330 likes | 667 Views
Defense Trade Compliance Glenn E. Smith Chief, Enforcement Division Office of Defense Trade Controls Compliance “Partnering for Compliance” East Coast Conference February 23-25, 2011 Orlando, Florida. Presentation Topics. Organization of Compliance at State Civil Enforcement Trends
E N D
Defense Trade Compliance Glenn E. Smith Chief, Enforcement Division Office of Defense Trade Controls Compliance “Partnering for Compliance” East Coast Conference February 23-25, 2011 Orlando, Florida
Presentation Topics • Organization of Compliance at State • Civil Enforcement Trends • Consent Agreements • Voluntary Disclosures • Compliance Tips • How Industry can Assist
Organization of Compliance at State Greg Slavens ICE Liaison Orlando Odom FBI Liaison Lisa Studtmann, Director Daniel Buzby, Deputy Director • Compliance & Registration • Division • Dan Cook, Chief • Registration of manufacturers, • exporters & brokers • Company Mergers & • Acquisitions • Company Visit Program • Consent Agreement • Monitoring • PM lead on CFIUS • Enforcement Division • Glenn Smith, Chief • Voluntary & directed • disclosures • Civil enforcement actions: • charging letters & consent • agreements, policies of denial, • debarments, transaction • exceptions and reinstatements • Support to the law enforcement • community for criminal • enforcement • Research & Analysis Division • Ed Peartree, Chief • ‘Blue Lantern’ end-use • monitoring program • Watch List screening & • maintenance • Compliance Report • Intelligence research projects • AECA Section 3 reports to • Congress
Civil Enforcement Trends (FY10)Voluntary Disclosures • Over 1200 voluntary disclosures of civil violations by industry • Rate consistent with 2009 figures . 10% increase from FY08 and over a 100% increase from FY06 • industry more focused on compliance and willing to disclose • industry establishing internal auditing-but additional focus is needed • “due diligence” as part of mergers & acquisitions • effect of consent agreements & fines • expansion of USG compliance education & outreach efforts • “Company Visit Program” – DDTC • “Project Shield America” – DHS/ICE • “Domain Program” – FBI
Civil Enforcement Trends (FY10)Directed Disclosures • 58 directed disclosures issued by DTCC • Approximately half of 2009 figures. • disclosures increasingly more focused and remedial actions imposed • better to disclose voluntarily than under direction
Civil Enforcement Trends (FY10)Disclosure Violations • Nature or pattern of violations appears not to have changed from previous years: • unauthorized export of hardware, data or services • exceeding scope of license approval • foreign person employment (you and your sub-contractors) • improper use of exemptions • exceeding dollar value of agreements (TAAs and MLAs) • violating provisos and other conditions of approval • misclassification of hardware/technical data
Civil Enforcement - Disclosure Review • Harm to U.S. foreign policy or national security • Adherence to law, regulations and DDTC’s licensing and compliance policies • Severity of violation (minor or substantive, procedural or judgmental, once or repeated, unique or systemic) • Company’s approach & commitment to compliance • Implementation of remedial measures • Improvement of company’s compliance program
Civil Enforcement What violations prompt civil penalties? • Harm to U.S. National Security or Foreign Policy Interests • Undermine the integrity of the legal and regulatory system
Civil Enforcement Trends (FY10) Consent Agreements Consent Agreements - Since 2003 • 25 consent agreements • Fines over $180 million • Remedial Measures • Reporting and Oversight
Causes of Violations • Compliance program is not well established. • Program lacks organization and oversight. • Insufficient resources (human and financial) to insure effective compliance. • Training not systemic or tailored. • No internal audit or periodic review to assess program.
Causes of Violations • Record-keeping of all elements of defense trade activity is insufficient or not centralized to track activity from beginning to end. • Program has not evolved to account for change or growth in company’s regulated business activity (e.g., mergers & acquisitions). • Compliance program is outdated and does not reflect current regulations and relevant procedures.
Fines & Penalties Civil Violations of the AECA & ITAR • $500,000 for each violation • Extra compliance measures • Debarment (Remember: Successor liability applies after merger/acquisition.) Criminal Violations of the AECA & ITAR • $1 million for each violation • 20 years imprisonment (see latest Iranian Sanctions Legislation) Increase from 10 to 20 years • Debarment
Consent AgreementsViolations Charged Common Violations in Consent Agreements • Omissions of material facts and false statements • Unauthorized exports of articles and services • Violating terms of an authorization • Classified exports in violation of the ITAR • Record-keeping • Unauthorized Proposals to §126.1 countries • Misclassification of hardware and technical data
Consent AgreementsLessons Learned What drives these violations? • Lack of corporate commitment • Insufficient ITAR training • Unclear policies/procedures • Poor record keeping/tracking systems • Insufficient resources • Poor or non-existing audit procedures • Lax security – IT and classified handling Understanding the root causes of a violation is key to preventing future violations!
Voluntary Disclosure: Areas of Increased Attention Voluntary Disclosures • Who was involved and how were decisions made. (Key focus for DTCC.) • Provide the who, what, when and how. • Follow ITAR §127.12(c)(2) and provide all the required information. • DTCC is as concerned about how a violation occurred as well as that it happened. • Use of passive voice and vague descriptions do not satisfy disclosure requirements in the ITAR.
