Whatever the reason, whatever the unique business profile, and whatever the current state of a company's export compliance, all companies can benefit from a standard "Roadmap" to build - or improve - their global export compliance programme. 

This Roadmap consists of four critical steps: 

Step 1: Assess

Look before you leap.  Understand all export control laws that apply to your business. Identify the points in the order-to-cash and procure-to-pay processes that are impacted by export controls within your company, as well as your company's strategic priorities (e.g., geographies and technologies).  Review the supply chain to understand whether U.S. extraterritorial jurisdiction might be introduced through parts and components or intellectual property. Assess the current level of awareness and export control expertise in your organisation.  Identify and quantify export control risks based on all of the information gathered through this exercise.   

Step 2: Design

Design a programme that specifically addresses the risks that you have identified.  Tailor the programme to address specific jurisdictional requirements.  Make sure that the programme addresses and supports the company's strategic priorities, including the capability to address risks and business needs presented by future initiatives. Establish a training plan to ensure your employees have sufficient levels of knowledge and expertise. Identify technical tools that can facilitate compliance. Establish project plans.

Step 3: Implement

A successful implementation drives the export compliance programme into the DNA of all your company's functions that have export compliance responsibilities (which will be most of them). Translate the policy to work instructions and specific procedures.  Tone from the top is critical at this phase.  Communication and training will ensure that knowledge and expertise overlay the written requirements.  Plan to team with other functions (e.g., IT), as some implementation efforts will be beyond the skill set of the compliance team. 

Step 4: Monitor

Confirm that the programme is actually implemented and that it is meeting risk and business needs.  Establish regular self-assessments.  These can be manual or automated questionnaires, and they will provide your company with insight into the level of implementation at its global subsidiaries.  Establish a deep-dive audit schedule, based upon the self-assessment results (and other identified risk factors), and conduct transactional audits of selected sites to confirm conformance with the specific requirements of the export compliance programme. 

A sequential roadmap such as this, when tailored to an organisation's specific needs, can help to establish a clear path forward in what might otherwise be a confusing and complex journey.  

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.