Preventing the illegal transfer of technology isn't a single event—it's an integrated part of the ongoing human workflow of your company, consisting of numerous individual actions and cooperative behavior between employees and departments at every management level. That's why illegal technology transfer control requires a comprehensive, company-wide solution that can manage compliance effectively at every step of the process.
Consider a case where your company wants to send several representatives to participate in a conference overseas. Long before the conference itself begins, your company needs to know how to conduct the trip within the limits of United States law to avoid unintentionally violating export regulations while employees are outside the country.
STEP1: First of all, a request must be submitted to the company's Compliance Officer or Compliance Department by any and all employees who may be travelling to the conference. This includes knowing the details of all locations outside the U.S. that the employees will be visit; which of your products, documents, equipment, or other technology they will be carrying with them during their visit—including anything detailed in a presentation or handout, as well as the contents of emails and other records stored on laptops, smartphones, or other devices that will be physically taken along with them; and with which foreign nationals your employees will or may be meeting while outside the country. All relevant information must be received in order to accurately assess the potential risk of the trip.
STEP2: Any employees who will or may be meeting with a foreign national during the trip must read and sign tailor-made certification documents to assure they understand the responsibilities and restrictions under U.S. law for interacting with foreign nationals. These legal documents serve as a declaration to prove that your employees have been educated and agree to abide by the laws. Explicit documents for certification, and records of employees' agreement to abide by them, significantly mitigates your company's risk when employees are intending to interact with foreign nationals while overseas. The documents must be available for review by all appropriate parties in your company, easily and with the ability to make comments, ask questions, and append notes.
STEP 3: Once the names of the foreign nationals with whom your employees will be meeting are known, they must be screened against all the relevant lists of Denied Parties and Specially Designated Nationals provided by the United States government, the United Nations, and other international bodies. This ensures that the persons in question won't pose a risk to national security if exposed to the technology and information your employees will be carrying with them or sharing. Your company's Compliance Officer will review the results of the screening, request additional information if necessary, and then deny permission to attend the conference if the screening returns any alarming results indicating that someone being met with would present a security threat.
STEP 4: If the Denied Party Screening comes back clean, meaning that none of the conference guests, organizers, or other affiliated parties appear on any of the official lists, the Compliance Officer will distribute all the collected information to anyone else in the company who needs to be involved in the approval process. This includes product experts, department heads for employees who would be travelling, security personnel, and so on. Responses from these personnel must be collected once the information has been distributed and reviewed, and only then can the Compliance Officer go on to either approve or deny the trip for each individual based on the risk assessment resulting from all the previous steps. Conditions limiting which employees may travel, under what circumstances, or the types of technology or products they are permitted to carry with them, and the extent to which they and their related information may be displayed and shared.
STEP 5: Assuming the request to travel is approved, all employee activities while outside the country must always be logged, and this information must be centrally accessible and modifiable by all relevant management personnel back in the United States, making sure everyone is on the same page at every step before, during, and after the trip occurs.
STEP 6: Finally, you must maintain a detailed audit record of employee activity throughout the trip, with extensive documentation, so that in the event of a government investigation your company has conclusive proof of your intent to comply with all applicable regulations.
Hand-Carried Export Violation Prevention is the tool that does all this and more, giving you the freedom to send employees to symposia, meetings with clients or suppliers, and other activities outside the United States, without the fear of breaking the laws regulating Hand-Carried Exports. At the same time, it saves you money by automating your export control workflow, dramatically reducing the time your employees would otherwise spend manually checking every last name, list, and regulation.