18-1025 Thursday “Daily Bugle”

18-1025 Thursday “Daily Bugle”

Thursday, 25 October 2018

The Daily Bugle is a free daily newsletter from Full Circle Compliance, containing changes to export/import regulations (ATF, DOE/NRC, Customs, NISPOM, EAR, FACR/OFAC, FAR/DFARS, FTR/AES, HTSUS, and ITAR), plus news and events.  Subscribe 
here for free subscription. Contact us
for advertising inquiries and rates. 

[No items of interest noted today.]

  1. Items Scheduled for Publication in Future Federal Register Editions
  2. Commerce/BIS: (No new postings.)
  3. DHS/CBP Posts New Cargo Release Condition/Error Codes
  4. DHS/CBP Releases Latest 5105 CATAIR
  5. State/DDTC: (No new postings.)
  1. Reuters: “U.S. Imposes North Korea-Related Sanctions on Singapore Firms”
  2. Spiegel Online: “The Shadowy Arms Trade: A Look Back at a Questionable Tank Deal”
  3. WorldECR: “U.S. Withdraws from INF Treaty”
  1. The Export Compliance Journal: “Important Takeaways from a UAE Bank’s OFAC Compliance Deficiencies”
  2. G. Kreijen: “Adoption of New EU Legislation and Recent National Cases in the Fight Against Chemical Weapons”
  3. O. Torres & D. Kyle: “DoD Mandatory Disclosure Requirements for Export-Controlled Transfers as ‘Cyber Incidents'”
  1. Bartlett’s Unfamiliar Quotations 
  2. Are Your Copies of Regulations Up to Date? Latest Amendments: ATF (15 Jan 2016), Customs (19 Sep 2018), DOD/NISPOM (18 May 2016), EAR (24 Oct 2018), FACR/OFAC (29 Jun 2018), FTR (24 Apr 2018), HTSUS (22 Oct 2018), ITAR (4 Oct 2018) 
  3. Weekly Highlights of the Daily Bugle Top Stories 



[No items of interest noted today.]
* * * * * * * * * * * * * * * * * * * * 


OGS_a11. Items Scheduled for Publication in Future Federal Register Editions
(Source: Federal Register 

* President; ADMINISTRATIVE ORDERS; Congo, Democratic Republic of the; Continuation of National Emergency (Notice of October 25, 2018) [Pub. Date: 26 Oct 2018.]
* Commerce/BIS; NOTICES; Meetings: Transportation and Related Equipment Technical Advisory Committee [Pub. Date: 26 Oct 2018.]
* Treasury/OFAC; NOTICES; Blocking or Unblocking of Persons and Properties [Pub. Date: 26 Oct 2018.]

* * * * * * * * * * * * * * * * * * * * 

* * * * * * * * * * * * * * * * * * * *

CSMS# 18-000630, 24 Oct 2018.) 

The new Cargo Release Condition/Error Codes document has been posted 

* * * * * * * * * * * * * * * * * * * * 

DHS/CBP Releases Latest 5105 CATAIR 

CSMS# 18-000631, 25 Oct 2018.) 
The latest 5106 CATAIR is now posted on CBP.GOV under the “Chapters: Drafts for Future Capabilities” tab at the following location: 
This new 5106 CATAIR will be available for testing in the CERTIFICATION environment starting in December 2018.

* * * * * * * * * * * * * * * * * * * * 

State/DDTC: (No new postings.)

* * * * * * * * * * * * * * * * * * * * 


Reuters, 25 Oct 2018.) 
The U.S. Treasury Department imposed sanctions on two Singapore-based companies and a man accused of money laundering through the U.S. financial system to evade sanctions against North Korea, the department said in a statement on Thursday. 
The United States said the person targeted by sanctions, Tan Wee Beng, a director and shareholder of a Singapore-based commodities trading company, Wee Tiong Holdings Pte Ltd, hid the origins of payments and structured transactions to fulfill millions of dollars in North Korean contracts since at least 2011. 

The Treasury Department also imposed sanctions on two vessels tied to a different company for which Tan is a managing director, and which the United States says engaged in illicit economic activity connected to North Korea.

