log in
Print | Back

Lowenstein Sandler LLP

Doreen M. Edelman

Doreen M. Edelman

Chair, Global Trade & Policy


  • Global Trade & Policy
  • Corporate
  • Corporate Investigations & Integrity
  • Life Sciences

WSG Practice Industries


WSG Leadership

WSG Coronavirus Task Force Group

Doreen chairs the firm’s Global Trade & Policy practice, a unique team that combines global trade and policy expertise with cross-border M&A, technology, government contracts, white collar investigations, and business counseling practices to help clients develop strategies to minimize global business risks, increase compliance with U.S. requirements, and mitigate matters raised by U.S. regulatory agencies and the U.S. Department of Justice. Her practice focuses on both commercial/technology- and defense-related export controls and supply chain import matters such as classification and country of origin issues under USMCA, Section 301, the Buy American Act (BAA), and the Trade Agreements Act (TAA) for government contract clients.

She has deep knowledge of the Committee on Foreign Investment in the United States (CFIUS) and the new requirements under the Foreign Investment Risk Review Modernization Act (FIRRMA). Companies seek her advice on the law’s applicability to a transaction and on how to proactively mitigate a CFIUS national security concern. Doreen advises companies on the Bureau of Industry and Security (BIS) and the Directorate of Defense Controls (DDTC) export control regulations, classifies technology products, prepares compliance programs, and undertakes related deal diligence. Regarding the Treasury Department’s Office of Foreign Assets Control (OFAC) requirements, she counsels on the legal requirements for compliance with U.S. sanctions as well as secondary sanctions for third-country entities. She also represents companies with disclosures to OFAC, conducts internal investigations, and ensures clients understand how to comply with OFAC’s Specially Designated Nationals list and the ever-evolving sanctioned-countries programs limiting business transactions with, for example, Iran, Cuba, North Korea, Russia/Crimea, and Venezuela.

Doreen helps her clients by preparing business agreements for foreign sales, and she advises on U.S. anti-boycott requirements, the Foreign Corrupt Practices Act (FCPA) and global anti-corruption requirements, and the Foreign Agents Registration Act (FARA). She has represented high-profile international clients and foreign governments.

Prior to joining Lowenstein Sandler, Doreen served as Co-chair of the Global Business practice at an AmLaw 100 firm in Washington, D.C. She has published many trade-related articles, created a trade matters blog, and been quoted on CNN and Bloomberg and in The Wall Street Journal, The Hill, and other publications due to her in-depth knowledge of trade policy.

Bar Admissions

    District of Columbia
    The Court of Appeals of Maryland
    Florida Supreme Court
    U.S. Court of International Trade
    U.S. District Court for the District of Maryland
    U.S. Court of Appeals for the District of Columbia Circuit


George Washington University Law School (J.D. 1987), with honors
George Washington University (B.A. 1984), with distinction
Areas of Practice

Corporate | Corporate Investigations & Integrity | Global Trade & Policy | Life Sciences | The Tech Group | White Collar Criminal Defense

Professional Career

Significant Accomplishments

Speaking Engagements

Lowenstein Sandler is a sponsor of the A.C.E.S. Compliance Summit. Partners Doreen M. Edelman and Zarema A. Jaramillo will serve as moderators on two separate panels throughout the conference.

April 16, 2019

11 a.m.: Policy in Action-The Modernization of the Committee on Foreign Investment in the United States (CFIUS): Dissecting the Foreign Investment Risk Review Modernization Act (FIRRMA) and the Implications on Compliance Operations

On August 13, 2018, President Trump signed FIRRMA into law, the first reform of the screening process for CFIUS in over a decade. A lively panel of industry experts will shed light onto the key provisions of FIRRMA and explore the targets and significance of the initial pilot program.

Moderator: Doreen M. Edelman, Partner, Chair, Global Trade & Policy, Lowenstein Sandler. 


  • Tyrone Brown, Deputy Chief, Foreign Investment Review Staff, U.S. Department of Justice
  • Tatiana Olivia Sullivan, Associate Director, CFIUS Operations & Regulatory Affairs, Office of the Under
    Secretary of Defense A&S Industrial Policy

2:00 p.m.: The Export Control Reform Act (ECRA) of 2018 and How It and Other Recent Events Will Affect Your Compliance Program

Industry leaders dissect ECRA and what it means for U.S Export Controls and trade compliance operations. The panelists will discuss the significant impact of the ECRA on “emerging” and “foundational” technologies that are “essential to the national security of the United States,” the transfer of technology to foreign persons, increased restrictions on export licensing, and increased civil and criminal penalties.

Lowenstein Sandler's Spring Alumni CLE Day will feature three CLE programs on timely legal issues and provide you with an opportunity to reconnect and network with LS attorneys and alumni over lunch.

Program Agenda

Registration and Breakfast
8:30-9 a.m.            

Welcome Remarks
9–9:15 a.m.  

Paid Family, Medical, and Sick Leave Compliance & Best Practices

9:15–10:15 a.m.
Presented by Julie Levinson Werner & Lauren M. Hollender

This program is a discussion of both the New York and New Jersey paid sick leave laws and paid family leave laws.  The program will address the significant impact of recent legislation on employee time off and paid benefits.  Panelists will provide policy and practice tips for employers.  

The Ethics of Client Pitches and Client Secondments
10:30–11:45 a.m.m
Presented by David M. Wissert & Sarah Scott

This CLE will explore the ethical issues that arise when pitching for work from prospective clients by taking an in-depth look at the recent decision in Skybell Technologies, Inc. v. Ring, Inc. and the court’s interpretation of Rule of Professional Conduct 1.18, which addresses the duties owed to prospective clients. The CLE also will explore the ethical requirements for client secondments to avoid the imputation of conflicts of interests between the firm and the client.

Everything You Didn’t Know You Need to Know About U.S. Trade Laws
12-1 p.m.
Presented by Doreen M. Edelman & Andrew Bisbas

Topics will include rapidly changing trade rules impacting clients day to day business including investment fund and merger and acquisition activities, real estate investments and even bankruptcy workouts.  Specifically, we will cover the following regulatory regimes: import regulations and Customs procedures; export regulations, prohibitions, and licensing requirements; changes in CFIUS and FIRRMA filings; U.S. sanctions and embargoes; and foreign investment filing requirements.

Networking Lunch
1-2 p.m.

The program is being held at Lowenstein Sandler, One Lowenstein Drive Roseland, NJ 07068

U.S. trade policy and tariffs, in particular, have become a hot topic for credit providers. This program will cover the Trump administration trade actions and Congressional legislation that have affected credit decisions. That includes a discussion of tariffs, targeted sanctions programs, the impact of the United States-Mexico-Canada (USMCA) Free Trade Agreement (NAFTA 2.0), the changes to the Committee on Foreign Investment in the United States (CFIUS), and new export controls on emerging technologies. These actions have increased attention on supply chain management, country of origin issues, foreign ownership, and scrutiny of potential deal partners as they may lead to problematic foreign ownership or control over U.S. emerging technologies or economic sanctions violations. Ultimately, these issues affect everything from component purchases to future investment opportunities. Moreover, increased enforcement is affecting audit plans, leading to more external reviews and creating a better understanding of how these issues affect management decisions.

Topics that will be addressed during the program:

  • How to navigate legitimately through and around tariffs, including identifying tariff exclusions, and developing a strategy for and identifying the risks of passing tariff costs onto customers
  • What to be paying attention to as an importer or exporter in 2019
  • Impact of tariffs on customers in or approaching financial distress
  • How to identify if your products are controlled technologies


  • Doreen M. Edelman, Partner; Chair, Global Trade & Policy, Lowenstein Sandler LLP
  • Bruce S. Nathan, Partner, Bankruptcy, Financial Reorganization & Creditors' Rights, Lowenstein Sandler LLP

Webinar access:

Instructions to join the webinar will be sent to the main registrant's email address the day before. Please log in at least 15 minutes prior to the webinar commencing to ensure ample time for technical assistance if needed.

Join Lowenstein partners Doreen M. Edelman and Bruce S. Nathan at the NCCA September Quarterly Meeting as they speak on a panel titled "Reducing Trade and Compliance Risks in a Volatile 2019."


Location: Omni Charlotte Hotel, 132 E Trade St, Charlotte, NC 28202

Stay current with rapidly changing trade rules impacting how companies are doing business internationally. Please join TerraLex firms Baker Donelson, Lowenstein Sandler, McMillan, Nixon Peabody, and SKW Schwarz for a webinar on September 25, 2019.

Discussion will include updates on:

  • US customs matters
  • USMCA ratification and implementation status in Canada
  • European sanctions and customs issues
  • US export controls and OFAC sanctions
  • Canada/US s. 232 steel and retaliatory tariffs lifted and resulting agreement
  • Canadian trade remedy and safeguard developments


  • Doreen M. Edelman, Lowenstein Sandler
  • Alan Enslen, Baker Donelson
  • Jonathan O'Hara, McMillan LLP
  • Alexandra Lopez-Casero, Nixon Peabody
  • Sven Pohl, SKW Schwarz Rechtsanwaelte

Time: Noon-1:30 p.m.

Lowenstein's Zarema A. Jaramillo introduces opening keynote speaker Attorney General Loretta Lynch, former U.S. Attorney General, and Lynda A. Bennett and Doreen M. Edelman are panel moderators at the Women, Influence & Power in Law Conference.

Thursday, October 17, 2019

9:15 a.m.: Opening Keynote: A Conversation with Attorney General Loretta Lynch

Introduction of Keynote Speaker: Zarema A. Jaramillo, Partner, Lowenstein Sandler LLP

Keynote Speaker: Attorney General Loretta Lynch, former U.S. Attorney General

Attorney General Loretta Lynch shares her journey to become the first female African American Attorney General and how businesses can navigate and thrive in a changing global workforce.

1:30-2:30 p.m.: IoT Liability Issues

Moderator: Lynda A. Bennett, Partner, Lowenstein Sandler LLP


  • Carolyn McNerney, Senior Counsel, LG Electronics USA
  • Tamara Snowdon, Esq. CIPP/US, Senior Vice President, Cyber Practice, Marsh JLT Specialty, Marsh USA Inc.
  • Patti Sunar, Assistant General Counsel, Litigation, Verizon

The connectivity allowed by the Internet of Things (IoT) may make our personal and professional lives much easier, but for liability attorneys, it raises some red flags. Plus, with a lack of guidance from federal regulators like the FTC and the FCC, there are often more questions than answers. If a data breach occurs at a business, who is liable? Does liability fall on the business, the manufacturer of the device, or the creator of the software? More cases like this are beginning to arise, and this session will examine liability concerns in the age of connectivity. Topics include:

  • Understanding the differences for the legal department between IoT and other recent tech advancements
  • Review Current guidelines around IoT liability and potential legislation
  • Strategies for protecting your organization

Friday, October 18, 2019

11:20 AM - 12:20 PM: Tariffs, Trade Wars & the Global Supply Chain

Moderator: Doreen M. Edelman, Partner, Lowenstein Sandler LLP


  • Karen Killeen, Vice President and Deputy General Counsel, BASF Corporation
  • Jennifer Morales, Senior Counsel – Litigation, GE Aviation

The recent rise in tariffs affecting global trade is having a huge impact on both local and international businesses–not to mention, there’s been discussion of a renegotiation of NAFTA and proposal of pulling out of the WTO. Other countries have begun to retaliate on the high tariffs imposed by the United States with counter-tariffs on American goods, thus creating a “trade war.” Many local corporations are being affected as the cost continues to rise, which also impacts the cost to the consumer. So what are the options for companies to keep the costs down? Aside from asking for exemptions on certain tariffs, what can GCs and in-house counsel do at this time? And what are the legal implications of these new sanctions for companies with overseas operations? This session will explore how trade wars are impacting the decisions that GCs must make for their businesses, and we will also discuss potential solutions for organizations with global operations.

Washington Marriott Wardman Park
, 2660 Woodley Rd NW, Washington, D.C.

Lowenstein Sandler is committed to the health and well-being of our clients, colleagues, and guests. With this commitment in mind, and due to the increasing spread of and uncertainty surrounding the novel coronavirus, this event has been postponed. 

Thank you for your interest in the program. We look forward to contacting you soon with new dates. In the meantime, please check this page periodically for updated event information.

