19-0507 Tuesday “Daily Bugle'”

19-0507 Tuesday “Daily Bugle”

Tuesday, 7 May 2019

  1. State Seeks Comments Regarding Technology Security/Clearance Plans, Screening Records, and Non-Disclosure Agreements
  1. Items Scheduled for Publication in Future Federal Register Editions 
  2. Commerce/BIS: (No new postings.)
  3. State/DDTC: (No new postings.)
  1. Expeditors News: “CBP Finalizes an Update to its Minimum Security Requirements for CTPAT Program”
  2. Reuters: “Europe Ready to Reimpose Sanctions If Iran Breaches Nuclear Deal: French Official”
  3. Space Intel Report: “Ten Years and Counting: Northrop Partnership with Ukraine Traverses Russian, ITAR, U.S. Content Issues”
  4. WorldECR: “UK Court Hears Saudi Exports Appeal as Airbus Hit by Licence Delays”
  1. J. Reeves: “President Trump Announces Intent to Withdraw the United States from the Arms Trade Treaty – What this Means for Industry”
  2. O. Torres & D. Kyle: “Disclose. Promise. Just Don’t Forget”
  3. S. M. Flicker, K. J. Manley & T. Best: “Something Familiar, Something New: OFAC’s Compliance Program Framework”
  4. T. Murphy: “Section 301 Update – Increase in US Duties (and Increased Pressure on China)”
  1. FCC Presents “Designing an Internal Compliance Program for Export Controls & Sanctions”, 1 Oct in Bruchem, The Netherlands
  2. ICPA Presents “2019 EU Conference”, 15-17 May in London
  1. Bartlett’s Unfamiliar Quotations 
  2. Are Your Copies of Regulations Up to Date? Latest Amendments: DHS/Customs (5 Apr 2019), DOC/EAR (11 Apr 2019), DOC/FTR (24 Apr 2018), DOD/NISPOM (18 May 2016), DOE/AFAEC (23 Feb 2015), DOE/EINEM (20 Nov 2018), DOJ/ATF (14 Mar 2018), DOS/ITAR (19 Apr 2018), DOT/FACR/OFAC (29 Apr 2018), HTSUS (18 Apr 2019) 
  3. Weekly Highlights of the Daily Bugle Top Stories 


Federal Register, 7 May 2019.) [Excerpts.]
FR 84: 2019-09271: 60-Day Notice of Proposed Information Collection: Technology Security/Clearance Plans, Screening Records, and Non-Disclosure Agreements Pursuant to 22 CFR 126.18(c)(2)
* ACTION: Notice of request for public comment.
* SUMMARY: The Department of State is seeking Office of Management and Budget (OMB) approval for the information collection described below. In accordance with the Paperwork Reduction Act of 1995, we are requesting comments on this collection from all interested individuals and organizations. The purpose of this notice is to allow 60 days for public comment preceding submission of the collection to OMB.
* DATES: The Department will accept comments from the public up to July 
8, 2019.
* ADDRESSES: You may submit comments by any of the following methods:
 – Web: Persons with access to the internet may comment on this notice by going to www.Regulations.gov. You can search for the document by entering  – Docket Number: DOS-2019-0010” in the Search field. Then click the Comment Now” button and complete the comment form.
 – Email: DDTCPublicComments@state.gov.
 – Regular Mail: Send written comments to: PM/DDTC, SA-1, 12th Floor, Directorate of Defense Trade Controls, Bureau of Political-Military Affairs, U.S. Department of State, Washington, DC 20522-0112. You must include the DS form number (if applicable), information collection title, and the OMB control number in any correspondence.
We are soliciting public comments to permit the Department to: 
– Title of Information Collection: Technology Security/Clearance Plans, Screening Records, and Non-Disclosure Agreements Pursuant to 22 CFR 126.18(c)(2).
– OMB Control Number: 1405-0195.
– Type of Request: Extension of Currently Approved Collection.
– Originating Office: Bureau of Political-Military Affairs, Directorate of Defense Trade Controls (PM/DDTC).
– Form Number: No form.
– Respondents: Business and Nonprofit Organizations. ...
Please note that comments submitted in response to this Notice are public record. Before including any detailed personal information, you should be aware that your comments as submitted, including your personal information, will be available for public review.
Abstract of Proposed Collection
The export, temporary import, and brokering of defense articles, defense services, and related technical data are licensed by the Directorate of Defense Trade Controls (DDTC) in accordance with the International Traffic in Arms Regulations (“ITAR”, 22 CFR parts 120-130) and Section 38 of the Arms Export Control Act. ITAR Sec. 126.18 eliminates, subject to certain conditions, the requirement for an approval by DDTC of the transfer of unclassified defense articles, which includes technical data, to or within a foreign business entity, foreign governmental entity, or international organization that is an authorized end-user or consignee (including transfers to approved sub-licensees) for defense articles, including the transfer to dual nationals or third-country nationals who are bona fide regular employees directly employed by the foreign consignee or end-user. To use ITAR Sec. 126.18, effective procedures must be in place to prevent diversion to any destination, entity, or for purposes other than those authorized by the applicable export license or other authorization. Those conditions can be met by requiring a security clearance approved by the host nation government for its employees, or the end-user or consignee have in place a process to screen all its employees and to have executed a Non-Disclosure Agreement that provides assurances that the employee will not transfer any defense articles to persons or entities unless specifically authorized by the consignee or end-user. ITAR Sec. 126.18(c)(2) also provides that the technology security/clearance plans and screening records shall be made available to DDTC or its agents for law enforcement purposes upon request. …

Anthony Dearth, Chief of Staff.

