Categories
Red Flags Rising

Red Flags Rising: S01 E24 – Preventing Diversion Starts Close to Home

Mike and Brent break down the key takeaways from an affidavit by a Bureau of Industry & Security Special Agent in Los Angeles, which was unsealed on August 5, 2025, and is a masterclass in how BIS is identifying and analyzing “red flags” indicating potential export control violations.

Mike and Brent discuss the basics of the case (00:58), the value of the detailed affidavit prepared by the BIS Special Agent in support of the arrests (02:19), the value of the case to those making broader strategic decisions for companies in illustrating the competitive advantages—and ability to maximize the benefits of America’s AI Action Plan—through effective export controls compliance (03:00), the most-relevant details of the allegations (04:20), the dangers of doing business with “fly-by-night” operations of any type (05:45), how these allegations underscore the importance of dynamic risk assessments, i.e., those that focus on changes in customers or orders around significant changes to U.S. export controls (06:14), what the affidavit signals for corporate enforcement (07:21), what we can learn about diversion risks from Brent’s studies of the Qing dynasty and frozen meats (07:40), what seized text messages revealed about the smugglers’ view of the current U.S. Administration (08:57), what the affidavit indicates that trade compliance teams realistically, at the front end, could or should have known (10:31), how to respond to BIS requests for information or outreach visits (13:58), Mike’s leaky dishwasher analogy for diversion (and why you need to fix both) (14:15), how the affidavit shows that BIS agents are applying a high probability mindset in their investigations (18:27), how not to “kick the hornet’s nest” when BIS visits or requests information (20:29), the expectations of U.S. regulators generally that companies that become aware of potential violations, whether or not they voluntarily disclose anything, at least do a “root cause” analysis and consider whether compliance program enhancements are necessary (22:17), and the relevance of General Prohibition 10 and the several inchoate provisions under 15 C.F.R. § 764.2 (23:10).

They then conclude with the ever-popular segment, Brent Carlson’s “Managing Up” (26:03).

Resources:

Edvard Pettersson’s article, with a link to the BIS Special Agent’s affidavit, “Chinese nationals charged with illegal exports of Nvidia chips” (Courthouse News, Aug. 5, 2025)

The DOJ Press Release

Brent LinkedIn

Mike LinkedIn

Mike & Brent’s “Fresh Looks” Series

Categories
Red Flags Rising

Red Flags Rising: S01 E23 – $140M “High Probability” Enforcement Action

Mike and Brent break down the $140 million corporate resolution announced on Monday, July 28, 2025, by the U.S. Department of Commerce’s Bureau of Industry & Security (BIS) and the U.S. Department of Justice’s National Security Division (NSD). Of this amount, $95 million was imposed by BIS alone, which is the largest stand-alone BIS penalty since April 2023.

Mike and Brent discuss the geopolitical context (00:39), how the resolution responds to December 2024 criticism from the then-majority staff of the U.S. Senate’s Permanent Subcommittee on Investigations (01:58), why this is “where the juice is” for future BIS and NSD enforcement (03:05), how the settlement underscores that sustained compliance with national security-driven regulations requires a substance-over-form approach (04:45), the relevant facts related to the resolving company’s China subsidiary and customers (06:36), the relevant facts related to the parent company (08:59), why a letter of assurance and end-use/end-user certifications were not sufficient to respond to the “red flags” identified (10:38), how U.S. parent companies should be thinking holistically about export controls risk and strategies for mitigating that risk, including in responding to BIS outreach visits or queries to hopefully avoid administrative subpoenas or, worse, referrals to criminal authorities (12:37), the signals BIS and NSD expect companies subject to U.S. export controls to perceive from the public documents (16:37), the significance of BIS’s reference to General Prohibition 10 and to attempted violations of U.S. export controls (16:37), and the key takeaways for legal and trade compliance professionals (19:09).

Mike and Brent then conclude with the still-back-by-popular-demand segment, Brent Carlson’s “Managing Up” (19:52).