* * * * * * * * * * * * * * * * * * * * 

Spiegel Online: “The Shadowy Arms Trade: A Look Back at a Questionable Tank Deal”

Spiegel Online, 28 Sep 2018.) [Excerpts.] 
An [Arab] intermediary received a commission of almost $200 million for the sale of battle tanks to United Arab Emirates. Some of that money, though, may have been used to bribe government officials.
The tanks were first deployed in combat three summers ago. In early August 2015, they rolled along Yemen’s N1 highway, heading north to Al Anad Air Base. Their orders were to help government troops beat back the rebels. … 
In Germany, exports of war machinery are subject to the War Weapons Control Act. A special body known as the Federal Security Council controls the export of military weapons and war machinery. … 
[Editor’s Note: due to copyright restrictions we are not authorized to include the entire article. To read the remaining sections, click on the source link below the item title.]

* * * * * * * * * * * * * * * * * * * * 

WorldECR: “U.S. Withdraws from INF Treaty”

WorldECR, 25 Oct 2018.) [Excerpts.] 
President Trump has announced US withdrawal from the 1987 Treaty on the Elimination of Intermediate-Range and Shorter-Range Missiles (“‘the INF Treaty”).
The INF Treaty, forged between the US and Russia towards the end of the Cold War, eliminated all ground-launched missiles with a range of between 500 and 5,500 kilometers, including both cruise and ballistic missiles. Both the US and Russia have accused each other of non-compliance with the treaty.
President Trump told reporters that Russia had “not adhered to the spirit of that agreement or to the agreement itself” and that “until people come to their senses, we will build it up,” indicating that the US would stockpile nuclear weapons. … 
The time scale for US withdrawal is six months.

* * * * * * * * * * * * * * * * * * * * 


The New York State Department of Financial Services (DFS) recently 
fined Mashreq Bank $40 million after it was determined that the branch’s New York location had inadequate OFAC (Office of Foreign Assets Control) and U.S. Anti-Money Laundering (AML) systems in place.
The bank clears more than US$350 billion in transactions annually, with many clients located in the high compliance risk regions of Southeast Asia, the Middle East and North Africa.
The DFS conducted two examinations of Mashreq Bank’s procedures and policies in 2016 and last year. While no specific willful violations were uncovered, the reviews found multiple deficiencies with their compliance program.
While this case involves a bank, the following key takeaways applies to non-bank businesses, as well:
(1) Set aside sufficient manpower to 
review compliance alerts.
     – Questionable transactions should be dealt with in a timely manner, reducing the risk of compliance violations.
(2) Have 
a proper audit trail in place.
     – Make sure that the rationale for waiving certain transactions or cases are properly documented in case of a government review later.
together with appropriate infrastructure including procedures and policies.
     – While Mashreq Bank implemented a new sanctions screening system, there were gaps in execution, especially with regards to vetting compliance alerts. Additionally, DFS found that Mashreq’s “transaction monitoring system was not properly calibrated to monitor risks associated with certain common scenarios” and that its compliance infrastructure was not sophisticated enough.
The DFS accused the bank of failing to comply with previous warnings issued in both 2016 and 2017. According to them, “despite some progress, the bank failed to fully correct a number of deficiencies in the branch’s compliance program.”
  “Mashreqbank failed to fully comply with critical New York and federal banking laws aimed at combating international money laundering, terrorist financing and other related threats,” DFS Superintendent Maria Vullo said in a statement.
In response, the bank accepted the $40 million fine and made it clear that it would not appeal it. A spokesperson for the company stated that the company was devoting “substantial financial and corporate resources” to improving legal compliance at the New York branch in question. 

