Tag: Export Controls

Categories
FCPA Compliance Report

FCPA Compliance Report – The Role of Internal Audit in Export Controls

Welcome to the award-winning FCPA Compliance Report, the longest-running compliance podcast. In this episode, Tom welcomes Jonathan Marks, who discusses the role of internal audit in export control compliance.

Jonathan starts by defining export controls and their significance: regulations governing the export, re-export, and transfer of goods, technology, and services across borders to protect national security and enforce foreign policy. As a Compliance Profession, you should recognize the severe impacts of operational disruptions, supply chain issues, and national security risks resulting from non-compliance, emphasizing the need for comprehensive compliance frameworks. Internal audit responsibilities are expanded, stressing the necessity of robust policies, clear responsibilities, consistent employee training, and thorough risk assessments.

Jonathan discusses practical internal audit strategies, including evaluating high-risk transactions, identifying compliance gaps, and regularly monitoring and testing compliance controls through transaction testing, data analytics, third-party due diligence, and incident response mechanisms. Jonathan underscores the importance of collaboration between internal audit, legal, compliance, and supply chain teams to ensure an integrated and proactive compliance approach, thereby mitigating risks and strengthening corporate governance.

Key highlights:

  • Understanding Export Controls and Compliance
  • Role of Internal Audit in Export Controls
  • Key Areas for Internal Audit Focus
  • Testing and Monitoring Controls

Resources:

Jonathan Marks on LinkedIn

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
Blog

The Critical Role of Internal Audit in Export Controls Compliance

Export control compliance is a high-stakes area that many companies overlook until it is too late. With regulatory frameworks such as the Export Administration Regulations (EAR), the International Traffic in Arms Regulations (ITAR), and the Office of Foreign Assets Control (OFAC) sanctions programs, businesses must be vigilant. Internal audits have a key role in ensuring compliance and mitigating the significant risks of violations, ranging from hefty fines and reputational damage to potential debarment from government contracts.

Understanding Export Controls Compliance

Export controls govern the export, re-export, and transfer of goods, technology, and services across borders. They aim to protect national security, enforce foreign policy objectives, and prevent sensitive materials from reaching unauthorized parties.

Key U.S. Export Control Regulations

Several major regulatory frameworks govern export controls in the U.S.:

  • Export Administration Regulations (EAR) – Overseen by the Bureau of Industry and Security (BIS), the EAR covers dual-use goods items with both civilian and military applications.
  • International Traffic in Arms Regulations (ITAR) – Managed by the State Department, ITAR regulates defense-related exports.
  • Office of Foreign Assets Control (OFAC) – OFAC administers sanctions programs that restrict trade with specific countries, entities, and individuals.

Violating these regulations can cause severe legal, financial, and reputational consequences, including multi-billion-dollar penalties and exclusion from government contracting.

The Risks of Noncompliance

Export control noncompliance carries significant risks:

  • Legal and Financial Risks – Companies can face substantial fines, criminal charges, and debarment from government contracts. For some organizations, debarment can be a financial death sentence.
  • Reputational Risk – Failing to comply can lead to reputational damage, including negative press, loss of customer trust, and shareholder worries.
  • Operational Disruptions – Supply chain disruptions and market access restrictions can cripple a business, especially in industries such as aerospace, defense, and technology.
  • National Security Risks – The inadvertent transfer of technology with military applications to unauthorized parties can have serious geopolitical ramifications.
  • Cybersecurity Threats – Controlled data can be exploited to compromise national security if exposed to foreign adversaries.

Internal Audit’s Role in Export Controls Compliance

Given these risks, internal audits must proactively ensure robust compliance frameworks are in place. This includes:

1. Evaluating Compliance Frameworks

A strong compliance framework begins with clearly defined policies and procedures that align with export control regulations. Internal audits should assess whether these guidelines are well-documented, communicated, and consistently enforced across the organization. A key component of compliance is designated ownership, and organizations must assign clear responsibilities for managing export controls and ensuring accountability at every level. Without clear ownership, compliance efforts can become fragmented and ineffective. Additionally, internal audits should evaluate the effectiveness of training programs designed for employees who handle controlled items and data. Training should be comprehensive, regularly updated, and tailored to different roles within the company. Employees must understand their responsibilities, potential red flags, and the legal implications of noncompliance. An ongoing training program strengthens the organization’s culture of compliance and minimizes the risk of accidental violations.

