2010 Q&A Archive


Have a question?
Submit it now


On the Commercial Invoice for export shipments, is the Shipper's Tax ID required information? Do you have examples of where Freight Forwarders have obtained a shipper's Tax ID number and used it fraudulently?

The EAR and ITAR do not require shipper's Tax ID's to be on commercial invoices, but it is quite possible that import authorities do require this information. I have not heard of a case where a freight forwarder used a shipper's Tax ID number fraudulently.

I work for a company in the UK acting as a broker for a Government customer overseas. The customer wishes to send an ITAR controlled item to the UK via our company for repair in the UK (by a third party) and subsequent return back direct to them [the Government customer] via our company. Please advise what licenses/TAAs etc both parties should have in place before the transaction can take place.

Here are my assumptions. 

-Your customer is a Government but not the US Government.
-Another company in the UK will do the repair.
-You are located in the UK.

You should submit a General Correspondence (GC) letter application describing all of the details of the activity and requesting approval.  If this might happen more than once, you should request approval to do it multiple times.

In fact, DDTC might prefer that your customer or the company doing the repair submit the GC, but nothing in the ITAR says you may not submit the GC.

You did not explain your exact role, so I don't know if you acting as a "broker" as defined and controlled by the ITAR.  Most likely, if you are a freight forwarder and you do the typical freight forwarder job of moving the freight and nothing else, you are not a "broker" as defined by the ITAR and you do not have to register with DDTC.  But that is just my guess because I don't know the details of what you are doing.  If you are a "broker," in addition to registering with DDTC as a "broker" and describe your activities in the GC application.

I am writing to ask if you could recommend some resources for export compliance for U.S. multinational corporations. Specifically, with a focus on Non-U.S. to Non-U.S. transaction between a U.S. parent's Non-U.S. subsidiary and a Non-U.S. customer. I have been able to find plenty of resource for US Export compliance but not as much for these types of transactions.

Our (ECTI's) overseas (US Export Controls on Non-US Transactions) seminar is the best resource I know.  I have not heard of any books or websites that provide information on that.  You also have the option of hiring an export compliance consulting company such as BSG Consulting to give advice on your issues and answer your questions.

We manufacture and/or purchase and re-sell various components such as insulation grommets, bumpers (feet), extruded profiles/tubing, etc. which are not designed for any specific application or customer, and are included in our catalogs and on our Website. Many of our customers are involved in supplying the military and utilizing these parts in their applications (their decision) but yet other customers (most of our customers) utilize them in commercial applications; dual use? The ones with the military applications are insisting that we register under ITAR and the DDTC, etc. as we, being a vendor to them, are now subject to the above regulations. Where do we stand when providing products that can be used in a military weapon/application as well as in a lawn mower, or kitchen blender? Again, these parts are not designed or produced for a specific application or customer.

In most cases the ITAR controls parts specially designed, modified, configured or adapted for military use.  It does not matter what a part will be used in.  The key point is whether it is specially designed, modified, configured or adapted for military use. 

If I buy some screws at a Lowe's hardware store and put them on a missile, the ITAR does not control them.

If I have a 14.25 inch hose for a tractor and I cut it to 14 inches for use on a missile, I just modified it for military use and it is controlled by the ITAR. 

If you manufacture (or export) items controlled by the ITAR, you have to register.

Our foreign customer wants to bring a system in to test ITAR equipment we're building for them. They purchased an ITAR component from another US company and added it to a computer they acquired from England. Without the US component, the computer system is strictly commercial. When they send it into the US, would we be able to clear it using the 126.4(c) exemption since the component that renders it "controlled" is a US origin part? Or how can the item fall under jurisdiction of ITAR, if adding the US component into a foreign makes it a foreign-origin item? Clarification, please.

The item is eligible for 126.4(c).  ITAR 126.4(c), however, applies only to items for official use of US Government in an urgent situation, etc.  So, I am not sure if your transaction meets all of the requirements of 126.4(c) but I can say the item itself is eligible--you can use this exemption only if you also satisfy all of the other requirements.

I work for the procurement organization of an international company with customers and suppliers throughout the world.

We procure a range of parts for civil and military use.

We try to ensure export compliance by requesting the export classification from our suppliers (through an original signed declaration) for every procured part, regardless of the nature of the part (Raw Material, Standard / Norm Part, Equipment, Civil intent, Military intent, etc).

Due to process gaps (now corrected), we have been left with a significant back-log of missing classifications, which cannot be managed with internal resources and associated blocked shipments.

