Jackson Wood, Director of Strategy, GTI, Descartes

Jackson Wood

Director, Industry Strategy, Global Trade Intelligence

The Bureau of Industry and Security (BIS) recently introduced a significant update to the Entity List by including address-only information. This strategic shift marks a noteworthy step in BIS’ ongoing efforts to combat unlawful diversions in global trade. By targeting addresses frequently used by multiple shell companies, BIS aims to strengthen export controls and close loopholes that previously allowed for sanctions evasion.

This article explores the key aspects of this update, its implications for businesses, and how it represents a pivotal move in enhancing export compliance. We will also provide effective guidance on how exporters can leverage denied party screening software to navigate these new BIS Entity List additions. In a previous article, we covered the importance of screening beyond the names of denied parties to also include address screening. 

Key Takeaways

  • BIS recently included addresses on the Entity List without linking them to specific entity names, targeting shell companies that change identities to bypass export controls. 
  • BIS aims to close gaps exploited by shell companies, making it difficult for them to engage in unlawful trade activities and circumvent export controls. 
  • These updates signal changing export compliance expectations and further additions in a similar format should be anticipated. Enhanced due diligence is a must. 
  • Descartes offers advanced denied party screening solutions, including Address-Only Search, to help companies screen addresses without associated entity names, ensuring comprehensive sanctions compliance. 

Overview of the Recent BIS Entity List Changes 

The final rule released on the 12th of June 2024 authorizes BIS to publish addresses to the entity list without listing a corresponding name. Echoing concerns around continued sanctions evasion risks, BIS stated that “the listed addresses are associated with a significant number of entities, whose activities risk violating the Export Administration Regulations (EAR).” BIS further added that this change is to fight illegal activities by focusing on addresses used by multiple shell companies. Key points of the update include: 

  • Address-Only Listings: a new regulatory framework has been implemented that lists addresses on the BIS Entity List without associating them with specific entity names.  
  • Enhanced Screening Requirements: Companies using listed addresses for export, reexport, or in-country transfers will now face additional restrictions. The new rule also mandates that foreign corporate service providers conduct enhanced client screening for effective export compliance. 
  • Addresses Added: As part of this update, eight addresses in Hong Kong were added to the BIS Entity List. This move ensures that any company using these addresses, whether as a purchaser, intermediate consignee, ultimate consignee, or end-user, will be subject to restrictions under the Export Administration Regulations (EAR). Below is a sample of the addresses listed:  

1. Unit D, 16/F One Capital Place, 18 Luard Rd, Wan Chai, Hong Kong 

2. Unit 04, 7/F Bright Way Tower, No. 33 Mong Kok Road, Kowloon, Hong Kong 

3. Room 1318-19, 13F, Hollywood Plaza, 610 Nathan Road, Mong Kok, Kowloon, Hong Kong 

  • Rationale and Objectives: By listing addresses instead of just entity names, BIS aims to make it harder for shell companies to find willing corporate service providers and to use these addresses for unlawful trade activities.  

A Paradigm Shift in BIS Entity List Screening? 

Given the function of export controls and sanctions programs in geopolitics, it is no surprise that location is steadily growing in significance as a crucial sanctions screening element. This new paradigm stresses the importance of not just who is involved in a transaction but also where the transaction is taking place. 

Over the past few years, we have seen geolocation data emphasized as key in avoiding export compliance breaches. Several fines issued by regulators in 2023 resulted from neglect in capturing and using location data in due diligence. Examples such as failure to screen IP addresses and not checking all address fields underscore this point. 

Going forward, the final rule which has revised the listing structure and designations, allows the regulatory agency to continue to include addresses on the BIS Entity List without naming a specific organization or individual. Previously, the restrictions requirements only applied to those listed by name on the BIS Entity List. Now, any export to a listed address needs a license, even if the specific entity at that address isn’t named on the BIS Entity List.  

BIS also highlights that using a listed address is a warning sign that requires extra checks. To prevent export compliance violations, exporters, re-exporters, and transferors must carefully verify that the entity at a listed address isn’t the same as the listed entity or acting for them.  

What are the Export Compliance Implications for Businesses? 

Address-only due diligence has been vexing exporters for years now. There have been cases where exports or shipping have occurred due to inaccuracy, or possible fraud, related to addresses. Often, it is difficult to determine where the failure actually occurred—was the address incorrect intentionally? Was it a long address that did not follow a conventional format that was difficult to search? 