* * * * 

Doreen M. Edelman and Zarema Jaramillo join a panel addressing Sanctions 2020: What Every Trade Compliance Professional Needs to Know as a part of the Anti-Corruption, Anti-Bribery, Export Controls & Sanctions (A.C.E.S.) Compliance Summit. Divided into two segments, the first segment of the discussion will be dedicated to addressing up to the minute changes to global sanctions regulations, enforcement in key regions, including Iran and Russia, while the second segment of the session will explore how corporate executives are effectively maintaining compliance within those same regions by troubleshooting specific scenarios utilizing real-life facts.



  • Rowan McDaniel, Head of Sanctions, United States, Financial Crimes Compliance, HSBC USA
  • Doreen Edelman, Partner, Lowenstein Sandler

Location: American University Washington College of Law | 4300 Nebraska Ave NW, Washington, DC 20016


Doreen M. Edelman, partner and Chair of Lowenstein's Global Trade & Policy practice, addresses critical CFIUS (The Committee on Foreign Investment in the United States) updates and issues that every technology company must understand.

Topic include:

  • Understanding what CFIUS is and the role it plays in business and government
  • New CFIUS requirements
  • By the numbers: CFIUS's 2019 report to Congress on filings and investigations
  • A primer on FIRRMA
  • Understanding when a filing is mandatory
  • What it means when a foreign investor will have only a minority interest in a deal
  • Critical technologies, infrastructure, and sensitive personal data
  • "Voluntary" filings
  • Exceptions to a CFIUS filing, including excepted countries and investors
  • CFIUS response options
  • Consequences of not making a CFIUS filing
  • Challenging a negative CFIUS determination
  • Business confidential information

This webinar was held in place of an originally scheduled in-person event.

Doreen M. Edelman and Zarema A. Jaramillo discuss "What Tech Companies and Investors Need to Know About CFIUS’s New Foreign Investment Requirements."

The Committee on Foreign Investment in the United States (CFIUS) reviews foreign investment in U.S. companies for national security purposes. Under recent U.S. Department of Treasury regulations, CFIUS has made changes in how it addresses investment involving critical technologies, critical infrastructure, and sensitive data.

These changes will directly impact both large companies and startup ventures. Global businesses need to understand CFIUS’s new framework so that they know when a transaction requires a mandatory CFIUS filing and whether a voluntary filing might protect the transaction from further government intervention. In the wake of the COVID-19 pandemic, Congress is considering even more restrictions to protect American companies from predatory investment. A new bill was just announced that proposes expansion of CFIUS's mandate over companies doing business with China.

We will discuss these and more relevant factors in the decision to file with CFIUS:

  • a company’s risk tolerance
  • investment needs
  • future exit strategy
  • home country of the investors
  • technologies involved
  • industries served
  • active nature of the investors

Time: 12-1 p.m. EDT

CLE Credit Provided by Lowenstein Sandler

This program is approved for newly-admitted and experienced attorneys.

CA: This program has been approved for 1.0 CA General CLE credit.

NJ: This program has been approved by the Board on Continuing Legal Education of the Supreme Court of New Jersey for 1.2 hours of total CLE credit. Of these, 0.0 qualify as hours of credit for ethics/professionalism, and 0.0 qualify as hours of credit toward certification in civil trial law, criminal trial law, workers compensation law, municipal court law, and/or matrimonial law.

NY: This program has been approved for 1.0 New York credit in the Areas of Professional Practice.

To see our other material related to the pandemic, please visit the Coronavirus/COVID-19: Facts, Insights & Resources page of our website by clicking here.

Lowenstein partner Doreen M. Edelman, Chair, Global Trade & Policy, moderated this webinar as part of TerraLex's 2020 Virtual Global Meeting.

Lowenstein's Doreen M. Edelman, partner and Chair, Global Trade & Policy, and Christian C. Contardo, associate, Global Trade & Policy, present "Evaluating CFIUS Risks In a Potential Opportunity and Positioning Your Company For an Easy CFIUS Process," as part of The Advanced Virtual Forum on CFIUS & Foreign Investmenta conference addressing recent updates to the Foreign Investment Risk Review Modernization Act (FIRRMA) and evolving CFIUS policies regarding foreign Investment.

Session description:

Learn how to navigate deal risks and get your deal questions answered from a practitioner. Takeaways:

  • Deciding which CFIUS filing you have to make and how long it will take
  • Exploring what happens if you don’t get approval
  • Addressing what happens if you’re just an investor in the target, or when in an auction or in bankruptcy
  • What if you want more foreign investment, have not classified your technology, or already have foreign ownership?

Date and time: Tuesday, August 11, 2020; 2:30 p.m. EDT

The conference runs Tuesday, August 11-Wednesday, August 12, 2020.

View program brochure.

Professional Associations

American Bar Association
  • Business Law Section
  • Section of International Law
American Society of International LawDistrict of Columbia Bar Association, International SectionFlorida State Bar Association, International SectionMaryland State Bar Association, International SectionMember Ex Officio, Board of Directors, and General Counsel, American-Turkish Council and American Friends of Turkey (2004-2018)Board Member, TerraLex (2018)

Professional Activities and Experience

  • Foreign Investment Watch: 2020 Top Advisor
  • LexisNexis AV Preeminent - Doreen Edelman
  • Super Lawyers - Doreen Edelman


DOE’s Recent RFI Specifies “Foreign Adversaries” – What Does it Mean?
Lowenstein Sandler LLP, July 2020

What You Need To Know: Recent events emphasize the effect of the U.S.-China relationship on imports, exports, and foreign investment. Companies should consider looking closely at whether and how their products or services could be considered a national security concern in a variety of regulatory capacities, including foreign investment, export controls, and even real estate...

U.S. Companies Required to Report Foreign Investments: BEA’s Little-Known Reporting Requirements
Lowenstein Sandler LLP, July 2020

Many U.S. companies are unaware that a relatively unknown agency, the Bureau of Economic Analysis (BEA) at the Department of Commerce, administers mandatory reporting requirements that oblige ALL U.S. businesses to file reports identifying foreign direct investment (FDI).Reports are filed at the inception of the investment andthen every five years in a follow-up “benchmark survey.”Additionally, the BEA will contact certain companies tomake additional filings...

U.S. Government Issues Updated Sanctions Warning
Lowenstein Sandler LLP, June 2020

On May 14, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the Department of State, and the U.S. Coast Guard issued a Sanctions Advisory for the Maritime Industry, Energy and Metals Sectors, and Related Communities, reflecting increased scrutiny and enforcement attention by U.S. government agencies on curbing illicit shipping practices...

Additional Articles

President Trump has formally notified Congress that renegotiation of the North American Free Trade Agreement (NAFTA) will commence this fall. While this fulfills one of Trump’s major campaign promises, it does come with risks. Let's say, for a moment, that the United States gets a bad deal or ultimately walks away from the agreement altogether — then what? One thing is for sure: China would be thrilled.

NAFTA was negotiated in large part to create an integrated North American economy that could compete with China. Recognizing the flood of cheap goods coming from Asia, policymakers on both sides of the aisle understood the need in the early 1990s to take decisive action. The answer was a trade agreement between Canada, Mexico, and the United States that would harness the strengths of all three economies to make U.S. goods more competitive.

U.S. persons remain prohibited from doing business in or with Iran despite implementation of the Iranian nuclear deal, also known as the Joint Comprehensive Plan of Action (JCPOA). The JCPOA negotiations involved China, France, Russia, the United Kingdom, the United States, Germany, the European Union, and Iran. They were completed in 2015. Under the JCPOA, the United States withdrew some of its nuclear-related secondary sanctions in exchange for Iran's compliance. However, the primary prohibitions and restrictions of the Iran sanctions program that affect U.S. persons and entities remain in place today.

The Iran sanctions program dates from right after the Iranian Revolution and the U.S. hostage crisis. President Clinton expanded the sanctions in 1995 when he issued a comprehensive ban on U.S. trade and investment in Iran under the International Emergency Economic Powers Act (IEEPA). Since that time numerous executive orders, laws, and regulations have come into effect that have strengthened economic and trade sanctions on Iran.

Leaders of all three North American Free Trade Agreement (NAFTA) member countries have now acknowledged the benefits that might be gained by renegotiating the 1994 regional free trade agreement. And, despite criticism of NAFTA as it currently exists, President Trump recently recognized the virtues of regional trade, declaring in a recent meeting with Canadian Prime Minister Justin Trudeau that both countries will “coordinate closely to protect jobs in our hemisphere and keep wealth on our continent.”

Of course, Mexico, with which the United States has a $63 billion trade deficit, not Canada, has been the main target of President Trump's criticism. Yet, Mexico, too, is open to renegotiating. Mexican President Enrique Peña Nieto has already commenced a 90-day period of consultation with the private sector that would precede expected renegotiation.

U.S. sanctions on North Korea have been in effect for decades and as a result, most American business leaders today have had to pay little or no attention to their impact or implications. In 2008, the North Korea sanctions program intensified and grew.

Now, the Trump administration appears to be further expanding prohibitions by specifically targeting Chinese firms. These conditions, called “secondary sanctions,” mean U.S. businesses could experience the economic effects of our strained relationship with North Korea for the first time.

The current discussion about free trade agreements too often forgets the tremendous benefits that free trade agreements offer U.S. exporters. Last September, the U.S. Department of Commerce reported that U.S. exports to current free trade agreement partners grew 22 percent from 2009 to 2015. The Commerce Department further reported that these exports supported more than 3 million American jobs and that U.S. exports, in total, support more than 11.5 million American jobs.

A key premise of President Trump's economic policy is to increase the total number of U.S. exports. This makes sense given that the growth of the U.S. economy in the last century was due to the dominance of U.S. manufacturers after World War II. However, what is sometimes misunderstood is that U.S. free trade agreements are also part of our growth, and have actually strengthened our nation’s economy—not weakened it.

The United States is the largest recipient of foreign direct investment in the world. Over the last several years, foreign direct investment in the U.S. manufacturing sector has increased.  As this investment has increased, however, many members in Congress have become concerned about foreign acquisitions of U.S. manufacturers that are perceived to be essential to U.S. national and economic security. These lawmakers have called for an increase in the scrutiny of these cross-border investment projects by the Committee on Foreign Investment in the United States (CFIUS), an interagency committee that is authorized to review, investigate and block any transaction or investment that could result in the control of any U.S. businesses or assets by a foreign person that may raise national security concerns or involve critical infrastructure. Also, while the Trump administration has stated that it welcomes foreign investment into the U.S. manufacturing sector, its heightened interest in national security and strong interest in promoting its "America First" agenda have led to even louder calls for increased CFIUS review. 

Every day we hear more and more about the changing landscape of American–Iranian politics, and, if you read the newspapers, it looks like some U.S. businesses are beginning to benefit. It’s a good potential market. There are approximately 80 million consumers, a young population and an interest in U.S. goods and investment in the United States. But, what is really allowed and what does that mean for Iranian EB-5 investors? Is unencumbered Iranian investment in the U.S. the new reality?

The short answer is, no. It’s not that simple. But there are opportunities, and EB-5 investment is possible if you do your homework and stay compliant with the rules.

EB-5 Investment Procedures
An Iranian investor looking to obtain a U.S. EB-5 Visa through investment in a regional center must go through a variety of procedures in order to utilize the EB-5 program. First, potential investors need to determine whether their EB-5 funds transfer falls within the Department of Treasury’s Office of Foreign Assets Control’s (“OFAC”) General License. They may need an opinion letter from legal counsel providing financial institutions evidence that the transfer does not violate the sanctions program. Restricted party screenings must also be completed to ensure the individuals and entities involved in the investment are not U.S. government prohibited parties. Such parties are restricted from doing business in the United States or with a U.S. Person (this includes U.S. businesses).

While the United States' Foreign Corruption Practices Act (FCPA) prohibits U.S. entities from paying bribes to foreign officials abroad, China's Anti-Unfair Competition Law and Criminal Law together cover bribery of both public and private individuals by foreign or domestic actors in China.