* * * * * * * * * * * * * * * * * * * *


OGS_a12. Items Scheduled for Publication in Future Federal Register Editions
(Source: Federal Register)


[No items of interest today.]

* * * * * * * * * * * * * * * * * * * * 

* * * * * * * * * * * * * * * * * * * *

* * * * * * * * * * * * * * * * * * * * 


. Expeditors News: “CBP Finalizes an Update to its Minimum Security Requirements for CTPAT Program” 

Expeditors News, 6 May 2019.)
On May 3, 2019, U.S. Customs and Border Protection (CBP) finalized its review and updated its Customs Trade Partnership Against Terrorism (CTPAT) program’s Minimum Security Criteria (MSC).
Some of the new criteria adopted into the program include:
– Cybersecurity;
– The protection of the supply chain from agricultural contaminants and pests;
– The prevention of money laundering and terrorism financing;
– The proper use and management of security technology.
Several MSC booklets were produced addressing both eligibility and the MSC for the twelve business entity types. The booklets are available on the CTPAT portal and will soon be uploaded here.
CTPAT members are expected to implement the new MSC during 2019.

The CBP press release may be found here.

* * * * * * * * * * * * * * * * * * * * 

Reuters: “Europe Ready to Reimpose Sanctions If Iran Breaches Nuclear Deal: French Official”

Reuters, 7 May 2019.) [Excerpts.]
Europe would have to reimpose sanctions on Iran if Tehran reneged on parts of the 2015 nuclear deal with world powers, a French presidency source said on Tuesday. …
France, Germany and Britain, the European signatories to the agreement that lifted sanctions against Tehran in exchange for restrictions on Iran’s atomic activities, have scrambled to save the deal amid U.S. efforts to isolate Tehran since it announced its withdrawal a year ago.
However, the three have repeatedly warned Iran that it must comply with all aspects of the deal and most importantly the elements related to nuclear activity.
Those restrictions have increased the time Iran would need to build a nuclear bomb if it chose to do so. The United States and the U.N. nuclear watchdog believe Iran had a nuclear weapons program that it abandoned. Iran denies ever having had one. …

* * * * * * * * * * * * * * * * * * * * 

Space Intel Report, 6 May 2019.) [Excerpts.]
Northrop Grumman Innovation Systems has been working with Ukraine’s Yuzhnoye/Yuzhmash rocket manufacturer for over a decade on Northrop’s Taurus/Antares rockets and has traversed ITAR technology-transfer restrictions, Russia’s incursion into eastern Ukraine, and the usual issues of working across different cultures. …
The prospects for the ISS work, and for the continuation of work with Italy’s Avio on Europe’s Vega rocket, is a subject of concern for Yuzhnoye/Yuzhmash managers. …
“We’re concerned,” Campbell said when asked about the Ukrainian space sector. “Changes to legislation would be instrumental in getting new business here, and [exporting] premium products. It has to be done. It used to be you would see nine or 10 rockets being built at a time.” …
Being creative with the U.S. content regulations
Using Russian engines and a Ukrainian first stage might have been a hard sell to the U.S. government, which requires that rockets used for U.S. government missions be at least 51% U.S.-built. …
“We were able to persuade the U.S. government that you can’t just look at the rocket to see if it’s 51%. You’ve got to go into cost and into the labor associated with building the rocket. We were able to convince them that even with the Ukrainian fuel tanks and the Russian engines, we met the criteria.”
ITAR then and now
Next up was the U.S. International Traffic in Arms Regulations (ITAR), which in recent years has been softened for satellite technology transfer, but not for rocket technology.
For Northrop, ITAR meant traveling to Ukraine with Defense Technology Security Administration (DTSA) minders, who assured that no U.S. rocket technology was inadvertently passed to Ukraine. The fact that Northrop was there, principally, to purchase and export Ukrainian technology, did not change this. And the DTSA people’s travel expenses were paid by Northrop. After several years – the first Northrop-Yuzhnoye/Yuzhmash contracts were in 2008 – DTSA agreed to let up, if only a bit.
“It ensures we don’t talk about what we’re not allowed to talk about,” Campbell said of the DTSA oversight. “But because we had a good compliance program – because we trained our people on this compliance program – DTSA decided they didn’t need to come to every meeting.”

Campbell said Northrop, while still Orbital, had contemplated ending the partnership some years ago when Ukraine’s political situation became difficult. But it soon became clear that the risk of exporting hardware was diminishing, and the partnership was maintained.

