It comes as a surprise to many that certain activities governed by U.S. export control regulations don’t necessarily involve sending things out of the United States.

And among those who already know this, many believe there are requirements to follow which, in fact, aren’t specified in the rules.

So let’s set the record straight: What types of strictly domestic activities—those taking place within the United States—are affected by the law? And what actions are specifically required?

Domestic activities that count as exports

This category involves situations in which the EAR (Export Administration Regulations) or ITAR (International Traffic in Arms Regulation) regulate certain commercial activity that takes place entirely within the United States—transactions that aren’t exports the way most people conceive of them.

The most common examples revolve around the concept of a foreign person, which means any individual without U.S. citizenship, U.S. permanent residency, or approved refugee/asylum status, and also any entity not organized under U.S. law, according to the very similar ITAR and EAR definitions. Foreign persons include international organizations, foreign governments and their representatives, and nearly all individuals with non-U.S. nationality who are not also U.S. citizens or green card holders.

Deemed exports: In the EAR, the concept of deemed exports (EAR 734.13(a)(2)) is defined as “Releasing or otherwise transferring ‘technology’ or source code (but not object code) to a foreign person in the United States.” This frequently comes up when a foreign national working for a U.S. company needs access to certain technologies to do the job. If any of those technologies are subject to the EAR, then providing that person with access to them is defined as an export and requires authorization. In other words, sharing technology with another person in the U.S. can be considered an export.

The concept also exists in the ITAR, where’s it’s defined in ITAR 120.50(a)(2).

Transfers to foreign diplomats: The ITAR also considers providing defense articles to a foreign embassy or consulate in the United States to be an export. This portion of the definition of export goes farther than the EAR, which regulates deemed exports of technology and software source code, but not this sort of hardware transfer. So any tangible item subject to the ITAR is considered an export when turned over to a foreign diplomatic mission in Washington or elsewhere in the United States.

Spacecraft, aircraft, and ships: What about hardware not destined for a foreign mission? Could a transfer like that be an export subject to control? Yes, though only rarely. If the item is an aircraft, vessel or satellite subject to the ITAR, or certain spacecraft subject to the EAR, a transfer of its registration, control or ownership is an export—even if the vehicle itself stays put.

New call-to-action

Defense services: In another area unique to the ITAR, providing certain forms of assistance to a foreign person is considered a defense service, which is in turn a type of export under the ITAR. As an example, providing training on infantry tactics to a non-U.S. military is an export even if you’re conducting it on U.S. soil, and therefore is subject to the same basic approval processes as, say, shipping cannon rounds overseas.

Domestic activities that require registration

ITAR 122.1 requires any business to register with the Directorate of Defense Trade Controls (DDTC) if it’s involved in the export, manufacture or temporary import of defense articles and services.

This rule can apply to a large number of unsuspecting businesses, such as independent machine shops, software developers and other small operations that have never sold or shipped anything out of the country.

In effect, it can be a one-degree-of-separation rule: If you do work for an entity that engages in exports under the ITAR, you’re quite possibly considered a defense manufacturer, even if you’re only providing one small U.S. Munitions List component of a much larger system which you have no intention of exporting yourself.

This doesn’t mean an export license is necessary to produce that component, but it does involve paying a registration fee and following registration requirements, which is a non-trivial burden that takes many entities by surprise.

Once registered, business operators often wonder if they need to take special actions to protect export-controlled items, such as equipment, components and technology.

Section 122.5 of the ITAR does require DDTC registrants to maintain records “concerning the manufacture, acquisition and disposition … of defense articles; of technical data; the provision of defense services; brokering activities; and information on political contributions, fees, or commissions furnished or obtained….”

It provides some specifics on how long records must be maintained. But it doesn’t dictate what records you need to create or provide many details on how to maintain them. That’s largely left to the judgment of the affected business or entity.

The regulations also don’t say that controlled items need to be segregated and secured separately from things that aren’t subject to export controls. They don’t require barbed-wire fences and cameras, access control points, encryption or other security measures—even though such measures may be well advised. A violation of regulations is deemed to occur when there is an unauthorized export. Whatever security measures may be needed to prevent that from happening are left to the private sector and are not specified in the rules.

Prohibited domestic activities

General Prohibition Ten of the EAR is fundamentally a no-shenanigans rule. It prohibits a number of activities that relate to exporting if there is any reason to believe that a violation of the EAR has or is likely to occur.

So let’s say you don’t export anything ever, but someone comes to you to make a purchase at a domestic location. If you know or suspect they’re going to turn around and send that item to, say, China or Iran without a required license, then simply proceeding with a domestic sale and transfer of the goods could be a violation of General Prohibition Ten.

In addition to this, the Bureau of Industry and Security (BIS), which administers the EAR, sometimes issues denial orders on U.S. or non-US entities, which means:

  1. That denied person is prohibited from participating directly or indirectly in any transaction involving the export of any item subject to the EAR—and may not benefit from any such transaction.
  2. Other entities are prohibited from assisting the denied person in certain ways, including taking “any action that facilitates the acquisition or attempted acquisition by a denied person of the ownership, possession, or control of any item subject to the EAR that has been or will be exported from the United States”. This means that helping a denied person with their exports can be a violation of the EAR in and of itself—again even if you never export anything yourself.

These regulations may seem daunting to small businesses and others who work with exporters but don’t knowingly engage in exports themselves—particularly when they start investigating export regulations on their own.

It makes a strong case why it’s important to screen business relationships against the appropriate restricted party lists (see related post: Understanding the Various Restricted Party Lists), and why even small non-exporting businesses may need to obtain training to develop their own appropriately scaled export compliance processes (see related post: Key Components of an Export Compliance Program).

Contact the Export Compliance Training Institute

Do you have questions about the impact of export regulations on your business? Visit to learn about our company, our faculty, our staff and our esteemed Export Compliance Professional (ECoP®) certification program. To find upcoming e-seminarslive seminars and live webinars and browse our catalog of 80-plus on-demand webinarsvisit our ECTI Academy. You can also call the Export Compliance Training Institute at 540-433-3977 for more information.

Scott Gearity is President of ECTI, Inc.

New call-to-action