At a time when both countries' governments are prioritizing the fight against corruption, one cannot ignore the many potential bribery-related pitfalls presented by the numerous trans-Pacific exchanges that drive the EB-5 process. The first step in addressing the issue is understanding one's role in the EB-5 industry and the unique compliance challenges it presents.  Additionally, a comprehensive anti-corruption compliance program to mitigate such risks can help ensure that you are protected from costly government fines, possible prison sentences, and sleepless nights. 

The behavior of the agents, brokers, issuers, and investors you work with will make or break your EB-5 business. As with all investments, you can protect yourself by understanding what risks are associated with doing business with each entity involved. This article explains the corruption risks and government concerns and provides six proactive steps you can take to minimize such risks in your EB-5 business.

On March 16, the Treasury Department’s Office of Foreign Assets Control (OFAC) published a final rule that further facilitates travel to Cuba, authorizes additional types of financial transactions and allows companies to have a greater business presence on the island. The latest changes represent yet another small step towards normalization, building upon four past rounds of regulatory amendments that began over a year ago.

While the president cannot unilaterally abolish the Cuban Assets Control Regulations (CACR) sanctions regime absent congressional action, over the past 16 months he has used his authority to normalize economic and political relations between the two countries as much as possible through executive action. The latest amendments were announced days before President Obama’s historic trip to Cuba – the first time a sitting U.S. president visited the island in 88 years. Despite the administration’s inability to remove all sanctions without Congressional approval, it made the president’s intentions to push the envelope as much as possible clear prior to his trip, saying that the visit will be aimed at rendering the normalization process “irreversible.”

An exhibition game between Major League Baseball’s Tampa Bay Rays and the Cuban national team, and a Rolling Stones concert in Havana were two events that suggest many Cubans and Americans support the president’s goal of reconciliation.

U.S. foreign policy is moving fast these days, especially when it comes to sanctions and the aviation industry. While U.S. aviation and leasing has not been given a complete go-ahead, steady changes are continuing to open aviation markets in both Iran and Cuba. Everyone should pay attention to the details, because most aircraft have at least some small amount of U.S. content, falling under U.S. rules.

Commercial Aviation Sales and Leasing in Iran

On Jan. 16, 2016, it was confirmed that Iran implemented key nuclear-related measures described in the Joint Comprehensive Plan of Action (JCPOA). This confirmation triggered Implementation Day, the day that the U.S. and other parties agreed to lift nuclear related-sanctions against Iran. These lifted sanctions generally relate to secondary sanctions or those imposed by the U.S. government against non-U.S. persons.

Although U.S. parties are still prohibited from entering into most activities with Iran, there are exceptions for the U.S. civil aviation industry. These changes include the adoption of a Favorable Licensing Policy for commercial airline transactions. Specific licenses may be issued on a case-by-case basis and may authorize various activities such as export, re-export, sale, lease, or transfer of commercial passenger aircraft, spare parts and components, and the provision of certain associated services. Conditions may apply, so always carefully read any license you obtain and consult export counsel.

This year, new protections put in place by the U.S. government to limit the sharing of critical technologies with foreign individuals will affect a large number of startups as well as related investments, mergers, and acquisitions. And since the law applies to all foreign individuals, whether abroad or in the U.S., companies with investors, partners, or customers who are based in the U.S. but are not U.S. citizens could feel significant impact.

In today’s trade policy environment, it seems as if there is a new business risk every day. One day, it is sanctions on Chinese entities for doing business in North Korea; the next day, it is the activities of Russian oligarchs. Then companies are hit with four waves of increased import duties on steel, aluminum, and most raw materials and finished products from China. Even if firms are not importing on their own, US manufacturers are receiving “the letter” stating that they must pay additional fees on parts and other inputs. Sometimes the affected products simply involve imported packaging or aluminum can made in America from imported raw material. With so much change and uncertainty, how do investors identify and evaluate these and other trade-related risks that may impact their portfolio companies?

(subscription required to access article)

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) doesn’t care whether a company means to violate the law or is unaware of U.S. sanctions. The regulatory organization’s role is to dole out significant penalties and even jail time for violations and it’s turning its sights on the tech world.

Many startups reason that since they aren’t technically financial institutions or operating off of open source code, they aren’t subject to stifling and irritating regulations.

However, when it comes to U.S. sanctions, these companies are wrong, and that ignorance can lead to significant consequences. Recent headline-making OFAC cases such as Chinese telecom giant ZTE being fined $1.2 billion or the high-drama Canadian arrest of Huawei CFO Meng Wanzhou have underscored the impact of violating U.S. sanctions laws.

In August 2018, Congress expanded the authority of the Committee on Foreign Investment in the United States (CFIUS) to review, block or unwind certain transactions involving foreign investment without “control” of key US assets, businesses or technologies. Following the passage of the Foreign Investment Risk Review Modernization Act (FIRRMA), CFIUS acting on authorities granted in FIRRMA issued new regulations under which certain transactions involving “critical technologies” impact the new pilot program industries that targets 27 industries.

Unlike the pre-FIRRMA CFIUS submissions that were technically voluntary, the new pilot program submissions are now required. (See 31 CFR Part 801.) Failure to submit a now required CFIUS Pilot Program submission can carry a maximum civil penalty equal to the value of the underlying transaction. The pilot program went into effect on November 10, 2018.

For transactions covered by the pilot program, which currently covers 27 critical industries, parties must submit a mandatory declaration if a transaction would give a non-US person control over the business or when a foreign person does not even gain “control” but merely makes a particular investment.

Pain Points and Requirements

The core new “pain point” is the now possible mandatory CFIUS Pilot Program (PP) filing, unlike the earlier filings which were “voluntary.” Broadly and with certain exceptions, the PP sets forth a 2-part test to assess if a mandatory filing applies to a transaction.

  1. The transaction must involve a Pilot Program US business even if a foreign person does not acquire “control” but would afford the foreign person access to “any material nonpublic tech info” possessed by the PP US business or membership on a board/governing body of the PP US business or any involvement (other than thru voting of shares) in substantive decision making of the PP US business about the use, development, acquisition or release of “critical technology” or the transaction could result in foreign “control” of the PP US business.
  2. The US business that is the recipient of the foreign investment must be one that produces, designs, tests, manufactures, fabricates or develops a “critical technology” that is (i) utilized in connection with the US business activity in a PP industry or (ii) designed by the US business specifically for use in one or more PP industries.

Shortly after the pilot program went into effect, the DOC’s Bureau of Industry and Security (BIS) issued a proposed rule to add 14 technology categories to list of emerging technologies, which could also be subject to the mandatory CFIUS declarations and would also impose new export license requirements by amending or adding additional Export Control Classification Numbers (ECCN) which are an alphanumeric designation (e.g., 1A984 or 4A001) used in the Commerce Control List (CCL) to identify items for export control purposes. Companies or individuals that wish to export items, technology or software on the CCL may be required to obtain an export license depending on the item being exported as informed by the correct ECCN properly determined and the country to which the item is being exported. Among these 14 additional technology categories were robotics, quantum computing, and artificial intelligence (AI).

It’s important to note that even if your organization is not seemingly related to one of the 27 specific industries, under other recent US Commerce Department action, your company may still be subject to the mandatory export license requirements. The DOC recently added discrete microwave transistors, continuity of operation software, post-quantum cryptography, underwater transducers, and air-launch platforms to the list of emerging technologies and designated these items with ECCNs than can trigger DOC export license requirements, outside the CFIUS purview.

The Issues with AI

The Trump Administration is keenly interested in controlling foreign access to AI. Artificial intelligence is increasingly viewed as critical to protecting US security interests because of its possible implications for military and national defense or other security policy. The AI field, which is focused on the capability of a machine to imitate intelligent human behavior, is rising rapidly with the advent of technologies such as driverless cars and autonomous weapons.

Machine learning, a collection of algorithms that can learn from and make predictions based on recorded data, makes up a large part of what drives AI. The accuracy of a machine learning model depends on the quality of that data. Within the IP sector, the number of machine learning related patents is growing because software-based methods and systems are generally patentable.

The data used to train machine learning models may be classified as “technical data” or information under export regulations. The International Traffic in Arms Regulations [ITAR] and the Export Administration Regulations [EAR] generally define export-controlled technical data or technology as information for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of as relates to certain items as specific in the applicable control. There are various exclusions from export regulations of technical data or technology and may include:

  • Public domain or publicly available information
  • Education information, including that commonly taught in schools and universities
  • Fundamental research

Technical data or technology that falls into one of these three categories generally does not require a license to export, reexport, transfer, release or disclose to a foreign person. It is critical to know that any such export, release or disclosure in the United States to a foreign person, such as your employee, contractor or agent will be deemed by the US Government as an export to that foreign person’s country of nationality or birth in certain cases. These are commonly called “deemed exports.” Such export control license requirements are completely outside the scope of CFIUS’ purview.

Takeaways for AI Companies

The export controls DOC has proposed could end up hindering American AI technology development because the open availability and freewheeling exchange of information among employees and contractors of AI training data is so essential to researchers making strides in the field. As more AI may become subject to new and stricter export controls, the need to consider to obtain an export license to carry on with “routine” AI work will be critical. However, DOC also stated that it will not expand its jurisdiction over what it considers “fundamental research.”

The current policies assume that differentiating between commercial and military AI applications is easy, when in reality is there is plenty of overlap between the spaces. For example, iPhone users can unlock their phones with facial recognition technology. That same technology could be used to target weapons. As the regulations continue to roll out for identifying and imposing export controls on new ECCNs to AI and other emerging technologies essential to US national security, it will be important for lawmakers to consider how the AI export controls will be implemented so as not to hinder innovation.

Companies must be aware that while an export is generally considered to be materials, information, and technology that leaves the US, a deemed export is something that may be occurring frequently under the company’s nose. If deemed exports of newly controlled AI is not properly licensed for release or disclosure to foreign persons, export control violations will likely occur which may carry severe penalties. Items and technology that are controlled either by the EAR or ITAR will also be considered as critical technology by CFIUS for both voluntary and mandatory CFIUS purposes.

Companies looking to get ahead of the potential deemed export control implications, or seeking investment from foreign investors, should determine the ECCN of their AI, software, and other technology items. While there is still uncertainty in what will be implemented for CFIUS review, knowing these classifications will make it easier to understand what export licenses may be required in the future.

Reprinted with permission from the August 8, 2019, edition of Legaltech News.

© 2019 ALM Media Properties, LLC. All rights reserved.

Further duplication without permission is prohibited. ALMReprints.com – 877.257.3382 - [email protected].

If there is one takeaway from the Committee on Foreign Investment in the United States' new rules — which broaden the committee's jurisdiction to review foreign investments that might threaten national security interests — it is that, without some level of inquiry, you can no longer be sure which investments will come under scrutiny.

Take the recent sale at a bankruptcy auction of a specialty chemical distribution company — a sale that, on its face, wouldn't seem to raise any red flags. For one, it did not manufacture anything; it simply distributed hard-to-find chemical ingredients for use in manufacturing products. And at first glance, there did not seem to be any foreign buyers involved.

But as due diligence proceeded with the company's trade policy counsel, they discovered that some of the company's crop protection products had a dual use — as components of rocket fuel. Plus, one of the potential buyers was owned in part by a foreign person — not Russian or Chinese, but Canadian. The company needed that buyer because the stalking-horse bidder in the bankruptcy auction sale had no other competition, and maintaining competition is essential to maximizing value.

For private equity firms, this should serve as a wake-up call to get educated on CFIUS right now. 2018 saw 265 private equity deals in the U.S. backed by foreign investors (up from 253 in 2017), and confusion still reigns around what exactly the new rules entail. In fact, CFIUS has already unraveled several completed transactions. The reason this case should raise the alarm is that it involved chemical ingredients and Canada — it did not involve China or even more ubiquitous, sensitive personal data.

The bottom line is that to keep investors and their deals in compliance, private equity firms need to take serious steps to prepare for potential CFIUS issues — before the ink is dry — even if they think a given transaction cannot possibly pose compliance risk.

Here are three key principles to which private equity firms should commit:

Know your potential buyer's ownership structure — so you can plan ahead. Sounds simple, right? But as many in the CFIUS and private equity businesses know, navigating the various levels of a buyer's organization can be challenging. Under the new rules, however, it is critical that you know exactly where foreign investment comes into play so you can ascertain the amount of control or access those investors will have — Will they really be a limited partner and/or influence finances? Will they be privy to sensitive data? — as well as information about the actual investor — is he or she a dual citizen? Where does he or she permanently reside?