* * * * * * * * * * * * * * * * * * * * 

WorldECR: “UK Court Hears Saudi Exports Appeal as Airbus Hit by Licence Delays” 

(Source: WorldECR, 6 May 2019.)
Appellants believe there is a ‘clear risk’ that the arms ‘might’ be used in ‘a serious violation of International Humanitarian Law.
The High Court of England & Wales heard an appeal in April, brought by the Campaign Against Arms Trade (‘CAAT’), which seeks to overturn a 2017 High Court judgment allowing the government to continue to export arms to Saudi Arabia for use in Yemen. The appellants argued that the decision to grant export licenses ‘was against UK arms export policy, which clearly states that the government must deny such licenses if there is a “clear risk” that the arms “might” be used in ‘a serious violation of International Humanitarian Law.’
On 7 April, the United Nations humanitarian coordinator for Yemen said there had been reports that ‘as many as eleven civilians, including five students, were killed and scores of civilians injured in Shu’aub District in Sana’a City,’ in an incident that Houti rebels have attributed to a Saudi airstrike.
On 24 April, UK foreign office minister Mark Field told Parliament: ‘British officials have raised this incident with Saudi officials, who have denied publicly that an airstrike took place, and British officials are urgently seeking information from all credible sources. We…continue to call on all parties to the conflict in Yemen to exercise restraint, comply fully with international humanitarian law and implement the Stockholm Agreement without delay in order to improve the humanitarian situation in Yemen.’
It is known that EU Member States are taking different approaches to licensing exports to Saudi – interrupting some defense supply chains.

In its first quarter financial report, published 30 April, Airbus said: ‘[D]ue to the prolonged suspension of defense export licenses to Saudi Arabia by the German Government, and the consequential inability of the Company to execute a customer contract, a € 190 million impairment charge has been recognized mainly on inventories and a € 107 million financial expense related to hedge ineffectiveness.’

* * * * * * * * * * * * * * * * * * * * 


9. J. Reeves: “President Trump Announces Intent to Withdraw the United States from the Arms Trade Treaty – What this Means for Industry”

(Source: F.A.I.R. Import-Export News, 7 May 2019.)
* Author: Johanna Reeves, Esq., Reeves & Dola, LLP, jreeves@reevesdola.com, +1-202-683-4200.
On April 26, 2019, President Trump announced he will revoke the United States’ signature to the Arms Trade Treaty (ATT), and requested the Senate halt the ratification process. As can be expected, the announcement elicited immediate cheers and jeers, but there is a critical question that has yet to be addressed. What does a U.S. withdrawal from the ATT mean for U.S. exporters and importers of firearms, ammunition, and other defense articles?
As many of you are aware, the object and purpose of the ATT is to establish common international standards for regulating the import, export, transfer, and brokering of conventional arms, and to prevent and eradicate the illicit trade in the same. Article 2 of the ATT defines “conventional arms” to include the following:
– Battle tanks
– Armored combat vehicles
– Large-caliber artillery systems
– Combat aircraft
– Attack helicopters
– Warships
– Missiles and missile launchers; and
– Small arms and light weapons (including parts) 
Notably, the ATT covers ammunition as well as conventional firearms, requiring States to establish and maintain a national control system to regulate the export of ammunition. Other noteworthy provisions of the ATT include transfer restrictions, export information sharing, end-use certifications for imports, brokering controls and international cooperation. A full copy of the ATT is accessible here.
The United States, under the Obama Administration, signed (but did not ratify) the treaty on September 25, 2013. The Treaty came into force on December 24, 2014, after fifty countries ratified the document. As a signatory, the United States has been obliged to adhere to the treaty and its requirements. Now, however, with President Trump’s order to withdraw the United States’ signature from the ATT, the United States will no longer be legally bound to its requirements.
The F.A.I.R. Trade Group has long opposed the U.N.’s efforts to control small arms and light weapons and impede legitimate trade, and in particular we have repeatedly vocalized our concerns over the ATT’s broad scope and potential negative impact on the lawful and legitimate international commerce in firearms and ammunition. On July 11, 2012, Executive Director Johanna Reeves addressed the United Nations in opposition of the ATT. Speaking before the Conference, Ms. Reeves cautioned, “the ATT will perpetuate the uneven playing field in international trade because every state, under the guise of sovereignty, will enact exactly what it wants to accomplish its own trade goals. The ATT, then, will become yet one more tool for certain governments to increase their market share to the detriment of those democracies that accept and abide by the treaty.”
The following year at The Heritage Foundation’s session, “Assessing the Risks of the U.N. Arms Trade Treaty,” Ms. Reeves explained F.A.I.R.’s concerns: “even if the U.S. takes no action with regards to the ATT, even if it does not become a signatory, U.S. exporters and importers will be faced with tighter rules coming from other countries that will affect them commercially.”
On this point our view has not changed, and we again warn that even though the United States may no longer be legally bound to the ATT, many of our closest allies and trading partners are. For example, the United Kingdom, Australia, France, Germany, Italy, and Spain all have ratified the ATT. In fact, 101 countries have ratified the treaty to date, which means these countries have committed to implementing the treaty provisions, including those related to transfer and end-use restrictions. An additional 45 countries have signed but not yet ratified the treaty, including Bahrain, Colombia, Indonesia, Philippines, Thailand, and United Arab Emirates, to name just a few. So even though the President now has promised to withdraw the United States from the treaty, the provisions will find a way into our international commerce. U.S. companies will likely find themselves, if not already, having to deal with increased end-use justifications and other bureaucratic hurdles that governments of ratifying countries implement to comply with the ATT.
There may also be unintended consequences, such as ATT ratifying countries restricting or prohibiting firearm exports to the United States because we are no longer adhering to the perceived global norm established under the treaty. The point is that just because the United States withdraws from the treaty does not mean businesses can forget about it. 

If the Administration wants to make a significant difference and truly improve international trade for the firearms and ammunition industries, it should finalize and implement the rules to transition commercially available firearms and ammunition away from the export controls of the Department of State and over to the controls of the Department of Commerce.  

