C-suite officials need to be more involved in their companies’ export compliance programs, the Bureau of Industry and Security’s top export enforcement official said this week. He also urged businesses to review -- and potentially expand -- their current programs to keep pace with export controls risks, especially as various government agencies work more closely together on investigations, indictments and sanctions.
Ian Cohen
Ian Cohen, Deputy Managing Editor, is a reporter with Export Compliance Daily and its sister publications International Trade Today and Trade Law Daily, where he covers export controls, sanctions and international trade issues. He previously worked as a local government reporter in South Florida. Ian graduated with a journalism degree from the University of Florida in 2017 and lives in Washington, D.C. He joined the staff of Warren Communications News in 2019.
The Commerce Department is proposing new rules that could require U.S. cloud service providers and their foreign resellers to follow know-your-customer (KYC) requirements, a step the agency said would prevent those services from being used to aid cyberattacks and to train artificial intelligence models that threaten U.S. national security. The proposed regulations are specifically aimed at preventing “foreign malicious cyber actors” from using U.S. infrastructure-as-a-service products to steal American intellectual property and sensitive data, commit espionage, and train large AI models for cyberattacks on U.S. critical infrastructure.
The Bureau of Industry and Security is preparing to announce more “significant” export penalties and corporate resolutions this year, said Matthew Axelrod, the agency’s top export enforcement official. He also said exporters should see more export-related indictments as part of a joint effort with DOJ, and he continued to pitch a BIS funding boost, which would help it hire more export enforcement agents.
The Bureau of Industry and Security will likely issue more penalty announcements this year for export control violations, a former senior BIS enforcement official said, suggesting the current state of enforcement is unprecedented.
Dutch chip equipment maker ASML isn’t expecting to receive export licenses this year to ship several of its deep ultraviolet immersion lithography systems to China, along with one older DUV tool not previously disclosed by the company.
The Bureau of Industry and Security has been experiencing delays in semiconductor-related export license applications due to a higher number of disagreements with the other agencies that also review those licenses, a senior BIS official said this week.
The U.S. and the EU are making progress on more closely aligning their encryption-related export controls, a senior Bureau of Industry and Security official said last week, along with differences in export licensing and classification.
Companies should avoid internal policies that require them to disclose all potential sanctions and export control violations to the government, lawyers with Foley Hoag said this week. Although it may seem like a sound compliance policy, the lawyers said that language can backfire, including in cases where a voluntary disclosure may not be the best option.
Companies should expect the Bureau of Industry and Security to announce new export controls this year restricting certain U.S. person activities involving military and military intelligence end uses and end users, a former BIS official said.
The European Commission this week released a package of proposals that could lead to new restrictions for a host of transactions involving dual-use technologies, including by expanding the bloc’s screening of inbound investments, improving export control coordination among member states and studying the possibility of new outbound investment restrictions.