We are faced with the costly choice of contracting a 3rd part to request the missing classifications.

Prior to launching such an initiative, I am questioning whether our understanding of the regulation is correct and if there is a lean way of recovering the back-log of missing classifications, perhaps through self-classification?

Any advice or tips you can provide would be greatly appreciated.

I am not sure what "understanding of the regulation" you are talking about.  Before you export an item, it is prudent to classify it so you know if there are export restrictions on it.  The regulations allow any person to classify items.  It is prudent to use a person who understands the regulations to do classifications.

If you export the item you are responsible for compliance on that export.  If you use an EAR99 classification and export an item as No License Required when it really is 7A001 and requires and export license, that is your violation regardless of whether you got the inaccurate classification from the manufacturer, from me, or from yourself.

When we do classifications for companies, we are often able to take a list of 10,000 items, for example, and quickly classify the vast majority of the items and then focus on the more complex or difficult classifications.  So, if you have a good understanding of the control list, then you should be able to work through most items quickly.  Of course, I have no idea what items you need to classify so I am only talking about generalities.

(Some companies choose to use a consultant to help them on a classification project as an adviser but not as the person who does all the work.)

Lastly, you said you have a backlog of items to be classified, and you implied you have limited resources.  I would focus my efforts on classifying things that you need to export in the near future.  I would not spend resources classifying anything unless you are going to export it.

If a company in the US has foreign ownership, is the company subject to the export compliance laws of that foreign country? For instance, if US law shows that the product can be exported to the foreign country without license but the laws of the foreign country shows a license requirement is the US-based entity allowed to export from the US?

Your question is "How do other countries restrict the activities of their home country companies' subsidiaries located in the United States?"  We would have to know the laws of every country in the world to be able to answer this question because each country has the right to do it differently. 

That said, I have not heard of any other county that imposes strict controls on the export activities of their home country companies' subsidiaries located in the United States.  But, I cannot give any advice on the laws and regulations of other countries.

Have you seen any updates on BAE Systems Limited debarment and what that means for the US Subsidiaries? I have searched the Federal Register and have not found an update. Do you have any recommendations on how to search the Federal Register when looking for something specific with out the document number? Any other locations that would be good to check?

DDTC has not issued an update on the status of BAE.  I recommend you regularly check the DDTC website for updates instead of searching the Federal Register--I don't have any expertise on how to search the Federal Register online.

Concerning GPS devices. We have employees who conduct flight training in Iraq and need GPS devices. Exporting is new to us, so the employee helping with this told the Program Manager's that we needed to have a license, but the supplier said that particular model did not. Is that sufficient to go by the supplier's word or what should we have done? Does your training address and help clarify these type questions?

Most GPS units do not require export licenses but some do.  It depends on the performance capabilities of the unit.

If you export the GPS units, you are responsible for compliance. If the manufacturer, your lawyer, or I tell you that a license is not required and you export it without a license, you are responsible.  If a license actually was required, it would have been your illegal export.  If you got advice from a reliable source, that might mitigate against serious penalties.

That said, some manufacturers are good sources of classification information, and some aren't't, so we don't know whether you got good advice. 

Our seminars would teach you the key things about US export control regulations and how they impact your business.

We are a Canadian company, owned by an American individual. We are shipping a part which was made in Canada to Belarus (which is on the Canadian & U.S. sanctions lists). Because we are technically U.S. owned, should we apply for an Export Permit from the Dept. of Commerce (BIS). The part is a hand control used on cobalt-60 cancer treatment machines.

The answer depends at least on the percentage of controlled US content in the Canadian made device and the ECCN of the Canadian item; and the end use of the items, and end user, and whether any party involved in the transaction is on any US government restricted parties list.  There is no automatic requirement for a US license just because Belarus is involved.

What if any approved software packages are available for the transfer of ITAR controlled documents say between the UK and U.S.A.?

The ITAR has no requirements regarding what software you use to export ITAR documents. So it is up to your company to decide what to use because there is no ITAR approved software.

We have some individuals that will be traveling to China on commercial business.  These individuals are planning on taking their laptops for commercial business work.  I told my boss that if someone from the US sends an email that has ITAR data to the US person in China, than an export violation has occurred or if the US person in China has some ITAR data on their hard drive than a violation has occurred. I told my boss that it did not matter that their computers are all under encryption.

