Biden Admin to Increasingly Use CFIUS Filings for Export Control, Sanctions Leads, Lawyers Say

Adam Smith, a trade lawyer and former Office of Foreign Assets Control adviser, said CFIUS is increasingly asking filers about their compliance programs, which provides a pathway for the committee to alert other government agencies about potential red flags in their sanctions and export compliance.

“I do think that we’ll continue to see a focus on China and the large investments,” Smith said during the Sept. 14 webinar, “but I also think there'll be this use of CFIUS as almost a gateway to learn more about and potentially move against parties that have questionable sanctions compliance, export control compliance or otherwise.” Robert Hur, a Gibson Dunn lawyer and former Department of Justice official, said companies should expect CFIUS to continue “expanding the scope of the types of areas where it's really directing its scrutiny.”

Hur also said he expects to see the administration continue its “intense focus” on general sanctions and export control enforcement. While the U.S. will likely continue to focus its sanctions effort on “jurisdictions of note,” including Cuba, Venezuela and others, Smith said he expects to see more enforcement cases involving new technologies. He specifically pointed to the U.S.’s multi-agency settlement agreement with the German software company SAP SE in May, which involved both sanctions and export control violations for illegal exports of U.S.-origin software (see 2104290069).

“I also think the likelihood of cloud-based and crypto-based cases” being the subject of an enforcement action “are going to go up rather significantly,” Smith said. The administration is also likely to focus on human rights issues and continue its use of sanctions under the Global Magnitsky Human Rights Accountability Act.

While the SAP SE case may signal greater government enforcement, it was also notable because it was the first non-prosecution agreement under the Justice Department's recently revised voluntary disclosure policy (see 2008180043). Although SAP SE was fined more than $8 million, it was able to avoid a government-appointed monitor because it voluntarily disclosed the violations.

David Burns, a national security lawyer and a former Justice Department official who worked on the agency’s revised disclosure policy, said officials wanted the new policy to provide industry with more “clarity” about the benefits of submitting a voluntary disclosure. “There clearly were benefits that were described in the existing policy,” Burns said, “but we wanted to be very specific that if you abide by the terms of the policy, there is a benefit of a presumption of a non-prosecution agreement.”

But the new policy also created some complications for industry. Some in industry have interpreted it as saying that they must first voluntarily disclose their violation to the Department of Justice if they want to receive DOJ’s mitigation benefits (see 2008180043). DOJ has said it will extend credit to companies that voluntarily disclose their violations to other enforcement agencies in certain situations.

“We wanted to make it clear, and I don't know that everyone was thrilled on the private sector on this point, but that a company couldn't make a voluntary self-disclosure just to OFAC or just to [the Bureau of Industry and Security], for example, and have the benefits of the Department of Justice policy,” Burns said. “If you want the benefits, you have to go directly to the Department of Justice, to the Counterintelligence and Export Control Section, and make that report.”