business activities necessary to implement the economic sanctions, trade restrictions and asset freezes. For example, bring is the person in charge of compliance, head of the sales department, the head of the purchasing department, legal department, someone for risk assessment and someone from human resources.  You may also wish to include someone from your IT department if computerized systems will need to be updated.
 
  (2) Review the computer systems to determine if your sell any goods or services or provide technical data to the sanctioned country.  Yes, the economic sanctions, trade restrictions and asset freezes are against individuals – but all the individuals are from a particular country or are associated with a particular country.  Printout any list of names that you find as connected with the country (e.g., Venezuela).
 
  (3) Check the list of names against the new list of designated persons and names in your system that closely resemble the names of designated persons – it is common for Canadian companies to misspell foreign names. Remove any names that are dissimilar from the list of designated persons and keep a list of matching and similar names (“Matched/Similar List of Names”).
 
  (4) Review your customer lists for the Matched/Similar List of Names.  Take steps to stop doing business if you match a name to the designated persons list or a similar name. Inform the head of sales and the sales persons connected with the account that they can engage in no further business with the Matched/Similar Name.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (5) With respect to corporations who are customers/clients, check your records for a list of shareholders, directors, senior management, etc. Check the names of shareholders, directors and senior management against the new list of designated persons and identify names in your system that are the same as or closely resemble the names of designated persons. Take steps to stop doing business if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (6) With respect to partnerships who are customers/clients, check your records for a list of partners. Check the names of partners against the new list of designated persons and identify names in your system that are the same as or closely resemble the names of designated persons. Take steps to stop doing business if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (7) With respect to trusts who are customers/clients, check your records for a list of settlors and beneficiaries. Check the names of settlors and beneficiaries against the new list of designated persons and identify names in your system that are the same as or closely resemble the names of designated persons. Take steps to stop doing business if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (8) Check open purchase orders relating to the List of Names and any corporations, partnerships or trusts connected with the designated individuals (the “Expanded List of Names”). Check the new list of designated persons against the Expanded List of Names. Take steps to terminate the purchase order (that is not ship the goods or technical data or provide the services) if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (9) Check existing contracts relating to the Expanded List of Names. Check the new list of designated persons against the Expanded List of Names. Take steps to stop further activities under that contract if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (10) Check letters of credit and any financial arrangement relating to the Expanded List of Names. Check the new list of designated persons against the Expanded List of Names. Take steps to stop further issuance or credit or other financial dealing if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (11) If you hold property for clients (e.g., you are an investment portfolio manager), check for assets belonging to persons in the the Expanded List of Names. Take steps to stop any transfer of property to that individual, corporation, partnership or trust if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (12) Condominium corporations and real property management companies should for assets belonging to persons in the the Expanded List of Names. Take steps to stop any transfer of property to that individual, corporation, partnership or trust if you match a name to the designated persons list.  However, be prepared to review any challenges by persons with the same or similar names.
 
  (13) If the designed persons are found in your computer systems (including corporations, partnerships and trusts associated with the designated persons), update for systems to flag those persons (and persons with similar names) so that you do not conduct any future business with those designated persons and that you freeze any existing assets.
 
  (14) If the designed persons are not found in your computer systems (including corporations, partnerships and trusts associated with the designated persons), update for systems to flag designated persons (and persons with similar names) so that you do not conduct any business with any designated persons.
 
  (15) Inform employees, agents, representatives, etc. that if they continue to do business with a designated person, they could cause the company to be subject to severe penalties and they may be subject to severe penalties under Canadian law.  Inform them that circumventing the sanctions could lead to their termination with the company. Opening a new account in the name of a person not of the designated persons list in order to circumvent the computerized checks and balances should led to termination with cause.
 
  (16) Update your End Use Certificates precedent. If you do not currently use End Use Certificates, consider implementing a process to require end-use certificates for transactions with persons in sanctioned countries.
 
  (17) Update your Compliance Policies. If you do not currently do not have a Compliance Policy, consider preparing a Compliance Policy covering economic sanctions, export controls, trade restrictions and asset freezes.
 
(18) Update any online training or in-person training you provide to employees, agents, representatives or schedule a training session with employees, agents and representatives. If you do not currently do not have a training program, consider preparing a training program covering Canadian laws.
 
  (19) If you have subsidiaries located in foreign jurisdictions (and in particular the region of the new sanctioned country), determine to what extent they are required to implement the new list of designated persons and repeat the above listed steps for each subsidiary.
 