For example, a deal in progress right now involves a dual U.S.-Israeli citizen who will be part of the platform company's board of directors. This checked the box for further CFIUS analysis.

Involve CFIUS counsel early on in the process. As we noted earlier, there is a series of unknowns under the current pilot program — around interpretation, enforcement and the rules themselves. Talking with a group of companies that had to file mandatory CFIUS declarations, we found that the committee approved only a third of them, while telling more than half that a decision could not be rendered within the review period, and instructing them to either file the long-form declaration or proceed at their own risk.

This makes it crucial for trade policy experts to work hand in hand with a transactional team right from the start to identify anything that might be a CFIUS issue down the line. They will help examine companies' products and technology as well as the foreign players involved in those companies. Trade policy counsel can also sensitize transactional teams to potential CFIUS triggers. If a foreign enemy got hold of that dual-use chemical product/rocket-fuel ingredient, for instance, could it threaten our food supply or enable the foreign power to make weapons for use against the U.S. or its allies?

Get creative with your deal structuring. You are not allowed to evade CFIUS, but that does not mean you cannot structure intelligently. This might include mitigating foreign investors' involvement ahead of time as well as provisional "what-ifs" that help pre-empt and guard against CFIUS issues should anything occur down the line. In one aviation-related transaction, for example, the deal went through with a delayed transfer of certain components (to be dealt with after CFIUS approval was given or rejected).

Despite the current confusion, these principles and practices simply have to become routine, just as with pre-merger filings and the Hart-Scott-Rodino Antitrust Improvements Act of 1976. If private equity firms take the time to educate themselves on these issues, they will reduce transactional completion risk, as well as potentially expand the universe of buyers able to bid on their assets (or, conversely, avoid bidding for a company that they cannot buy due to CFIUS limitations).

Expanding that universe of buyers is exactly what ended up happening in the chemical distribution company's sale. Once they sorted out the Canadian bidder's CFIUS issues, the buyer could participate; as a result, the bid increased from the initial $360 million to $422 million during the course of the auction.

This may only be one example. But it does demonstrate just how much preparation, education and due diligence around CFIUS can really pay off.

President Trump’s Executive Order No. 13884 significantly expanded U.S. economic sanctions against the Government of Venezuela.

The EO took effect Aug. 5, and authorizes two types of sanctions: primary sanctions and secondary sanctions. Primary sanctions apply to transactions with a nexus to the U.S., such as those involving U.S. entities, goods, or services.

Secondary sanctions can target a person or company involved in a Venezuelan transaction even if there is no U.S. nexus. The imposition of secondary sanctions can block an entity from doing business in the U.S. and can even affect its ability to transact abroad.

Primary Sanctions

All property and interests in property of the government of Venezuela are now fully blocked. The EO provides that no “United States Person” can have any dealings, unless otherwise exempted, with the government of Venezuela. A “United States Person” is a U.S. citizen, permanent resident alien, entity organized under the laws of the U.S. or any jurisdiction within the U.S. (including foreign branches), or any person located in the U.S.

The “Government of Venezuela” is defined to include any political subdivision, agency, or instrumentality of the government of Venezuela, including the Central Bank of Venezuela and Petroleos de Venezuela, S.A. (PdVSA). It also includes any entity owned or controlled, directly or indirectly, by the Venezuelan government or any person who has acted or purported to act directly or indirectly on the government’s behalf. This includes members of the Maduro regime.

While this definition of the government of Venezuela does not include all private persons and companies within Venezuela, it may implicate commercial business in Venezuela that either have some government ownership, government control, or are directly or indirectly acting on the Venezuelan’s government’s behalf.

This means that those doing business in Venezuela must vet their business partners carefully to identify any government ownership or other government nexus. 

Secondary Sanctions

The EO allows the U.S. government to block all the property of any individual or company worldwide if it is found to have materially assisted, sponsored, or provided support to the government of Venezuela or any party listed under the EO as a specially designated nationals and blocked person (SDN). This sanctioned activity is deemed to include the provision of goods and services or other financial, material, or technological support.

These secondary sanctions now place any person or company anywhere in the world in jeopardy of being locked out of the U.S. economy if they facilitate or provide support to the government of Venezuela as defined above. Some potentially affected actors might include insurance companies, brokers, freight forwarders, distributors, sales agents, service providers, or financial institutions.

Accordingly, any company doing business in Venezuela needs to understand how these new requirements will affect its business. It will likely have to choose carefully if it can do business with Venezuela or possibly risk losing the ability to do business in the U.S. This is a major decision and must be analyzed correctly so that the company itself is not targeted by the U.S. for a violation of the secondary sanctions, and added to the SDN List.

Note that there are exemptions related to food, clothing, and medicine. In addition, OFAC has authorized general licenses for personal remittances, international organizations, receipt and transmission of telecommunications and mail and packages, services, software or technology incident to exchange of certain communications over the Internet and humanitarian projects, democracy building, educations and environmental protection in Venezuela. 

Proceed With Caution

Before your company proceeds with a Venezuela-related transaction, you should ensure it:

  1. Conducts due diligence inquiries, such as screening and background checks, regarding all parties to the transaction to insure that no party to a proposed transaction could arguably fall within the definition of “Government of Venezuela” as defined above.
  2. Keeps complete written records for five years of your due diligence inquiries and applicable general license exemptions.
  3. Maintains a memo for five years explaining why you have concluded the transaction does not involve a party that could arguably fall within the definition of “Government of Venezuela” as defined above.
  4. Ensures that you notify your financial institution as to why the proposed transaction does not violate U.S. sanctions so that it won’t be rejected. 
  5. Reviews the U.S. Export Administration Regulations (EAR) for additional restrictions on U.S. and non-U.S. persons exporting or re-exporting items subject to U.S. export control jurisdiction to Venezuela.
  6. Notifies OFAC within 10 business days if your company blocks or rejects a transaction due to any sanctions program, including Venezuela. Failure to file with OFAC a required report may itself constitute a violation.

U.S. regulators are making one thing crystal clear to companies—or at least to companies that are paying attention: There are no longer any excuses for not having an effective and comprehensive compliance policy and program.

The government’s stance is sweeping, and it showed up in three recent moves. All of them signal how important it is for companies to adopt and implement broad policies and programs that are detailed and comprehensive enough to incorporate compliance with:

  • U.S. antitrust laws
  • Department of Treasury Office of Foreign Assets Control (OFAC) sanctions policies
  • the U.S. Foreign Corrupt Practices Act (FCPA)


(subscription required to access article)

The Office of Foreign Assets Control (OFAC) introduced an interim rule that expands mandatory reporting requirements for all U.S. persons. The rule requires all U.S. persons to file reports with OFAC when a transaction is rejected because the transaction would have resulted in an OFAC violation. The interim rule will remain in effect until OFAC considers the comments received and issues a final rule.

The reporting requirement expands OFAC’s jurisdiction in two key ways.

First, proactive reporting requirements are extended to U.S. persons selling goods and services. Second, the reporting requirement applies to all rejected transactions based on sanctions compliance, not just incidents of rejected fund transfers.

U.S. regulators are making one thing crystal clear to companies–or at least to companies that are paying attention: There are no longer any excuses for not having an effective and comprehensive compliance policy and program.

The government’s stance is sweeping, and it showed up in three recent moves. All of them signal how important it is for companies to adopt and implement broad policies and programs that are detailed and comprehensive enough to incorporate compliance with:

  • U.S. antitrust laws
  • Department of Treasury Office of Foreign Assets Control (OFAC) sanctions policies
  • The U.S. Foreign Corrupt Practices Act (FCPA)

While some companies, particularly those in more regulated industries, have taken notice, too many simply have not. Whether it’s a large financial institution accustomed to dealing with regulations, a small startup with a cloud-based platform, or an acquiring company or private equity fund conducting due diligence on a target’s business, now is the time to identify and address any potential gaps.

DOJ and OFAC: The Incentivized Compliance Framework

Just a few months ago, the Assistant Attorney General of the Department of Justice’s Antitrust Division, Makan Delrahim, announced plans to incentivize compliance, noting that it will now be considered at the charging stage in criminal antitrust investigations.

The division also updated its manual to address evaluating compliance programs during charging and sentencing, as well as processes for recommending indictments, reaching plea agreements, and selecting monitors. Finally, the division published a guide explaining prosecutors’ evaluation of corporate compliance programs at the charging and sentencing stages.

Two months earlier, OFAC released guidance encouraging organizations subject to U.S. jurisdiction (as well as entities that conduct business with those subject to U.S. jurisdiction) to “employ a risk-based approach to sanctions compliance.”

Importantly, the OFAC guidance recommended that compliance programs be predicated on at least five essential components of compliance: management commitment, risk assessment, internal controls, testing and auditing, and training.

OFAC will consider favorably subjects with effective sanctions compliance programs at the time of an apparent violation and may mitigate a civil monetary penalty accordingly.

Subjects with an effective sanctions compliance program may also benefit from further mitigation of a penalty when the sanctions compliance program results in remedial steps being taken. Finally, OFAC may consider the existence of an effective program at the time of an apparent violation as a factor in its analysis as to whether a case is deemed “egregious.”

OFAC’s move came on the heels of the DOJ’s revised FCPA Corporate Enforcement Policy in March. If a criminal resolution is warranted for a company that has voluntarily self-disclosed misconduct, fully cooperated, and timely and appropriately remediated, it is presumed the company will not be prosecuted absent aggravating circumstances involving the nature of the offense or the offender.

If a company takes these steps, the DOJ generally will not require appointment of a monitor if a company has, at the time of resolution, implemented an effective compliance program, which is described here.

A month later, in April, the DOJ also issued updated guidance on evaluation of corporate compliance programs. The update provides a framework for prosecutors to decide whether, and to what extent, a company’s compliance program was effective at the time of the alleged offense, a charging decision, or a resolution, for purposes of deciding how to proceed with respect to resolution and any penalties.

Additionally and significantly–especially for companies that expect to buy, be sold to, or merge with another company–the DOJ now recognizes the potential benefits of corporate mergers and acquisitions. That’s particularly so when the acquirer has a robust compliance program and implements it for the merged or acquired entity.

That means that when a company uncovers misconduct by the target entity or its executives or employees through due diligence or through post-acquisition audits or compliance assessments, and voluntarily self-discloses the misconduct and takes other action consistent with the FCPA Corporate Enforcement Policy (including the timely implementation of an effective compliance program at the merged or acquired entity), there is a rebuttable presumption that the DOJ will decline to prosecute the company criminally.

Similarly, acquirers should closely evaluate the target’s OFAC- and antitrust-related compliance policies and programs, identify any gaps, and address them as quickly as possible post-closing to ensure added protection in the event of a regulatory inquiry or investigation.

What Should Your Company Know?

The actions listed above make plain that there are significant potential benefits for companies with robust and comprehensive compliance programs. And if one isn’t in place, the sooner such a program is developed and implemented, the better.

An effective program must incorporate internal controls, including written policies and procedures, to identify, interdict, escalate, report, and keep records pertaining to activity that may fall under applicable regulations and laws.

This will ensure that an organization outlines clear expectations, defines procedures and processes pertaining to OFAC compliance (including reporting and escalation chains), and minimizes overall risks.

Policies and procedures should be enforced, weaknesses should be identified (including through root cause analysis of any compliance breaches) and remediated, and internal and/or independent external audits should be conducted by subject matter experts.

Compliance programs should also include a comprehensive, independent, and objective testing or audit function to ensure that entities are aware of where and how their programs are performing. Programs also should be kept up to date in light of constantly changing regulatory and business environments.

Testing and auditing, whether conducted on a specific element of a compliance program or at the enterprise-wide level, are central tools to ensure the program is working as designed and to identify weaknesses and deficiencies.

At the same time, compliance training must deliver to all appropriate personnel, on a periodic basis (at least annually), a comprehensive landscape of the enforcement, regulatory, and legal environments. This should include all cumulative changes since the previous training session.

Written training materials as well as written records of the training agenda, training materials used, and attendance must be provided to the regulator to establish that recent and relevant training in fact was provided to an employee who may be drawn into a problematic transaction.