* * * * * * * * * * * * * * * * * * * * 

World Trade Controls, 24 Oct 2018.) 
* Author: Gerard Kreijen, Esq., 
Loyens & Loeff, Amsterdam. 
In the wake of the gruesome events in Syria authorities at the national and international level are stepping up action against chemical weapons proliferation. It would be a mistake to assume that the implications of this development are limited to either the Syrian theatre or chemical weapons as such.
On 15 October 2018 the European Council adopted a new regime of restrictive measures to address the use and proliferation of chemical weapons. As stated in the Council’s press release, “the EU will now be able to impose sanctions on persons and entities involved in the development and use of chemical weapons anywhere, regardless of their nationality and location”. The restrictive measures do not only target persons and entities directly responsible for the development and use of chemical weapons, but also those who provide financial, technical or material support, and those who assist, encourage or are associated with them.
For the moment, the new regime will not introduce new types of sanctions. As is more or less common practice, the restrictive measures will consist of a travel ban to the EU, asset freezes for listed persons and entities, and a prohibition for EU persons to make funds available to such persons and entities.
The decision to adopt the new regime of restrictive measures is a direct follow-up to the conclusions of the European Council of 28 June 2018 and has been galvanized by the gas attacks on civilians in the Syrian conflict and the Skripal and Kim Jong Nam poisonings. It is noteworthy, that the conclusions of the European Council (made in the context of security and defence) refer to the Europe’s resilience not only to chemical, but also to biological, radiological, and nuclear-related threats. The new EU regime also seems intended to create a basis for the EU for moving quicker and more independently (from other actors such as the UN) in combating the use and proliferation of chemical weapons.
The EU decision comes amid incidents in the Netherlands and Belgium concerning the prohibited delivery of precursors for chemical weapons to Syria. In a letter of 11 October 2018, the Dutch Minister of Foreign Trade and Development Cooperation addressed questions from Dutch Parliament regarding an ongoing criminal investigation into shipments of acetone – a substance that can be used for manufacturing nerve gas – by a Dutch company to Syria. One of these shipments left the EU via the Belgian harbor of Antwerp. Notification of the Belgian authorities by the Dutch authorities led to the discovery that a Belgian company had made similar shipments. This has meanwhile resulted in criminal court proceedings in Belgium against the Belgian company.
It is interesting to note that the Dutch company allegedly continued the trade in acetone with Syria during the course of the investigations, this time, indirectly, through Russia. If so, this is not only a strong indication of bad faith, but also that the shipments are part of procurement activities directed from Syria, possibly involving Syrian nationals and/or agents. Although the letter of 11 October states that Dutch Customs were conducting a routine inspection when the acetone shipments came to light it is not inconceivable that they actually were acting on information supplied by the intelligence community.
These developments are a clear show of increased legislative and enforcement action in the EU with regard to combating the use and proliferation of chemical weapons. They should serve as a reminder for all traders and manufacturers, not only of chemicals, but also of other substances and materials that could be used for the development and proliferation of weapons of mass destruction, that it is absolutely necessary to ensure full compliance with applicable sanction regulations.

* * * * * * * * * * * * * * * * * * * * 

O. Torres & D. Kyle: “DoD Mandatory Disclosure Requirements for Export-Controlled Transfers as ‘Cyber Incidents'”
(Source: Torres Law PLLC, 22 Oct 2018.)
* Authors: Olga Torres, Esq.; Dick Kyle, Esq. All of Torres Law PLLC. Contact information: 214-593-7120, info@torrestradelaw.com.
The export control regulations are difficult enough to understand in their own right. But for companies that are also involved in defense contracting, whether as prime contractors or subcontractors, the export control regulations occasionally intersect with additional requirements of the Defense Federal Acquisition Regulations Supplement (“DFARS”), making compliance much more difficult.
For instance, consider the following three scenarios:
  1. Company A learns its IT service provider employs multiple Indian national employees that have potential access to Company A’s networks where export-controlled data resides.
  2. At Company B, a mislabeled file containing export-controlled drawings is inadvertently uploaded to a foreign vendor through a File Transfer Protocol (“FTP”) site.
  3. The new human resources manager at Company C discovers that a company employee, who has access to export-controlled information through unlimited company server access, is a Chinese citizen.
In all these situations, a savvy export compliance professional will know that an export or “deemed export” of controlled technical data or technology may have taken place. The competent export compliance professional will immediately restrict further uncontrolled access to the export-controlled data, alert management, conduct the necessary internal review, and determine, with the help of legal counsel as necessary, whether a voluntary self-disclosure (“VSD”) with the applicable export control agency is advisable. But what if Companies A, B, and C are all defense contractors or subcontractors? Will the savvy, competent export control professional realize that, pursuant to DFARS, a “cyber incident” may have occurred? The occurrence of a cyber incident requires almost immediate (i.e., 72 hours) reporting to the Department of Defense (“DoD”). Unlike the filing of a VSD with an export control agency, the DoD cyber incident reporting requirement is mandatory, which complicates matters in situations where an ITAR or BIS VSD is being contemplated.
On October 21, 2016, DoD published a final rule requiring defense contractors to become compliant with the National Institute of Standards and Technology (“NIST”) Special Publication (“SP”) 800-171 by December 31, 2017. [FN/1] This portion of the final rule received most of the publicity within the defense contractor community, and Torres Law published an article on the subject. [FN/2] However, DFARS 252.204-7012, as amended by the final rule, now includes a requirement for a contractor subject to the regulation to submit a mandatory report, within 72 hours, of the discovery of a cyber incident that affects covered contractor information systems or covered defense information. There is a lot to unpack here, and it is necessary to first clarify the multiple defined terms in the requirement.