  (20) If this is all too much for you or you do not know how to get started, call a lawyer who knowledgeable about economic sanctions and internal compliance.
 
  (21) Establish a procedure to monitor the Special Economic Measures (Venezuela) Regulations so that new persons added by the Canadian government to the list of designated persons will be caught by your internal controls procedures.

* * * * * * * * * * * * * * * * * * * * 

COMM_a2
16. D.M. Edelman: “Your Foreign Business Partners Must Choose – Do Business with the U.S. or North Korea”

        
* Author: Doreen M. Edelman, Esq., Baker Donelson LLP, 202-508-3460, dedelman@bakerdonelson.com
.
 
On Thursday September 21st, President Trump signed Executive Order 13810 Imposing Additional Sanctions with Respect to North Korea (” the E.O.” or “E.O. 13810”). E.O. 13810 significantly expands the U.S. Treasury Department’s authority to impose a broad range of sanctions unlike those we’ve seen before. The expansion of authority includes the ability to impose “secondary sanctions” on non-U.S. parties who take part in foreign activities involving certain North Korean sectors or entities. For example, OFAC now has the power to block U.S. correspondent account access to any foreign bank that knowingly conducts or facilitates significant transactions tied to trade with North Korea.
 
The Trump Administration is taking a hard line. In briefing reporters, Treasury Secretary Steven Mnuchin said foreign banks “can choose to do business with the United States or with North Korea but not both,” adding that the sanctions not only allow the U.S. to sanction individuals or entities but to “freeze or block any transactions with any financial institution, anywhere in the world, that facilitates any transactions with the blocked person.” And the sanctions are not limited to banking. The E.O. gives OFAC the power to block entities in a variety of sectors if found to have ties to North Korea.
 
The new Executive Order comes the same week the President warned North Korea, in a speech before the UN, of possible military action if refuses to suspend its nuclear weapons program. The sanctions also come the same day that the People’s Bank of China reportedly instructed its banks to comply with UN sanctions and stop doing business with North Korea.
 
The following is a broad overview of the additional sanctions implemented under the new E.O.:
 
  – Targets North Korea’s shipping and trade networks and issues a 180-day ban on vessels and aircraft that have visited North Korea, prohibiting them from landing in the United States. The ban also targets vessels that have engaged in a ship-to-ship transfer with a vessel that has visited North Korea within 180 days.
  – Authorizes the Treasury Department to impose sanctions on any foreign financial institution that knowingly conducts or facilitates any significant transaction 1) on behalf of listed individuals or entities, or 2) in connection with trade with North Korea.
  – Blocks all funds originating from, destined for, or passing through a foreign bank account determined to be owned or controlled by a North Korean person or used to transfer funds in which any North Korean person has an interest.
  – Authorizes the Treasury Department to impose sanctions on persons involved in:
  – Industries: The construction, energy, financial services, fishing, information technology, manufacturing, medical, mining, textiles, or transportation industries in North Korea;
  – Ports: Ownership, control, or operation of any port in North Korea, including any seaport, airport, or land port of entry;
  – Imports/Exports: at least one significant importation from or exportation to North Korea of any goods, services, or technology.
 
More guidance should be released shortly as the situation moves forward and the Administration cements its position. In the meantime, U.S. businesses should be assessing their global partners, supply chains, and activities to identify any points of liability. If you or your company may be doing business with a foreign party that could become listed as a specially designated national due to its connections to North Korea, it is important to assess whether 1) it is worth maintaining the current business relationship in this unpredictable environment, and 2) whether you should prepare a strategy to quickly cut ties with any foreign partner that does become suddenly sanctioned.

* * * * * * * * * * * * * * * * * * * * 

COMM_a3
17. M. Volkov: “The Five Most Important Issues for a CCO to Report to the Board”

(Source: Volkov Law Group Blog. Reprinted by permission.)
 
* Author: Michael Volkov, Esq., Volkov Law Group, mvolkov@volkovlaw.com, 240-505-1992.
 
Chief compliance officers have to throw out their template for charts, diagrams and data that they use to report to the Audit/Compliance Committee and start over. Slick and colorful charts and diagrams are great but CCOs are ignoring the importance of an opportunity to educate and train the board on how to monitor and oversee a compliance program.
 
So, let’s start over – what should a CCO tell the board in order to advance the company’s program?
 
Let’s answer a question with another question – what is the most important aspect of a company’s ethics and compliance program?
 