My boss shared that it is not a deemed export since this was in the US persons laptop and not disclosed to a Foreign Person. He shared that these same issues could occur with blackberries and that we are covered under exemption 125.4(b)(9) as long as we do not share this information.

It is not a deemed export. But it is a regular export of ITAR technical data which applies to sending or taking tech data out of the US. Nothing in the definition of export says if a US person in China possesses or receives the data it is not an export.

A deemed export/reexport/retransfer would occur if somebody gave the data to a Chinese person.

And since China is in 126.1 you may not use the exemption mentioned.

And nothing in the ITAR says the rules are different if you encrypt the data.

So you are right.

And your boss actually is right that it is not a deemed export but is an ITAR controlled regular export

I work for a company that recently registered with the DDTC as a condition of a subcontract, and I am unsure as to what exactly our responsibilities are. All of our customers are in the US, and we do not send any materials overseas. The contract only requires that we are registered and have "effective measures to prevent unauthorized export" of materials. I suppose my ultimate questions is, what is required by law of a company that is registered with the DDTC, but does not, and is not likely to, send or receive materials to/from individuals abroad?

ITAR Part 122 requires registration for any company who manufactures or exports defense articles (which generally are items on the US Munitions List).  So if you manufacture/create hardware, software or technical data that is a defense article you must register, even if you never export.

ITAR 120 has a broad definition of export.  For example, export includes:

  • Shipping some parts to Mexico
  • Sending an email containing technical data to your own engineer who is in a hotel in London
  • Allowing foreign locations to have access to technical data or software on a server
  • Allowing foreign persons in the United States (e.g., your engineer who has a US work visa) to have access to technical data or source code in the United States

That is just a list of examples of things that you might do that are ITAR exports and that usually require an export license before you do them, or instead of getting an export license, you implement procedures to make sure you don't do any of them.

It is difficult in a short answer to tell you everything that you might do that could be an ITAR issue, just like if you asked, "I made $100,000 this year, how much taxes must I pay?"  I tried to point out some things that could be issues, but to comply with the ITAR you or somebody in your company should probably either study the ITAR on your own or attend an ITAR seminar--of course, the Export Compliance Training Institute offers an excellent ITAR seminar that will bring you up to speed on ITAR requirements and give you ideas for procedures you can put in place to comply with the ITAR as it impacts your company.

Do we have to be majority American owned to be classified as an American business?

Well, there probably are quite a few definitions of American business that you will have to deal with.  The ITAR defines the term " US person":

§ 120.15 U.S. person.  U.S. person means a person (as defined in §120.14 of this part) who is a lawful permanent resident as defined by 8 U.S.C. 1101(a)(20) or who is a protected individual as defined by 8 U.S.C. 1324b a)(3). It also means any corporation, business association, partnership, society, trust, or any other entity, organization or group that is incorporated to do business in the United States. It also includes any governmental (federal, state or local) entity. It does not include any foreign person as defined in §120.16 of this part.

If we are not majority American owned, will this affect how we approach prime defense contractors (potential customers) and/or their responsibility for placing us on a TAA?

Ownership does not determine US person status.  If you are incorporated in the US, you are a US person even if 100% foreign owned.

Can we apply for a facility clearance if we are not majority American owned?

Outside of the scope of export control regs.

If we want to directly bid on defense contracts within in the USA, will NOT being an American owned company have an affect on our bidding capabilities?

Outside of the scope of export control regs.

I am a company that is subject to ITAR regulations. I am implementing a support model that is central: the maintenance of my servers would be ensured from a administration location in Central Europe.

In order to comply with 124 in the Office of Munitions Control i am considering encrypting the zones of my servers that hold ITAR information specifically 124.13(b) would allow the administrators team to execute server maintenance tasks while preserving from disclosing 'the details of the design, development, production or manufacture of defense articles.

I am not sure if I understand your question or situation.  But I think you are not understanding the ITAR correctly. 

If you have ITAR data on your server, you may not transfer it to any other party without authorization from DDTC in the US Department of State. 

If you allow another party to access ITAR data on your server, that is a transfer.  If you encrypt the ITAR data and allow another party to access the encrypted ITAR data, that is a transfer.  Both such transfers require authorization from DDTC in most cases.

What is the difference between MIl-Specs and ITAR specs? The Navy buys products that have to be made to a certain MIL-Spec. Does that make the product ITAR controlled if its going to be used in a military application or defense article?

MIL Specs and ITAR specs exist independently and are not always closely related.  ITAR specs is not even an-ITAR defined term. 

