1 / 31

201 9 Export Compliance Refresher

201 9 Export Compliance Refresher. ORS 01.19. ECR 201 9. Welcome to the Export Compliance Refresher or ECR.

owense
Download Presentation

201 9 Export Compliance Refresher

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 2019 Export Compliance Refresher ORS 01.19

  2. ECR 2019 Welcome to the Export Compliance Refresher or ECR. The goal of this presentation is to refresh your awareness of the Export Compliance Regulations – EAR, ITAR & OFAC, and to bring you up to date with some changes which have occurred due to the Export Reform Initiative. The Export Reform Initiative is not to the point where there is only one agency controlling exports but the government is working toward that goal. This refresher should only be taken by those personnel who have completed either the CITI training or have attended one of the in-person ITAR briefings (MSU or ECS LLC provided). Credit will only be given to those personnel who have completed one of the 2 sessions mentioned above. This presentation does not count for an initial ITAR briefing.

  3. ECR 2019 ITAR – Who and what is it? ITAR or the International Traffic in Arms Regulations is administered by the U.S. Department of State – Directorate of Defense Trade Controls (DDTC) ITAR is based upon the AECA (The Arms Export Control Act), 22 USC 2778 & the International Economic Emergency Powers Act: 50 USC 1701-1707 The actual ITAR regulations that provide the governance of ITAR are found in 22 CFR 120-130 Chapter I, Subchapter M, Parts 120-130 ITAR governs Classified and Unclassified Defense Articles, Defense Services, Technical Data, Significant Military Equipment (as defined in ITAR 22 CFR 120) and items designed and developed, adapted, or modified in any manner for military use. USC = United States Code designates the law CFR = Code of Federal Regulations, the codification of the general and permanent rules and regulations published in the Federal Register by the executive departments and agencies of the federal government of the U.S.

  4. ECR 2019 • Why do we have ITAR? • The US government restricts the release of strategically important technology and products for the purpose of: • Limiting Weapons of Mass Destruction (WMD) proliferation • Preventing our adversaries from obtaining the capability to threaten US national security • Ensuring US allies have the best equipment and know-how • Preventing supply shortages of critical materials • Supporting US foreign policy (human rights, trade sanctions, embargoes)

  5. ECR 2019 ITAR vs EAR • ITAR • Heavily regulated • Protection of national security primary • Everything requires approval • Limited exceptions & exemptions • Very general categories • Extra requirements for significant military equipment • Congressional notification • Extra-territorial jurisdiction for all controlled items • Does not matter where the items are, where they were produced, or who is involved. If a US person involved, ITAR has jurisdiction. • EAR • Encourages trade • 95% of commodities may be exported without license • Detailed regulations provide specific descriptions of capabilities • Special rules for encryption • Country chart • Extra-territorial jurisdiction for re-exports • Only services controlled are those associated with WMD proliferation

  6. ECR 2019 Export control for everything? • Yes. Almost EVERY item or commodity exported from the US is subject to some form of export control. • Classified and unclassified military items (includes Foreign Military Sales (FMS), Foreign Military Funding (FMF), Integrated Meteorological Systems (IMETS) • Dual Use items • Commercial items • Nuclear materials and associated equipment – (Nuclear Regulatory Commission and Dept. of Commerce) • Financial Assets – Office of Foreign Assets Control (Dept. of Treasury) • Virtually EVERY export and import is controlled by at least one US government regulation. • Exporting is NOT a constitutional right, it is a privilege!

  7. ECR 2019 Export Reform Initiative or ERI • Background • Presidential initiative started in 2009 • “Higher Fences” regarding “critical” technology; “Not as critical” technology controlled appropriately • Revision of ITAR and EAR section by section • First final rule published in Apr 2013, effective 15 October 2013 • Affected ITAR Category VIII (aircraft), Category XIX (jet engines) • Some items were moved to EAR/CCL Category 9 • Created EAR CCL 600 series ECCN under each of the CCL 9 categories • 600 series treated almost the same as ITAR still need a license to export although export to some allies now easier • Many other rules were implemented during 2014 and all categories should change by the end of 2015 • USML is now a leaner positive listing of parts; however, there are still a number of “catch-all” categories.

  8. ECR 2019 Other ECR changes: • AECA (Arms Export Control Act) fines increased • New forms drafted for export license request and for violation reporting. (Forms are complete but there has been in-fighting between the departments of Commerce, State & Treasury regarding which agency should submit the new forms to OMB for approval). • Harmonized definitions (some not all) – bring EAR and ITAR definitions closer in how they are defined in both regulations There is a revised DFAR 252.204-7000 clause Disclosure of Information. Remember this is a publication restriction clause. If it is included in your award documentation the fundamental research exemption will not apply and your project becomes controlled. Two new Federal contract clauses, one in the FAR (Federal Acquisition Regulations) and the other in the DFARs (Defense Federal Acquisition Regulations) on information security – protecting U.S. Government information in non-federal IT systems. New clauses impose IT security controls on the contract for specified information. Watch for these 2 clauses in USG contracts.

