Maintaining Export Compliance in a Dynamic World

maintaining export compliance
maintaining export compliance

Continuing Changes in Export Compliance

Maintaining export compliance requires vigilance and is more important than ever.  The Bureau of Industry and Security (BIS) has increased enforcement and has also increased civil and criminal penalties for export violations.  At the same time changes in sanctions and Export Control Classification and the U.S. Munitions List (USML) make it more and more possible to unwitting violate the law.  Small businesses are not alone in this predicament as major players such as Apple, ExxonMobil, and Western Union have faced major penalties in 2019.  This holds true for those doing business under the scope of the Export Administration Regulations (EAR) and the International Trade in Arms (ITAR).

Strategy for Compliance

While there are many factors to maintaining export compliance, most involve continuing education of all involved players in a business.  This includes any parties who interact with customers or potential customers, those involved with Export Control Classification, and in the case of ITAR those involved with facility and information security.  This education should stress the dynamics of export compliance and a need to stay abreast of developments as they occur.

CVG Strategy Export Compliance Experts

CVG Strategy export experts know that knowledge is key. We can provide training in product classification, applying for licenses, screening potential customers, and securing data and facilities. We also include in our training which key US Government agencies and regulations specifically apply to your business.

Kevin Gholston, has 20 years’ experience in US export controls. He can guide you through the laws and regulations that apply to both the EAR and ITAR. We also provide a business simulation using the information learned during the course. Our training is available onsite and by webinar. Our classes are engaging and promote involvement by all participants. We also schedule time for questions you may have regarding your specific business applications.

We can also help you with export control classification of articles and technology. Our specialists have classified thousands of products, services and technology over the years and provide you with confidence in your export business.


NSO Group Under Investigation by the FBI

NSO Group Under Investigation
NSO Group Under Investigation

The FBI is Investigating NSO Group for Personal and Government Hacks

The Israeli based NSO Group is under investigation concerning possible attacks on United States citizens and companies by the FBI.   Reuters reported on January 30, 2020 that the probe, which has been active since 2017, concerns the infection of smartphones.  NSO Group creates products for government intelligence and law enforcement agencies for use against crime and terror.  A spokesperson for the NSO Group stated “We have not been contacted by any U.S. law enforcement at all about any such matters,” and the FBI will neither confirm or deny the existence of any investigations.

Pegasus Product of Special Concern

The NSO Group’s Pegasus product is a software tool that can capture data on a phone including encrypted messages and audio.  Allegations have been raised that Pegasus might have been used in a hack against Amazon’s Jeff Bezos.  The FBI has met with Bezos and has reported that if US citizens are being hacked that it considered both the company supplying the software and the criminals using those tools responsible.  In a quote an FBI official said “Whether you do that as a company or you do that as an individual, it’s an illegal activity”.

Where to Draw the Line

As with any tool, the ultimate benefit or harm in its use lays in the hands of the person or agency employing it.  While few would argue that fighting crime and terror are not noble goals, care must be taken in providing those tools to appropriate people or agencies.  Furthermore continued oversight by those agencies empowered by such tools must be maintained to make sure rogue individuals within an organization do not use them maliciously.   Perhaps of greater concern is that once the technologies are obtained by nefarious players there is no way to reestablish control of them, placing all of us at risk.

Smartphone Cyber Vulnerabilities for Businesses

Smartphones are of special concern to businesses because of the ability of users to inadvertently place proprietary data at risk.  The costs of such data breaches is difficult to ascertain because of the shared risk with suppliers, vendors, and customers.  Adequate mitigation requires a flexible strategic program that can adapt to threats as they evolve.  This is best provided by an Information Security Management System (ISMS).  An ISMS is a management system based on risk assessment to establish, implement, operate, monitor, maintain and improve information security.  CVG Strategy can help you achieve ISMS Certification.   Contact us to learn more.