* * * * * * * * * * * * * * * * * * * * 

10O. Torres & D. Kyle: “Disclose. Promise. Just Don’t Forget”

(Source: Torres Trade Law, 19 Apr 2019.) 
* Authors: Olga Torres, Esq.; and Derrick Kyle, Esq. Both of Torres Trade Law. To contact the firm, go 
In the United States, when violations of the export rules are discovered, exporters have the option to prepare and submit Voluntary Self-Disclosures to the U.S. export agencies in exchange for reduced penalties. These VSDs are formal statements containing a description of the violation and a promise to remedy the conduct that led to it.
Unfortunately, companies do not always follow through with the full implementation of the promised corrective measures, in some cases discontinuing the remedial process measures altogether. 
That is a mistake: it takes very little effort for an agency to follow-up with the disclosing company, say six months, one year, or even three or more years after submission of the VSD, to verify that the promised changes have been implemented and fully integrated into the company’s export compliance framework.
That’s why a thorough review of a potential violation is only the first step in the VSD investigation. It’s equally essential to identify and implement remedial practices and procedures, especially when statutory requirements for submitting VSDs can require companies to describe the corrective measures that they plan to implement.
Failure to Follow Through Can Be Costly
In many situations, the disclosing company starts off on the right foot by submitting a VSD, but the race is only half-run if the company does not implement a compliance program or other corrective measures to prevent the original violations from recurring.
Lessons abound for compliance professionals desperately seeking resources that will allow them to finish promised actions to ensure compliance in the form of high-profile examples where companies fail to follow-through with various assurances and become subject to penalties (or additional penalties).
A prime example is FLIR System, a company that submitted 18 VSDs between 2008 and 2017 to disclose various violations of International Traffic in Arms Regulations (ITAR), including unauthorized provision of defense articles to proscribed destinations and violations of terms and provisos of export licenses.
By regularly disclosing potential violations, FLIR appeared to be complying with the export regulations, even if it was having an extremely difficult time to solve the issues. But in its 2018 proposed Charging Letter, the Directorate of Defense Trade Controls (DDTC) found, among other issues, that FLIR had failed to implement remedial compliance measures that were promised in its VSDs.
As a result, FLIR was required to enter into a consent agreement with DDTC that required FLIR to pay a civil penalty of $30 million. (See our analysis of the FLIR consent agreement from our Spring 2018 newsletter, FLIR Enters Into Consent Agreement with DDTC.)
In some ways, the submission of a VSD acts as an informal bargain between the disclosing company and the receiving agency. The disclosing company admits to wrongdoing, determines how to prevent the same issues from happening again, and implements procedures to prevent a similar situation in the future. In exchange for the peace of mind that a once non-compliant company has become compliant, the export agency is less likely to issue penalties if it believes that the disclosing company has cleaned up its operations. In FLIR’s case, the disclosing company failed to uphold its end of the bargain, so DDTC imposed stiff penalties.
In another high-profile case, on June 7, 2018, the Bureau of Industry and Security (BIS) issued a second $1 billion penalty to Chinese telecommunications company ZTE Corporation for failing to adhere to requirements of a previous settlement with BIS. (For background on the original 2017 ZTE settlement, see our previous article, From A to ZTE: A Review of Lessons Learned from the ZTE Case.) 
In its first settlement with BIS, ZTE informed the agency that it would or had disciplined numerous employees responsible for the violations. Rather than punishing their employees, however, ZTE rewarded them with bonuses.
Once BIS learned of ZTE’s utter failure in following through with promised remedial measures, BIS doubled down on its punishment of ZTE, specifically citing the company’s failure to act as promised. Although the ZTE case is in the context of a settlement agreement rather than a VSD, it still reinforces the fact that the export agencies punish companies for a failure to implement promised corrective measures.
Disclose and Promise, But Do Not Forget
In ZTE’s case the conduct was willful and deceiving; the company never actually tried to adhere to the export regulations and promised remedial actions. But similar situations can arise through sheer forgetfulness (read: negligence), too.
Submitting a VSD may be one of the few instances where a company’s export compliance officer or department has the full attention of company management when leadership is eager to do “whatever will make us look best” in the eyes of the export control agency. After submission, however, the frenzied activity around and attention given to investigating violations and preparing the submission can suddenly dry up, even when everyone involved fully intends to proactively pursue the remedies outlined in the VSD.
If you are an employee of a company that has submitted a VSD at any point in the past several years, you should review the full disclosure in detail to identify all assurances of corrective action so that you can follow up on progress. Have you maintained that yearly audit program you mentioned in your VSD from 2016? Did you hire an export compliance manager by the second quarter of 2018 as disclosed? If DDTC asks to see the Technology Control Plan that you prepared and submitted pursuant to a “deemed export” VSD, would you be able to show proof that the TCP has actually been implemented? If the BIS Office of Export Enforcement agents visit your facility, will they be subject to the visitor requirements and security procedures described in your past VSDs? Have you maintained your classification database and kept all required export records?
You should be able to clearly chart progress toward the remedies proposed in your VSD. If you cannot-if company export compliance procedures are essentially the same as they were before the VSD was submitted-then you must develop a plan for getting back on track, before BIS or DDTC follow up with your company.
Again, it takes very little effort for the agencies to ask simple follow-up questions that undo all the work that went into a VSD simply because the disclosing company has neglected to put its promised corrective measures into action.

