In recent years, the U.S. government has made the enforcement of U.S. export controls one of its top national security priorities. As an example, in May 2010, a federal jury found Massachusetts-based Chitron Electronics Inc. (Chitron), its president, and another employee guilty of conspiring to illegally export computer chips and other items to its Chinese affiliate in violation of U.S. export laws. Chitron faces potential multi-million dollar fines, and its individual employees could receive up to 20 years in prison, three years post-imprisonment supervised release, and a $1 million fine.

Compliance with U.S. export laws, however, can raise problems because of the difficult and detailed export controls requirements. For example, a technology company engaged in a joint venture with an overseas partner may not realize that providing computer code to the partner for further development is engaging in exporting technology, which may require a license depending on the country and the nature of the computer code, or that disclosing certain technology to a foreign national employee — even within the United States — is considered a "deemed export" that may require a license.

While the Obama administration recently has proposed easing the rules in some ways, significant change will take years to implement, if it occurs at all. Thus, it is critical for companies to recognize what can constitute an export and to know what their compliance responsibilities are under the three most significant U.S. export control regulations, described below.

Export Administration Regulations (EAR)

The EAR are administered by the U.S. Department of Commerce's Bureau of Industry and Security and apply to exports and re-exports of commercial and dual-use U.S.-origin commodities and technology. These are the regulations that most often impact emerging technology companies, particularly those engaged in joint ventures with overseas partners or in selling or licensing products overseas. To determine whether an export license is required to export or re-export commodities or technology, it is first necessary to classify a product using the detailed EAR criteria, and then to determine the appropriate licensing responsibilities for exports to that country, as shown in a comprehensive Commerce Country Chart. Even in cases where a commodity or technology is not specifically restricted, it may be necessary to obtain a license if the end-user is located in or is a national of a country subject to comprehensive U.S. sanctions (e.g., Cuba, Iran, Sudan, or Syria), or is otherwise identified on any proscribed entity lists maintained by the U.S. government.

The export license application process is not overly complicated, and licenses are granted in the vast majority of cases, often within 30 days. The failure to comply, however, can result in significant penalties such as:

  • Administrative debarment that prohibits entities from participating directly or indirectly in the export of commodities and technology for which a license is required
  • Civil penalties of up to the greater of $250,000 or twice the value of the transaction
  • Criminal penalties of up to $1 million for each violation, imprisonment for up to 20 years, or both

In addition, the Alternative Fines Act also may be applied to criminal violations, supporting monetary fines up to twice the benefit that the party sought to obtain through the violation.

International Traffic in Arms Regulations (ITAR)

Of great concern to defense contractors, the ITAR are enforced by the U.S. Department of State's Directorate of Defense Trade Controls (DDTC) and govern exports and re-exports of commodities and technical data that are used for military purposes. This includes information that is required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance, or modification of defense items. In the absence of an exemption specified under the ITAR, it is necessary to obtain a license from DDTC in order to export or re-export ITAR-controlled hardware or an agreement from DDTC in order to export or re-export technical data. Like the EAR applications, applications for licenses or agreements are required for covered products, technology, software, or information exports, and typically are processed within five to seven weeks (or within two to four months for more complicated agreements). The ease of getting a license varies depending upon the technology and country at issue. DDTC does have a policy of denying license applications involving entities from certain countries such as China, Myanmar, Belarus, Cuba, Iran, Liberia, Libya, North Korea, Somalia, Syria, Sudan, and Vietnam). Penalties for violations of the ITAR can be severe and can include:

  • Administrative debarment that prohibits entities from participating directly or indirectly in the export of defense articles or defense services for which export approval is required
  • Civil penalties of up to $500,000 per violation
  • Criminal penalties of up to $1 million for each violation, imprisonment for up to 10 years, or both

U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) Regulations

OFAC administers regulations relating to countries that are subject to comprehensive U.S. embargoes (e.g., Cuba, Iran, and Sudan) and limited sanctions (e.g., the Balkans, Belarus, Myanmar, Côte d'Ivoire, Iraq, Liberia, and Zimbabwe) as well as regulations relating to list-based sanctions programs (e.g., the Global Terrorism Sanctions Regulations, the Weapons of Mass Destruction Trade Control Regulations, and the Rough Diamonds Control Regulations). Each sanctions program is governed by its own set of regulations, which often contain subtle differences that companies operating abroad can easily overlook. In most cases, if the United States has imposed a comprehensive embargo against a country, U.S. persons are prohibited from engaging in virtually all trade, investment, and commercial activities with nationals from that country. OFAC also maintains a Specially Designated Nationals (SDN) List. U.S. persons are prohibited from having any dealings with any of the many entities identified on the SDN List. U.S. companies also are prohibited from assisting their non-U.S. affiliates from engaging in transactions with entities identified on the SDN List or with Cuba. Penalties for violations of many of the OFAC Regulations can be harsh and include:

  • Civil penalties of up to the greater of $250,000 or twice the value of the transaction
  • Criminal penalties of up to $1 million for each violation, imprisonment for up to 20 years, or both

In addition, under various other regulations administered by OFAC, civil penalties may be up to $1 million per violation, and criminal penalties per violation may range up to $10 million against companies and $5 million against individuals. Individuals also may be imprisoned for up to 30 years.

Emerging technology companies that do business overseas or have international partnerships should carefully review U.S. export laws with their legal advisors to ensure compliance and minimize their exposure to civil and criminal penalties.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.