  • Cyber incident: actions taken through the use of computer networks that result in a “compromise” or an actual or potentially adverse effect on an information system and/or the information residing therein;
  • Compromise: disclosure of information to unauthorized persons, or a violation of the security policy of a system, in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object, or the copying of information to unauthorized media may have occurred;
  • Covered Defense Information (“CDI”): unclassified controlled technical information or other information, as described in the Controlled Unclassified Information (“CUI”) Registry at http://www.archives.gov/cui/registry/category-list.html, [FN/3] that requires safeguarding or dissemination controls pursuant to and consistent with law, regulations, and Governmentwide policies, and is –

    1. Marked or otherwise identified in the contract, task order, or delivery order and provided to the contractor by or on behalf of DoD in support of the performance of the contract; or
    2. Collected, developed, received, transmitted, used, or stored by or on behalf of the contractor in support of the performance of the contract; and

  • Covered Contractor Information Systems: an unclassified information system that is owned, or operated by or for, a contractor and that processes, stores, or transmits covered defense information. [FN/4]

To illustrate a typical cyber incident: A hacker, either foreign or domestic, infiltrates, or “compromises,” a defense contractor’s internal servers, or “covered contractor information system,” that contains drawings and blueprints developed pursuant to the performance of the contract, which are “CDI.” Still, none of the three scenarios outlined at the beginning of the article were traditional cyber-attacks, but the definition of compromise includes the “disclosure of information to unauthorized persons” and a DoD 72-hour reporting requirement could be triggered. If the disclosure to unauthorized persons occurs “through the use of computer networks,” then a cyber incident has occurred, even if the disclosure was unintentional. But as previously explained, a cyber incident must only be reported to DoD if it involves CDI or a contractor’s network that contains CDI, or if the cyber incident affects the contractor’s ability to perform operationally critical requirements of the contract. [FN/5] Importantly, CDI could include data controlled under the International Traffic in Arms Regulations (“ITAR) or the Export Administration Regulations (“EAR”), triggering potential ITAR/EAR VSDs depending on the facts of the case and other considerations. Note that not all CDI is export-controlled and needs protections from foreign persons (e.g., HIPPA).

After the contractor determines that a covered cyber incident has occurred, the contractor will have to conduct a review of its network for evidence regarding the compromise of CDI. This review can include the identification of compromised computers, servers, specific data, and user accounts.
After conducting this internal review, or during the review if the 72-hour deadline is approaching, the contractor must report the cyber incident to DoD at https://dibnet.dod.mil/portal/intranet/.  A DoD-approved medium assurance certificate is required to access the reporting module, so allow for some delay prior to being able to submit the report. Information to be provided in the report includes:

