BUILD YOUR EXPORT COMPLIANCE MANUAL • Roles • Program elements
Mass Export Center OCT 2011 BUILD YOUR EXPORT COMPLIANCE MANUAL • Roles • Program elements • Audit tips Natascha Finnerty DL Exports International, Inc www.dlexports.com 1 BIS/DDTC RECOMMEND AN ECMP • Published guidelines for establishing export management system – Nunn-Wolfowitz report google nunnwolfowitz – BIS/DDTC Compliance guidelines Programs are on their websites – DDTC guidelines • BIS updated their guidelines in 2010 and have 9 elements – Includes managerial tasks – Administrative requirements www.dlexports.com 2 IMPLEMENTING A PROGRAM TAKES ... • Management commitment • Export Policy • Regulatory understanding • Resources • Time • Training www.dlexports.com AB Tech EXPORT POLICY 3 GOOD FOR BUSINESS • In successful companies, compliance is part of the corporate culture • It can be a competitive asset and should be listed on your website • Small investment can save big over new penalties www.dlexports.com 4 WHERE TO START? • Establish an Export Steering Committee • Nominate a Focal Point • Engage kick off training • Review business and applicable regulations www.dlexports.com 5 • Conduct a risk assessment – see BIS guidelines • Establish/revise policies & procedures that address cradle to grave of hardware and technology release life cycle – integrate into quality SOPs, other compliance programs • Train personnel • Implement & audit www.dlexports.com 6 EXPORT COMMITTEE Suggested Members •Finance •Legal •HR •IT •Security •Sales & Marketing •Sales Admin. •Contracts/Accounting •Order Admin •Manufacturing •Traffic www.dlexports.com 7 NEW CONSIDERATIONS • Effect of Sarb-Ox • Higher fines and penalties • New mitigating and aggravating factors • Export reform - Mixing of ITAR and EAR rules? • Securing of IP from foreign parties or customers • Are contractors or outsourced companies screened? • Anonymous reporting? 8 www.dlexports.com SARB-OX • Upper Management needs to be informed and verify compliance as part of corporate governance • Penalties could adversely affect financial position of company, whether public or private • Could stop a sale or acquisition • Disclosure requirements www.dlexports.com 9 Does SOX apply to your export issues? • What percentage of your business is exports? Are you publicly held? • What percentage of your suppliers is foreign? • Is your company a related company? • Do you export to resellers? If yes, whom do they sell to? www.dlexports.com 10 COMPLIANCE PROGRAMS • MUST PREVENT AND DETECT VIOLATIONS – DOES YOURS? • HOW DO YOU USE METRICS TO MEASURE IT? www.dlexports.com 11 TEMPLATE FOR PROCESSES • Are they written in the active voice? • Do they describe the responsible personnel? • Do you detail the records that are created by the process? • Is there a risk assessment and control process? www.dlexports.com 12 REVIEW CURRENT BUSINESS PRACTICES www.dlexports.com 13 RISK MITIGATION FOR EXPORT ISSUES • Level of technology, ITAR? • Is end-user known? • Dealings in countries of concern? www.dlexports.com 14 RISK ASSESSMENT contd • Any potential misuse of product (EPCI)? • Multiple shipping sites? • Do you control distribution channels? • Do you require licenses and need to adhere to qty, value, provisos? • AES compliance? www.dlexports.com 15 REVIEW APPLICABLE REGULATIONS • EAR (& Antiboycott) • ITAR • OFAC • Foreign Trade Regs • NISPOM •CUSTOMS •CONSENT AGREEMENTS www.dlexports.com 16 RISK ASSESSMENT • DO YOU EXPORT CONTROLLED HARDWARE OR TECHNOLOGY? (ITAR/EAR) – Need export license application procedures, processing, license management, closing • Product classification • Classification of new products • Purchased Products www.dlexports.com 17 RISK ASSESSMENT • Do you know your customers? – Or sell thru distributors? – Or you find out about them later • sw registrations • repair www.dlexports.com 18 PROCEDURES • Compliance Policy and Org chart with responsibilities – Time to get management support – List back-ups to each key position – Central focal point • Product matrix – Ongoing, tie it to new product release • Country charts – Automate, where possible • Denial list screening and managing hits www.dlexports.com 19 EXPORT MANAGEMENT SYSTEM • Duties are cross functional • Employees receive training on export procedures • Use an Action Plan until completed www.dlexports.com 20 DOCUMENT THE PROGRAM • Borrow from your company’s procedures templates and use flow charts – ISO, TQM, Industry Quality standards, Sarbanes Oxley • Upload an International Compliance website – Policy, training slides, product matrix, FAQs • Coordinate with other compliance efforts: Quarterly reports to management www.dlexports.com 21 Sample Order Rec’d Conduct screening •DPL, Entity, SDN -Country -High Risk •Proliferation Product matrix Lic determ Y Order OK? Apply for lic. Cancel Order Contact ECM N Prepare Docs Ship www.dlexports.com 22 Export