By following the above guidance and keeping a close eye on further moves in Washington, a company can ensure it has an effective program.

Both are important at a time when global conflicts surrounding trade and other matters, combined with a fluid political environment, have prompted regulators to take action on a variety of fronts when it comes to compliance.

Up until about a year ago, it was a challenge for in-house compliance officers and outside counsel to explain why having a comprehensive and effective compliance policy that covered antitrust, anti-bribery and anti-corruption, and trade was a must, regardless of a company’s size or industry. Not any more.

U.S. regulators have made it clear that having such policies and programs can save companies millions of dollars and potentially help avoid prosecution of some violations of applicable laws. The government’s move to formalize the importance of compliance programs showed up in three recent moves.

All of them signal how important it is for companies to adopt and implement broad policies and programs that are detailed and comprehensive enough to incorporate compliance with:

  • U.S. antitrust laws
  • Department of Treasury Office of Foreign Assets Control (OFAC) sanctions policies
  • The U.S. Foreign Corrupt Practices Act (FCPA)

If there is one takeaway from regulators’ recent moves, it is that having an effective and comprehensive compliance policy is not only a risk mitigation measure, but it also is a positive value proposition for most companies.

Whether it’s a large financial institution accustomed to dealing with regulations, a small startup with a cloud-based platform, or an acquiring company or private equity fund conducting due diligence on a target’s business, now is the time to identify and address any potential gaps.

The Incentivized Compliance Framework; What it Means for Your Company or Clients

Antitrust: Just a few months ago, Makan Delrahim, the assistant attorney general of the Department of Justice’s Antitrust Division, announced plans to incentivize compliance, noting that it now will be considered at the charging stage in criminal antitrust investigations.

The antitrust division also updated its manual to address evaluating compliance programs during charging and sentencing as well as processes for recommending indictments, reaching plea agreements, and selecting monitors. Finally, the division published a guide explaining prosecutors’ evaluation of corporate compliance programs at the charging and sentencing stages.

The guide, “Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations,” lists nine factors prosecutors should consider when evaluating the efficacy of an antitrust compliance program, including but not limited to program design and comprehensiveness, culture of compliance within the company, compliance training, monitoring and auditing techniques, reporting mechanisms, and remediation methods.

To help evaluate these factors, the guide also sets out nearly 150 issues prosecutors will explore throughout the antitrust investigation in order to judge a compliance program.

Trade and Sanctions: Two months earlier, OFAC released guidance encouraging organizations subject to U.S. jurisdiction (as well as entities that conduct business with those subject to U.S. jurisdiction) to “employ a risk-based approach to sanctions compliance.”

Importantly, the OFAC guidance recommended that compliance programs be predicated on at least five essential components of compliance: management commitment, risk assessment, internal controls, testing and auditing, and training.

OFAC will give favorable consideration to subjects with effective sanctions compliance programs at the time of an apparent violation and accordingly may mitigate a civil monetary penalty.

Subjects with an effective sanctions compliance program may also benefit from further mitigation of a penalty when the sanctions compliance program results in taking remedial steps. Finally, OFAC may consider the existence of an effective program at the time of an apparent violation as a factor in its analysis as to whether a case is deemed “egregious.”

Anti-Bribery and Anti-Corruption: In March, the DOJ issued a revised FCPA Corporate Enforcement Policy. If a criminal resolution is warranted for a company that has voluntarily self-disclosed misconduct, fully cooperated, and timely and appropriately remediated, it is presumed the company will not be prosecuted, absent aggravating circumstances involving the nature of the offense or the offender.

If a company takes these steps, the DOJ generally will not require appointment of a monitor if a company has, at the time of resolution, implemented an effective compliance program, which is described here.

Earlier this year, the DOJ also issued updated guidance on evaluation of corporate compliance programs. The update provides, for purposes of deciding how to proceed with respect to resolution and any penalties, a framework for prosecutors to decide whether and to what extent a company’s compliance program was effective at the time of the alleged offense, a charging decision, or a resolution.

Additionally, the DOJ now recognizes the potential benefits of corporate mergers and acquisitions, particularly when the acquirer has a robust compliance program and implements it for the merged or acquired entity.

Recommendations for Ensuring Compliance, Mitigating Risk

The actions listed above make plain that there are significant potential benefits for companies with robust and comprehensive compliance programs. And if one isn’t in place, the sooner such a program is developed and implemented, the better.

An effective program must incorporate internal controls, including written policies and procedures, to identify, interdict, escalate, report, and keep records pertaining to activity that may fall under applicable regulations and laws.

Compliance programs should also include a comprehensive, independent, and objective testing or audit function to ensure that entities are aware of where and how their programs are performing. Programs also should be kept up to date in light of constantly changing regulatory and business environments.

At the same time, compliance training must be delivered to all appropriate personnel on a periodic basis (at least annually). Written training materials as well as written records of the training agenda, training materials used, and attendance must be provided to the regulator to establish that recent and relevant training in fact was provided to an employee who may be drawn into a problematic transaction.

The importance of post-deal in addition to pre-deal due diligence cannot be stressed enough. When a company uncovers or suspects misconduct by the target entity, its executives, or employees as part of pre-deal due diligence, there must be a follow-on assessment after closing.

Post-acquisition audits or compliance assessments may lead to voluntary self-disclosures of misconduct. To obtain a declination of criminal prosecution, an acquirer must then take action consistent with the FCPA Corporate Enforcement Policy (including the timely implementation of an effective compliance program at the merged or acquired entity).

Taking into account potential successor liability, acquirers also should evaluate the target’s compliance policies and programs, identify any gaps, and address them as quickly as possible after closing to ensure added protection in the event of a regulatory inquiry or investigation.

Now, more than ever, companies must take preventative measures to ensure compliance, mitigate risk, and provide some cover for potential violations. As the saying goes, one can be penny wise and pound foolish.

This column does not necessarily reflect the opinion of The Bureau of National Affairs, Inc. or its owners.

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has been active in exerting control over digital assets. So what can cyber currency users, hosts and financial institutions do to stay on the right side of the law?

The recent 2019 Congressional hearings and regulatory scrutiny on cryptocurrency highlighted the provocative nature of the innovation. And, while federal authorities from the Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) continue to test competing theories over whether this technological medium is a security or a medium, other agencies are pressing ahead with traditional applications of longstanding law.

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has been active in exerting control over these digital assets and has taken some noteworthy action. OFAC administers approximately 30 unique economic and trade sanctions programs in order to keep funds and resources away from terrorists, drug traffickers, oppressive government regimes and other entities that are involved in activities that the U.S. views as a threat. 

For example, OFAC responded to the issuance of Venezuela’s state-sponsored digital coin, the petro, as well as the public’s growing concern as to how OFAC would treat digital currency by publishing a number of “FAQs” on its website. In its FAQs, OFAC assures the public that sanctions obligations are the same, regardless whether a transaction is completed in traditional or digital currency.

Companies in the digital currency industry have also been hearing privately from OFAC about transactions that potentially violate sanctions. In its FAQs, OFAC has specifically reminded digital currency platforms that “persons that provide financial, material, or technological support for or to a designated person may be designated by OFAC under the relevant sanctions authority.” This means that cryptocurrency platforms under OFAC jurisdiction are prohibited from allowing OFAC restricted parties use of the platform or the currency. Adding to the complexity is that OFAC sanctions apply not only to the directly listed party, but also to any parties owned or controlled by an SDN.

What can cyber currency users, hosts and financial institutions do to stay on the right side of the law?

Understand whether OFAC rules apply to your company. OFAC employs long arm jurisdiction over many entities that are not directly based in the U.S., and those that have U.S. ownership or control, transact in U.S. goods or U.S. currencies, or even those who cause U.S. persons to violate OFAC rules. 

Improve internal compliance. OFAC specifically recommends that parties involved with cryptocurrencies “develop a tailored, risk-based compliance program, which generally should include sanctions list screening and other appropriate measures.” Companies should have internal cross-department trainings that discuss the new OFAC programs and the risks. 

Report to OFAC when a transaction is blocked or rejected as OFAC’s new reporting requirement has also implemented a new rule requiring U.S. persons to file reports. 

OFAC has made it clear that it is, and will continue to prioritize the regulation of cryptocurrencies. In late 2018, for the first time OFAC added two Bitcoin addresses to the Special Designated Nationals (SDN) list, a list of entities with whom no U.S. parties may transact. The addresses were associated with Iranian nationals who were sanctioned for ransomware cyberattacks. In August 2019, OFAC added two additional bitcoin addresses to the SDN list, this time the addresses were associated with Chinese drug traffickers.

In 2019 alone, OFAC issued more than $1 billion in fines. Those fines ranged from anywhere from about $13,000 to over $650 million. Being listed on OFAC’s SDN list will immediately cut a company off from all U.S. businesses, and from most of the world’s banking industry. So, as we continue to learn just how the regulation of digital currency will play out, ensure that your company knows what rules apply and has a plan to play within the lines.

Reprinted with permission from the February 19, 2020, edition of Legaltech News.

© 2020 ALM Media Properties, LLC. All rights reserved.

Further duplication without permission is prohibited. ALMReprints.com – 877.257.3382 - [email protected].

While CFIUS can’t stop a U.S. company from relocating overseas just because the committee decides that some dating data is a national security risk, companies should be aware of CFIUS’ powers so they don’t get caught having a classic Gavin Belson meltdown at the 11th hour.

In the final season of HBO’s tech-focused comedy series, “Silicon Valley,” the show brought to light a little-known but long-standing government committee with the ability to control, and even block, foreign investment in the United States.

In Season 6, fictional mega-corporation Hooli’s CEO, Gavin Belson, suffers major disappointment when he finds out the U.S. government is blocking his latest Hail Mary cost-cutting scheme. In the show, Belson goes on a tirade when a mysterious committee called the Committee on Foreign Investment in the United States, or CFIUS, puts the quash on his plans to move the company to the country of Georgia due to national security concerns based on a U.S. general’s use of a Hooli app that helps U.S. military personnel find illicit romantic encounters abroad. Is this for real? Can CFIUS really stop U.S. companies from activities like relocating?

Spoiler alert: not exactly. While the government can stop you from sending technology overseas (that’s a story for another article), CFIUS can’t stop a U.S. company from relocating overseas just because the committee decides that some dating data is a national security risk. But CFIUS does have the power to affect other major business decisions. And companies should be aware of CFIUS’ powers so they don’t get caught having a classic Gavin Belson meltdown at the 11th hour.

The breakup of the $245 million Grindr acquisition mentioned in the show was very real, and CFIUS’ scrutiny of tech industry deals continues. CFIUS recently launched an investigation into ByteDance’s $1 billion acquisition of Musical.ly, the company under which the social media app TikTok was held. In both the Grindr and the TikTok cases, CFIUS’ concern revolves around the personal data of U.S. citizens, and in the case of TikTok specifically, alarms have also been raised over potential censorship activities. CFIUS’ power over these investment deals is so great that ByteDance is now trying to separate TikTok operations from the rest of its organization in an attempt to avoid CFIUS’ unwinding of the entire deal.

If Silicon Valley got it so wrong, how does CFIUS work?

CFIUS is an interagency committee that the President has authorized to review transactions that result in foreign ownership or control of U.S. companies. For example, CFIUS might review a French company’s acquisition of a U.S. corporation, an investment by a VC fund with Turkish investors in a San Francisco startup, or the merger of U.S. companies in which a Chinese national is given a controlling seat on the board of directors. CFIUS’ job is to determine whether these foreign investments or controlling positions present a risk to U.S. national security.

Determining what a national security concern might be is really an exercise in imagination. National security is so broad that it could include any number of businesses or activities, from technology that upholds U.S. military superiority or critical infrastructure to food supply or the security of U.S. citizens’ personal data. Or it could include a target company that provides important services to the U.S. government; has developed high-level AI or encryption technology; holds tons of U.S. citizens’ personal, financial, or health data; or controls the majority of a critical industrial sector like energy or transportation.

If we allow ourselves free rein to imagine worst-case scenarios with a foreign bad actor using control of these assets against the United States, the factors that might affect national security are really too numerous to even try to list. Thus, as it reviews proposed or completed transactions, CFIUS has the broad power to determine in real time what is and what is not a national security risk.