  • Company name, point of contact, and Data Universal Numbering System (“DUNS”) number;
  • Government contract number(s), contracting officer, and U.S. Government program manager point of contact;
  • Contract and facility clearance level and facility CAGE code;
  • Information regarding the actual cyber incident and the CDI involved; and
  • A narrative explanation of the incident.
DoD has provided guidance in Frequently Asked Questions (“FAQs”) recommending that contractors provide an incomplete cyber incident report rather than delaying submission to obtain all necessary information. [FN/6] Contractors disclosing cyber incidents that involve export-controlled information should also consider whether a VSD submission to the appropriate agency is also warranted. If so, this information can be included in the cyber incident report.
Upon receiving the cyber incident report, DoD will provide the submitting contractor with an incident report number. The contractor should be prepared to cooperate with any additional forensic investigations DoD may conduct as part of its damage assessment process. The goal of the damage assessment is for DoD to determine the scale of the impact of the cyber incident on CDI and any further implications of the incident. The assessment may look into the adequacy of the contractor’s cybersecurity measures and whether required controls were in place at the time of the incident.
Importantly, the requirements of DFARS 252.204-7012 do not apply only to government prime contractors. Section (m) of the DFARS clause specifically relates to subcontractors and requires prime contractors to flow-down DFARS 252.204-7012 in subcontracts involving CDI or for operationally critical support. In case of a cyber incident involving subcontractor systems, subcontractors are required to independently report the incident to DoD. Upon receipt of the cyber incident report number, the subcontractor must provide this number to the prime contractor, or the next higher-tier subcontractor, as soon as practicable.
The potential overlap between the export agencies and regulations and the new DoD reporting requirements can be daunting to say the least. The ITAR controls unclassified and classified technical data related to defense articles and defense services. In this context, the ITAR and the National Industrial Security Program Operating Manual (“NISPOM,” under the Defense Security Service (“DSS”)) [FN/7] share jurisdiction with regards to classified and unclassified data related to defense articles and services. Because of this shared jurisdiction, there has often been overlap or conflicting guidance received from the agencies. For example, in the past DSS has stated that a license is not required for classified items and defense services ignoring, for example, ITAR licensing requirements. Further, DSS recently appears to have expanded their authority to review unclassified ITAR-controlled information and documents as part of their audits. Similarly, pursuant to DFARS 252.204-7012, situations involving ITAR violations related to inadvertent technology transfers to foreign persons could now trigger the 72-hour DoD reporting requirement.
A problem arises, however, when export controlled data is involved because, as previously explained, export VSDs are “voluntary” submissions and there is no set time limit to submit a VSD. In other words, companies typically would review the facts and circumstances leading to the violations, confirm the applicability of the ITAR or EAR, and decide whether to submit an initial VSD. Although the export regulations permit the VSD process to be divided in two steps (i.e., an initial VSD followed by a final VSD oftentimes months after conducting a thorough review of the circumstances that led to the violations), in practice companies may need at least a couple of weeks to submit an initial VSD. This is especially important in cases involving complex product classifications impacting the export agencies’ jurisdiction, or in larger companies where chains of command are complex and hierarchies for approval of VSD submissions move slowly. Companies now could potentially face a mandatory 72-hour DoD disclosure requirement and must consider whether failure to submit initial export VSDs concurrently or shortly thereafter could have negative repercussions.
Defense contractors and subcontractors, including those that work with export-controlled technology, should review their contracts and determine if DFARS 252.204-7012 was included or flowed-down. If the clause was included, the contractor is on notice to the 72-hour cyber incident reporting requirement. A contractor working with export-controlled information pursuant to a defense contract should determine whether any of that information has been marked by DoD, or the prime contractor, as CDI. If so, the contractor should have procedures in place to immediately escalate the discovery of a covered cyber incident to necessary IT, legal, and management personnel in order to comply with the 72-hour reporting requirement as well consider filing an initial VSD with the relevant export agency.

