Two recent cases highlight more than ever before the need for caution when it comes to deemed exports.
We outline some ways for you to become, and remain, compliant with deemed export regulations
Deemed Exports Can Be Tricky
Complying with deemed export rules can be tricky, because this topic covers controlled technology, data, and knowledge that is shared with unauthorized people through a variety of communication mediums seldom thought of as exports. These communication mediums can include emails, presentations at a conference or a business meeting, the corporate hosting of a visiting foreign delegation, even seemingly innocuous chats.
The complexity of deemed exports regulations has resulted in numerous violations over the years.
Most recently, a professor from a renowned university was federally indicted for the alleged disclosure of American technology to the Chinese government. According to the indictment, he was being paid $50,000 a month, in addition to a $1.5 million lump sum payment, by the Wuhan University of Technology in China to establish a nanotechnology research laboratory there.
His violations were exacerbated because his research group had also received more than $15 million in funding from the U.S. government’s National Institute of Health and the Department of Defense, which require disclosure of any foreign financial conflicts of interest.
In a separate case, a missile systems engineer at a major aerospace and defense company was arrested for taking his laptop to China, despite his company’s security officials explicitly warning him not to. His laptop contained files and security software that, as deemed exports, come under the purview of the International Traffic in Arms Regulations (ITAR), and needed a license to be taken out of the country.
Steps to Help Stay Compliant with Deemed Export Rules
These cases inspire interest and debate about what organizations – from universities and research labs to businesses across industries – can do to reduce the risk of deemed compliance non-compliance. The following three suggested steps might be helpful:
- Understand what Deemed Exports are
The most obvious thing for organizations to do is to develop a full understanding of the nuances of export regulations, including how they apply to deemed exports in their field of work. Having a big picture view allows an organization to plan and build an effective process that includes educating and training their workforce on the subject.
- Develop a workflow for dealing with deemed exports
Organizations successful at dealing with deemed exports are those that have a defined workflow process in place, because it can help ensure critical compliance steps are not missed, and that all necessary documentation is maintained. It can also have the advantage of documenting all due diligence steps taken along the way – which not only mitigates risk but also can be instrumental in minimizing liabilities in the unfortunate event a violation does occur.
Using technology, such as a solution for handling deemed exports, is an essential component in simplifying the process in terms of cost-effectiveness and reliability. But in going this route, organizations should make sure their chosen solution covers the following points:
- A workflow for staff to request foreign collaboration in business, research and other work and for relevant executive personnel to review and approve or deny it, as well as to be able determine whether export licenses are required.
- Denied party screening to screen any foreign hires (I-129), visitors, employees, and collaborators.
- Maintain a central repository for documents such as travel and visitor applications, itineraries and other pertinent information.
- Track who is viewing your technical data, and when, from a single centralized location.
- Automated and electronic audit logs for decision-making record-keeping purposes for regular reporting to management and in the event of a government audit.
- Develop an export technology control plan
A technology control plan can help to minimize the risk of physical shipments to denied and restricted parties but also unintended exposure of sensitive technology and data to unauthorized people. This is because it outlines the safeguards and controls needed to proactively avert an unintended technology transfer. The plan includes details such as segregating high-tech areas from general work areas, security measures (such as ID cards and escorts), and necessary documentation (such as non-disclosure agreements).
Export Compliance is an Ongoing Process
Given the importance that deemed exports play can be in today’s increasingly integrated international environment, developing and enforcing a process to manage controlled technology exports is essential for many organizations. A thorough understanding of deemed export laws, as well as the use of solutions that help you remain compliant, such as Descartes Visual Compliance’s Controlled Technology Manager, can go a long way towards helping you achieve your compliance goals.
As daunting as this may all seem at first, once you have a proper, defined process in place, you are only helping your business by making export compliance a living, breathing process. That’s because adherence to export regulations gives you the peace of mind of knowing that your organization is doing its part to stay on the right side of the law.