If CFIUS does decide that a deal creates such a risk, it can either impose conditions to alleviate those risks or it can block the transaction altogether. Worse, if CFIUS decides to review a deal that was already completed, it can force the foreign party out or unwind the entire transaction.

This is a huge risk for companies and people who are spending millions on investments. On the other hand, if CFIUS finds there is no national security risk, it will “clear” the deal, giving it a stamp of approval sometimes referred to as a “safe harbor.” To avoid risk, many parties will go to CFIUS beforehand to secure that stamp of approval and avoid the risk of a surprise unwinding.

If this system wasn’t complicated enough, CFIUS’ jurisdiction has recently been expanded to cover more transactions and foreign investments. And for the first time, there are now mandatory CFIUS filings for certain industries. This mandatory filing program is expected to expand even further in coming months.

Should you be worried about CFIUS?

In short, yes, you should be worried about CFIUS. CFIUS can prevent acquisitions and funding. It could theoretically crush your business dreams, as it did to Gavin Belson in “Silicon Valley.” But there are things that you can do to limit the chances that you are caught off guard:

  • Know with whom you are considering doing business. Vet your investors and buyers. Where are they from and who owns them? Can you imagine a worst-case scenario national security problem?
  • Do the foreign countries related to the deal have good relationships with the United States?
  • Consider whether your industry carries national security concerns. Do you hold or acquire personal data or financial information? Are you the sole source of an important national resource? Do you control information or critical U.S. infrastructure? Do you provide critical services such as health care? Do you have government contacts or provide the government with goods or services? These are just a few questions to think about.
  • Consider whether there is any way to separate the sensitive aspect of your business or organization.
  • Follow the trends in CFIUS activity, and be cognizant of the limitations that CFIUS may present.

While “Silicon Valley” did get quite a bit wrong, the show (perhaps inadvertently) did present one scenario where CFIUS may have realistically intervened–fictional company Pied Piper’s offer to buy Hooli’s problematic military app and subsequent acquisition of the entire company. At the time of the offer and acquisition, Pied Piper was itself partially owned by a foreign entity, a Chilean investor with an ignoble vision for the company and the data that it receives. That foreign ownership would make Pied Piper’s investment in Hooli subject to CFIUS oversight.

Here is where the show’s use of CFIUS careens out of reality and into a fictional deus ex machina. Pied Piper’s grandiose master plan was really that if it bought a company with a national security problem, CFIUS would kick out its villainous Chilean investor, turning Pied Piper back into the ethical company that it always claimed to be. But this isn’t how CFIUS works. If CFIUS did consider the investment to be a problem, it would simply have blocked Pied Piper from buying Hooli in the first place (or forced the completed transaction to be wholly unwound). In the real world, if CFIUS didn’t like the Chilean investor, the company itself would have had to orchestrate the removal of the investor as part of an approved mitigation plan. Only then would CFIUS allow the deal.

So while we can only speculate as to whether Pied Piper smartly submitted a CFIUS filing before completing its newest acquisition, the one thing we know for sure is that both Pied Piper and Hooli could have used better CFIUS lawyers.

Reprinted with permission from the March 5, 2020, edition of Legaltech News.

© 2020 ALM Media Properties, LLC. All rights reserved.

Further duplication without permission is prohibited. ALMReprints.com – 877.257.3382 - [email protected].

Over the past few years, U.S. regulators have made it clear that having comprehensive and effective compliance policies covering trade is a must, regardless of the company size, location or industry. The government’s move to formalize the importance of compliance programs is a clear signal of what it expects and a harbinger of what is to come.

Why Is Trade Compliance Important Regardless of the Company’s Location?

Trade compliance should be the goal of every global company, in particular as a risk mitigation measure and a positive value proposition. A compliance program serves as a security blanket for large financial institutions accustomed to dealing with regulations, small startups with a cloud-based platform, and even companies with no physical presence in the United States. A trade compliance program lays the groundwork for international companies on how to conduct business in or with the United States.

With changing industry regulations, it is critical to keep up to date and have a compliance program that is effective. Failure to have a strong compliance program could result in increased legal exposure, potentially leading to fines and penalties as well as negative publicity associated with an enforcement action. Maintaining an effective trade compliance program could help companies mitigate penalties for potential violations, and is ultimately cost-effective. For example, last year, the U.S. government imposed $1.3 billion in penalties on cargo firms, penalties that could have been mitigated with robust compliance programs.

Avoiding U.S. Sanctions

Engaging in the complex global supply chain may be a financial win, but it requires formalized diligence procedures to ensure your company does not run afoul of the law. The Department of Treasury’s Office of Foreign Assets Control (OFAC) has released guidance encouraging organizations to employ a risk-based approach to sanctions compliance and focus on five essential components: senior management commitment, risk assessments, internal controls, testing and auditing, and training. To incentivize companies to engage in international transactions, OFAC also provides that in the case of a violation, it will give favorable consideration to companies with effective sanctions compliance programs and that the existence of such a program may mitigate a civil monetary penalty.

OFAC is not just issuing guidance, it is increasing its enforcement efforts involving both U.S. and foreign entities. It continues to designate more non-U.S. entities that have helped evade U.S. sanctions. For example, several Chinese shipping companies were found to have violated North Korean sanctions, and as a result, were blocked from doing business in the U.S. or with U.S. parties. In January 2020, Eagle Shipping, a Marshall Islands ship management company with headquarters in Stamford, Connecticut, agreed to pay $1,125,000 to settle its potential civil liability for 36 apparent violations of the Burmese Sanctions Regulations. The violations involved Eagle Shipping’s affiliate in Singapore entering into a chartering agreement with Myawaddy—an entity identified on OFAC’s List of Specially Designated Nationals and Blocked Persons. Eagle filed an application with OFAC requesting a license authorizing it to carry sand cargoes purchased from Myawaddy but continued its dealings while the OFAC application was pending. OFAC ultimately denied the license, but Eagle resumed its dealings with Myawaddy, carrying cargo from Burma to Singapore.

Among the aggravating factors, OFAC considered Eagle’s status as a sophisticated shipping company, which should have had expertise in international trade and global shipping transactions. Among the mitigating factors, OFAC considered Eagle’s efforts to develop and implement a formal sanctions compliance program with specific policies and procedures for compliance screening, transaction checklists, and red-flag identification tools.

Compliance Under Commercial Export Laws

The U.S. Department of Commerce’s Bureau of Industry and Security (BIS), which administers U.S. commercial export control regulations, also has published comprehensive guidance for companies working to develop or shore up compliance materials. In its guidance, BIS identified the following elements as foundational in creating an effective Export Compliance Program (ECP): management commitment, completing regular risk assessments, obtaining proper export authorization, record-keeping, training, compliance audits, addressing export violations and taking corrective actions, and maintaining your ECP. Like OFAC, BIS emphasizes the importance of tailoring your ECP to your organization and business based on size, volume of exports, geographic location, and other relevant factors. Companies that fail to comply with regulations that govern export controls have experienced significant penalties.

The U.S. export control laws govern not only U.S. companies, but also certain export activities of foreign companies dealing with the export of certain products, technology, or services from the United States to a foreign country. For example, most recently, BIS imposed substantial export and reexport restrictions on Huawei, a Chinese company, and its 68 non-U.S. affiliates in connection with Huawei’s violations of U.S. export laws specific to the Iranian Transactions and Sanctions Regulations. As part of that action, BIS restricted any export, re-export, or transfer of U.S.-origin technology, commodity, or software to Huawei and its entities without an export license.

This enforcement action ultimately impacted both the U.S. and non-U.S. businesses, including big and small tech companies, suppliers, importers, shippers, and financial institutions. Separately, in 2017, the U.S. government imposed a $1.2 billion criminal fine against ZTE, a Chinese telecom equipment company, for shipping U.S.-origin telecommunications equipment to Iran and North Korea. These two cases have affected how U.S. and foreign companies view their compliance programs; they also have incentivized the development and implementation of more robust compliance programs, including vetting procedures and sanctions checks that ensure adherence to the U.S. export control regulations.

Recommended Steps for Ensuring Compliance and Mitigating Risk

  • The benefits of having a compliance program in place when a mistake happens are significant. When creating your tailored trade compliance policies and procedures, remember the following:
  • Compliance programs should include a comprehensive, independent, and objective testing or audit function to ensure that your business is aware of how its programs are performing.
  • Programs should be updated regularly in light of constantly changing regulatory and business environments.
  • Ensure that your compliance program has comprehensive coverage to track all parties involved in import and export transactions.
  • Even products that seem harmless can be used in ways that companies do not intend. As an organization, you are responsible for knowing how your products will be used and for avoiding government-prohibited end uses.
  • Watch for red flags on BIS’s published list.
  • Watch for “deemed” exports, which are released in the United States of technology or source code to a foreign person. Such a release is deemed to be an export to the foreign person’s most recent country of citizenship or permanent residency, which may require a license or even be prohibited.

Now more than ever, government offices and agencies are providing the industry with guidance on how best to comply with trade regulations. However, this also means that companies can no longer claim ignorance of trade regulations. Today, companies participating in the global marketplace must take proactive preventive measures to ensure compliance, mitigate risk, and minimize potential penalties.

Reprinted with permission from the March 24, 2020, issue of Global Trade. © 2020 Global Trade. All Rights Reserved. Further duplication without permission is prohibited.

The coronavirus pandemic has affected international trade in a number of ways, from supply chain disruptions, calls to reduce tariffs on U.S. imports, pressure to relax economic sanctions to stem the spread of the virus and increased scrutiny of foreign investments.

To best position themselves during this time, companies need to focus on adapting supply chain vulnerabilities, examining and leveraging tariff modifications, scrutinizing export controls and sanctions, and maintaining awareness of the jurisdiction of the Committee on Foreign Investments in the United States.

Address supply chain vulnerabilities.

Between labor shortages, border restrictions and government bans on exports in efforts to secure domestic supplies, the coronavirus is reshaping global trade, with important implications for companies, including on their supply chain.

Companies should creatively consider alternative production and assembly sites, as well as suppliers (reviewing and renegotiating supplier contracts, if necessary) to be sufficiently agile to adapt to these tumultuous times.

Assess applicability of tariffs.

In the context of tariffs, the U.S. Trade Representative has excluded critical items relating to the pandemic from the China Section 301 tariffs. While excluding tariffs necessary to fight the pandemic provides some benefits, the USTR could consider removing duties on items that would help buoy the economy and help the American people, such as products to maintain their homes, farms, animals and pets.

A group of U.S. senators recently urged President Donald Trump to use his authority over trade policy, including tariffs and sanctions to reduce some of the economic stress on the U.S. caused by the virus. The request specifically pointed to Section 301 tariff relief on health, safety, and medical devices and products, and the temporary deferral of duty collection.

The senators also petitioned for broader exclusions to ensure that industries affected by the pandemic can seek and obtain exclusions, even if previously denied, concluding with a request that the president consider a moratorium on new tariffs and tariff increases.

U.S. Customs and Border Protection recently rescinded a notice that it would provide temporary delays on for customs duties on a case by case basis. Subsequently, however, the government began considering suspending the collection of import tariffs for three months.

The removal, exclusion, exemption or deferral of import duties could significantly affect U.S. companies’ revenues. For some companies, this will keep them afloat, avoiding layoffs and closings. For other companies, the cash flow will boost profit and improve quarterly earnings reports which will in turn help Wall Street when earnings are released. These earnings in the retail sector could limit the downward spiral in the market.  

The duties are significant and are paid directly by U.S. importers and U.S. consumers. The positive news will echo through the supply chain, particularly where the importer has no U.S. alternative supply.

Consider sanctions and export controls.

The pandemic is also affecting the export landscape, and companies should be aware of developments affecting trade sanctions, particularly if they are considering alternative supply chain options. As the virus spreads, the U.S. and other countries have been asked to relax economic sanctions to allow for the provision of medical and humanitarian support to sanctioned countries, including Iran and North Korea.

For now, however, sanctions against Iran and North Korea severely restrict U.S. companies’ activities involving those and other embargoed countries. Companies need to monitor any changes in the U.S. sanctions regime and be mindful of the restrictions so as to avoid potential severe financial and criminal penalties for any violations.