That is a hard question to answer depending on the circumstances, i.e. whether the company is under investigation, is involved in a new, high-risk business venture, or facing serious financial issues.
 
Assuming that everything is relatively calm in the company, I recommend starting with the company’s culture. What efforts have been made to communicate and measure the company’s culture? What specific areas (geographic or product/service) have been measured or identified because of culture issues?
 
A CCO has to reinforce the idea that a company’s culture is its most important intangible asset. Hopefully, the CCO has educated the board on the research linking a company’ ethical culture to its financial and sustainable performance. If so, the CCO has to dedicate his/her work to measuring and reporting on some aspect of company culture each quarter. This report should include data and observation reports on culture assessment and measurement areas – e.g. culture in the company’s Russia operations based on a survey, sample of interviews, or other sources of data and information. A report on the number and type of employee complaints from the hotline does not satisfy this requirement.
 
Second, a CCO needs to report to the board its continuous risk and compliance program efforts. In this area, the CCO needs to explain any new significant risks and gaps in the company’s compliance program. To the extent these issues are discussed, the CCO needs to report to the board on resources and time needed to address the change in risks and compliance program gaps.
 
Third, the CCO needs to inform the board on the operation of the internal investigation, employee complaints, and resolutions of internal investigations. This subject can be divided into three subparts – Part A is a discussion of significant internal investigations that require a specific examination of the issues that the board needs to know about; Part B is a data-driven review of number and types of complaints, number of open investigations, and average length of time that investigations are taking to resolve; and Part C should be a discussion of the discipline being meted out as part of the investigation process.
 
Fourth, the CCO needs to report on high-priority, high-risk operations, such as the company’s due diligence and monitoring program for managing third-party risks. If there are any specific issues that need to be addressed, the CCO should tell the board about these high-risk operations and discuss risk mitigation strategies.
 
For example, if the company has entered into a high-risk joint venture in China or Russia, the CCO should outline the due diligence that was conducted, how any red flags were resolved, and then outline the risk mitigation strategies. The board needs to know about high-risk business opportunities and how the company is handling such risks.
 
Fifth, the CCO needs to know about any significant compliance projects or areas where the company is experiencing difficulties. The CCO should not self-congratulate himself or herself by reporting on the number of training sessions, the number of attendees or the number of code of conduct certifications that have been executed. This is a waste of time. A CCO should only report on these routine issues when there are problems with compliance by senior executives, manager or employees (or the board itself that has failed to complete training).
 
Finally, the CCO should always take advantage of an executive session. And the CCO should discuss something at the executive session. The CCO should not be bashful and should always take the opportunity to raise concerns in this context. The board wants to hear candidly from the CCO (unless it is the last part of a board meeting and the board members are anxious to attend the cocktails and dinner at the conclusion). A CCO should not clear the boardroom and then have an empty agenda, waiting on a board member to raise a specific inquiry.

* * * * * * * * * * * * * * * * * * * * 

COMM_a4
18. N. Yousef, K. Zelnick & S. Brown Cripps: ” The New US Sanctions on North Korea and China’s Response:  Top 5 Takeaways”

 
* Authors: Nabeel Yousef, Esq.,
nabeel.yousef@freshfields.com
, 202-777-4563; Kimberly Zelnick, Esq.,
kimberly.zelnick@freshfields.com
, 212-277-4010; and Stephanie Brown Cripps, Esq.,
stephanie.cripps@freshfields.com
, 212-284-4996. All of Freshfields Bruckhaus Deringer US LLP.
 
On September 21, 2017 President Trump issued Executive Order No. 13810 (the new Executive Order), which introduces new US sanctions in response to North Korea’s “provocative, destabilizing, and repressive actions and policies.” The new sanctions programs authorize a variety of penalties against individuals, entities and foreign financial institutions for a wide range of activities related to North Korea. In connection with the new Executive Order, the US Treasury Department’s Office of Foreign Assets Control (OFAC) issued a new general license, updated an existing general license and published guidance related to the North Korea sanctions.
 
During his announcement of the new US sanctions, President Trump also claimed that Chinese President Xi Jinping had ordered Chinese banks to halt activities with North Korea. China’s Ministry of Foreign Affairs has since disputed the accuracy of President Trump’s statement.
 
Below we summarize five key points related to the new developments in North Korea sanctions.
 
  (1) The Trump Administration Has Sweeping New Authority to Block Persons Related to North Korea.
 