Resources:

The BIS Press Release, with links to the settlement documents

The NSD Press Release, with links to the corporate guilty plea and criminal information

Brent LinkedIn

Mike LinkedIn

Mike & Brent’s “Fresh Looks” Series

Categories
Red Flags Rising

Red Flags Rising: S01 E14 – Getting a Grip on U.S. Export Controls Guidance

Mike and Brent unpack the May 13, 2025, due diligence guidance from the U.S. Bureau of Industry & Security. They describe what happened on May 13 (00:00), the guidance from BIS on General Prohibition 10 and Huawei Ascend chips (03:34), the related BIS policy statement (04:13), and then focus on the BIS “Industry Guidance to Prevent Diversion of Advanced Computing Integrated Circuits” (04:47), specifically the underlying U.S. national security concerns (05:50), relevant key takeaways from Episode 13’s special guest Dana W. White (06:51), the significance of the Industry Guidance’s reference to the WMD and military-intelligence catch-all provisions (08:29), the historical pre-1993 “KYC Guidance” cross-referenced by BIS in the new Industry Guidance (11:53), how the historical “KYC Guidance” is often misunderstood through selective quotation devoid of relevant context (13:34), the new “red flags” identified in the May 13, 2025 Industry Guidance (16:10), the key takeaways of the Industry Guidance (17:55), a warning about over-reliance on the Industry Guidance’s statement about existing end-use certificates (18:47), and the practical implications of the Industry Guidance for trade compliance teams (19:36). They then conclude with the next installment of Brent Carlson’s “Managing Up” (21:26).

Resources:

BIS May 15, 2025 Industry Guidance

Brent LinkedIn

Mike LinkedIn

Mike & Brent’s “Fresh Looks” Series

Categories
Compliance Into the Weeds

Compliance into the Weeds – Seagate Sanctions Enforcement Action

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more, looking for some hard-hitting insights on sanctions compliance. Look no further than Compliance into the Weeds!

In this episode, Tom and Matt discuss the recent $300 million fine against Seagate Technology Corporation for violating US sanctions against Huawei. They analyze Seagate’s approach to sanctions compliance, especially when compared to Microsoft’s response to similar violations. With billions of dollars in sales at stake, the implications of these cases for compliance officers are huge. With frank insights, deep knowledge, and engaging dialogue, Compliance into the Weeds is a must-listen for anyone interested in sanctions compliance and the world of business.

Key Highlights:

·      Seagate’s controversial business dealings with Huawei

·      Seagate’s Sanction Violations and Compliance Programs

·      Seagate’s Violation of Foreign Product Rule

·      Expanding Lessons for Compliance Officers

 Notable Quotes:

“Sanctions is going to be the new FCPA risk,” according to the US Justice Department.”

“The failure to acknowledge your culpability is a key multiplier under the federal sentencing guidelines. And so if this had been any criminal penalty, this fine and penalty would have gone through the roof.”

“Look to your left, look to your right, see what other people are doing, what they’re getting in trouble for, and incorporate those lessons learned into your risk assessment.”

“Sanctions are hard, and companies can misunderstand this. Well, very specifically, the rule that got Seagate into trouble is known as Foreign Direct Product Rule or what is it exactly, the foreign-produced direct product rule?”

Resources

Matt 

LinkedIn

Blog Post in Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Corruption, Crime and Compliance

Microsoft Pays OFAC and BIS Over $3.3 Million to Settle OFAC Sanctions Violations

Microsoft recently paid over $3 million for multiple sanctions violations involving illegal exports of services and software to sanctioned jurisdictions. The violations spanned seven years and involved prohibited Russian entities or persons located in the Crimea region of Ukraine. However, what makes this case particularly intriguing is the remedial actions taken by Microsoft, which offer best practices and insights into what can be done when resources are available. In this week’s episode of Corruption, Crime, and Compliance, Michael Volkov takes a deep dive into the Microsoft OFAC enforcement action.