  [FN/1] DFARS: Network Penetration Reporting and Contracting for Cloud Services, 81 Fed. Reg. 72,986 (Oct. 21, 2016) (to be codified at 48 C.F.R. Parts 202, 204, 212, 239, and 252), available here.
  [FN/2] See Justin Doubleday interview with Torres Law Managing Member Olga Torres for Contractors Wonder How DoD Will Enforce Supply Chain Security Requirements, Inside Defense, (Mar. 30, 2018), available here (covering the difficulties of NIST 800-171 implementation).
  [FN/3] Export-controlled information is included in the CUI Registry. The National Archives and Records Administration (NARA) is charged with implementing the program and overseeing agency actions to ensure compliance with Executive Order 13556 (Nov. 10, 2010). On May 17, 2018, DSS was designated as the lead agency for implementing procedures for oversight of CUI for the Defense Industrial Base. See Memorandum from Joseph Kernan, Under Secretary of Defense, Regarding Controlled Unclassified Information Implementation and Oversight of the Defense Industrial Base (May 17, 2018), available here. DSS must publish a report six months from the publication of this memorandum, or November 17, 2018 addressing the following information: identification of resource constraints, additional policy required to support CUI oversight authority, and program improvement recommendations. 
  [FN/4] 40 C.F.R. § 252.7012(a) (2018).
  [FN/5] 40 C.F.R. § 252.7012(c)(1) (2018).
  [FN/6] Frequently Asked Questions (FAQs) – Implementation of DFARS Case 2013-D018, Network Penetration Reporting and Contracting for Cloud Services, Department of Defense Procurement Toolbox, Question 28, available here (Jan. 27, 2017).
  [FN/7] Kernan, supra note 3.

* * * * * * * * * * * * * * * * * * * * 


John Heisman
 (John William Heisman; 23 Oct 1869 – 3 Oct 1936; was a player and coach of American football, baseball, and basketball, as well as a sportswriter and actor. He served as the head football coach at Oberlin College, Buchtel College (now known as the University of Akron), Auburn University, Clemson University, Georgia Tech, the University of Pennsylvania, Washington & Jefferson College, and Rice University, compiling a career college football record of 186-70-18.
The Heisman Trophy,
 awarded annually to the season’s most outstanding college football player, is named after him.)

When you find your opponent’s weak spot, hammer it.” 

Pablo Picasso
 (Pablo Ruiz Picasso; 25 Oct 1881 – 8 Apr 1973; was a Spanish painter, sculptor, print maker, ceramicist, stage designer, poet and playwright who spent most of his adult life in France. Regarded as one of the most influential artists of the 20th century, he is known for co-founding the Cubist movement, inventing constructed sculpture, co-inventing collage, and for the wide variety of styles that he helped develop and explore.)
  – “The purpose of art is washing the dust of daily life off our souls.”

* * * * * * * * * * * * * * * * * * * *

. Are Your Copies of Regulations Up to Date?
(Source: Editor)

The official versions of the following regulations are published annually in the U.S. Code of Federal Regulations (C.F.R.), but are updated as amended in the Federal Register.  The latest amendments to applicable regulations are listed below.
: 27 CFR Part 447-Importation of Arms, Ammunition, and Implements of War
  – Last Amendment: 15 Jan 2016: 81 FR 2657-2723: Machineguns, Destructive Devices and Certain Other Firearms; Background Checks for Responsible Persons of a Trust or Legal Entity With Respect To Making or Transferring a Firearm. 
: 19 CFR, Ch. 1, Pts. 0-199
  – Last Amendment: 19 Sep 2018: 83 FR 47283-47284: Extension of Import Restrictions Imposed on Archaeological Material From Cambodia  


  – Last Amendment: 18 May 2016: Change 2
: Implement an insider threat program; reporting requirements for Cleared Defense Contractors; alignment with Federal standards for classified information systems; incorporated and cancelled Supp. 1 to the NISPOM (Summary 

: 15 CFR Subtit. B, Ch. VII, Pts. 730-774

Last Amendment: 24 Oct 2018: 
83 FR 53742-53793
: Wassenaar Arrangement 2017 Plenary Agreements Implementation; Final Rule [Revision of EAR Parts 740, 742, 744, 772, and 774.]

: 31 CFR, Parts 500-599, Embargoes, Sanctions, Executive Orders

  – Last Amendment: 29 June 2018: 83 FR 30541-30548: Global Magnitsky Sanctions Regulations; and 83 FR 30539-30541: Removal of the Sudanese Sanctions Regulations and Amendment of the Terrorism List Government Sanctions Regulations 