Take a look at North Korea’s efforts to avoid the sanctions . Fake addresses are at the core of this entire process. After all, you may be able to debar a named company, even if it is fake, or a real address where the fake company was located. But what about a fake address? If the address is truly fraudulent, and exists in no physical location, that information should be easy enough to unearth. But what if a fake business claims to be operating at a real address that doesn’t belong to them? Should the location of a neighborhood corner grocer be debarred by the authorities because some phony bank claims the location is theirs?  

The inclusion of address-only listings on the BIS Entity List introduces several challenging export compliance concerns for exporters, re-exporters, and transferors. Organizations face higher risk of triggering sanctions violations due to the complexity of validating high-risk addresses, the increased screening burden, and the enhanced scrutiny and documentation necessary to remain on the right side of compliance.  

The number of notices and guidance issued by BIS about sanctions evasion tactics over the last several years, and the revision to export controls and sanctions is indicative of the regulator’s commitment to aggressively pursue enforcement actions on defaulting companies and individuals. This latest change demands a meticulous approach to verifying the legitimacy of entities operating at these listed addresses. 

Looking beyond the immediate export compliance challenges, it is essential to recognize this move by BIS as likely the beginning of a broader trend. As regulatory bodies increasingly focus on addresses used by shell companies to evade export controls, we can expect more addresses in various global locations to be added to the BIS Entity List.  

Best Practices for Address-Only Screening 

Adapting to the BIS’ introduction of address-only entity listings requires companies to adopt best practices that tackle the immediate challenges while providing for future regulatory trends to ensure robust compliance. Organizations moving goods internationally must take on a global perspective on export compliance, as U.S. trade regulations have extraterritorial reach and apply to foreign businesses whose shipments pass through the country or involve products of U.S. origin. Here are key strategies to effectively comply with the BIS Entity List changes: 

  1. Leverage advanced export compliance software that can handle address-only screening with features that include address-only search capabilities and geolocation analysis. 
  1. Prioritize solutions that can easily integrate address screening functionalities into existing sanctions compliance workflows, enabling seamless and automated checks. 
  1. Strengthen due diligence processes to accommodate the new focus on addresses by conducting thorough verification of all entities associated with addresses listed on the BIS Entity List. 
  1. Implement a risk-based approach with regular assessments to identify and prioritize high-risk addresses and transactions. 
  1. Continuously monitor high-risk addresses and all entities to promptly detect any changes or suspicious activities using automated denied party screening solutions. 
  1. Ensure staff are trained in the new BIS export compliance requirements. Also provide guidance for dealing with potential rise in false positives with address-only screening. 
  1. Update export compliance manuals and documentation to reflect the new BIS Entity List requirements, providing clear guidelines and procedures for your compliance team. 
  1. Consult with export compliance professionals and industry experts to ensure that compliance programs meet all regulatory requirements and effectively mitigate risks. 
  1. Plan for the long-term implications of address-only listings with export compliance solutions that are flexible and scalable to adapt to future regulatory changes. 
  1. Keep up to date with the latest developments in export regulations and adopt compliance solutions that maintain a regularly updated BIS Entity List and any new regulatory changes. 

Meet Export Compliance Requirements with Descartes Denied Party Screening Software 

The BIS’ decision to implement address-only entity listings is a significant development in export compliance. Companies must adapt their current compliance programs to meet the new screening requirements while also developing forward-looking strategies for future regulatory trends. As we anticipate the addition of more designated addresses, organizations should put in place effective location-based screening systems.  

Descartes’ Visual Compliance offers two innovative ways to screen “Address-Only” information as provided on the BIS Entity List: 

Address-Only Search:  

  • Description: Our address-only search option enables users to compare their submitted address information against the addresses published with each BIS Entity List entry.  
  • Functionality: Users can activate this search via the user interface, batch processing, or API. Alerts will be generated for matching addresses, even if the associated name is absent.  

Multi-Field Processing (Address as Name):  

  • Description: We’ve incorporated the address information associated with these entries as the “name” in our system.  
  • Functionality: Customers can apply the same search logic to street address field(s) as currently used for name and company fields. No corresponding address alerts will be generated for entries with published names. 

If you would like to take a closer look at our export compliance technology or need to enhance your screening capability to meet these new requirements, you can simply contact us or request a demo. Descartes Visual Compliance solutions are flexible and modular, allowing organizations to pick the specific and exact functionality and content they need for their particular compliance needs and scale up later as and when necessary. 

Find out what our customers are saying about Descartes Denied Party Screening on G2 – an online third-party business software review platform. Additionally, you can read this essential buyer’s guide to denied party screening to help you select a solution that fits your needs.