He discusses these ideas:

  • Microsoft committed 1339 transactions in violation of multiple sanctions programs over seven years, totaling over $12 million worth of sales and services.
  • Violations included the sale of software licenses and the provision of related services from servers and systems located in the US and Ireland to SDNs, blocked persons, and other end users located in Cuba, Iran, Syria, Russia, and the Crimea region of Ukraine.
  • The violations were due to Microsoft’s failure to obtain complete or accurate information on the identities of end customers and shortcomings in its restricted party screening. At times, Microsoft Russia employees intentionally circumvented Microsoft screening controls to prevent other Microsoft affiliates from knowing the identity of the ultimate end customers.
  • Microsoft’s significant remedial measures included enhancing its trade compliance program, improving its governance structure and screening resources, adopting a new three lines of defense model, and conducting a holistic risk assessment to identify and remediate instances of prohibited engagements.
  • Microsoft deployed a multidisciplinary internal investigation team proficient in 16 foreign languages, modified its procedures to respond to matches, and expanded the scope and volume of data screened.
  • “Companies with sophisticated technology operations and a global customer base should ensure that their sanctions compliance controls remain commensurate with risk.” 
  • Companies should consider conducting a holistic risk assessment to identify and remediate prohibited engagements and ensure that employees adhere to the sanctions compliance program.
  • OFAC emphasized that companies conducting business through foreign-based subsidiaries, distributors, and resellers should have sufficient visibility into their end-users, including through the provision of services after an initial sale.

 

KEY QUOTES:

“Now, when Microsoft supported these third party sales to prohibited parties, they provided prohibited software and services to SDNs and end customers in sanctioned jurisdictions and the violations occurred. The root cause really was because Microsoft did not have complete or accurate information on the identities of the end customers for Microsoft’s products.” – Michael Volkov

 

“Companies with sophisticated technology operations and a global customer base should ensure that their sanctions compliance controls remain commensurate with that risk and leverage in appropriate technological compliance solutions.” – Michael Volkov

 

“Testing or auditing, whether conducted on a specific element of a compliance program or enterprise wide level, are important tools to ensure that the program is working as designed and weaknesses are promptly remediated.” – Michael Volkov

 

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

 

Categories
Compliance Kitchen

BIS Update to Unverified List


 
Commerce Department’s BIS issues revisions to the Unverified List; adds 33 Chinese entities.

Categories
The Compliance Life

Matt Silverman on Trade Compliance in 2025 and Beyond

The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, we have our first Director of Trade Compliance, Matt Silverman, Director of Trade Compliance at VIAVI. We discuss Matt’s journey to the Director’s chair and look down the road at where trade compliance will be in 2025 and beyond.

In this concluding episode, Silverman looks at the role and function of trade compliance in 2025 and beyond. He notes that currently at many organizations still falls under the logistics or supply chain function but down the road he believes it will be an integral role in every legal/compliance department with much more high-level visibility in the C-Suite, and trade compliance becoming a bigger factor in risk management considerations.

He also feels that Trade Compliance Directors will likely need significant experience and a legal background, particularly given the trend toward greater enforcement actions taken by DOJ and OFAC. We concluded with some of Silverman’s thoughts on the intersection of ESG with trade compliance.  As ESG gains more popularity and attention in the C-Suite, trade compliance will become more important and one of its roles will be in fulfilling ESG initiatives.

Resources

Matt Silverman LinkedIn Profile

Categories
Compliance Kitchen

BIS Update


BIS lists foreign entities: support of foreign military applications, proliferation.

Categories
Compliance Kitchen

BIS administrative settlement with VTA Telecom Corporation


In this episode, we look at what went into the making of a BIS administrative settlement with VTA Telecom Corporation, due to EAR violations.

Categories
Compliance Kitchen

BIS Update


Things are bubbling in the Commerce Department as BIS add 34 companies to the Entity List due to China’s continue human rights abuses and Iranian and Russian procurement without a license.  The Kitchen takes a look at the new Xinjiang supply chain business advisory published by the State Department as things continue to heat up in China.