  9. ECR 2019 Harmonized definitions from the Export Reform Initiative: Export (§ 120.17): (a) Except as set forth in §126.16 or §126.17, export means: (1) An actual shipment or transmission out of the United States, including the sending or taking of a defense article out of the United States in any manner; (2) Releasing or otherwise transferring technical data to a foreign person in the United States (a “deemed export”); (3) Transferring registration, control, or ownership of any aircraft, vessel, or satellite subject to the ITAR by a U.S. person to a foreign person; (4) Releasing or otherwise transferring a defense article to an embassy or to any of its agencies or subdivisions, such as a diplomatic mission or consulate, in the United States;

  10. ECR 2019 Export (§ 120.17) continued: (5) Performing a defense service on behalf of, or for the benefit of, a foreign person, whether in the United States or abroad; or (6) A launch vehicle or payload shall not, by reason of the launching of such vehicle, be considered an export for purposes of this subchapter. However, for certain limited purposes (see §126.1 of this subchapter), the controls of this subchapter may apply to any sale, transfer or proposal to sell or transfer defense articles or defense services. (b) Any release in the United States of technical data to a foreign person is deemed to be an export to all countries in which the foreign person has held or holds citizenship or holds permanent residency.

  11. ECR 2019 Harmonized definitions continued: Re-export (introduces the concept of “deemed reexport”) (§120.19): (a) Re-export, except as set forth in §126.16 or §126.17, means: (1) An actual shipment or transmission of a defense article from one foreign country to another foreign country, including the sending or taking of a defense article to or from such countries in any manner; (2) Releasing or otherwise transferring technical data to a foreign person who is a citizen or permanent resident of a country other than the foreign country where the release or transfer takes place (a “deemed re-export”); or (3) Transferring registration, control, or ownership of any aircraft, vessel, or satellite subject to the ITAR between foreign persons. (b) Any release outside the United States of technical data to a foreign person is deemed to be a re-export to all countries in which the foreign person has held or holds citizenship or holds permanent residency.

  12. ECR 2019 Harmonized definitions concluded: Release (§ 120.50): (a) Technical data is released through: (1) Visual or other inspection by foreign persons of a defense article that reveals technical data to a foreign person; or (2) Oral or written exchanges with foreign persons of technical data in the United States or abroad. (b) [Reserved] All other ITAR definitions/terminology remain the same.

  13. ECR 2019 Import terminology you should know: Defense Article (§120.6): Defense article means any item or technical data designated in §121.1 of this subchapter. The policy described in §120.3 is applicable to designations of additional items. This term includes technical data recorded or stored in any physical form, models, mockups or other items that reveal technical data directly relating to items designated in §121.1 of this subchapter. It also includes forgings, castings, and other unfinished products, such as extrusions and machined bodies, that have reached a stage in manufacturing where they are clearly identifiable by mechanical properties, material composition, geometry, or function as defense articles. It does not include basic marketing information on function or purpose or general system descriptions.

  14. ECR 2019 Technical data (§ 120.10): Technical data means, for purposes of this subchapter: (1) Information, other than software as defined in §120.10(a)(4), which is required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of defense articles. This includes information in the form of blueprints, drawings, photographs, plans, instructions or documentation. (2) Classified information relating to defense articles and defense services on the U.S. Munitions List and 600-series items controlled by the Commerce Control List; (3) Information covered by an invention secrecy order; or (4) Software (see §120.45(f)) directly related to defense articles. (b) The definition in paragraph (a) of this section does not include information concerning general scientific, mathematical, or engineering principles commonly taught in schools, colleges, and universities, or information in the public domain as defined in §120.11 of this subchapter or telemetry data as defined in note 3 to Category XV(f) of part 121 of this subchapter. It also does not include basic marketing information on function or purpose or general system descriptions of defense articles.