Importantly though, not all transactions and services involving sanctioned countries are prohibited. For instance, the U.S. Department of the Treasury’s Office of Foreign Assets Control has issued a general license that authorizes the export to Iran of certain medicines and medical devices. OFAC has also issued a general license authorizing emergency medical services to North Korea.

Specific licenses may be available upon approval from OFAC. Each license, however, includes restrictions on the items authorized, so each situation needs to be considered carefully.

Moreover, although there have been calls to relax sanctions for humanitarian purposes to support these countries’ efforts to slow the spread of the virus and treat infected people, OFAC has not taken any actions to relax existing export restrictions or licenses. Indeed there appears to be consideration for extending export controls on biotechnology items.

Keep CFIUS jurisdiction in mind.

Some companies may be in a position to make valuable investments during the market shifts caused by the pandemic. While doing so, it is important to maintain awareness of potential CFIUS jurisdiction.

Recent regulations, in effect since February, expand CFIUS jurisdiction beyond its previous remit to oversee transactions that led to foreign control of a U.S. company.

CFIUS' broader jurisdiction now includes direct or indirect noncontrolling investments in U.S. companies producing or developing critical technology, owning or operating critical infrastructure, or maintaining or collecting sensitive personal data of U.S. citizens. CFIUS assessments of transactions during the pandemic could focus on health care technology, biotechnology, or data related to those fields.

The rapidly shifting trade regime requires that companies relying on international supply chains and depending on imports or exports of products and services, or seeking to make new acquisitions or investments, keep abreast of the latest developments and work closely with trade counsel to lessen the impact of the coronavirus pandemic on these activities, while ensuring compliance with all applicable trade laws and regulations.

Reprinted with permission from the March 30, 2020, issue of Law360. © 2020 Portfolio Media, Inc. All Rights Reserved. Further duplication without permission is prohibited.

To see our other material related to the pandemic, please visit the Coronavirus/COVID-19: Facts, Insights & Resources page of our website by clicking here.

Importers wanting to take advantage of US Customs and Border Protection's (CBP) recently announced COVID-19-related duty deferral option should be cognizant of the makeup of their entry summaries.

Importantly, if an entry summary includes any products that are subject to the list of special duties - including those related to tariffs on imports from China and steel and aluminum - the entire entry is excluded from the deferral program and the importer cannot defer any of the duties owed on that entry. Since so many products are currently subject to Trump administration tariffs, this limitation prevents a huge portion of entries from China from benefiting from the duty deferral program.

CBP on Monday announced that importers of certain goods could defer for 90 days duties owed on products brought into the United States between March 13 and April 30. The deferral is meant to help importers cope with the economic effects of the COVID-19 pandemic.

WHAT IS CFIUS? The Committee on Foreign Investment in the United States (CFIUS) is a U.S. inter-agency committee that reviews “covered transactions” - foreign acquisitions of and investments in U.S. companies - for national security concerns. Upon review, CFIUS can block or unwind a transaction or require the parties to alter the transaction to mitigate any national security concerns. Thus, foreign companies seeking to acquire or invest in U.S. businesses need to be aware of the potential for a CFIUS review of their transactions and to plan for future CFIUS friendly structuring.

Historically, CFIUS maintained jurisdiction over transactions in which a foreign investor acquired a controlling interest in a U.S. business. Parties to such transactions could submit a “voluntary” notice for CFIUS review to obtain a “safe harbor” from future CFIUS intervention in the transaction if the Committee agreed that no national security concerns existed. While these notices have always been technically voluntary, not filing one leaves parties vulnerable to a CFIUS review at any time, even after a transaction has closed. This process still exists for investors to minimize risk and to obtain a “safe harbor.”

However, in February 2020, CFIUS jurisdiction expanded to require that investors file mandatory declarations (a shorter form filing than a notice) for certain covered transactions involving critical technologies or infrastructure or large amounts of sensitive personal data.  In addition, CFIUS jurisdiction expanded to include certain non-controlling investments, as well as real estate investments in close proximity to U.S. military installations, ports, and other locations sensitive for national security purposes.

WHAT HAPPENS IF THE PARTIES DO NOT MAKE THE CFIUS FILING? The consequences of not filing with CFIUS can be severe. CFIUS could require the parties to unwind a completed transaction or negotiate mitigation of the foreign national security concern. 

ARE THERE PENALTIES? CFIUS may impose financial penalties ranging between $250,000 and the value of the transaction for material misstatements or omissions, negligence, or failure to comply with the requirements.  The new requirements are still being finalized, but may go into effect shortly.

WHAT IS THE NEW MANDATORY DECLARATION? Investors generally must file a mandatory declaration when:

  • a foreign government will acquire a substantial direct or indirect investment in a U.S. business that produces, designs, tests, manufactures, fabricates, or develops critical technology, performs functions with respect to certain critical infrastructure, or maintains and collects significant amounts of sensitive personal data (known as a "TID business").
  • a private foreign investor makes an investment in a TID business that produces, designs, tests, manufactures, fabricates, or develops one or more Critical Technologies for use in certain industries and the  foreign investor also has access to:
    • any non-public material technical information;
    • membership, observer rights, or the right to nominate individuals to the board of directors; or involvement in substantive decision-making related to critical technologies, critical infrastructure, or sensitive personal data (in a TID business).

IS THERE A NEW EXCEPTION FOR FOREIGN INVESTORS? Maybe. CFIUS regulations include exceptions to the mandatory declaration requirements related to investments in TID businesses for investors from excepted countries (Australia, Canada, and the U.K.). To qualify as an excepted investor, the investor must be:

  • a foreign national of an excepted state;
  • a foreign government of an excepted state; or
  • an entity (organized under the laws of an excepted foreign state or the U.S.) with a principal place of business in either when:
    • Any foreign person with 10% or more voting interest is a national of an excepted state or organized under its laws with a principal place of business in an excepted state or the U.S.
    • 75% or more of both the board members and observers are either U.S. nationals or nationals of one or more excepted foreign states.

WHAT IF WE ARE GOING TO BE LIMITED PARTNERS? Foreign limited partners investing in a TID business through an investment fund may be exempt from a mandatory declaration if:

  • the General Partner will not be a foreign person;
  • the firm’s advisory board will have no control of investment decisions;
  • the foreign person(s) will have no ability to control the fund; and
  • the foreign person(s) will have no access to material, nonpublic technical information

Note that this is a narrow definition, and control is a very broad definition. If the foreign limited partners have negative rights, these rights may also be deemed as control.


As early as possible, learn the following information about the U.S. target company:

  • Is it involved in critical technology, critical infrastructure, or collect or maintain sensitive personal data (as defined in the CFIUS regulations)?
  • What are the export classifications for its products and technology?
  • Do any of its physical locations have geographic proximity to a U.S. Government facility, military base, airport, restricted airspace, or seaport?
  • Does it have any direct or indirect business with U.S. government agencies, including the military? Has there been any government funding or investment, or does it provide any products or services under or connected to a government contract? Are any of its research and development activities of special interest to any government or military?

FINALLY, WHAT DO I NEED TO KNOW ABOUT MY COMPANY? To address a CFIUS concern, you will not only need to know the details of your ownership structure and the nationalities of your investors, but also your individual beneficial owners.  In completing this analysis, you must pierce all corporate veils and identify if you have any government ownership.

Please let us know if we can answer any specific questions.

On May 14, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the Department of State, and the U.S. Coast Guard issued a Sanctions Advisory for the Maritime Industry, Energy and Metals Sectors, and Related Communities, reflecting increased scrutiny and enforcement attention by U.S. government agencies on curbing illicit shipping practices. Recognizing that 90% of global trade involves maritime transportation, OFAC has identified a number of ways in which bad actors exploit maritime trading. The interagency advisory provides a broader U.S. government perspective and complements earlier OFAC guidance, providing information regarding common deceptive shipping practices as well as compliance recommendations tailored to maritime shipping-related businesses; it also updates and expands on prior OFAC sanctions shipping advisories regarding North Korea, Iran, and Syria. As a whole, the advisory warns companies what compliance measures OFAC expects companies to implement to address this threat. In light of increased sanctions enforcement across the industry, the guidance also serves as a warning to companies that they should abide by applicable sanctions regulations.

Who is this guidance for? The guidance is specifically addressed to entities engaged in the maritime industry as well as the energy and metals sectors. The deceptive shipping practices discussed create significant sanctions risks for companies and individuals working in those sectors.

The advisory offers compliance recommendations to mitigate this sanctions risk, with guidance tailored to a variety of functions operating in these sectors, including maritime insurance companies; flag registry managers; port state control authorities; regional and global commodity trading, supplier, and brokering companies; shipping industry associations; financial institutions; ship owners, operators, and charterers; classification societies; crewing companies; and vessel captains.

Deceptive Practices

What are deceptive shipping practices? The advisory identifies several tactics used by illicit actors to evade sanctions, facilitate smuggling and terrorist activities, and engage in the proliferation of weapons of mass destruction. Those tactics frequently consist of disabling or manipulating the Automatic Identification System (AIS) on vessels; physically altering vessel identifiers; falsifying cargo and vessel documents; making ship-to-ship transfers (STS) (especially at night or in high-risk areas); voyage irregularities (e.g., indirect routing, unscheduled detours, transit/transshipment through third countries); using false flags and flag hopping (frequently changing flag states); and adopting corporate structures that disguise beneficial ownership.

How are these practices used to evade sanctions? North Korea, Iran, and Syria use deceptive shipping practices in different ways to facilitate the illicit export and import of goods and to finance terrorist organizations. For example, North Korea uses deceptive shipping practices to facilitate export of its embargoed products as well as prohibited imports, including illicit STS transfers and barges that do not transmit AIS signals, to transport goods to China. Iran maintains a global network that uses deceptive shipping techniques to facilitate illicit transactions, particularly in the petroleum shipping industry. To evade U.S. sanctions, actors, including Iran’s Islamic Revolutionary Guard Corps Quds Force (IRGC-QF), alter documents to obfuscate origin, destination, and recipient information related to oil shipments. Payment derived from illicit oil shipments is used to finance Hezbollah and IRGC-QF. Iran and Russia have used deceptive shipping techniques to provide the Syrian regime with goods in violation of sanctions.

Recent Actions

The advisory to the maritime shipping community is one of a number of recent actions this year indicating increased OFAC focus on sanctions evasion in the shipping industry. On June 8, 2020, sanctions designations targeting two Iranian shipping companies went into effect. In December 2019, the U.S. government designated the Islamic Republic of Iran Shipping Lines (IRISL) and its subsidiary, E-Sail Shipping Company, Ltd, but postponed the effective date for six months to allow companies legally doing business with Iran for humanitarian purposes to find alternative shipping companies. According to the Department of State IRISL facilitated the transport of items related to Iran’s ballistic missile and military programs.

On June 2, 2020, OFAC designated four companies involved in shipping Iranian oil to Venezuela in violation of U.S. sanctions. OFAC’s action blocked any property or assets the companies might have in the United States and restricted them from any business transactions with U.S. companies or persons, including others involved in the shipping industry. These designations follow a May 28, 2020, action involving two Greek-owned, Liberian-flagged vessels. Those ships changed direction away from Venezuela after being informed they faced sanctions if they continued toward their destination. According to news reports, U.S. officials stated that if the vessels had continued, their owners would have been denied access to insurance and international banking systems, effectively putting them out of business.

Earlier this year, Eagle Shipping negotiated a settlement with OFAC over several apparent sanctions violations involving transport of sea sand from Burma to Singapore. Eagle Shipping ultimately agreed to pay $1.125 million to settle its potential civil liability for the violations. One of the mitigating factors OFAC considered in this case was that Eagle Shipping significantly enhanced its compliance program to include appointing a compliance officer and a formal sanctions compliance program with procedures for screening parties, employee training, transaction checklists, and red-flag identification tools.

The Eagle Shipping settlement and the later actions targeting the ships bound for Venezuela reflect increasing OFAC sanctions enforcement against maritime shipping and related businesses as well as the severe consequences of violations. These cases also illustrate the importance of establishing an effective sanctions compliance program to mitigate risk.