* * * * * * * * * * * * * * * * * * * * 

(Source: Paul Hastings LLP, 6 May 2019.) (Part I of II)
*Authors: Scott M. Flicker, Esq., scottflicker@paulhastings.com, +1 202-551-1726; Kwame J. Manley, Esq., kwamemanley@paulhastings.com, +1 202-551-1962; Tom Best, Esq., tombest@paulhastings.com, +1 202-551-1821; All of Paul Hastings LLP.
On May 2, 2019, the U.S. Department of the Treasury’s Office of Foreign Asset Controls (“OFAC”), the U.S. agency responsible for administering and enforcing economic and trade sanctions, released “A Framework for OFAC Compliance Commitments” (the “Framework”). [FN/1] The Framework outlines what OFAC views as the essential components of a Sanctions Compliance Programs (“SCP”). In order to comply effectively with economic sanctions restrictions and requirements, many companies choose to implement risk-based SCPs. This guidance, however, marks the first time that OFAC has provided explicit guidance to companies on its views of what should be included in an effective SCP, and appears to signal the latest installment in its subtle-but-steady push to communicate more with the economic sanctions user community regarding its enforcement and compliance expectations.
Many of the concepts will be familiar to compliance professionals generally, as sensible baseline compliance measures that any program addressing cross-border risks would naturally include. Some suggested measures, however, are tailored to specific risks that arise in the sanctions compliance context; other measures one might expect to see addressed are not included.
The OFAC guidance comes at a time when economic sanctions have come to occupy a position of greater prominence in the regulation of cross-border economic activity and as U.S. officials continue to ramp up both the number of enforcement actions and the range of penalties imposed. Recent prominent settlements have included a requirement that the targeted company implement compliance measures that closely mirror the elements of the SCP. OFAC is clearly seeking to leverage the impact of its enforcement activity to encourage companies globally to adopt preventative measures. OFAC may also be seeking to close the “guidance gap” between it and the other U.S. agencies concerned with cross-border legal risks, including the Department of Justice (“DOJ”), whose National Security and Criminal divisions have issued extensive compliance and enforcement guidance in recent years. [FN/2] Ever-present requests for guidance from the private sector may also have been a catalyst.
Whatever the motivation, we see increased engagement by OFAC with the international business community as a positive development, and one likely to serve companies’ and OFAC’s interests by providing for more explicit compliance standards up-front, and clearer guideposts in the investigation and enforcement context.
However, now that OFAC has provided this communication, OFAC will likely come to expect more from companies that previously may have pleaded ignorance as to what would be sufficient for a risk-based SCP for an organization. In issuing this Framework, OFAC expressly stated that it would now consider “the existence of an effective SCP” in determining penalty calculations for violations. [FN/3] We also expect financial institutions, often on the “front line” of sanctions enforcement actions, to begin demanding that borrowers who operate in higher-risk environments adopt measures reflecting the OFAC principles. Accordingly, companies would be well advised to take the time to evaluate their compliance programs against the five factors set forth in the Framework, and assess any changes that may need to be made to comport with OFAC’s new recommendations.
The Framework
The Framework sets out OFAC’s position that an effective SCP contains the “five essential components of compliance: (1) management commitment; (2) risk assessment; (3) internal controls; (4) testing and auditing; and (5) training,” and explains in some detail what OFAC views as the elements of each component.[FN/4] OFAC also includes an appendix outlining ten “root causes” of past sanctions violations, explaining how they have led to enforcement actions in certain types of enterprises since the publication of OFAC’s Economic Sanctions Enforcement Guidelines. [FN/5]
The Five Components
OFAC has long included a Risk Matrix in its Economic Sanctions Enforcement Guidelines (“Guidelines”) as an appendix to the OFAC federal regulations as a way for financial institutions to “evaluate their compliance programs.” [FN/6] Several elements of the matrix are now included in the more detailed and precise Framework. While OFAC acknowledges that the level of complexity and sophistication required for an SCP will vary depending on company-specific factors, the five components on which an SCP should be predicated remain the same, which are identified and explained as follows.
Management Commitment
OFAC considers senior management’s commitment to a company’s SCP as “one of the most important factors in determining its success,” and has set out five ways that a company’s senior management-including its senior leadership and the board of directors-should be involved in an effective SCP: [FN/7]
   (1) Reviewing and approving the company’s SCP;
   (2) Ensuring the compliance function has the requisite authority and autonomy to be effective, including direct reporting lines to senior management;
   (3) Providing the compliance function with adequate resources, such as personnel and technology;
   (4)Promoting a “culture of compliance” throughout the company; and
   (5) Demonstrating recognition of the severity of OFAC violations and implementing appropriate measures to ensure compliance with sanctions.
OFAC emphasizes that in order for an SCP to be adequately resourced, a company should maintain a “dedicated OFAC sanctions compliance officer,” who – in a nod to the many hats most compliance officers often wear – may be someone serving in other senior compliance positions. Demonstrating that a company has a single individual who is responsible for sanctions compliance oversight is a simple, but significant, way to exhibit a management commitment to sanctions compliance.