2. Conducting Risk Assessments and Monitoring

Internal audit plays a critical role in identifying and mitigating risks associated with export controls. Auditors should conduct risk assessments to pinpoint high-risk transactions, products, and business units susceptible to violations. These assessments help organizations allocate resources effectively and focus on areas of greatest concern. Compliance gaps can expose organizations to significant risks, making it essential for auditors to assess whether existing controls are sufficient or improvements are needed. In addition, internal audits should monitor red flags that may show potential compliance breaches. Common red flags include shipments to embargoed countries, unusual customer requests related to product specifications or destinations, and sudden changes in routing or documentation. Proactive monitoring allows organizations to detect and address potential violations before they escalate into larger compliance issues.

3. Auditing and Testing Export Controls

Regular audits and testing of export controls are necessary to ensure regulatory compliance. Transaction testing is a fundamental internal audit practice verifying whether export licensing and classification rules are correctly followed. This process helps identify inconsistencies or errors that could lead to compliance failures. Another essential tool is data analytics, which can uncover anomalies in export transactions. Analyzing patterns, trends, and deviations allows auditors to flag suspicious activity and investigate further. However, data analytics is only effective if the organization understands the key risk indicators and integrates them into monitoring systems. Third-party due diligence is crucial in assessing compliance risks within supplier and distributor relationships. Auditors should evaluate whether third-party partners adhere to export regulations and implement adequate controls to prevent illicit activities. Failure to conduct due diligence can expose companies to liability for the actions of their business partners.

4. Strengthening Incident Response and Investigations

A strong incident response mechanism is a cornerstone of an effective export controls compliance program. Internal audits should evaluate whether the company has robust reporting mechanisms encouraging employees to report potential violations. A well-structured reporting system, such as an anonymous hotline, can help organizations detect issues early and address them promptly. Investigations must be handled efficiently, with a structured approach for triaging allegations and determining their severity. Internal audits should assess whether the organization follows best practices in conducting investigations and whether findings are documented appropriately. Corrective actions are another critical component—compliance gaps identified during investigations must be addressed promptly to prevent recurrence. Internal audits should ensure that corrective actions are implemented effectively and lead to lasting improvements in compliance practices.

5. Collaborating with Legal, Compliance, and Supply Chain Teams

Export compliance is a cross-functional responsibility, requiring collaboration between internal audit, legal, compliance, and supply chain teams. Internal audit should work closely with these departments to develop an integrated approach to managing export risks. Strong partnerships improve transparency and facilitate open communication, essential for identifying and addressing compliance challenges. Legal and compliance teams provide expertise on regulatory requirements, while supply chain teams play a crucial role in tracking the movement of controlled goods. Internal audits should ensure that all stakeholders are aligned in their efforts and that compliance initiatives are well-coordinated. Internal audits can enhance monitoring mechanisms by ensuring that information-sharing processes are efficient and potential compliance risks are escalated appropriately. A collaborative approach strengthens the organization’s overall compliance posture and minimizes regulatory exposure.

Red Flags That Demand Further Scrutiny

Export control violations often result from either negligence or intentional circumvention of regulations. Key warning signs include last-minute changes to product specifications, especially if such modifications appear designed to bypass regulatory restrictions. Altered shipment destinations should also raise concerns, particularly those involving high-risk or embargoed countries. Requests to route shipments through third countries may signal attempts to evade sanctions, while unusual payment methods or routing through non-traditional banks can indicate illicit activities. These red flags necessitate heightened due diligence and should be promptly escalated for further investigation. A proactive compliance approach that integrates continuous monitoring, effective auditing, and cross-department collaboration is essential in mitigating these risks and ensuring adherence to export control regulations.

Export control compliance is not just a regulatory obligation but a fundamental aspect of risk management and corporate integrity. Organizations that prioritize compliance through robust frameworks, continuous risk assessments, and proactive internal audit functions can avoid costly penalties and reputational damage. By fostering collaboration across departments and maintaining vigilance against red flags, companies can strengthen their compliance posture and build trust with regulators, partners, and customers. A proactive and integrated approach to export control compliance ensures business continuity and long-term success in an increasingly complex global trade environment.

