Gov't Expectations Rising for FDP Rule Compliance, Lawyer Says
Many companies are grappling with how best to comply with the Commerce Department’s foreign direct product rule, “one of the key areas” still “unaddressed” by the agency’s regulations and guidance, said Kim Strosnider, a trade lawyer with Covington. She said Commerce’s compliance expectations for the FDP rule are rising despite due diligence challenges faced by industry, pointing to the agency’s record $300 million penalty against Seagate Technology in April (see 2305080029 and 2304190071).
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
When the FDP rule “first came into effect, people thought, ‘wow, you can't have to do that. That sounds really complicated,’” Strosnider said during the American Association of Exporters and Importers’ annual conference in Washington last week. “But I think now that it's been sitting with us for a couple of years, the expectations are going up.”
Seagate settled with the Bureau of Industry and Security after it admitted to selling more than 7 million export-controlled hard disk drives to Huawei in violation of the FDP rule. The settlement shows BIS is “not shying away from even the complex parts of the regs,” Strosnider said, “and the penalties are potentially very large.”
Strosnider said she’s seeing an uptick in criminal and civil cases with “significant penalties,” underscoring the importance of compliance with the FDP rule. “It's not the olden days where you see a bunch of BIS cases that are 10, 12, 15,000 dollars,” she said. “You're seeing some really big ones now.”
She added that some of her clients have received DOJ subpoenas “regarding China issues,” a trend echoed by other trade lawyers who are seeing a rise in government summons (see 2303200051). “China is top of mind, and nobody wants to look weak on China, so the way that seems to be coming out is both through greater regulation, but also heightened export enforcement,” Strosnider said. “It's a big topic.”
Strosnider said “a lot” of her clients are trying to understand how much due diligence is enough under the FDP rule, adding that companies manufacturing products in China and selling to Huawei or other parties subject to the rule need to closely examine their manufacturing equipment. To find out if the equipment is made with certain U.S.-origin software or technology -- and therefore subject to the FDP rule -- companies should probably be reaching out to their equipment suppliers, Strosnider said.
Companies should also consider “talking to your business teams who are experts,” noting that “not every type of technology or software” is subject to the FDP rule. “So you might be able to have some in-house technical expert who knows that machine, who could say, ‘there's no way that XYZ company used this type of technology or software to produce it,'” Strosnider said. “But some level of inquiry would be prudent, and it probably is along the lines of what BIS is expecting now.”
She also said it may be too difficult to conduct due diligence on every item or piece of equipment that may be subject to FDP rule license requirements, adding that some of that calculus “depends on what your company's risk tolerance is, and that might change over time as you observe enforcement trends.” Some of her clients are “homing in on certain items,” such as the semiconductor incorporated into a larger product. “Those kinds of smart, selective inquiries into your supply chain for components and equipment, I think, would be merited.”
Still, some compliance questions may not have clear answers. “I will say, there's a lot of lines of thinking about how far to go,” she said. The FDP rule is “not one where Commerce has given much guidance to industry, but it's certainly something that I think you should start to include in your diligence if you aren't already.”
Compliance with BIS’ military end-user license requirements has also proven challenging for industry (2302150033, 2007090075, 2102190042 and 2105050048). April Snyder-Bolden, a manager in IBM’s export regulation office, said the company screens “pretty much every entity” that it deals with to ensure compliance, including its customers, its reseller, its “reseller's contact” and its employees.
She also said IBM uses Chinese speakers to aid with their MEU compliance efforts, including by having them examine the Chinese version of a company’s website to determine if there are any mentions of the defense sector. Speaking during the conference, Snyder-Bolden said that has been especially helpful in cases where a Chinese company’s English-facing website is different from its Chinese website.
“I will say -- there's many times where we're probably doing more diligence than is needed, but it's just to make us feel comfortable,” she said. “We are selling mass-market software, and we want to make sure it's not going to someone who could later be added to the government's MEU list, so we're doing a lot of diligence in that area.”