Risk Assessment
As with similar documents published by the DOJ, SEC, and other enforcement agencies concerned with foreign corruption and other wrongdoing, the Framework explicitly states the need for companies to conduct tailored risk assessments. [FN/8] Unlike those documents, however, the Framework does so in a more focused and targeted way, emphasizing three key areas that companies may assess in order to determine areas where a company may engage with sanctioned persons or jurisdictions:
   (1) Third parties (i.e. customers, supply chain, intermediaries, and counter-parties);
   (2) Product and service offerings; and
   (3) Geographic locations of the company.
OFAC encourages companies to conduct a risk assessment both “in a manner, and with a frequency, that accounts for the potential risks.” Accordingly, OFAC provides that a “central tenet” of an effective risk assessment is ensuring that it is routine and, if appropriate, ongoing. Risk assessments can most effectively assist in creating internal controls and training when companies update and adapt the assessment periodically, in order to account for any underlying root causes that have led to deficiencies within the organization that could lead to sanctions violations.
Internal Controls
The Framework explicitly sets out seven key internal controls that should be included in an SCP. [FN/9] Implementing these controls provide an organization with the policies and procedures necessary to minimize risk and identify, escalate, remedy, and keep reports of potential sanctions violations. The seven internal controls that OFAC explains are:
   (1) Written policies and procedures that are easy to follow and designed to prevent employees from engaging in misconduct;
   (2) Internal controls such as technology solutions that are calibrated to appropriately address the company’s risk profile;
   (3) Internal or external audits designed to enforce the policies and procedures;
   (4) Recordkeeping policies to adequately account for any requirements imposed by sanctions programs;
   (5) Mechanisms to take immediate and effective action to remedy internal controls when a weakness is identified;
   (6) Clear communication of the SCP policies and procedures to relevant personnel and third parties; and
   (7) Appointment of personnel to integrate the SCP into the daily operations of the company.
Interestingly, OFAC emphasizes that in order to be effective, SCP “should be capable of adjusting rapidly to changes published by OFAC”-including changes to lists of blocked persons, new or updated sanctions, and the issuance of general licenses.
Testing and Auditing
While many of the Framework components were previously considered in the Guidelines and are common across all compliance disciplines, testing and auditing was not previously included in such guidance and represents a new piece of the compliance puzzle. Companies are encouraged to conduct audits to discover discrepancies between the ideal practices as set forth in the SCP, and day-to-day operations of a company. [FN/10] OFAC now expects to see at least three attributes in connection with the sanctions audit function, including a company’s commitment to ensuring:
   (1) The audit function is accountable to senior management and equipped with the necessary tools and resources;
   (2) The audit procedures are appropriately scaled to the company’s level of commercial sophistication; and
   (3) The company will take immediate action to remedy any issues identified by the audit.
Auditing is an important mechanism by which companies can analyze the effectiveness of the policies and procedures implemented by an SCP, and OFAC now expressly considers a company’s commitment to such practices.
As one would expect, OFAC identifies effective training as an “integral component of a successful SCP.” OFAC further explains that, for a training program to be considered adequate by the agency, a company must:
   (1) Ensure the program is tailored effectively to provide appropriate levels of information to all relevant employees;
   (2) Confirm the scope of the program is proportional to the company’s specific circumstances, such as third parties with which the company deals, its products and services, and its geographic presence;
   (3) Provide the training with suitable frequency based on the company’s risk profile;
   (4) Institute training upon learning of a deficiency related to sanctions compliance; and
   (5) Include easily accessible resources as a part of the training program.
[FN/1] A Framework for OFAC Compliance Commitments, U.S. Department of the Treasury, Office of Foreign Assets Control (May 2, 2019), (hereinafter, the “Framework”).
[FN/2] See Guidance Regarding Voluntary Self-Disclosures, Cooperation, and Remediation in Export Control and Sanctions Investigations Involving Business Organizations, U.S. Department of Justice, National Security Division (Oct. 2, 2016); The Evaluation of Corporate Compliance Programs, U.S. Department of Justice, Criminal Division (Apr. 30, 2019).
[FN/3] OFAC will now consider the existence of an effective SCP in its determination of whether or not a violation of sanctions regulations is considered to be “egregious.” The Director or Deputy Director makes determinations of whether a violation is egregious for purposes of calculating monetary penalties. A determination that a violation was egregious leads to larger penalties, up to the statutory maximum if the case is egregious and the violation was not self-disclosed. The current statutory maximum penalty for violations of the International Emergency Economic Powers Act, under which many sanctions programs are promulgated, is the greater of $295,141 or twice the amount of the underlying transaction for each violation.
[FN/4] Framework, supra note 1, at 1.
[FN/5] Id. at 9.
[FN/6] 31 C.F.R. Part 501, Appendix A.
[FN/7] Framework, supra note 1 at 2.
[FN/8] Id. at 3.
[FN/9] Id. at 5..
[FN/10] Id. at 6.