  15. ECR 2019 Public domain (§ 120.11): (a) Public domain means information which is published and which is generally accessible or available to the public: (1) Through sales at newsstands and bookstores; (2) Through subscriptions which are available without restriction to any individual who desires to obtain or purchase the published information; (3) Through second class mailing privileges granted by the U.S. Government; (4) At libraries open to the public or from which the public can obtain documents; (5) Through patents available at any patent office; (6) Through unlimited distribution at a conference, meeting, seminar, trade show or exhibition, generally accessible to the public, in the United States; (7) Through public release (i.e., unlimited distribution) in any form (e.g., not necessarily in published form) after approval by the cognizant U.S. government department or agency (see also §125.4(b)(13) of this subchapter);

  16. ECR 2019 (8) Through fundamental research in science and engineering at accredited institutions of higher learning in the U.S. where the resulting information is ordinarily published and shared broadly in the scientific community. Fundamental research is defined to mean basic and applied research in science and engineering where the resulting information is ordinarily published and shared broadly within the scientific community, as distinguished from research the results of which are restricted for proprietary reasons or specific U.S. Government access and dissemination controls. University research will not be considered fundamental research if:(i) The University or its researchers accept other restrictions on publication of scientific and technical information resulting from the project or activity, or(ii) The research is funded by the U.S. Government and specific access and dissemination controls protecting information resulting from the research are applicable.IMPORTANT! – When you accept a restriction such as the DFARS clause 252.204-7000 Disclosure of Information in a contract the Fundamental Research Exemption is lost!!Watch out for RESTRICTIVE CLAUSES – restrictions on publication, disclosure of results, personnel working on the contract, etc.

  17. ECR 2019 Person (§ 120.14): Person means a natural person as well as a corporation, business association, partnership, society, trust, or any other entity, organization or group, including governmental entities. If a provision in this subchapter does not refer exclusively to a foreign person (§120.16) or U.S. person (§120.15), then it refers to both. U.S. Person (§ 120.15): **U.S. person means a person (as defined in §120.14 of this part) who is a lawful permanent resident as defined by 8 U.S.C. 1101(a)(20) or who is a protected individual as defined by 8 U.S.C. 1324b(a)(3). It also means any corporation, business association, partnership, society, trust, or any other entity, organization or group that is incorporated to do business in the United States. It also includes any governmental (federal, state or local) entity. It does not include any foreign person as defined in §120.16 of this part. **Also includes a lawful U.S. citizen; this is understood in the meaning of U.S. person.

  18. ECR 2019 Foreign Person (§120.16): Any natural person who is not a U.S. citizen (birthright or naturalized), lawful permanent resident, or protected individual as defined by law. Also means any other foreign corporation, business association, partnership , trust, society, entity or other group that is not incorporated or organized to do business in the U.S. This includes international organizations, foreign governments and agencies, subdivisions of foreign governments (diplomatic missions). NOTE: A work permit from Homeland Security to a foreign person, giving them legal work status in the US does NOT make them a US Person. USC = United States Code, codification of the general and permanent laws of the U.S.

  19. ECR 2019 This past year has also seen changes in the 126.1 listed countries. ITAR § 126.1 states “It is the policy of the United States to deny licenses and other approvals for exports and imports of defense articles and defense services, destined for or originating in certain countries. The exemptions provided in this subchapter, except §§123.17, 126.4, and 126.6 of this subchapter, or when the recipient is a U.S. government department or agency, do not apply with respect to defense articles or defense services originating in or for export to any proscribed countries, areas, or persons.” Countries having a policy of denial: Belarus Iran Burma North Korea China Syria Cuba Venezuela No license or any type of approval from the U.S. government can be obtained for citizens of the above eight (8) countries to work on ITAR controlled projects/contracts/work.

  20. ECR 2019 ITAR § 126.1 changes continued: The 12 countries in the table below are also under a policy of denial, however each has specific exceptions. The exceptions are contained § 126.1, consequently the exceptions must be taken into account prior to any license application or exports be completed. ** Note this 126.1 information is current as of 8/2017, contact ORS for up to date information as it does change! **

  21. Common ITAR Myths • #1: Breaches only happen to big firms • Fact: Smaller firms are highly vulnerable, a frequent target due to their lack of technical sophistication. • #2: ITAR compliant firms cannot be breached. • Fact: ITAR compliance is not a guarantee, security keeps changing and any firm can be breached. • #3: Compliance is too expensive. • Fact: Non-compliance can be far more expensive if not catastrophic, possible fines, imprisonment, debarment, loss of business integrity causing possible loss of business, etc. • #4: Compliance is getting easier. • Fact: Compliance is a complex endeavor.

  22. Top 10 Common Issues for Universities – Export Compliance* • Sharing controlled information with foreign nationals in the U.S. • Misusing the fundamental research exemption • Inadvertently disclosing controlled information • Forgetting to monitor the transfer of your foreign national employees • Forgetting to screen end users even if the export is EAR 99 • Misclassifying information & items • Assuming a third party has the export control responsibility • Failing to document your compliance properly • Not understanding the nuances of export control reform • Not having enough funding for training and export staff * From Higher Education Webinar dated August 18, 2015, “ Top Ten Export Control Issues for Colleges and Universities” presented by Baker Donelson, Doreen Edelman, Esq., and Klint Alexander, Esq.