The new Executive Order significantly expands the categories of conduct related to North Korea that can result in being designated as a blocked person by the US Treasury Department. The new Executive Order directs the blocking of all property or interests in property of any individual or entity determined by the Treasury Secretary to fall into certain categories, including:
 
  – Industries: Persons who “operate in” certain North Korean industries, including construction, energy, financial services, fishing, information technology, manufacturing, medical, mining, textiles and transportation;
  – Ports: Persons who own, control, or operate a seaport, airport or land port of entry in North Korea;
  – Imports into or Exports from North Korea: Persons who “have engaged in at least one significant” importation into or exportation from North Korea of goods, services or technology; or
  – Nationals of North Korea: North Korean citizens, permanent resident aliens or entities organized under the laws of North Korea; excluding US citizens, permanent resident aliens, lawful aliens or holders of valid US visas.
 
It is worth noting that the Countering America’s Adversaries Through Sanctions Act (CAATSA) of August 2, 2017 introduced new US sanctions on North Korea, but regulations have not yet been issued and the Trump Administration has not yet designated anyone as a blocked person under CAATSA. Whereas the President signed CAATSA into law despite his stated reservations, the new Executive Order has been issued at the initiative of the Trump Administration and supports the Administration’s policy goals, increasing the likelihood that more persons may be blocked in relation to North Korea pursuant to the new Executive Order as opposed to CAATSA.
 
  (2) US Secondary Sanctions (Including Prohibitions on US Correspondent Accounts) May Be Imposed on Foreign Financial Institutions for “Significant” North Korean Transactions.
 
The new Executive Order authorizes the imposition of secondary sanctions on foreign financial institutions that knowingly conduct “significant” transactions related to North Korea. Notably, the United States can impose these new sanctions regardless of whether or not the foreign bank has any connection to the United States. The new executive order authorizes the US Treasury Secretary to determine whether a foreign financial institution (defined broadly) has (i) knowingly conducted or facilitated any significant transaction on behalf of a person blocked under North Korea sanctions, or (ii) knowingly conducted or facilitated any significant transaction “in connection with” trade with North Korea. The new Executive order defines “knowingly” as including actual knowledge or reason to know of the conduct, circumstance or result. The secondary sanctions are not retroactive, however, so a foreign financial institution must have engaged in the conduct on or after September 21, 2017 to potentially be caught by these new sanctions.
 
Upon making such a determination, the Treasury Secretary has discretion to impose one of the following two penalties: (i) severely restricting or prohibiting the financial institution’s ability to open or maintain correspondent or payable-through accounts in the United States, or (ii) blocking the financial institution’s property and interests in property (which would have the effect of adding the financial institution to the US list of blocked persons).
 
  (3) Aircraft and Vessels Engaging with North Korea Face New US Restrictions.
 
The new Executive Order prohibits entry into the United States of certain aircraft and vessels that have engaged with North Korea within the prior 180 days. This prohibition is designed to disrupt trade with North Korea by blocking access to the United States by vessels that have traded with North Korea. First, the new Executive Order mandates that no aircraft in which a foreign person has an interest may land in the United States within 180 days of departing from a location in North Korea. Second, no vessel in which a foreign person has an interest may call at a US port (i) within 180 days of calling at a port in North Korea, or (ii) engaging in a ship-to-ship transfer with a vessel that has called at a port in North Korea within the previous 180 days. The new aircraft and vessel restrictions apply regardless of any contract, license or permit entered into or obtained prior to September 21, 2017.
 
In connection with the new Executive Order, OFAC issued new General License No. 10, which authorizes narrow exceptions to the aircraft and vessel restrictions for cases of distress or emergency.
 
  (4) The Trump Administration May Now Block Foreign Bank Accounts and Associated Funds Related to North Korea.
 
In addition to individuals and entities, the new Executive Order authorizes the Treasury Secretary to designate certain foreign bank accounts– and funds associated with those accounts – as blocked. The Treasury Secretary may block foreign bank accounts determined to (i) be owned or controlled by a North Korean citizen, North Korean permanent resident alien, or entity organized under the laws of North Korea (again excluding individuals who are also US citizens, permanent resident aliens, lawful aliens or holders of valid US visas); or (ii) have been used to transfer funds by such persons. The new sanctions authorize the blocking of accounts even if the individual or entity that owns the account is not blocked.
 
By blocking a foreign bank account, the new sanctions effectively block all funds that originate from, are destined for or pass through the account. US persons are further prohibited from approving, financing, facilitating or guaranteeing a transaction involving such blocked funds or accounts, even if the funds or accounts never enter the United States or come within the possession of a US person.
 
