ITAR/EAR 12 Compliance Steps

Mondaq recently published an article by Gregory Husisian about the twelve compliance steps every multi-national corporation should undertake in light of recent Trump administration enforcement activity.

Over the last month, regulators with the Trump administration sent a loud message to companies subject to US jurisdiction: Enforcement of laws governing international activities is alive and well and the laws will continue to be enforced with vigor.

Companies that are subject to US jurisdiction – whether they are located within the United States or otherwise subject to US jurisdiction – need to evaluate whether their compliance measures are sufficient to detect and halt potential violations of US regulations, including export control regulations such as the International Traffic in Arms Regulation (ITAR) and the Export Administration Regulations (EAR).

In light of these developments, Mondaq has issued a client alert that summarises the most recent enforcement activity as well as the steps that can be taken to identify and mitigate the risk of costly enforcement action. The link below will take you to the full article but Goal would like to highlight Step 8: Training, Training, Training and Step 10: Auditing and Checkups in this article.

Stated in Step 8 Training, Training, Training: “The importance of training as the foundation of compliance is widely acknowledged. Even the Sentencing Guidelines, which concisely focus on the basics of an effective compliance program, call out training for special attention. The Sentencing Guidelines commentary states that the “organization shall take reasonable steps to communicate periodically and in a practical manner its standards and procedures, and other aspects of the compliance and ethics program, to the [relevant] individuals…by conducting effective training programs and otherwise disseminating information appropriate to such individuals’ respective roles and responsibilities.”

“Training should occur for all new employees and annually for appropriate long time employees. Because no firm’s work force is static, the program should include automatic steps to ensure compliance materials are distributed to personnel at the time of hire or when personnel are transferred or promoted into relevant positions that require training.”

Goal can provide cost effective training via eLearning for new employees that can be incorporated into a company’s standard induction processes. This eLearning is suitable for anyone new to ITAR and EAR and as an annual refresher. Goal also provides face-to-face training that provides a comprehensive overview of Australian export controls, ITAR and EAR. Both the eLearning and face-to-face training can be tailored to your specific needs including industry specific examples, terminology and reporting hierarchy.

Stated in Step 10 Auditing and Checkups: “It is difficult to have a strong compliance program unless it is regularly tested, probed, and analyzed. Stated differently, it is not enough to create a good compliance program and then let it run unattended, at least for high-risk areas. Companies should monitor compliance by direct observation, by supervising the program, and by testing the controls. One increasingly common way of ensuring the last element is to conduct regular compliance audits”.

While internal audits and checkups are commendable, there are drawbacks to reviewing your own processes as assumptions can be made or issues not given the appropriate level of concern. A third party audit will look at your processes with ‘fresh eyes’, no pre-conceived ideas and no agenda other than to ensure your compliance. At the completion of the audit, Goal will provide a report with recommendations and can offer assistance to implement these recommendations if required.

The twelve recommended steps for compliance are:

Step 1: Secure Buy-In at the Top
Step 2: Perform a Risk Assessment
Step 3: Survey Current Controls
Step 4: Identify Available Resources
Step 5: Assess Local Oversight
Step 6: Create a Written Compliance Policy
Step 7: Establish Internal Controls
Step 8: Training, Training, Training
Step 9: Integrate Outsiders
Step 10: Auditing and Checkups
Step 11: Monitor Red Flags
Step 12: Communicate with Board & Senior Management

For more detail on each of the Steps and to read the full article click here