Mar 19, 2018
In today’s business world, any company doing business internationally must have effective policies in place to comply with United States’ export laws and regulations. If at any time your company engages in trade with another country, it is important to understand the rules that govern such trade and have a compliance policy in place. The U.S. export controls apply to all international business. Penalties for violating them may include criminal prosecution with up to 20 years in jail, denial of U.S. export privileges, and debarment from U.S. government contracts.
In the webinar “End Users, Due Diligence and Necessary Documentation in the Event of an Audit, Best Practices,” hosted by FCIB, presenter Lizbeth C. Rodriguez-Johnson, Esq., of Holland & Hart LLP, outlined what comprises a good compliance policy for companies and the importance of having one. Strict liability is in force for trade sanction violations. That means that the violation does not have to be intended; just the fact that the violation occurred is enough to incur liability. An effective defensive tool is a compliance program designed to protect against inadvertent violations. Being able to demonstrate compliance training and good recordkeeping can divert an investigation. U.S. law recognizes the value of compliance programs and proof of an effective one will result in a reduction in penalties.
On the path to compliance, review with whom your company does business, what you export, how you conduct business internationally, and how you can demonstrate compliance, Rodriguez-Johnson said. Before conducting any business, screen your business partners. The U.S. lists of prohibited parties include the specially designated nationals list, foreign sanctions evaders list, the denied persons list, the debarred parties list, and others. Focus on developing a compliance program that meets your company’s needs, Rodriguez-Johnson said. One size does not fit all.
At a minimum, a compliance program should include:
- Compliance policy and export responsibility
- Screening of denied parties and end users
- Training and internal audits
- A technology control plan
- A safe procedure for employees to report violations
A Technology Control Plan puts procedures in place to control who has access to your technology in your work area and regulates what technology is exposed in the work area. Policies should also be in place regarding visits by foreign persons, such as prohibiting access to controlled areas.
In the instance of an investigation, data that will help in a defense include: proof of policy review, including signed acknowledgment by each employee that they have reviewed anticorruption policies and procedures; proof of compliance training; proof that risk-based due diligence was performed on third parties; and compliance certifications provided by
third-party contractors.
Recordkeeping is vital. There should be a company policy for record retention and regulations for the routine destruction of documents when allowed by law, Rodriguez-Johnson said. Reporting requirements should be strictly adhered to. Training sessions can be conducted by outside counsel, but can also include web-based or in-person training.
Tips for handling export violations include:
- Stop the bleeding—put an end to any ongoing violation.
- Plan and conduct an internal investigation. Consider who should investigate, establish a defined protocol, and document everything.
- Preserve all records.
- Seek professional assistance.
- Disclose with care.
Proper documentation, preparation, and training can not only prevent violations of U.S. export policies but can help protect your company in case of an unintended violation.
The following resources can help in learning more about complying with U.S. export policies:
- The Bureau of Industry and Security
- The U.S. Department of State Directorate of Defense Trade Controls
- The U.S. Department of the Treasury Office of Foreign Assets Control
Provided by NACM National