Compliance Solutions

Hand-Carried Export Prevention Workflow

Preventing the illegal transfer of technology isn't a single event—it's an integrated part of the ongoing human workflow of your company, consisting of numerous individual actions and cooperative behavior between employees and departments at every management level. That's why illegal technology transfer control requires a comprehensive, company-wide solution that can manage compliance effectively at every step of the process.

Consider a case where your company wants to send several representatives to participate in a conference overseas. Long before the conference itself begins, your company needs to know how to conduct the trip within the limits of United States law to avoid unintentionally violating export regulations while employees are outside the country.

STEP1: First of all, a request must be submitted to the company's Compliance Officer or Compliance Department by any and all employees who may be travelling to the conference. This includes knowing the details of all locations outside the U.S. that the employees will be visit; which of your products, documents, equipment, or other technology they will be carrying with them during their visit—including anything detailed in a presentation or handout, as well as the contents of emails and other records stored on laptops, smartphones, or other devices that will be physically taken along with them; and with which foreign nationals your employees will or may be meeting while outside the country. All relevant information must be received in order to accurately assess the potential risk of the trip.

STEP2: Any employees who will or may be meeting with a foreign national during the trip must read and sign tailor-made certification documents to assure they understand the responsibilities and restrictions under U.S. law for interacting with foreign nationals. These legal documents serve as a declaration to prove that your employees have been educated and agree to abide by the laws. Explicit documents for certification, and records of employees' agreement to abide by them, significantly mitigates your company's risk when employees are intending to interact with foreign nationals while overseas. The documents must be available for review by all appropriate parties in your company, easily and with the ability to make comments, ask questions, and append notes.

STEP 3: Once the names of the foreign nationals with whom your employees will be meeting are known, they must be screened against all the relevant lists of Denied Parties and Specially Designated Nationals provided by the United States government, the United Nations, and other international bodies. This ensures that the persons in question won't pose a risk to national security if exposed to the technology and information your employees will be carrying with them or sharing. Your company's Compliance Officer will review the results of the screening, request additional information if necessary, and then deny permission to attend the conference if the screening returns any alarming results indicating that someone being met with would present a security threat.

STEP 4: If the Denied Party Screening comes back clean, meaning that none of the conference guests, organizers, or other affiliated parties appear on any of the official lists, the Compliance Officer will distribute all the collected information to anyone else in the company who needs to be involved in the approval process. This includes product experts, department heads for employees who would be travelling, security personnel, and so on. Responses from these personnel must be collected once the information has been distributed and reviewed, and only then can the Compliance Officer go on to either approve or deny the trip for each individual based on the risk assessment resulting from all the previous steps. Conditions limiting which employees may travel, under what circumstances, or the types of technology or products they are permitted to carry with them, and the extent to which they and their related information may be displayed and shared.

STEP 5: Assuming the request to travel is approved, all employee activities while outside the country must always be logged, and this information must be centrally accessible and modifiable by all relevant management personnel back in the United States, making sure everyone is on the same page at every step before, during, and after the trip occurs.

STEP 6: Finally, you must maintain a detailed audit record of employee activity throughout the trip, with extensive documentation, so that in the event of a government investigation your company has conclusive proof of your intent to comply with all applicable regulations.

Hand-Carried Export Violation Prevention is the tool that does all this and more, giving you the freedom to send employees to symposia, meetings with clients or suppliers, and other activities outside the United States, without the fear of breaking the laws regulating Hand-Carried Exports. At the same time, it saves you money by automating your export control workflow, dramatically reducing the time your employees would otherwise spend manually checking every last name, list, and regulation.

Why Comply?

Organizations must comply

The Law

U.S. export laws apply to any controlled technology released for export, meaning that the technology is made available to foreign nationals; this means that any technology that is moved beyond the borders of the United States can qualify as an export. In circumstances where technology is "hand-carried" outside the United States, even if it never leaves the sight or the possession of the individual transporting it, it will qualify as an export, and must be regulated, licensed, and treated the same as if it were being shipped to a customer overseas.

Information on controlled technology that may be stored on a laptop accompanying an employee outside the country, on a smartphone—including emails that may have been saved on the computer or the phone—must be taken into account to make sure they comply with the applicable regulations. Even verbal transmission of technology to a foreign national qualifies as an export, so that a seemingly casual conversation about business with a foreign national during the trip could be a violation.

Penalties are severe

The Risks

The penalties for violating U.S. export regulations, including the rules for Hand-Carried Exports, are severe. Companies found to be in violation of Export laws face all the same penalties as they would for physically delivering, or allowing to be delivered, controlled goods to any denied, restricted, or debarred party—penalties which can include millions of dollars in monetary fines, restrictions on business activities such as the temporary or even permanent revocation of export licenses, and—for violations deemed to have been willful—criminal prosecution, potentially including imprisonment.

That's not to mention the certain and irreparable damage to the reputation of any company found to be aiding America's enemies, even if only through negligence.

Employees and organizations have been convicted

The Penalties

In FY 2011 combined U.S. Government Export Compliance Enforcement resulted in penalties of $732.8 MILLION and criminal prosecutions of 50 individuals and businesses.


OFAC Penalties

In FY 2011, settlements with 11 businesses were reached for a total of $623,000,000 in penalties as compared to 21 settlements in FY 2010 for a total of $91,000,000.

Since FY 2008, OFAC investigations resulted in settlements with 339 businesses for a total of $2,670,000,000. ( that's $2.6 BILLION )

BIS Penalties

BIS investigations in FY 2011 resulted in the criminal conviction of 39 individuals and businesses for export violations, as compared to 31 convictions in FY 2010. The penalties for these convictions came to $20,214,000 in criminal fines, more than $2,100,000 in forfeitures, and more than 572 months of imprisonment; compared to $12,298,900 in criminal fines, more than $2,000,000 in forfeitures, and more than 522 months of imprisonment in FY 2010.

In FY 2011, BIS investigations resulted in the completion of 47 administrative cases against individuals and businesses and $ 8,508,300 in administrative penalties, as compared to 53 cases and more than $ 25,400,000 in administrative penalties in FY 2010.

DDTC Penalties

In FY 2011 DOS entered into 1 consent agreement for a total of $79,000,000 in fines, as compared to 3 consent agreements in FY 2010 for $43,000,000. The Department also pursued in FY 2011 a total of 11 criminal prosecutions, as compared to 51 criminal prosecutions in FY 2010.