Categories
FCPA Compliance Report

FCPA Compliance Report – DeepSeek and the Recalibration of Risk with Mike Huneke and Brent Carlson

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom welcomes back Mike Huneke and Brent Carlson for a special two-part podcast series on DeepSeek’s bombshell AI advancements announced on President Trump’s inauguration day. In Part 1, they review the business and compliance implications, and in Part 2, they consider the Sputnik Moment that has occurred.

In Part 1, they consider the immediate and significant repercussions in both the business and compliance landscapes. Key topics include the economic and geopolitical ramifications of DeepSeek’s innovations, changes in export control policies, and the unique compliance challenges AI technology poses. The discussion also examines how corporations can recalibrate their risk frameworks, integrate high-probability standards, and leverage data analytics to handle millions of transactions in a global economy. Emphasizing the importance of comprehensive compliance programs, the episode provides actionable insights for compliance professionals navigating this evolving landscape.

Key highlights:

  • DeepSeek’s AI Breakthrough
  • Economic and Compliance Implications
  • Export Controls and Legal Concerns
  • Compliance Strategies and Risk Management
  • Training and Organizational Culture

Resources

Mike Huneke

Hughes Hubbard & Reed website

Brent Carlson on LinkedIn

A Fresh Look at US Export Controls and Sanctions

DeepSeek Finds US Export Controls at a New ‘Sputnik Moment’ in Bloomberg.Law

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
FCPA Compliance Report

FCPA Compliance Report – Strategic ROI: Navigating Export Controls and Compliance

Welcome to the award-winning FCPA Compliance Report, the longest-running compliance podcast. In this episode, Tom welcomes back Brent Carlson and Mike Huneke to discuss a crucial topic in corporate compliance: the return on investment (ROI) in export controls compliance.

This pod reviews the challenges compliance professionals face in articulating the value proposition for investments in compliance programs. Brent and Mike highlight the misconceptions about compliance being merely a cost center and explore various ways to demonstrate its tangible benefits to executive teams and boards. The discussion also covers the impact of recent regulatory changes and geopolitical tensions and how companies can proactively address these shifts to ensure robust compliance and leverage new opportunities. By looking at past enforcement actions and drawing parallels with the evolution of the FCPA, the episode provides listeners with critical insights into the practical steps for enhancing compliance programs and the importance of staying ahead of regulatory expectations in a rapidly changing global trade environment.

Key highlights:

  • Setting the Stage for Compliance ROI
  • Challenges in Export Controls Compliance
  • Geopolitical Influences on Export Controls
  • Comparing Export Controls to FCPA
  • National Security and Economic Security
  • Solutions and Strategies for Compliance

Resources:

Hughes Hubbard & Reed website

Brent Carlson on Linkedin

Mike Huneke on LinkedIn

A Fresh Look at US Export Controls and Sanctions

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
Daily Compliance News

Daily Compliance News: June 24, 2024 – The LinkedIn Lacks Humor Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Does LinkedIn lack (or even need) humor? (FT)
  • Kaspersky leaders were sanctioned.  (WSJ)
  • The UK’s richest family was found guilty of worker abuse. (BBC)
  • Venezuela is set to join the FAFT Grey List. (Bloomberg)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
10 For 10

10 For 10: Top Compliance Stories For The Week Ending May 25, 2024

Welcome to 10 For 10, the podcast that brings you the week’s top 10 compliance stories in one podcast each week.

Tom Fox, the Voice of Compliance, brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week.

Sit back, and in 10 minutes, hear about the stories every compliance professional should be aware of from the prior week.

Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for compliance professionals, all curated by the Voice of Compliance, Tom Fox.

Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • Can shareholders criticize companies (without being sued)? (WSJ)
  • Brazil Supreme Court throws out Car Wash convictions.(FT)
  • Prosecutorial misconduct eviscerates Fat Leonard convictions.(WaPo)
  • First declination in the export control case. (WSJ)
  • FIFA rolls back ABC reforms.(NYT)
  • Investment advisors must vet customers.(WSJ)
  • Meta faces EU probe over child abuse protections.(WSJ)
  • ABC crusader picked as Vietnam’s next president. (Bloomberg)
  • Prosecutorial misconduct eviscerates Fat Leonard convictions.(WaPo)
  • Fewer meetings, more memos.(FT)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance: Kristy Gets a Diploma

What happens when two top compliance commentators get together? They talk about compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

In this episode, we look at reports suggesting China is strategically relocating forced labor from the Uyghur region to different parts of the country in an attempt to bypass US laws prohibiting goods sourced from areas associated with forced labor.