Compliance and Management Program 1. Administrative Elements: – – – – – – Management Commitment Responsible Officials Record Keeping Training Internal Reviews Notifications www.dlexports.com 23 Screening Elements – Denial Orders – ECCN Classification/License Determination – Diversion Risk – Nuclear End-Users/Uses – Chemical & Biological End-Users/Uses – Antiboycott Compliance – Add’l US Gov’t Agency Requirements www.dlexports.com 24 STANDARD SCREENING PROCESS Check all exports against: • Restricted Parties and updates • Product Matrix/Classification • License requirements • Restricted/Embargoed Countries • Antiboycott www.dlexports.com 25 RESPONSIBILITY #1 Product Matrix • You need to review all products to determine if an export license may be required • This is done export compliance manager with the help of IT • Controlled items can be hw, sw, technology relating to – computers, – software with encryption, telecommunications products, lasers – Industrial equipment and chemicals www.dlexports.com 26 PRODUCT MATRIX • This process is ongoing, and requires regular updates as new items are developed or upgraded. • You need to determine the export commodity classification number (ECCN), countries that may require a license, and customs numbers (Sch B). • The Product Matrix list is included in the Export Compliance Program. www.dlexports.com 27 RESPONSIBILITY #2 Denied Parties • You need to ensure that you do not sell to prohibited parties identified by the US Government and, potentially, other gov’ts. • Most companies need to get Compliance Screening Service for this purpose • These lists are updated regularly by the government. • We must determine who is the end-user, what is the end-use, who are the parties to the transaction • Screening must occur before the items are shipped for exports supporting particular projects 28 www.dlexports.com Need to establish a policy for hits • Need enough information to clear hits – what agency, what are the requirements • Determine if it is a false hit • Contact government agency or get certification from the person • Keep records of hits www.dlexports.com 29 RESPONSIBILITY #3 High Risk Profile • We need to ensure that we recognize any unusual circumstances or “Red Flags” • Each employee is responsible for taking appropriate actions if a transaction seems suspicious • Report any unusual activity throughout sales and to the Export Compliance Manager WHEN IN DOUBT, CHECK IT OUT! www.dlexports.com 30 RESPONSIBILITY #4 Country Embargoes DO NOT SHIP TO THESE COUNTRIES WITHOUT A LICENSE! • The following countries are under General Embargo: Cuba Iran North Korea Sudan Syria • The following countries are highly-controlled: Iraq Libya There are many denied parties in these countries: Banks, Entities (Companies) and Individuals www.dlexports.com 31 OTHER COUNTRIES OF CONCERN Country Groups D • Military & Terrorist Rwanda Angola Libya • Countries of Concern China Taiwan India Pakistan Middle East Former Soviet Bloc www.dlexports.com RESPONSIBILITY #5 ANTIBOYCOTT LAWS • US companies and their subsidiaries may not participate in the Boycott of Israel • Watch for any statements that include: - you must “comply with Arab League Boycott of Israel”, or - request for certification that Goods are “not of Israeli Origin” • Must report all such statements to 33 www.dlexports.com DOC RESPONSIBILITY #6 RECORD KEEPING • We must keep records for 5 years • Transaction Records include: – – – – – – – – – Purchase Orders Quotes Commercial Invoices Bills of Lading & Air Waybills Comm Invoice AES records Banking documents & letters of credit Export checklists Screening results Correspondence and contracts www.dlexports.com 34 Compliance Records • Acknowledgment of the Compliance policy • Notices in contracts with resellers and websites • Training records • Audit Records • Export licenses and classifications • Encryption reports www.dlexports.com 35 OUR INSURANCE POLICY • Apply Due Diligence • Know your customer • Follow the system for approving exports • Contact the Export Compliance Manager with ANY QUESTIONS! www.dlexports.com 36 DEVELOP COMPLIANCE PROCEDURES NO WHITE KNIGHTS • The entire organization must implement procedures • Export Compliance Manager acts as a focal point www.dlexports.com TRAINING OF RELATED PERSONNEL • Export Coordinator & back-up - annual external sessions • Upper management • Related employees - Inhouse annually • New employee training • Specific training for each department www.dlexports.com 38 Training and Audits are a must! – Per the govt – audit, audit , audit! – Is there a schedule? – Records? – Internal or External – Copies of hand-outs? – Using the latest technology? www.dlexports.com 39 BE SURE! Ensure that your subsidiaries have controls at their site! •Denied parties screening •Antiboycott •Embargoed countries ABC Sarl ABC GmbH www.dlexports.com 40
© Copyright 2024