BIS increases incentives for companies to report their own and others’ export control violations
The US Department of Commerce, Bureau of Industry and Security (BIS) has issued new guidance designed to encourage companies to disclose potential export control compliance violations that they or their competitors may have committed. The guidance additionally emphasizes that it will seek to impose higher penalties for violations that were identified by companies in internal reviews but consciously not disclosed through the voluntary self-disclosure mechanism under the Export Administration Regulations (EAR).
Taken together, this guidance underscores BIS’s focus on the enforcement of violations of the EAR, gives notice to industry and academia of the need to conduct a thorough review of their exports and foreign manufacturing processes, and elevates the importance and consequences of a decision to disclose or not disclose potentially violative conduct.
On April 18, 2023, BIS announced a series of updates to its enforcement guidelines for cases in which companies identify and disclose potential export control violations. Driving this change appears to be BIS’s interest in protecting sensitive US technologies, “increasing the number of VSDs . . . that disclose significant possible violations,” and acquiring information about actions by competitors and other third parties that may warrant enforcement action.
Change in policy regarding voluntary self-disclosures
Through the new policy, BIS seeks to incentivize companies to voluntarily disclose significant violations of the EAR, noting that BIS receives a large number of VSDs concerning relatively minor compliance issues but very few disclosures concerning violations that involve important US national security and foreign policy interests or a large quantity or value of violations.
To encourage companies, universities and other entities engaged in EAR-controlled activities to report such larger – and potentially systemic – compliance issues, BIS will penalize companies that identify but decide not to report such issues by considering non-disclosure as an aggravating factor in its penalty calculations. Accordingly, conscious non-disclosure of violations will result in higher penalties when such conduct is identified.
This new policy is based on a reinterpretation of its current “Guidance on Charging and Penalty Determinations in Settlement of Administrative Enforcement Cases” included in Supplement No. 1 to EAR Part 766. These BIS settlement guidelines provide mitigation of a civil penalty for timely, comprehensive VSDs that involve full cooperation with BIS. Failure to utilize the VSD mechanism to report significant potential violations will now be interpreted by BIS as an aggravating factor that increases the likelihood of penalties up to the maximum allowed by law.
Accordingly, companies that choose not to disclose potentially significant non-compliance issues will now face a much greater likelihood of maximum penalties – including civil penalties per violation of $353,534 or twice the value of the transaction (whichever is greater) as well as potential criminal penalties of up to $1 million and 20 years imprisonment.
Change in policy regarding disclosures about the conduct of others
At the same time, BIS has established new incentives for companies to report on the suspected misconduct of others. Specifically, companies and others that report potential EAR violations of others to BIS will earn credit with the agency that can mitigate their own potential liability if they later commit and disclose their own violations of the EAR.
Further, individuals who report suspected violations to BIS may become eligible for monetary rewards. Specifically, BIS has clarified that, if a reported violation leads to a successful enforcement action that includes the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) or the Department of Justice, the tipster may be eligible for substantial financial awards.
The latest BIS policy guidance raises the stakes for all companies, universities and others who engage in transactions that involve export-controlled products, software, technology and services. Where potential violations are identified, the decision to disclose those violations should be evaluated carefully – keeping in mind that competitors, whistleblowers and other third parties now have an enhanced incentive to report such conduct to US law enforcement.
Should you have any questions about these developments or the Export Administration Regulations more generally, please contact any of the authors or your regular DLA Piper contact.