On July 26, 2023, the U.S. Departments of Commerce, Justice and Treasury issued a “Tri-Seal” Compliance Note (the “Tri-Seal Note”) regarding national security laws and regulations and the voluntary self-disclosure (“VSD”) of potential violations, highlighting similarities and differences in agency positions. This note builds upon the prior joint enforcement activities of the agencies to address compliance with export controls, sanctions, anti-money laundering and other national security laws and regulations.
On the same day, Assistant Secretary for Export Enforcement at Commerce Matthew S. Axelrod made prepared remarks to the Society for International Affairs Summer Back to Basics Conference. In his remarks, Assistant Secretary Axelrod summarized the efforts made by the Department of Commerce’s Bureau of Industry and Security (“BIS”) to strengthen its partnership within the U.S. government, with foreign governments, and with industry stakeholders. This coordination: (i) led to the formation of additional partnerships between BIS and the Department of Justice (“DOJ”) and the Department of the Treasury (“Treasury”), including the Office of Foreign Assets Control (“OFAC”) and the Financial Crimes Enforcement Network ("FinCEN”); (ii) led to the creation of new enforcement mechanisms, primarily targeting Russia with like-minded countries; and (iii) further enhanced outreach efforts by BIS to industry to preempt violations of U.S. export control laws. The remarks also covered recent developments in antiboycott enforcement, including with respect to the information required in quarterly antiboycott reports to BIS.
DOJ National Security Division Updated VSD Policy
At the outset, the Tri-Seal Note highlights DOJ’s updated VSD policy regarding potential violations of U.S. export control and sanctions law. The intent of that March 1, 2023 policy, the Tri-Seal Note states, is to incentivize companies to come forward promptly upon identifying such potential violations—while, in return, providing the possibility of a reduced penalty or no penalty at all. In general, and absent the presence of aggravating factors, where a company “voluntarily self-discloses potentially criminal violations, fully cooperates, and timely and appropriately remediates the violations,” DOJ’s National Security Division will not pursue a guilty plea and the company will not be required to pay a fine. In practice, any company that identifies potential export controls or sanctions violations should carefully and promptly scrutinize both the relevant facts and applicable policy—including the March 1 DOJ VSD policy—to ensure that any decision to proceed with a VSD to DOJ satisfies DOJ’s expectations and positions the company to reap all potential benefits of the disclosure decision. More broadly, the issuance of the Tri-Seal Note underscores DOJ’s commitment to enforcement in the export controls and sanctions space, as well as its strategy of incentivizing self-initiated action in the form of VSDs to attain its ultimate objective of corporate compliance with U.S. law.
BIS Updated Guidance for VSDs
Likewise, the Tri-Seal Note also emphasizes that VSDs to BIS regarding violations of the Export Administration Regulations (“EAR”) or any orders, licenses, or authorizations issued thereunder “substantially reduce[] the applicable civil penalty under the BIS settlement guidelines.” The Tri-Seal Note reviews policy updates over the prior 13 months, including a June 2022 memorandum from Assistant Secretary Axelrod implementing a dual-track system to handle VSDs, allowing parties to VSDs submitted for minor or technical infractions to receive a warning or no-action letter within 60 days of final submission of the VSD. In April 2023, Assistant Secretary Axelrod issued another memorandum clarifying that a deliberate non-disclosure of a significant, possible violation of the EAR is an aggravating factor under BIS penalty guidelines. In addition, a tip-off to the Office of Export Enforcement of a violation by another party that leads to an enforcement action will be considered a mitigating factor if the disclosing entity faces even an unrelated enforcement action in the future. Finally, the Tri-Seal Note reminds companies not to self-blind because the adequacy of a company’s compliance program, including its success at self-identifying and rectifying compliance gaps, is itself a factor under the settlement guidelines.
OFAC VSD Policy
OFAC similarly considers VSDs to be a mitigating factor when determining appropriate enforcement action. Where a civil monetary penalty is warranted, a qualifying VSD can result in a 50% reduction in the base amount of the proposed civil penalty. OFAC requires VSDs to include, or to be supplemented within a reasonable period of time with, a detailed report of the complete understanding of the circumstances of the apparent violation. OFAC has made clear that disclosures do not qualify as VSDs if a third party is required to, and does, notify OFAC of the apparent violation, the disclosure includes false or misleading information, the disclosure is not self-initiated (e.g., made as a result of a suggestion by an agency), or the disclosure and any supplemental information is materially incomplete. We note that OFAC did not take the opportunity to follow BIS in asserting that the failure to file a VSD with respect to a significant possible violation will be considered an aggravating factor.
FinCEN’s Whistleblower Program
In addition to the benefits from disclosures about third parties described above, FinCEN maintains a whistleblower program designed to incentivize individuals to flag violations of U.S. trade and economic sanctions laws, as well as of the Bank Secrecy Act. Whistleblowers are eligible for awards between 10% to 30% of the monetary sanctions collected in an enforcement action if their information leads to a successful enforcement action, and may even benefit from enforcement of related actions. Whistleblowers are further incentivized by the ability to submit reports anonymously (through legal counsel) and by the retaliation protective provisions.