Voluntary Disclosure: Areas of Increased Attention Voluntary Disclosures • Corrective actions implemented or to be implemented to ensure the violations do not occur again. • Provide copies of manuals and or procedures. • Provide evidence of training. • Provide evidence that procedures are being implemented effectively.
Voluntary Disclosure: Areas of Increased Attention Remember: • Technology derived from U.S. technology remains controlled under the ITAR. • Disclosures involving repeat violations where “remediation” already claimed to have been implemented needs explanation. • Disclosures are not data dumps – submissions should be organized and tell the story.
Key Elements of Compliance Manual Internal compliance document should address: • Organizational structure • Resources dedicated to export control • Contracts/marketing screening • Non-U.S. person employment • Physical security of the ITAR facility • Network security • License preparation • Use of exemptions • Foreign travel • 10. Foreign visitors • 11. Record keeping • 12. Reporting • 13. License maintenance • 14. Actual shipping processes • 15. ITAR training • 16. Internal monitoring and • audits • 17. Voluntary disclosures and discovery of export violations • 18. Violations and penalties
Compliance Tips • Establish senior level commitment to strict adherence to all export control laws and regulations • Establish and maintain and effective export compliance program • Involve all elements of the business – legal, marketing, travel, personnel, etc… all play a role • Establish a “culture of compliance” to ensure these procedures are followed
Compliance Tips • Self-audit to identify problems and correct weaknesses • Keep your program up to date with regulatory changes and changes in your business • Establish training requirements tailored to job responsibilities and risk • Recognize that there are no shortcuts • Network with others in the industry to learn from them
Compliance Tips • Establish Clear and Open Communication with Partners • Before and After License Approvals: • Ensure complete and accurate information • Ensure changes in use/retransfers are authorized • Understand limitations of authorizations • Due diligence on foreign parties is not difficult • Identify and resolve “warning flags” before submitting • application • Knowing your foreign parties is in your best interest
Compliance Tips • An inventory control system to track whereabouts of • defense articles through final delivery • Remind and educate the end-user of their obligations under the ITAR • Notify the State Department if you receive derogatory information on end-user or foreign consignees after license approval
Compliance Tips • Vet parties using public lists of the regulatory agencies: State, Commerce, and OFAC. Refer to the Excluded Parties List System administered by the General Services Administration • Enhance IT security. Prevent cyber attacks by implementing the appropriate encryption and firewall systems. Report events to DTCC in voluntary disclosure
Management Should Remember • The importance of export compliance to our national security and foreign policy interest is great • Enforcement is improving - more information on violations coming in as leads and tips have grown • Government’s ability to investigate and use information is improving – cooperation is real. • Claims of ignorance or surprise at violations is harder to argue with any credibility. • Strict liability applies - a heavy burden and cost when not done correctly. Licensor is responsible for nearly all aspects of export transactions.
How Industry Can Assist Enforcement Efforts • Good compliance means self-enforcement • Industry has more eyes and ears available to uncover suspected violations • Industry has greater access to useful information regarding compliance issues • Industry has been instrumental in sensitizing and educating suppliers and vendors • Willingness by industry to share and publish best practices with other members of the community
Why Share Information with DTCC • It’s the right thing to do • To protect and secure our national security • Maintain level playing field and prevent unfair advantage • Protect proprietary information and maintain competitive technology lead
How Leads and Information are Provided to DTCC • Phone calls • Letters (to include anonymous) • Emails • Fax • Conversations (including conferences) • Hand written note on 3x5 cards
How is the Information Used? • Used within DTCC to support administrative/civil investigations • If warranted, we will share with DHS/ICE, FBI or the Department of Justice for potential criminal investigation or intelligence reporting.
How is the Information Handled? How is the information handled? -We will only share internally within the U.S. Government.
Examples of Leads Provided to DTCC • Fabrication of TAA and approval letter. • Deliberately deleting export control statement and company logo on technical drawings-then exporting w/o authorization. • Deliberately allowing foreign persons access to facility, technical data and exporting hardware w/o a license. • Deliberately conducting technical discussions with foreign person while license was pending with DDTC. • Competitor shipping identical hardware to proscribed destination.
Leads, tips or questionson compliance and enforcement • Glenn Smith Chief, Enforcement Division 202-632-2799
Suggested Reading • Arms Export Control Act (AECA), Sections 38-40 (22 U.S.C. 2778-2780) (P.L. 90-629) • International Traffic in Arms Regulations (22 CFR 120-130) • Definitions 120 • U.S. Munitions List 121 • Registration 122 • Licenses 123 • Agreements 124 • Technical Data 125 • Policies & Provisions 126 • Compliance 127 & 128 • Brokering 129 • Contributions, Fees & 130 Commissions • DDTC’s website: www.pmddtc.state.gov
Useful Information • U.S. Department of State • Directorate of Defense Trade Controls • Website: • www.pmddtc.state.gov • Response Team Telephone Number: • 202-663-1282 • Response Team E-mail: • DDTCResponseTeam@state.gov