How does the Bureau of Industry and Security (BIS) enforce U.S. export controls? And what are the ‘red flags’ exporters should look out for? At the 12th annual ACAMS MENA event, we spoke to Craig Phildius, BIS Regional Export Control Officer based at the US Consulate in Istanbul, to learn more about the agency’s work.

U.S. exporters are expected to track their products from cradle to grave – from the manufacturing facility in the U.S. to the end users, wherever they are in the world. This is particularly important when exports are heading to the MENA region, which includes several heavily-sanctioned countries such as Iran, Syria, Iraq, Libya and Yemen.

Responsibility for ensuring U.S. policy is followed, and for licensing and investigating exports of U.S.-origin items, falls to the Bureau of Industry and Security (BIS). BIS is a powerful institution, in charge of implementing and enforcing the Export Administration Regulations (EAR). As part of its export enforcement mandate, BIS completed 31 enforcement actions in 2020, issuing more than $32m in civil penalties and resulting in the criminal conviction of 36 individuals and companies for export violations.

To carry out its important missions, BIS has deployed an end-user monitoring program, with officers such as Craig based overseas and performing regular post-shipment verification, as well as pre-license checks on the field, directly engaging with foreign companies due to receive exported goods. BIS carried out 987 checks in 37 countries in 2020, 913 of which were for post-shipment verification. U.S. companies that ship to the MENA region need to take due diligence very seriously, says Craig, and ‘go the extra mile’ to make sure that the end use and end user of their product makes sense and is legitimate.

While the Bureau expects exporters to take extra care, it also understands that it’s not always possible to know if someone at the other end of a transaction is telling the truth. ‘Due diligence is not a perfect practice, but we expect companies to carry out the basic checks,’ said Craig. ‘We ask you to make an effort. Make a concerted effort to know and screen your customer – check that they are who they claim to be, and that they don’t appear on a sanctions list – and ask for an end user certificate.’

BIS lists

Among the list of sensitive items placed on the Commerce Control List (CCL), BIS pays close attention to certain exports destined for the MENA region, including centrifuges and pumps (because some could be used in nuclear facilities), aircraft parts, guns and ammunition. Certain cybersecurity items and software are also a growing area of interest, carrying their own export controls challenges.

On top of the items listed on the CCL, BIS also maintains four lists of individuals and entities that are subject to export restrictions; these lists are constantly changing and should be the starting point for due diligence:

  • Entity List – Non-U.S. parties that are restricted from receiving some or all items subject to the EAR unless the exporter secures a license. However, BIS typically applies a presumption of denial for such license applications. 279 entities were named on this list in 2020, 70% of which are based in China, Russia, The UAE, Iran, Pakistan, or Hong Kong.
  • Denied Parties List – US individuals or companies are not allowed to participate in an export transaction with any person or entity named on this list.
  • Unverified List – Non-US entities that could not be verified for a variety of reasons. It may still be possible to ship to entities named on this list, subject to a license from BIS, however exporters are taking a risk in doing so and should be extra vigilant.
  • Military End User List – This is a relatively new list, which identifies entities that are known to be affiliated with the military in certain countries (China, Russia, Venezuela and Burma). Shipping to these entities requires a license which could be denied on application.

Red flags

As well as checking BIS lists, exporters should also play close attention to more general warning signs, says Craig.
One of the most significant warning signs is when an exported good does not match the business of the recipient or end user. ‘I’ve seen one example where a tour company based in Armenia ordered a sophisticated thermal camera from a US manufacturer,’ said Craig. ‘There was no reason why a tour company would need such a thing. When I visited the company, they said that after they had conducted a tour for Iranian tourists one day, one of the group had asked if he could use their address for delivery. Someone had clearly dropped the ball. Why did the tour company let a stranger use their address? And what questions did the US exporter ask?’

Other common ‘red flags’ are:

  • The end user is a freight forwarding company or general trading company.
  • The customer uses a Hotmail, Gmail or Yahoo account.
  • The requested shipping route doesn’t make sense – for example, the route is indirect or includes several stop-off points.
  • The customer is evasive – perhaps unwilling to sign an end user certificate or doesn’t want to tell you who the end user is.

Be serious about risk assessment

There are a number of elements to good compliance, including a risk assessment process, due diligence, and screening. An organizational culture of compliance, irrespective of the size of the company, is also important. Craig stressed that the aim of BIS is not to make trade between the US and MENA more difficult, but to make it safe. ‘What we are concerned about is the people who are cutting corners,’ he concluded. ‘We don’t want to prevent trade, we just want companies to do it in the right way. Take risk assessment seriously and you’ll be fine.’

To learn more about how LexisNexis® can help companies efficiently and effectively screen clients and meet sanctions obligations worldwide, contact us.