The key is you do not rely upon a MIL spec to determine if an item is controlled by the ITAR.  Generally speaking, to determine if an item is controlled by the ITAR, you look at the US Munitions List (USML) in the ITAR and see if it describes your item.  If the USML catches your item, it is controlled by the ITAR regardless of whether it is made to a MIL spec. 

For example:

--There may be a MIL spec for dog food, but the ITAR does not control that dog food.

--The ITAR controls a hose connector specially designed or modified for a battle tank even if the hose is not

The USML names certain things it controls (e.g., Category XV controls satellites that send football games to your TV) and the ITAR controls things because they are designed or modified for an item named on the USML (for example, Category VII controls battle tanks, and paragraph (g) in Category VII controls any part, component, etc. specifically designed or modified for battle tanks, which means it controls a hose connector designed or modified for a battle tank).

Furthermore, the end use of an item does not matter so much when you determine if the ITAR controls it. If the navy is going to use a standard screw designed for hundreds of commercial products, it is not on the USML.  If a farmer wants to use a machine gun to protect his sheep, the machine gun is still on the USML.

There is no short cut or substitute for looking to see if your items is on the USML.  So, get the details of the item you are interested in and open the USML.

Please advice me the importance of compliance with export control and their responsibility.

There are a wide range of reasons it is important to comply with US export and trade controls.  The first might be that the US Government may impose serious penalties on companies and persons who violate the US rules.  The most serious penalty is that the US Government may put your company and its affiliates on the US Denied Persons List (DPL).  US entities on the DPL may not export any items.  Entities who are outside the US and on the DPL may not receive any items and they may not receive US items from locations outside the United States.  The DPL often is referred to as the death penalty

The lesser penalties include multi-million dollar fines, imprisonment, and becoming ineligible to sell to the US Government.

We are a UK precision engineering company, we offer design and manufacture services for both commercial and military aircraft tooling i.e. Assembly jigs fixtures ground support equipment. We are a 1st tier supplier to BAE Systems and we manufacture tooling for the JSF program. Our ITAR compliance is on the back of this, we have not got individual ITAR compliance. Our sales director has made inroads into the USA and has received inquiries from a potential US customer, they are requesting that we get ITAR compliance. The product will most likely be designed in the US and manufactured here in the UK for export back to the US. I cannot find any resources to give me a clear and uncluttered path to gain this ITAR compliance. Can you suggest any resources, or the process involved in becoming ITAR compliant.

By "ITAR compliant" I assume you mean you are looking to put in place procedures and processes in your company so you will comply with the ITAR. 

The ITAR is a complex set of regulations.  As a starter, I would suggest you consider getting some expert training on the ITAR itself and how it applies to companies outside of the United States.  And, of course, I recommend you attend the ECTI seminar in Amsterdam on 12-15 October, 2010: http://learnexportcompliance.com/amsterdam2010 or another ECTI seminar.  The ECTI seminars held outside of the United States are customized for companies outside of the United States.

DDTC is the US regulatory entity for the ITAR and it has a pretty good website where you can find various information:  www.pmddtc.state.gov.  More specifically DDTC has some compliance program guidelines at http://www.pmddtc.state.gov/compliance/documents/compliance_programs.pdf.  Unfortunately, these guidelines are written for companies in the US so they do not always address the issues you face outside of the US.

Lastly, if you have compliance procedures in your company for complying with UK export controls, you may find some of those may be adapted for ITAR compliance.  Note, however, that compliance with UK controls is not a substitute for complying with the ITAR just as complying with the ITAR is not a substitute for complying with UK export controls.  Some activities may be subject to both rules.

Good luck!

My company will be building defense articles for a foreign company using their build-to-print drawings. We will need to certify that we have met their dimension requirements - will we need a TAA to share the dimensional certification report? We will also perform testing on the materials to be used in the manufacture of the parts. Do we need a TAA to share the testing results of material (metals to be used in manufacture)?

Without knowing exactly what information is in the report and the results, I cannot say for sure that you need a TAA or DSP-5 for the documents themselves.  Based on my experience, however, it is likely that you need a TAA in any event because doing the testing for the foreign party likely falls within the definition of "defense service" (part of the definition is below).  Based on my experience, there is a good chance those documents contain technical data. 

Your can get a TAA that covers the defense services and technical data.