  (5) Chinese Banks May Be Prohibited from Engaging in or Facilitating Transactions Related to North Korea.
 
According to press reports, China’s central bank, the People’s Bank of China, issued a new rule on Monday, September 18, 2017 to Chinese banks, requiring them to (i) fully implement United Nations sanctions against North Korea, (ii) stop providing financial services to new North Korean customers, and (iii) wind down loans with existing North Korean customers. The existence of the new banking rule was not reported until several days later, on Thursday, September 21, 2017, when President Trump himself claimed in a press conference that Chinese President Xi Jinping had ordered Chinese banks to halt activities with North Korea. On Friday, September 22, 2017, however, the Chinese Ministry of Foreign Affairs disputed the accuracy of President Trump’s statement and affirmed that China implements the UN Security Council sanctions on North Korea but opposes unilateral sanctions that go beyond the UN prohibitions.
 
In any case, it remains to be seen how China and its banks will respond in practice to the new US sanctions on North Korea. The effectiveness of a new banking rule may ultimately determine how great an impact, if any, the new US sanctions on North Korea will have on business in China and dealings with Chinese banks.
 
Conclusion
 
As unpredictable global events lead to increasing and rapidly changing sanctions against North Korea, companies and individuals should consider the potential impact of these changes on ongoing and new business activities. The broad extraterritorial reach of these new sanctions also requires a careful reexamination of activities and relationships that might now present greater sanctions risks as a result of these recent developments.

* * * * * * * * * * * * * * * * * * * * 

ENEDITOR’S NOTES

* Samuel Adams (27 Sep 1722 – 2 Oct 1803; was an American statesman, political philosopher, and one of the Founding Fathers of the United States. He was a politician in colonial Massachusetts, a leader of the movement that became the American Revolution, and one of the architects of the principles of American republicanism that shaped the political culture of the United States. He was a second cousin to fellow Founding Father, President John Adams.)
  – “Among the natural rights of the colonists are these: First a right to life, secondly to liberty, and thirdly to property; together with the right to defend them in the best manner they can.”
 
* Henri Frederic Amiel (27 Sep 1821 – 11 May 1881; was a Swiss moral philosopher, poet, and critic.)
  – “The man who insists upon seeing with perfect clearness before he decides, never decides. Accept life, and you must accept regret.”
  – “Truth is not only violated by falsehood; it may be equally outraged by silence.”

* * * * * * * * * * * * * * * * * * * *

EN_a320
. Are Your Copies of Regulations Up to Date?
(Source: Editor)

The official versions of the following regulations are published annually in the U.S. Code of Federal Regulations (C.F.R.), but are updated as amended in the Federal Register.  Changes to applicable regulations are listed below.
 
*
ATF ARMS IMPORT REGULATIONS
: 27 CFR Part 447-Importation of Arms, Ammunition, and Implements of War
  – Last Amendment: 15 Jan 2016: 81 FR 2657-2723: Machineguns, Destructive Devices and Certain Other Firearms; Background Checks for Responsible Persons of a Trust or Legal Entity With Respect To Making or Transferring a Firearm. 
 
*
CUSTOMS REGULATIONS
: 19 CFR, Ch. 1, Pts. 0-199
  – Last Amendment: 28 Jul 2017: 82 FR 35064-35065: Technical Corrections to U.S. Customs and Border Protection Regulations
 
DOD NATIONAL INDUSTRIAL SECURITY PROGRAM OPERATING MANUAL (NISPOM): DoD 5220.22-M

  – Last Amendment: 18 May 2016: Change 2
: Implement an insider threat program; reporting requirements for Cleared Defense Contractors; alignment with Federal standards for classified information systems; incorporated and cancelled Supp. 1 to the NISPOM (Summary 
here
.)


EXPORT ADMINISTRATION REGULATIONS (EAR)
: 15 CFR Subtit. B, Ch. VII, Pts. 730-774

  – Last Amendment: 25 Sep 2017:
82 FR 44514-44517
: Removal of Certain Entities from the Entity List; and Revisions of Entries on the Entity List

  
*
FOREIGN ASSETS CONTROL REGULATIONS (OFAC FACR)
: 31 CFR, Parts 500-599, Embargoes, Sanctions, Executive Orders
  – Last Amendment: 16 Jun 2017: 82 FR 27613-27614: Removal of Burmese Sanctions Regulations 
 
