Make Sure You Address Compliance with Export Controls
Compliance officers have to avoid professional myopia. The focus of compliance these days has been on anti-corruption, antitrust, and AML, depending on your company’s industry. They fit nicely together under an anti-corruption umbrella. But limiting your compliance program to these areas is shortsighted. Other legal and regulatory requirements require careful attention for compliance and can impose harsh penalties for noncompliance – export compliance is a great example.
The truth is, a “compliance program” needs to address a broad range of regulatory regimes. An export compliance program can fit seamlessly into your current compliance program. There are economies of scale and scope even when you are looking at a separate and distinct regulatory regime.
CCOs should take a more active role in this area – it offers great benefits to compliance overall. A CCO cannot preach a belief in ethical and legal business conduct and then turn a blind eye when export compliance issues come up; this undermines your underlying message: that everyone in the company, at all levels, should be committed to conducting business in a legal and ethical manner. Ignoring one set of regulations is not an option.
The Department of Commerce and the Department of Treasury maintain complex regulations surrounding export controls and sanctions. The regulations contain detailed rules and requirements that are technical in nature and include conditions that have to be monitored. But casting your operational departments off to handle it on their own is not the right way to do things. Building an export compliance component into your overall compliance program ensures that export compliance will receive the same support and rigor that other compliance areas do.
The Department of Commerce, Bureau of Industry Standards (BIS) offers substantial guidance on what an export management compliance program (“EMCP”) should contain:
- Management Commitment and Sufficient Resources, including appropriate senior organizational official(s) are designated with overall responsibility.
- Continuous Risk Assessment of the Export Program
- Formal Written Export Management and Compliance Program: Effective implementation and adherence to written policies and operational procedures.
- Ongoing Compliance Training and Awareness
- Pre/Post Export Compliance Security and Screening: Screening of employees, contractors, customers, products, and transactions and implementation of compliance safeguards throughout the export life cycle including product development, jurisdiction, classification, sales, license decisions, supply chain, servicing channels, and post-shipment activity.
- Adherence to Recordkeeping Regulatory Requirements
- Internal and External Compliance Monitoring and Periodic Audits
- Maintaining a Program for Handling Compliance Problems, including Reporting Export Violations
- Completing Appropriate Corrective Actions in Response to Export Violations
These “core elements” are listed on BIS’ website. Most of the components are remarkably similar to the requirements for an “effective” FCPA compliance program and the key elements of an AML compliance program.
Take advantage of these similarities by broadening the scope of your compliance program. For example, if you have a successful training program in place, adding export compliance to the program allows you to leverage the compliance infrastructure you have already built.
Too often CCOs operate build a compliance program with blinders. CCOs should embrace every opportunity to leverage their expertise and broaden the scope of their compliance program. Doing so will realize economies of scale and scope and expand protections for your company. Export compliance is a good place to start.