This could trigger wider limitations on goods originating from China, stressing the necessity for intensive audits and transparency in business operations. This issue has sparked bipartisan concern, hinting at potential upcoming legal actions.

Tom stresses the need for companies to react effectively to reduce risks, possibly through on-the-ground audits and increased accountability in business operations in China. Kristy underscores the need for thorough audits and proactive measures in response to the risks associated with forced labor in China. She raises the possibility of legal consequences for companies found to be misleading about their involvement with forced labor. Both perspectives serve to underline the gravity and complexity of this issue.

 Highlights Include:

  • Can shareholders criticize companies (without being sued)? (WSJ)
  • The Brazilian Supreme Court throws out Car Wash convictions.  (FT)
  • Prosecutorial misconduct eviscerates Fat Leonard convictions.   (WaPo)
  • First declination in the export control case. (WSJ)
  • ABC crusader picked as Vietnam’s next president. (Bloomberg)
  • BMW and Jaguar used banned China parts – US probe – BBC
  • Supreme Court Holds CFPB’s Funding Structure Constitutional – Gibson Dunn –
  • Binance Gets Two Compliance Monitors in Settlements With U.S. Authorities – WSJ
  • How Companies Dodge Tariffs – New York Times –
  • Moment motorist jumps into Florida lake to evade police during 90 mph chase after taking test drive too far – New York Post

Resources:

Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom

Instagram

Facebook

YouTube

Twitter

Categories
All Things Investigations

All Things Investigations: Jan Dunin-Wasowicz and Jeff Nielsen on Export Control and Economic Sanctions: Current Issues and Practice

Welcome to the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group’s podcast, All Things Investigation.

In this podcast, Tom Fox is joined by Jan Dunin-Wasowicz and Jeff Nielson, International Sanctions & Export Controls Lawyers at Rambol, for a deep dive into current issues in export control and economic sanctions.

Jeff Nielsen, an American lawyer with expertise in US and European Union sanctions, currently works at a prominent Danish engineering firm, having transitioned from practicing law in the US to navigating the complexities of international sanctions. Jan​​​​ Dunin‑Wasowicz, a partner at Hughes Hubbard & Reed, is a leading figure in trade sanctions, operating globally out of the Paris office.

Nielsen’s perspective on trade sanctions is shaped by his direct experience with US and European Union regulations, viewing the field as dynamic, challenging, and necessitating an understanding of both legal frameworks and international relations. Similarly, Dunin-Wasowicz emphasizes the industry’s complexity, dynamism, and the importance of staying informed about global affairs to anticipate risks. His work underscores the increasing role of the private sector in dealing with sanctions, highlighting the need for a proactive and adaptable approach to risk assessment in this evolving field.

Key Highlights:

  • Private Sector Role in Evolving Trade Sanctions
  • Dynamic Compliance Strategies in Trade Regulations
  • Sanctions Enforcement Disparity: EU vs US
  • Global Landscape Risk Assessment in Trade Compliance

 Resources:

Hughes Hubbard & Reed website

Jeff Nielsen on LinkedIn

HHR client alert on The Dawn of a New Era for EU Sanctions Enforcement? EU Adopts Directive on the Definition of Criminal Offences and Penalties for the Violation of EU Sanctions

Categories
Daily Compliance News

Daily Compliance News: April 1, 2024 – The Ericsson Released Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen in to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Blog

Boards of Directors in the Era of Sanctions Enforcement

In a recent episode of the podcast ‘All Things Investigations, the discussion centered around directors’ critical role in ensuring legal compliance, particularly in sanctions and export controls. I was joined in this exploration by Mike Huneke, partner at HughesHubbardReed, and Brent Carlson, Director at BRG. Our discussion was based on their blog post on directors’ duty of oversight, which can be found here:  Boards of Directors Lovin’ It after McDonald’s? A Fresh Look at Directors’ Duty of Oversight in the New Era of Sanctions & Export Control Corporate Enforcement.