* * * * * * * * * * * * * * * * * * * * 

(Source: Author, 5 May 2019.)
* Author: Ted Murhpy, Esq., Baker & Mckenzie. Contact Ted at:

Earlier today, in between tweets about yesterday’s Kentucky Derby result and the Mueller report, President Trump announced that (i) the 10% duty on articles included on List 3 would increase from 10% to 25% this coming Friday (May 10, 2019), and (ii) a 25% duty would be imposed on the remaining $325 billion worth of imports from China “shortly”.
This announcement is a bombshell, particularly given recent stories about all of the progress being made in the negotiations between the United States and China.  Secretary Mnuchin and USTR Lighthizer were in China last week, and Vice Premier Liu was expected to come to Washington, DC this week, to continue (and potentially complete) those negotiations.  We believe that today’s announcement should be viewed in that context – i.e., the negotiations may be down to the final stages and President Trump is using the leverage he has to cinch the deal.  In particular, people should watch to see if Vice Premier Liu still comes to Washington, DC this week for talks, or whether he stays home in response to today’s tweets.  If he does come to town, then there is a greater likelihood that a deal is reached (and the proposed increase in duties may mooted or delayed); whereas, if he stays home, then the proposed increase in duties take effect.

Unfortunately, President Trump believes that the Section 301 duties are “mostly borne by China” and “have had little impact on product cost”.  As a result, all companies that import articles from China (whether currently subject to the Section 301 duties or not) should be watching the news this week for further developments.  Interesting times.

* * * * * * * * * * * * * * * * * * * * 


FCC Presents “Designing an Internal Compliance Program for Export Controls & Sanctions”, 1 Oct in Bruchem, the Netherlands

* What: Designing an Internal Compliance Program for Export Controls & Sanctions”
* Date: Tuesday, 1 Oct 2019
* Location: Full Circle Compliance, Landgoed Groenhoven, Dorpsstraat 6, Bruchem, The Netherlands
* Times:
  – Registration and welcome: 9.00 am – 9.30 am
  – Training course hours: 9.30 am – 4.30 pm
* Level: Intermediate
* Target Audience:  the course provides valuable insights for both compliance professionals, employees and (senior / middle) management working in any industry subject to U.S. and/or EU (member state) export control laws and sanctions regulations.
* Instructors: Drs. Ghislaine C.Y. Gillessen RA and Marco M. Crombach MSc.

* Information & Registration: click here or contact us at events@fullcirclecompliance.eu or 31 (0)23 – 844 – 9046.  

* * * * * * * * * * * * * * * * * * * *

TE_a214. ICPA Presents “2019 EU Conference”, 15-17 May in London

* What: 2019 EU Conference

Import and Export Track (click here for the agenda)

Professional Speakers
– Hot Industry Topics
* When: 15-17 May 2019
* Where: The Tower Hotel, London, United Kingdom.
* Sponsor: International Compliance Professionals Association (ICPA)
* Information & Registration: Click here.

* * * * * * * * * * * * * * * * * * * *


* Robert Browning (7 May 1812 – 12 Dec 1889; was an English poet and playwright whose mastery of the dramatic monologue made him one of the foremost Victorian poets. His poems are known for their irony, characterization, dark humor, social commentary, historical settings, and challenging vocabulary and syntax.)
  – “Perhaps one has to be very old before one learns to be amused rather than shocked.”
  – “Grow old with me! The best is yet to be.”

* * * * * * * * * * * * * * * * * * * *

. Are Your Copies of Regulations Up to Date?
(Source: Editor)


DHS CUSTOMS REGULATIONS: 19 CFR, Ch. 1, Pts. 0-199.  Implemented by Dep’t of Homeland Security, U.S. Customs & Border Protection.

  – Last Amendment: 5 Apr 2019:
84 FR 13499-13513: Civil Monetary Penalty Adjustments for Inflation

DOC EXPORT ADMINISTRATION REGULATIONS (EAR): 15 CFR Subtit. B, Ch. VII, Pts. 730-774. Implemented by Dep’t of Commerce, Bureau of Industry & Security.
  – Last Amendment: 11 Apr 2019: 84 FR 14608-14614: Revisions to the Unverified List (UVL) 
* DOC FOREIGN TRADE REGULATIONS (FTR): 15 CFR Part 30.  Implemented by Dep’t of Commerce, U.S. Census Bureau.
  – Last Amendment: 24 Apr 2018: 83 FR 17749-17751: Foreign Trade Regulations (FTR): Clarification on the Collection and Confidentiality of Kimberley Process Certificates
  – HTS codes that are not valid for AES are available here.
  – The latest edition (1 Jan 2019) of Bartlett’s Annotated FTR (“BAFTR”), by James E. Bartlett III, is available for downloading in Word format. The BAFTR contains all FTR amendments, FTR Letters and Notices, a large Index, and approximately 250 footnotes containing case annotations, practice tips, Census/AES guidance, and explanations of the numerous errors contained in the official text. Subscribers receive revised copies in Microsoft Word every time the FTR is amended. The BAFTR is available by annual subscription from the Full Circle Compliance website.  BITAR subscribers are entitled to a 25% discount on subscriptions to the BAFTR. Government employees (including military) and employees of universities are eligible for a 50% discount on both publications at www.FullCircleCompiance.eu.   


  – Last Amendment: 18 May 2016: Change 2: Implement an insider threat program; reporting requirements for Cleared Defense Contractors; alignment with Federal standards for classified information systems; incorporated and cancelled Supp. 1 to the NISPOM (Summary here.)
DOE ASSISTANCE TO FOREIGN ATOMIC ENERGY ACTIVITIES: 10 CFR Part 810; Implemented by Dep’t of Energy, National Nuclear Security Administration, under Atomic Energy Act of 1954.
  – Last Amendment: 23 Feb 2015: 80 FR 9359, comprehensive updating of regulations, updates the activities and technologies subject to specific authorization and DOE reporting requirements. This rule also identifies destinations with respect to which most assistance would be generally authorized and destinations that would require a specific authorization by the Secretary of Energy.
DOE EXPORT AND IMPORT OF NUCLEAR EQUIPMENT AND MATERIAL; 10 CFR Part 110; Implemented by Dep’t of Energy, U.S. Nuclear Regulatory Commission, under Atomic Energy Act of 1954.
  – Last Amendment: 20 Nov 2018, 10 CFR 110.6, Re-transfers.