  23. ECR 2019 Technology Control Plans or TCPs: • The TCP is the next important document right behind the actual ITAR controlled defense articles & services • TCP will state what is controlled and why (will provide the actual regulation) • Describes the safeguards and security precautions that should being implemented/observed for protecting & working with controlled technology, data and information • Signed by the PI and the Office of Research Security • TCP is also signed by every person who works on the project/contract • Anyone added after the start of the project must read and sign the TCP prior to starting work • TCP also has an internal NdA that states the individual is aware that the information to which they will have access to is controlled by the Export Control laws and regulations of the U.S. and any breach of those laws will have consequences

  24. ECR 2019 There have been several issues that have come up this past year: • Storage – Do not co-mingle controlled or raw information, data, results, whatever with information, data, etc. that is not controlled, i.e. information from an open source. The combined storage of controlled and open or releasable information increases the rise of an inadvertent disclosure of information which is a reportable infraction. • Security – Work with HPC or your respective IT departments to set-up a secure storage area to store your controlled data, information and results. Limit access to those working on the project and who have signed the TCP (access control) Follow restricted access guidelines. • Personal computing equipment – No personal computing equipment will be used to store or work on any controlled data or information. To do so places the individual, PI and the university at risk. • Export Control Policy – Take the time to read the MSU Export policy 70.04

  25. ECR 2019 Fundamental research Remember fundamental research is – “basic and applied research in science and engineering, the results of which are ordinarily published and shared broadly within the scientific community” per NSDD 189*. Fundamental research has • No restrictions on publication or dissemination. (The DFARS clause 252.204-7000 Disclosure of Information is the best known offender of imposing publication restrictions.) • No restrictions on the use of foreign nationals • No specific national security controls on the research or the results of the research If you accept any research restrictions or are not free to share the results or make the information available to others it is not considered fundamental research and the project will be controlled. *NSDD 189 (National Security Decision Directive), “National Policy on the Transfer of Scientific, Technology and Engineering Information”, September 1985

  26. ECR 2019 Remember the “deemed export rule”. This is the biggest issue with colleges and universities Deemed Export – The release, transfer, or dissemination of any controlled technology or technical data either orally or visually to a foreign national within the United Stated is deemed to be exported to the foreign person’s country of nationality.

  27. ECR 2019 Dissertation & thesis use: If a student wants to utilize any data or information that was derived from a controlled project in a dissertation or thesis, permission must be obtained from the contract sponsor prior to the use of the controlled information or data. Obtain the permission early from the applicable contract authority, and get it in writing!

  28. ECR 2019 Penalties Violations of export control laws can have serious consequences which could affect all involved. The penalties vary depending on the circumstances (whether it was a "knowing" or "willful" violation in other words you knew you were breaking the law!), but the penalties for even lesser violations can include jail time and/or fines. Also the U.S. Government agencies that provide oversight & enforcement for the EAR and ITAR regulations are increasing their scrutiny of companies working in this arena. ITAR Penalties – changed • Criminal: up to $1 million per violation and up to 10 years in prison • Civil: seizure and forfeiture of articles, revocation of exporting privileges, fines of up to $1,094,010 for most AECA/ITAR violations; $946,805 for certain arms transactions to countries supporting international terrorism and $795,445 for making proscribed incentive payments in connection with offset contracts. EAR Penalties • Criminal: $50 thousand-$1 million or five times the value of export, whichever is greater, per violation, up to 10 years in prison. • Civil: loss of export privileges, fines $10 thousand-$120 thousand per violation OFAC Penalties • Criminal: Up to $1 million and 10 years in prison • Civil: $12 thousand-$55 thousand per instance Note: There will not be just one charge for a single violation. History has shown multiple violations will be charged.

  29. ECR 2019 Export Control regulations apply to everyone! • Know who can or cannot work on a controlled project • Know who you can and cannot discuss/share project information – Deemed export rule • If in doubt keep discussions to your specific project/task group • Protect information from unauthorized disclosure • Remember security requirements are connected to the data, information, results and technology from a controlled research project UNLESS the contract sponsor has previously approved otherwise • If you have any questions contact your respective PI or Co-PI or ORS

  30. Contact info If you have any questions, need assistance, etc., please do not hesitate to contact ORS • Deana Card – 325-8682, dcard@fso.msstate.edu • Chris Jenkins – 325-0400, clk513@msstate.edu ORS is located at HPC² room 110.

  31. ECR 2019 - Completion & Certification Please print and fill out this slide after completing the 2019 Export Control Refresher training. Scan and attach it to an e-mail to dcard@fso.msstate.edu I, ______________________, have completed the Mississippi State University Office of Research Security 2019 Export Control Refresher briefing and understand my role in protecting controlled information from unauthorized disclosure. Employee Signature: ___________________________________ Printed Name: _________________________________________ Date : ________________________________________________

More Related