The Bureau of Industry and Security (BIS) has issued new guidance for Advanced Computing ICs in an effort to prevent diversion of electronics that could be implemented in Weapons of Mass Destruction (WMD). The BIS also updated Supplement No. 3 to Part 732 “Know Your Customer” Guidance and Red Flags to provide a due diligence process for organizations to utilize before engaging in a business transaction.
BIS Red Flags
The BIS red flags refer to indicators that may suggest potential violations of export control regulations or other compliance issues related to the export of goods, technology, or services. Recognizing these red flags is crucial for businesses to ensure compliance with U.S. export laws and to avoid penalties.
This version of the red flags specifically addresses concerns about the Peoples Republic of China obtaining Integrated Circuits (ICs) through export control evasion. These ICs are specified as items that meet or exceed parameters described in Export Control Classification Numbers (ECCN) 3A090.a, d 4A090a, and 5A992.z.
Transactional red flags include examinations of the business history of the perspective client, addresses, online presence, and ultimate delivery address. They require examination of the specific nature of business of all parties (consignees) in the transaction.
Care should be taken to ensure that end users are not on or similar to entities listed on the Consolidated Screening Lists, Statutorily Debarred Parties List, or Specially Designated Nationals list. Sellers should ensure that end users are not in Country Groups D:1, D:4, or D5. End users should also confirm that that they are not headquartered in the PRC.
BIS Due Diligence
Export compliance due diligence refers to the process of conducting thorough investigations and assessments to ensure compliance with U.S. export control laws and regulations. This is particularly important for businesses involved in exporting goods, technology, or services that may be subject to export controls.
The BIS enhanced due diligence actions list echoes many of the red flags previously mentioned. It does add however, attestation by the end user that affirms authorization to operate a data center and the the data center is of the appropriate type to use items to be exported. Additionally, Data centers housing advanced integrated circuits exceeding 10 megawatts require further examination, as they could potentially offer significant access to sophisticated computing ICs for AI model training on behalf of entities based in nations of concern. Such operations may contribute to activities related to weapons of mass destruction or military-intelligence applications and users.
Knowing Your Customer
Regardless of the type of export, it is important that the exporter understand the intended end use of a transaction or activity. The BIS advises organizations to perform the following six steps to ensure that violations of the Export Administration Regulations (EAR) do not occur.
- Perform a review to ensure that no red flags are present in a proposed transaction. The current list in Supplement No. 3 to Part 732 contains 28 possible indicators of inconsistencies that should raise concern. Many of these are fairly easy to surmise but others will require some time to evaluate. It is therefore important to take into consideration necessary time for this review.
- If red flags are present, investigations should be performed to ascertain if everything checks out with regards to end use, end user, and ultimate destination.
- It is essential that personnel within an organization not self-blind themselves to potential violations. It is never a proper policy to avoid discussions of end use, end user, or destinations with customers. Such actions are considered aggravating factors if enforcement actions are involved.
- Employees should know how to report red flags to senior officials. This should be communicated in policy statements and training.
- If inquiries are conducted, all information should be reevaluated before finalizing a transaction.
- If questions persist, the transaction should be halted or a license application should be applied for from the BIS.
CVG Strategy Export Compliance Management Programs
This latest Guidance for Advanced Computing ICs from the BIS illustrates the growth in complexity for businesses engaged in international sale. Failure to comply with regulations can result in criminal prosecution including imprisonment and fines. It can also result in civil penalties and disbarment from export activities.
Export Compliance Management Programs establish clearly defined policies and procedures for all departments within an organization. They ensure that registration, item classifications, license applications, denied part screening, and security measures are taken that will prevent violation. They also ensure that training, auditing, and record keeping are maintained according to requirements.
CVG Strategy can help you in understanding the ITAR and EAR, and help you establish a coherent and effective export compliance program. We can perform export control classifications, perform audits, assist in filings for export licenses and educate your team. Regardless of whether your business falls under EAR or ITAR, CVG Strategy has the expertise to help.