*
FOREIGN TRADE REGULATIONS (FTR)
: 15 CFR Part 30
  – Last Amendment: 20 Sep 2017: 82 FR 43842-43844: Foreign Trade Regulations (FTR): Clarification on Filing Requirements; Correction  
  – HTS codes that are not valid for AES are available
here.
  – The latest edition (20 Sep 2017) of Bartlett’s Annotated FTR (“BAFTR”), by James E. Bartlett III, is available for downloading in Word format. The BAFTR contains all FTR amendments, FTR Letters and Notices, a large Index, and footnotes containing case annotations, practice tips, Census/AES guidance, and to many errors contained in the official text. Subscribers receive revised copies every time the FTR is amended. The BAFTR is available by annual subscription from the Full Circle Compliance website.  BITAR subscribers are entitled to a 25% discount on subscriptions to the BAFTR.
 
*
HARMONIZED TARIFF SCHEDULE OF THE UNITED STATES (HTS, HTSA or HTSUSA)
, 1 Jan 2017: 19 USC 1202 Annex. (“HTS” and “HTSA” are often seen as abbreviations for the Harmonized Tariff Schedule of the United States Annotated, shortened versions of “HTSUSA”.)
  – Last Amendment: 25 Jul 2017: Harmonized System Update 1706, containing 834 ABI records and 157 harmonized tariff records.
  – HTS codes for AES are available
here
.
  – HTS codes that are not valid for AES are available
here.
 
INTERNATIONAL TRAFFIC IN ARMS REGULATIONS (ITAR): 22 C.F.R. Ch. I, Subch. M, Pts. 120-130.
  – Last Amendment: 30 Aug 2017: 82 FR 41172-41173: Temporary Modification of Category XI of the United States Munitions List
  – The only available fully updated copy (latest edition: 12 Sep 2017) of the ITAR with all amendments is contained in Bartlett’s Annotated 

ITAR
(“BITAR”)
, by James E. Bartlett III. The BITAR contains all ITAR amendments to date, plus a large Index, over 800 footnotes containing amendment histories, case annotations, practice tips, DDTC guidance, and explanations of errors in the official ITAR text. Subscribers receive updated copies of the BITAR in Word by email, usually revised within 24 hours after every ITAR amendment.
 The BITAR is available by annual subscription from the Full Circle Compliance
 
website
. BAFTR subscribers receive a 25% discount on subscriptions to the BITAR, please
contact us
to receive your discount code.
 

* * * * * * * * * * * * * * * * * * * *

EN_a0321. 
Weekly Highlights of the Daily Bugle Top Stories

(Source: Editor) 

Review last week’s top Ex/Im stories in “Weekly Highlights of the Daily Bugle Top Stories” published 
here

* * * * * * * * * * * * * * * * * * * *

EPEDITORIAL POLICY

* The Ex/Im Daily Update is a publication of FCC Advisory B.V., compiled by: Editor, James E. Bartlett III; Assistant Editors, Alexander P. Bosch and Vincent J.A. Goossen; and Events & Jobs Editor, John Bartlett. The Ex/Im Daily Update is emailed every business day to approximately 8,000 readers of changes to defense and high-tech trade laws and regulations. We check the following sources daily: Federal Register, Congressional Record, Commerce/AES, Commerce/BIS, DHS/CBP, DOJ/ATF, DoD/DSS, DoD/DTSA, State/DDTC, Treasury/OFAC, White House, and similar websites of Australia, Canada, U.K., and other countries and international organizations.  Due to space limitations, we do not post Arms Sales notifications, Denied Party listings, or Customs AD/CVD items.

* RIGHTS & RESTRICTIONS: This email contains no proprietary, classified, or export-controlled information. All items are obtained from public sources or are published with permission of private contributors, and may be freely circulated without further permission. Any further use of contributors’ material, however, must comply with applicable copyright laws.

* CAVEAT: The contents of this newsletter cannot be relied upon as legal or expert advice.  Consult your own legal counsel or compliance specialists before taking actions based upon news items or opinions from this or other unofficial sources.  If any U.S. federal tax issue is discussed in this communication, it was not intended or written by the author or sender for tax or legal advice, and cannot be used for the purpose of avoiding penalties under the Internal Revenue Code or promoting, marketing, or recommending to another party any transaction or tax-related matter.

* SUBSCRIPTIONS: Subscriptions are free.  Subscribe by completing the request form on the Full Circle Compliance website.

* TO UNSUBSCRIBE: Use the Safe Unsubscribe link below.

Scroll to Top