* DOJ ATF ARMS IMPORT REGULATIONS: 27 CFR Part 447-Importation of Arms, Ammunition, and Implements of War.  Implemented by Dep’t of Justice, Bureau of Alcohol, Tobacco, Firearms & Explosives.
  – Last Amendment: 14 Mar 2019: 84 FR 9239-9240: Bump-Stock-Type Devices 


DOS INTERNATIONAL TRAFFIC IN ARMS REGULATIONS (ITAR): 22 C.F.R. Ch. I, Subch. M, Pts. 120-130. Implemented by Dep’t of State, Directorate of Defense Trade Controls.
  – Last Amendment: 19 Apr 2019: 84 FR 16398-16402: International Traffic in Arms Regulations: Transfers Made by or for a Department or Agency of the U.S. Government   
  – The only available fully updated copy (latest edition: 19 Apr 2019) of the ITAR with all amendments is contained in Bartlett’s Annotated ITAR (“BITAR”), by James E. Bartlett III. The BITAR contains all ITAR amendments to date, plus a large Index, over 800 footnotes containing amendment histories, case annotations, practice tips, DDTC guidance, and explanations of errors in the official ITAR text. Subscribers receive updated copies of the BITAR in Word by email, usually revised within 24 hours after every ITAR amendment. The BITAR is available by annual subscription from the Full Circle Compliance website. BAFTR subscribers receive a $25 discount on subscriptions to the BITAR, please contact us to receive your discount code.
* DOT FOREIGN ASSETS CONTROL REGULATIONS (OFAC FACR): 31 CFR, Parts 500-599, Embargoes, Sanctions, Executive Orders. 

Implemented by Dep’t of Treasury, Office of Foreign Assets Control.

  – Last Amendment: 29 Apr 2019: 84 FR 17950-17958
: Foreign Interference in U.S. Elections Sanctions Regulations [amendment of 31 CFR Part 579 to implement EO 13848]   

* USITC HARMONIZED TARIFF SCHEDULE OF THE UNITED STATES (HTS, HTSA or HTSUSA), 1 Jan 2019: 19 USC 1202 Annex. Implemented by U.S. International Trade Commission. (“HTS” and “HTSA” are often seen as abbreviations for the Harmonized Tariff Schedule of the United States Annotated, shortened versions of “HTSUSA”.)

Last Amendment: 18 Apr 2019: Harmonized System Update (HSU) 1906

  – HTS codes for AES are available here.
  – HTS codes that are not valid for AES are available here.

* * * * * * * * * * * * * * * * * * * *

Weekly Highlights of the Daily Bugle Top Stories

(Source: Editor) 

Review last week’s top Ex/Im stories in “Weekly Highlights of the Daily Bugle Top Stories” published  

* * * * * * * * * * * * * * * * * * * *


* The Ex/Im Daily Update is a publication of FCC Advisory B.V., compiled by: Editor, James E. Bartlett III; Assistant Editors, Vincent J.A. Goossen and Alexander Witt; and Events & Jobs Editor, Sven Goor. The Ex/Im Daily Update is emailed every business day to approximately 7,000 readers of changes to defense and high-tech trade laws and regulations. 
We check the following sources daily: Federal Register, Congressional Record, Commerce/AES, Commerce/BIS, DHS/CBP, DOE/NRC, DOJ/ATF, DoD/DSS, DoD/DTSA, FAR/DFARS, State/DDTC, Treasury/OFAC, White House, and similar websites of Australia, Canada, U.K., and other countries and international organizations.  Due to space limitations, we do not post Arms Sales notifications, Denied Party listings, or Customs AD/CVD items.

* RIGHTS & RESTRICTIONS: This email contains no proprietary, classified, or export-controlled information. All items are obtained from public sources or are published with permission of private contributors, and may be freely circulated without further permission, provided attribution is given to “The Export/Import Daily Bugle of (date)”. Any further use of contributors’ material, however, must comply with applicable copyright laws.  If you would to submit material for inclusion in the The Export/Import Daily Update (“Daily Bugle”), please find instructions here.

* CAVEAT: The contents of this newsletter cannot be relied upon as legal or expert advice.  Consult your own legal counsel or compliance specialists before taking actions based upon news items or opinions from this or other unofficial sources.  If any U.S. federal tax issue is discussed in this communication, it was not intended or written by the author or sender for tax or legal advice, and cannot be used for the purpose of avoiding penalties under the Internal Revenue Code or promoting, marketing, or recommending to another party any transaction or tax-related matter.

* SUBSCRIPTIONS: Subscriptions are free.  Subscribe by completing the request form on the Full Circle Compliance website

* BACK ISSUES: An archive of Daily Bugle publications from 2005 to present is available HERE.

* TO UNSUBSCRIBE: Use the Safe Unsubscribe link below.

Scroll to Top