Partnership initiatives within the U.S. government
Earlier this year, BIS and DOJ established the Disruptive Technology Strike Force (“Strike Force”), which aims to prevent the acquisition of critical technology by “authoritarian regimes and hostile nation-states.” The Strike Force consists of local cells around the country, each of which includes a federal prosecutor, a BIS agent, a Homeland Security Investigations agent, and an agent from the Federal Bureau of Investigation. The local cells are supported by an interagency analytic cell in Washington, D.C. By May, the Strike Force initiated five cases involving alleged procurement networks created to help the Russian military and intelligence services obtain sensitive U.S. technology and alleged theft of source code from U.S. technology companies for sale to Chinese competitors.
Additionally, BIS partnered with FinCEN to improve the way financial institutions report potential evasions of the EAR. BIS and FinCEN have issued the first two joint alerts to educate financial institutions about export control evasion. The alerts highlighted specific items that Russia needs for its military, and ways to identify and report evasion red flags. They also contained a unique key term for financial institutions to use when filing Suspicious Activity Reports related to the evasion of export controls targeting Russia. BIS is also working with FinCEN to find additional ways to notify financial institutions of export control evasion trends beyond Russia controls, and to support financial institutions’ reporting of activities that contribute to those trends.
Finally, BIS signed an agreement in July with OFAC to formalize the coordination and partnership between the two offices. The agreement, among other things, enables BIS and OFAC to jointly resolve investigations of common subjects, including matters voluntarily disclosed to both agencies, and BIS anticipates that companies will see more coordinated enforcement actions going forward.
Partnership initiatives with foreign governments
BIS continues to work with foreign governments to limit Russia’s access to specific technologies and other items related to its war effort in Ukraine and has built a coalition with 38 other governments as a part of this effort.
Furthermore, the U.S. along with other Five Eye partners (Canada, the United Kingdom, Australia, and New Zealand) committed to formally coordinate export control enforcement. This includes sharing export control best practices and jointly enhancing the ability to prevent evasion of controls. Moreover, BIS has, for the first time, stationed an enforcement analyst abroad – specifically in Ottawa – to liaise on export controls directly with Canadian partners.
The U.S. also convened a meeting in April with other G7 members (Canada, the United Kingdom, France, Germany, Italy, Japan, and the European Commission) to announce a new export enforcement coordination mechanism to coordinate the enforcement of the multilateral sanctions and export controls against Russia. In early July, the parties held the first working-level meeting of the G7 enforcement coordination mechanism.
Partnership initiatives with industries
Assistant Secretary Axelrod’s remarks emphasized BIS’s preference to work with industries to prevent violations, rather than enforce violations. For example, BIS proactively reached out to more than 800 U.S. companies with past export ties to Russia or whose components have been identified inside Russian weapons systems found in Ukraine. BIS has also educated hundreds of international companies and is contacting specific companies and trade associations involved in the manufacture or distribution of components that Russia needs for its missile and drone programs in order to share diversion prevention strategies.
BIS also issued guidance notes in collaboration with other U.S. government agencies. Specifically:
- BIS with DOJ and Treasury issued two tri-seal compliance notes for industry, the first focusing on Russian evasion tactics, and the second focusing on the agencies’ voluntary self-disclosure policies; and
- BIS with DOJ, Treasury, and the State Department issued the first quad-seal advisory on appropriate industry steps to prevent activities to support the development of Iran’s drone program.
Finally, BIS provided an update on the Academic Outreach Initiative, which was launched last June and aims to protect academic research at prioritized universities from foreign government adversaries. This initiative assigns each university with a dedicated “Outreach Agent” and provides webinars and trainings on topics such conducting due diligence on academic partners. Last year, the BIS formed partnerships with 20 universities, and this year BIS invited nine new universities to the initiative.
Antiboycott Compliance Developments
Antiboycott laws prohibit U.S. companies (including their subsidiaries located outside the United States) from taking certain actions in support of an unsanctioned foreign boycott of a country friendly to the United States, such as the Arab League boycott of Israel. U.S. companies are also required to report the mere receipt of certain boycott-related requests, even if the company does not respond to or agree to the request. The antiboycott laws implemented by BIS are separate from and in addition to antiboycott laws implemented by Treasury.
Last October, BIS increased penalties for violations of U.S. antiboycott laws and instituted a requirement that companies entering into settlement agreements for antiboycott violations admit to a statement of the facts outlining their conduct. In addition, BIS announced two additional actions to strengthen antiboycott reporting and compliance.
Specifically:
- Effective immediately, BIS changed the boycott reporting form to now require the identity of the specific party making a boycott-related request. This will put U.S. companies in the position of needing to report the name of their customer or other business partner to BIS when the U.S. company receives a boycott-related requests. This information previously was not required, and could be redacted from documents submitted with boycott reports.
- BIS placed an antiboycott policy statement on U.S. acquisition management websites which articulates the requirements of the antiboycott regulations and their applicability to U.S. government acquisition contracts.
Next steps
As trade enforcement cooperation among U.S. government agencies expands, international enforcement efforts are being formalized and routinized. A robust compliance plan incorporates shifting enforcement priorities and requirements. Accordingly, companies should continue to update their compliance procedures to ensure they are proportionate to the increased regulatory scrutiny and, given the change to the boycott reporting form, should ensure that identities of the parties making boycott-related requests are collected and reported.
Authored by Zachary Alvarez, Matthew Sullivan, Beth Peters, Anthony Capobianco, Ajay Kuntamukkala and Andrea Fraser-Reid.
Mark Ye, a Summer Associate in our Washington, D.C. office, contributed to this alert.