Our discussion highlighted McDonald’s case from the Delaware Court of Chancery, where the company officers faced lawsuits for neglecting their duties, emphasizing the importance of a dynamic approach from boards and compliance officers to evaluate and enhance compliance programs in response to the evolving geopolitical landscape and increased regulatory enforcement.

While many compliance professionals reviewed McDonald’s for the new duty of oversight created for corporate officers, including Chief Compliance Officers, Huneke and Carlson focused on the duties owed by Directors. For companies engaged in international trade, these actions engage directors’ fiduciary duties. Looking to bellwether Delaware corporate law, Delaware’s Chancery Court recently reiterated in the McDonald’s shareholder litigation that directors’ Caremark duty of oversight is a function of their duty of loyalty.

According to Huneke and Carlson’s article, this case “reinforced the limits of the protections directors would otherwise have if it were instead a function of the duty of care—under both the business judgment rule and “exculpation,” which is the option corporations have to excuse in their articles of incorporation directors’ liability for breaches of their duty of care (but not of loyalty).” Directors’ duty of oversight further requires ensuring that they receive information regarding any “central compliance risks,” not just “mission critical” risks, and that there is an appropriate response to red flags.”

The decision in McDonald’s case underscored the significance of information systems and controls for compliance. It stressed the need for companies to adopt a broader, qualitative view in monitoring export control compliance, with the Department of Justice’s heightened involvement signaling a shift towards a more proactive approach. Key aspects such as oversight, duty of care, and the business judgment rule were highlighted as essential components of board responsibilities and liability.

Board directors were urged to engage with compliance issues actively, ask critical questions, and conduct thorough investigations to fulfill their fiduciary duties. It was emphasized that boards should exercise caution when relying on management reports, proactively address risks, and take necessary actions to prevent potential legal and reputational damage.

From the Board’s perspective, we emphasized the importance of being cautiously skeptical of management’s information, seeking external advice, and taking preventive measures to avoid compliance issues. We also discussed the significance of the duty of oversight, which stems from the duty of loyalty and requires directors to ensure the presence of information systems and controls for informed decision-making and an effective response to red flags.

There is a clear need for board directors, corporate officers, and compliance professionals to stay abreast of the changing landscape of sanctions and export controls. With the Department of Justice’s increased focus on enforcement in this area, organizations must prioritize compliance efforts, seek external guidance, and take proactive steps to mitigate risks and ensure legal adherence.

Huneke and Carlson noted that the court ultimately dismissed plaintiffs’ claims against the directors because, after learning of the red flags, the directors:

  • Obtained detailed oral and written reports from management throughout several meetings dedicated to the red flag identified;
  • Made enhancements to the compliance program, including training and communication;
  • Retained external advisors;
  • Ensured that affiliates (here, franchisees) were included in the enhancements made;
  • Assessed and improved corporate culture and
  • Management involved in the conduct was eventually terminated.

These serve as a road map for the sanctions and export control boards.

Huneke and Carlson concluded their article with the following suggestions:

1) Understand how the world is changing and how those changes impact your business 

Geopolitical risks impact companies in different ways. Analyze potential impact scenarios to arrive at effective oversight approaches. Seek input from a variety of experts. Challenge commonly held assumptions, especially concerning the sufficiency of traditional screening.

2) Continuously ensure that the compliance program identifies and addresses evolving risks

Effective compliance programs evolve as risks change. Make sure management considers the changed enforcement environment when assessing risk. Do not just ask questions—ensure you receive good answers. Avoid solutions that are too clever by half, which can ultimately expose the company to greater risks.

3) Don’t sit on any red flags, and don’t let the management team sit on them either

All kinds of red flags can indeed come out of the blue. Our prior posts provide suggestions for responding to potential evasion effectively and efficiently. Politics (global and domestic) drive regulatory enforcement, and 2024 will be no exception. Now is the time to get ahead of what’s coming. An ounce of prevention is worth a pound of cure.

We concluded the podcast by noting that directors’ duties in sanctions and export controls are paramount in today’s regulatory environment. The pressure will only increase. Boards must be vigilant, proactive, and thorough in their oversight of compliance programs to uphold their fiduciary responsibilities and safeguard their organizations from potential legal and reputational harm. By staying informed, engaging with compliance issues, and taking decisive actions, directors can navigate the complexities of sanctions and export controls effectively.