On July 10, 2024, the US Department of Commerce's Bureau of Industry and Security (BIS) published new guidance describing several of the tools that BIS uses now to directly notify companies and universities about the potential diversion of items in violation of the Export Administration Regulations (EAR). As discussed in more detail below, industry and academia should be aware that a notice from BIS may place additional due diligence requirements or restrictions on the recipient. Below is a brief summary of BIS's methods of notifying companies and universities and BIS's expectations for recipients of those notices.
"Supplier List" Letters
- What should recipients expect?
A "supplier list" letter identifies parties of diversion concern. A company or university may receive a "supplier list" letter regardless of whether or not it has previously transacted with those parties. Beginning in March 2024, BIS issued "supplier list" letters containing a list of suppliers to foreign parties who had been diverting certain items to Russia.
- What does the guidance advise recipients to do?
The guidance recommends that upon receipt of a "supplier list" letter, companies and universities should closely scrutinize any transactions with the identified parties to determine whether any red flags are present. Recipients should refer to Supplement No. 3 to 15 CFR Part 732, which contains BIS's Know Your Customer (KYC) Guidance and Red Flags, for assistance in identifying red flags.
Project Guardian Requests
- What should recipients expect?
In a Project Guardian request, BIS asks a company or university to be on the lookout for transactions with specific parties or involving a specific item.
- What does the guidance advise recipients to do?
BIS requests that if a company or university identifies such a transaction or receives such a product inquiry, that it deny, or at minimum, suspend fulfilling, such an order and contact its local Export Enforcement field office for guidance.
"Red Flag" Letters
- What should recipients expect?
A "red flag" letter informs a company that one of their customers may have, in violation of the EAR, reexported or transferred (in-country) the same type of item that the company previously exported to that customer. BIS advises that this type of activity "creates a high probability that an export violation may occur."
- What does the guidance advise recipients to do?
The guidance directs recipients of "red flag" letters to conduct additional due diligence to resolve and overcome the identified red flag before fulfilling an order from the customer.
"Is Informed" Letters
- What should recipients expect?
An "is informed" letter notifies companies and universities of supplemental license requirements applicable to specific items going to specific entities or destinations, or to specific activities of US persons. Upon receipt, the recipient "is informed" of license requirements for specific transactions. Each letter will specify the scope of items or US person activities subject to a license requirement, the license review policy that BIS will apply in reviewing such license applications, and the process for submitting such license applications to BIS.
- What does the guidance advise recipients to do?
BIS states in the guidance that a recipient of an "is informed" letter who engages in a transaction covered by the letter without the required authorization violates the EAR. From an enforcement perspective, BIS treats non-compliance with an "is informed" letter the same as non-compliance with a license requirement under the EAR.
As part of the guidance, BIS published the following chart summarizing each tool:
Although these tools may help recipients in navigating diversion risks, recipients should be aware that a notice from BIS may also suggest increased scrutiny by BIS of any transactions related to the notice. Notably, BIS issued this guidance at a time when the US government has increasingly targeted networks utilized to circumvent export controls and sanctions against Russia. As we discussed last month, the US government recently issued a broad package of measures focused on Russia's use of financial services and procurement networks based in third countries, particularly those in China.
The guidance specifically discusses one type of notification scenario. If BIS notifies a company or university of a party known to have likely reexported items in violation of the EAR, BIS advises the recipient to:
- First, identify affirmative information that the party is no longer engaged in reexport or transfer (in-country) activities in violation of the EAR before exporting to them.
- Then, if the recipient exports to such a party, it should keep detailed records of (i) the information received, (ii) the steps taken to verify such information, and (iii) documentation of the decision-making process that led to the conclusion that the customer's activities with respect to the proposed transaction were explained or justified.
- Finally, if the recipient cannot resolve the red flag, it should either refrain from engaging in the transaction or seek BIS authorization by submitting a license application.
BIS warns that "[s]hould a company or university proceed with a transaction without obtaining an export license with knowledge that a red flag exists or could not be explained or justified, especially when BIS affirmatively identified that red flag through a Project Guardian request or a 'red flag' letter, BIS will consider such conduct an aggravating factor in any subsequent administrative enforcement action." However, should a company or university cooperate with a Project Guardian request by voluntarily providing information, "BIS will take such cooperation into account as a mitigating factor if an enforcement action is later brought against the company or university, even for unrelated conduct." Relatedly, we discussed BIS's enforcement policies, including aggravating and mitigating factors, in previous posts on April 26, 2023 and July 31, 2023.
Notably, as part of the guidance, BIS also announced a new recommended best practice for companies and universities involved with the export, reexport, or transfer (in-country) of Common High Priority List (CHPL) items. The CHPL includes items sought by Russia for its weapons programs. BIS strongly encourages companies or universities involved in the export, reexport, or transfer (in-country) of CHPL items to screen transaction parties against a list that has been published on the Trade Integrity Project (TIP) website. TIP, which is an initiative of the UK-based Open Source Centre, provides a list of parties in third countries that it has identified based on open-source information with a history of exporting CHPL items to Russia since its invasion of Ukraine. The guidance directs companies and universities to closely scrutinize any potential transaction parties listed on the TIP website to determine if any red flags are present before transacting with those parties.
Together, the new recommended best practice and BIS's existing outreach tools reflect greater focus by the agency on ensuring that members of industry and academia are proactively addressing risks of diversion in violation of the EAR. We expect that BIS will continue to target circumvention networks that aid Russia in acquiring export-controlled items, particularly CHPL items. Companies and universities notified of a diversion risk by BIS should proceed carefully to ensure that they act in accordance with export control laws and the latest guidance.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.