§ 120.9 Defense service.
(a) Defense service means: (1) The furnishing of assistance (including training) to foreign persons, whether in the United States or abroad in the design, development, engineering, manufacture, production, assembly, testing, repair, maintenance, modification, operation, demilitarization, destruction, processing or use of defense articles;  ...

I have one question as to the Syria embargo. Does the pure fact that a US-person or US-company is involved in a transactions with Syria constitute the obligation for a license (assumed that the goods are not of US-origin, have no US-components and no blocked parties are involved)?

If yes, where does it say in the regulations, there is a license required?

The US export/reexport ban on Syria is not a comprehensive embargo in the same sense as the US embargoes on Cuba, Iran and Sudan. The US sanctions on Syria apply mainly to items subject to US jurisdiction, rather than mere participation or facilitation by US persons (individual or company) in a transaction with Syria. In other words, US persons may in some cases involve themselves transactions with Syria in a way that might be prohibited with Cuba, Iran or Sudan.

In your example, the goods are (1) of non-US origin, (2) have no US content and (3) are not a direct product of US technology. The reexport of such goods from Germany to Syria is not subject to US reexport control jurisdiction. The involvement of a US person in such a transaction generally would not trigger a license requirement except in uncommon circumstances, including:

(1) A party to the transaction is on the Office of Foreign Assets Control's list of Specially Designated Nationals (SDN) or a party on the SDN List has a controlling interest in a party to the transaction.

(2) The involvement of the US person is related to one of the sensitive activities (e.g. missile development in certain countries) described in EAR 744.6.

(3) The transaction in some way violates General Prohibition 10 of the EAR. An example of this might be if the shipment from Germany contained spare parts for a piece of US-origin equipment which was unlawfully shipped to Syria at an earlier date. (EAR 736.2(b)(10))

We are a trading company in the U.S. and are interested in shipping from Yemen to the Caribbean. Are there restrictions?

Maybe not, but this is an open ended question so it is hard to tell. The answer depends on the items involved, the parties involved, the end-use of the items and whether other countries are involved.

We are a manufacturing company in the U.S. and are interested in shipping from the U.S. to Cuba. Are there restrictions?

Yes. Nearly all products are restricted and require an export license. The US Government generally will deny all licenses with a few exceptions such as food, agricultural items, medicines.

My company makes parts for aircraft engines (hot section). My understanding is that if an engine is FAA certified that the engine and all it parts are no longer ITAR controlled. Is this correct?

That is not necessarily true.  It depends primarily on which paragraph in Category VIII of the USML controls your items. 

There is a note to Category VIII(h) that applies the principal you mentioned to items controlled by VIII(h). 

Unfortunately, many hot section engine components are controlled in VIII(b) and are Significant Military Equipment (SME) and the note I mentioned does not apply to SME.  You can always request a Commodity Jurisdiction (CJ) from DDTC for your components with the hope of getting DDTC to give you a ruling that it does not want to control you items on the USML--good luck.

We have determined that all of our non- ITAR products fit under the EAR99 classification. You had mentioned that even if the product falls under EAR99 you may still need a license. How do I determine what requirement code (NS, MT etc) to use when looking up the country?

You do not use reason for control codes/columns such as NS2 for EAR99.  EAR99 is eligible for NLR for all countries except the embargoed/restricted countries which currently are Cuba, Iran, Sudan, Syria and North Korea.  In addition, you may not use NLR for any country for EAR99 items if there is a catch all control that applies to the activity.

I am a UK citizen, living and working in the UK. I have recently started my own limited company, Coldharbour (registered in the UK), in order that I can contract directly to a US Defense company as a Sales, Marketing and BD person for Europe and the Middle East. The company in question tells me that I must register with DDTC as a broker in order for them to raise the necessary export licenses (DSP-5 and, eventually, a TAA). My question is, do I really need to register?

The ITAR "brokering" regulations are clearly unclear on many points.  But, I suspect that if you asked the US State Department Directorate for Defense Trade Controls, you would be told you should register as a broker. The ITAR brokering regs say a broker is someone who asks on behalf of another person to facilitate the sale, transfer or manufacture of a "defense article."   I suspect at least some of the items you will be selling for the US defense company are US "defense articles." So, yes, it looks like registration as a broker is the prudent course at this time. 

Once you register, there are certain actions you may not be involved in without prior written DDTC approval and other actions for which you are required to notify DDTC.  In addition, you have to file an annual brokering activities report with DDTC.

(But, don't worry, DDTC has long been saying it is going to change its brokering regs.)