: 15 CFR Part 30
  – Last Amendment: 24 Apr 2018: 3 FR 17749-17751: Foreign Trade Regulations (FTR): Clarification on the Collection and Confidentiality of Kimberley Process Certificates
  – HTS codes that are not valid for AES are available
  – The latest edition (30 Apr 2018) of Bartlett’s Annotated FTR (“BAFTR”), by James E. Bartlett III, is available for downloading in Word format. The BAFTR contains all FTR amendments, FTR Letters and Notices, a large Index, and approximately 250 footnotes containing case annotations, practice tips, Census/AES guidance, and explanations of the numerous errors contained in the official text. Subscribers receive revised copies in Microsoft Word every time the FTR is amended. The BAFTR is available by annual subscription from the Full Circle Compliance websiteBITAR subscribers are entitled to a 25% discount on subscriptions to the BAFTR. Government employees (including military) and employees of universities are eligible for a 50% discount on both publications at www.FullCircleCompiance.eu.  
, 1 Jan 2018: 19 USC 1202 Annex. (“HTS” and “HTSA” are often seen as abbreviations for the Harmonized Tariff Schedule of the United States Annotated, shortened versions of “HTSUSA”.)

  – Last Amendment: 22 Oct 2018: Harmonized System Update 1818

containing 1,544 ABI records and 286 harmonized tariff records.

  – HTS codes for AES are available 
  – HTS codes that are not valid for AES are available 
  – Last Amendment:
4 Oct 2018: 83 FR 50003-50007: Regulatory Reform Revisions to the International Traffic in Arms Regulations.

  – The only available fully updated copy (latest edition: 4 Oct 2018) of the ITAR with all amendments is contained in Bartlett’s Annotated ITAR (“BITAR”), by James E. Bartlett III. The BITAR contains all ITAR amendments to date, plus a large Index, over 800 footnotes containing amendment histories, case annotations, practice tips, DDTC guidance, and explanations of errors in the official ITAR text. Subscribers receive updated copies of the BITAR in Word by email, usually revised within 24 hours after every ITAR amendment.
The BITAR is available by annual subscription from the Full Circle Compliance
. BAFTR subscribers receive a $25 discount on subscriptions to the BITAR, please
contact us
to receive your discount code.

* * * * * * * * * * * * * * * * * * * *

Weekly Highlights of the Daily Bugle Top Stories

(Source: Editor) 

Review last week’s top Ex/Im stories in “Weekly Highlights of the Daily Bugle Top Stories” published 

* * * * * * * * * * * * * * * * * * * *


* The Ex/Im Daily Update is a publication of FCC Advisory B.V., compiled by: Editor, James E. Bartlett III; Assistant Editors, Alexander P. Bosch and Vincent J.A. Goossen; and Events & Jobs Editor, Alex Witt. The Ex/Im Daily Update is emailed every business day to approximately 6,000 readers of changes to defense and high-tech trade laws and regulations. We check the following sources daily: Federal Register, Congressional Record, Commerce/AES, Commerce/BIS, DHS/CBP, DOE/NRC, DOJ/ATF, DoD/DSS, DoD/DTSA, FAR/DFARS, State/DDTC, Treasury/OFAC, White House, and similar websites of Australia, Canada, U.K., and other countries and international organizations.  Due to space limitations, we do not post Arms Sales notifications, Denied Party listings, or Customs AD/CVD items.

* RIGHTS & RESTRICTIONS: This email contains no proprietary, classified, or export-controlled information. All items are obtained from public sources or are published with permission of private contributors, and may be freely circulated without further permission, provided attribution is given to “The Export/Import Daily Bugle of (date)”. Any further use of contributors’ material, however, must comply with applicable copyright laws.  If you would to submit material for inclusion in the The Export/Import Daily Update (“Daily Bugle”), please find instructions here.

* CAVEAT: The contents of this newsletter cannot be relied upon as legal or expert advice.  Consult your own legal counsel or compliance specialists before taking actions based upon news items or opinions from this or other unofficial sources.  If any U.S. federal tax issue is discussed in this communication, it was not intended or written by the author or sender for tax or legal advice, and cannot be used for the purpose of avoiding penalties under the Internal Revenue Code or promoting, marketing, or recommending to another party any transaction or tax-related matter.

* SUBSCRIPTIONS: Subscriptions are free.  Subscribe by completing the request form on the Full Circle Compliance website

* BACK ISSUES: An archive of Daily Bugle publications from 2005 to present is available HERE.

* TO UNSUBSCRIBE: Use the Safe Unsubscribe link below.

Scroll to Top