Trade Controls Due Diligence: When, Where, and How to Review Business Partners and Transactions Momentum Webinar June 26, 2014
Agenda Regulatory Overview Why / When Diligence is Warranted Specific Diligence Steps Questions
Importance of Compliance Corporate and Individual Penalties Reputational Damage Business Risk
ITAR – KEY POINTS Registration Requirement Nearly all ITAR exports, including exports of technical data, require a license Embargoes – No ITAR exports to certain countries or nationalities
EAR – KEY POINTS EAR99 End-user, end-use, and destination Deemed exports
Sanctions – KEY POINTS Jurisdiction over U.S. persons + SDNs 50% Ownership by SDNs Exports of Services / Facilitation
FCPA – KEY POINTS Government-Owned Entities Third Parties: Agents, Distributors, and Partners Willful Blindness
Knowledge – the Law • No person may knowingly or willfully cause, or aid, abet, counsel, demand, induce, procure, or permit the commission of, any act prohibited by, or the omission of any act required by, 22 U.S.C. 2778 and 2779, or any regulation, license, approval, or order issued thereunder. ITAR section 127.1(e). See also EAR, FCPA, and OFAC Sanctions.
When Diligence is Warranted • New customer • New representative • Joint venture • Acquiring a new company
What Information Do You Need? • Type of organization • Controlled goods/technologies involved • Territories involved • Commitment to compliance • Compliance program • Registration • Use of agents • Government touch points • Subject to past enforcement action? Look Out For RED FLAGS
Examples of Red Flags • Distributor wants products that do not fit the identified market (e.g. space heaters for UAE) • Opaque billing practices by representative (e.g. lump sum charges, unexplained “fees”) • Sanctioned country individual is a employee of a non-sanctioned country representative • Customer wants to make payment from bank outside country in which customer is based • Proposed agent in country deemed to be corrupt would interact regularly with government officials
Diligence Keys • Conduct risk assessment to target review • Diligence should be conducted based on risk level • Extent of diligence based on risk too – extensive diligence not needed in every situation • Develop appropriate tools • Follow consistent process • Document steps taken / findings
Risk Assessment §4.G.7 K/E 2 §6 §8B2.1(c)
Due Diligence Scenario 1 • You are the Chief Compliance Officer of a U.S. encryption software company. Your company is hiring a marketing agent in Russia because it is having trouble winning lucrative government contracts. • Discussion / Issues to consider • What are the risks? • How do you prioritize them? • Who leads the diligence effort? • What steps do you take? • How do you protect company post-diligence?
Due Diligence Scenario 2 • You are the General Counsel of a publicly-listed U.S. company acquiring a small European company. Your CEO demands that diligence be completed in two weeks. • Discussion / Issues to consider • How do you prioritize issues to review? • What resources do you need? • How much can you do post-acquisition?
Due Diligence Scenario 3 • You are the lowest-ranking lawyer in the corporate department of a large multinational defense contractor. You are responsible for hiring a forensic accountant to assist in due diligence related to the potential acquisition of a Mexican company. • Discussion / Issues to consider • Who directs the accountants? • What are they looking for? • What is their responsibility with respect to potential red flags? • How do you manage costs?
Due Diligence Process • Get to know transaction partners • Check references, pose follow-up questions • Public records search • Additional steps if needed: • Background check • Interview partner representatives • Audit partner’s books • Require them to attend training
Questionnaires/Surveys • Low cost • Usually internally managed • Example questions: • Evidence of DDTC registration • Names of principals • Contact information • Facility locations / offshore operations • Officers / directors who are or were government officials • Whether company maintains compliance policies / has provided training
Robust Contract Terms • Use to implement the compliance approach • End use / End user restrictions • Delineate responsibilities of each party • Other provisions depending on facts, e.g., • Immediate termination right if compliance breach • Audit right • Right to review / pre-approve all subcontractors
Recording Diligence • Maintain file of all records obtained / prepared in relation to diligence review • Details of screening • Notes of reference checks • Compliance department approvals • Completed questionnaires • Other notes and records
Free Tools • Internet Search Engines • Hint: the government knows about search engines • Government registration search tools • Government restricted party tools • SAM • Company registrations & licenses • Some jursidictions offer free searches
Restricted Party Screening Tools • Moderate cost • Multiple vendors • Better than free tools • Fuzzy logic • Consolidated search: OFAC, DDTC, BIS, DFAIT, OSFI, RCMP, UN, EU, etc. • Can be integrated with ERP systems
Thank you! Christina Cugle Northrop Grumman Christina.email@example.com Thad McBride Sheppard Mullin firstname.lastname@example.org Mark Jensen Sheppard Mullin email@example.com