Minimizing Risk

Recommendations to minimize risk. The OFAC advisory provides tailored guidance relevant to certain businesses associated with maritime shipping. It also offers several general practices to help identify these deceptive practices and minimize risk of sanctions violations. For instance, actors in the maritime shipping industry should institutionalize sanctions compliance programs. These programs need to include sufficient due diligence and demonstrate that the company knows its customers and counterparties (including documenting identifying information on beneficial owners).

The guidance also urges everyone involved in maritime shipping to establish common best practices, such as developing requirements to minimize opportunities to manipulate or disrupt AIS data. This might include researching a ship’s history to identify previous AIS manipulation or instances where AIS was disabled while cargo was in transit. OFAC further recommends these practices be incorporated into contractual requirements where possible.

OFAC recommends continuous monitoring of ships throughout their life cycle, including periodic identification and tracking as well as verification of ships’ identifying information and flags. Owners and companies working in the industry should disseminate information wherever possible regarding suspected deceptive tactics in order to raise awareness among their colleagues.

Exporters and others involved in the maritime supply chain also need to conduct adequate due diligence to ensure that recipients of counterparties are not dealing in sanctioned commodities. This due diligence should include a review of the voyage details, confirmation of applicable export licenses, and verification of origin and recipient of goods.

Notably, while these recommendations emphasize increased due diligence, they go further by encouraging the industry to work together to develop consistent standards and share information to develop enhanced awareness and more-effective mitigation techniques. While OFAC is not prescribing companies adopt all of these recommendations, and encourages companies to engage a risk-based approach to sanctions, in the event of a violation, OFAC likely will consider the extent to which a company incorporated these recommendations when it conducts its penalty assessment.

The issuance of the advisory combined with the recent enforcement actions reflect OFAC and the U.S. government’s growing focus on the use of maritime shipping to evade sanctions and could be interpreted as a shot across the industry’s bow. While all companies have varying capabilities unique to their business and limited resources to apply to compliance, entities working in maritime shipping should pay close attention and where possible consider adopting the recommendations in the advisory. In the event of an inadvertent violation, OFAC considers a company’s compliance procedures as a possible mitigating factor–addressing the recommendations in the latest advisory could go a long way toward minimizing a company’s risk and ultimate liability.

Reprinted with permission from the June 9, 2020, issue of the American Journal of Transportation. © 2020 American Journal of Transportation. All Rights Reserved. Further duplication without permission is prohibited.

The U.S. Department of Defense (DOD) is offering to match U.S. companies with investors through its new Trusted Capital Program. The impetus for the program is to counter what the DOD characterizes as “adversarial capital”: foreign investment in U.S. companies through which foreign governments seek to acquire sensitive U.S. technology or data. The recent outbreak of COVID-19 has increased the Pentagon’s interest in the program, as it recognizes both (i) that in particular small companies and startups face significant uncertainty as to whether their funding streams will continue, and (ii) that foreign governments, through foreign companies, could take advantage of the uncertainty to obtain sought-after technology or intellectual property.

Traditionally, the U.S. government has relied on the Committee for Foreign Investment in the United States (CFIUS) to identify and mitigate foreign acquisitions or investments that threaten U.S. national security or, if necessary, require the purchaser to divest from the U.S. company. CFIUS, however, imposes significant burdens on companies and investors. Specifically, the legal analysis and due diligence necessary to determine whether CFIUS has jurisdiction over a transaction impose high costs on the parties in terms of time and money. Additionally, where CFIUS does have jurisdiction, parties may need to spend further time and expenses to file notices or declarations with CFIUS. Recently imposed filing fees for certain transactions can reach up to $750,000.

What Is the Trusted Capital Program? Established in May 2019 pursuant to the 2018 National Defense Authorization Act, and hosting its first event in November 2019, the Trusted Capital Program seeks to serve as a proactive complement to CFIUS by matching prescreened investors with companies working on technology or products of national security interest. While receiving some criticism as a necessary but insufficient solution to the U.S. government’s efforts to foster innovation in critical technologies and protect them from foreign exploitation, the program does provide a beneficial investment environment for companies and capital providers.

The program provides a secure ecosystem of capital and companies for the U.S. government to support while also providing participating businesses and investors a number of benefits. For instance, companies have access to vetted investors interested in funding the companies’ areas of focus. DOD conducts necessary due diligence, likely minimizing time and cost to the parties. Both companies and investors gain access to and insight regarding the government’s national security priorities. Investors tend to be private equity and venture capital firms focused on technology. Such firms are free from foreign government influence and derive the majority of revenue from U.S. sources.

Sectors of Focus. Strong company candidates typically develop critical technologies in a number of sectors, including:

  • Health care
  • Biotechnology
  • Unmanned aerial systems
  • 5G
  • Artificial intelligence
  • Space
  • Cybersecurity
  • Robotics
  • Quantum
  • Autonomy
  • Hypersonics
  • Directed energy
  • Nuclear energy
  • Castings and forgings
  • Rare earths
  • Semiconductors and microelectronics

How Companies Can Join. Companies are encouraged to participate through various Venture Days events hosted jointly by the military services and academic institutions. Upcoming virtual events include:

  • May 2020: AFWERX and Army Futures Command (COVID-19 response)
  • June 2020: Air Force Life Cycle Management Center
  • June 2020: Special Operations Command (Artificial Intelligence Solutions with Subcomponents in Small Maneuver and Influence Operations)

Consider In-Q-Tel (IQT). Companies interested in the Trusted Capital Program may also be interested in another U.S. government-connected investment possibility, IQT, which is a nonprofit strategic investor in companies developing technology of interest to national security agencies. Established in 1999, IQT works with venture capital companies to identify technology that will be commercially successful and have high impact on national security. IQT investments typically range from $500,000 to $3 million. IQT partners with a company to adapt its technology to national security customers’ requirements. Following a pilot program, the customers purchase the product from the company.

In April 2020, Q-CTRL, an Australian company that develops quantum engineering and software tools, announced an investment by IQT to support quantum technology for national security missions. Other IQT focus areas include:

  • Data analytics
  • Cybersecurity
  • Artificial intelligence/machine learning
  • Ubiquitous computing
  • IT solutions
  • Communications
  • Materials/electronics
  • Commercial space
  • Power and energy
  • Biotechnology
  • Remote sensing

Although different from the Trusted Capital program, IQT may also offer smaller companies working on critical technologies opportunities for funding sources in unpredictable times.

Reprinted with permission from the June 22, 2020, issue of Homeland Security Today. © 2020 Homeland Security Today. All Rights Reserved. Further duplication without permission is prohibited.

To see our other material related to the pandemic, please visit the Coronavirus/COVID-19: Facts, Insights & Resources page of our website by clicking here.

Could your upcoming commercial real estate transaction or investment raise national security concerns? 

Under recently developed federal law,  the Committee on Foreign Investment in the United States (CFIUS), a long-standing interagency committee chaired by the Department of the Treasury that was formed under federal law in the 1950’s, is now charged with considering this question;  if it determines that there are national security implications to your real estate deal, the federal government may have the right to prevent the deal from happening, order that it be unwound, or impose penalties if it has already closed. 

In February 2020, new regulations issued by Department of the Treasury granted the U.S. government broad authority to intervene in a wide variety of real estate transactions involving foreign investors if CFIUS identifies a national security concern related to the transaction. 

However, CFIUS’s regulations do not clearly define what constitutes a national security concern and the law is evolving rapidly to address emerging national security trends. 

This lack of clarity can challenge companies trying to determine if transactions or investments involving their real estate, products, technology, non-real estate based businesses, or investments could trigger a CFIUS review. 

CFIUS’s mandate has only recently expanded into exploring the national security implications of a wide range of real estate investments by foreign persons or entities; outside of the real estate context CFIUS has long reviewed deals where critical or emerging technology that may have military applications are involved, as well as deals involving critical infrastructure like electric grids, telecommunications systems, or sensitive data about U.S. citizens which in the wrong hands could harm U.S. national security interests.

The February 2020 changes to the regulations represent an expansion of CFIUS’s jurisdiction beyond its traditional scope of reviewing foreign acquisitions of U.S. businesses, including acquisitions of real estate.

Due to evolving concerns about information sharing among partners or co-investors, CFIUS’s authority has now expanded to include not only direct foreign control of sensitive real estate but also passive foreign investment in real estate, including the acquisition of even non-controlling equity interest in a business that owns real estate that could have national security implications. 

In addition, almost every kind of commercial real estate transaction is now subject to review, including the purchase or lease of real property to a foreign-owned investor or company that could raise national security concerns, as well as the granting of any right or concession that conveys to a foreign-owned party rights which include physical access to such a property, the right to exclude others from that property, the ability to improve or develop that property, or the ability to attach fixed or immovable structures on that property. 

Real estate that could raise national security concerns include any kind of property that is proximate to certain governmental or law enforcement agencies, including U.S. military installations and Department of Defense facilities, air and sea ports, production and research and development facilities used by defense contractors, and law enforcement or intelligence agencies such as the FBI, CIA and NSA, to name a few. 

As a result of this expansion, foreign-owned companies and foreign investors seeking to acquire even a non-controlling interest in U.S. real estate and U.S. owners planning to sell majority or minority interests in real estate to a foreign buyer, not to mention owners of real estate in proximity to a national security sensitive facility who are looking either to enter into leases of space in their building or sell their property or grant concessions or interests therein to foreign-owned companies or persons, now need to be aware of and structure their deals around the potential for a CFIUS review of their transactions and its potential implications.

If a landlord leases space in its building to the FBI or a defense contractor, for example, their leases with other tenants could have national security implications under the new regulations.

Impacted companies and investors should consider filing a notice with CFIUS to obtain a safe harbor ruling prior to the closing of their deals because the downside to not doing so could result in CFIUS review that leads to an order unwinding the deal.  In addition, CFIUS can also: 

  • Impose penalties;
  • Block a transaction;
  • Force the foreign purchaser or investor to divest its interests in U.S. real estate or a U.S. company; or
  • Require the parties to alter the transaction to mitigate any national security concerns.

While submitting a notice for CFIUS review is technically voluntary and there are filing fees associated with the review, parties choosing not to file for review remain vulnerable to a unilateral CFIUS review and the consequences thereof at any time, even after a transaction has closed.  

There are also a number of exceptions that have been identified that will make some investors happy, such as  exempting from CFIUS’s review the sale or lease of most individual housing units, real estate transactions in most urban centers, as well as real estate transactions with certain investors from Australia, Canada and the United Kingdom.

However, due to the fact that this is an emerging area of the law and the consequences of not obtaining a safe harbor could be severe, we expect that most prudent companies and investors will opt to engage sophisticated counsel to help them robustly investigate whether their transaction could have national security implications and, if so, to explore any applicable exemptions. 

Counsel will also be able to help the parties craft their deal documents in a manner which protects them against the consequences of an adverse CFIUS determination. 

Reprinted with permission from the July 3, 2020, issue of Real Estate Weekly. © 2020 Hagedorn Publishing. All Rights Reserved. Further duplication without permission is prohibited.

Many U.S. companies are unaware that a relatively unknown agency, the Bureau of Economic Analysis (BEA)
at the Department of Commerce, administers mandatory reporting requirements that oblige ALL U.S. businesses to file reports identifying foreign direct investment (FDI). Reports are filed at the inception of the investment and then every five years in a follow-up “benchmark survey.” Additionally, the BEA will contact certain companies to make additional filings.

Mandatory FDI Reporting Is Triggered When:

  1. A foreign investor/entity aquires ownership or control of 10 percent or more of a U.S. business
  2. A foreign investor/entity or its existing U.S. affiliateestablishes a new U.S. business resulting in the
    foreign investor/entity having at least 10 percent ownership or control (direct or indirect)
  3. An existing U.S. affiliate of a foreign investor/entity expands its U.S. operations
  4. An existing U.S. affiliate of a foreign investor/entity acquires a U.S. business, giving the foreign entity at least 10 percent ownership or control 

Penalties. Failure to file the report(s) risks civil penalties of up to $48,000 and criminal penalties of up to $10,000 for each individual and/or up to one year of imprisonment.

Reporting Requirements. The BEA administers these requirements pursuant to the International Investment and Trade in Services Survey Act based on business structure and certain financial criteria. The BEA publishes the anonymized results to track the scale of foreign investment activities in the United States and their effects on the U.S. economy.

Required Filings. Entities must file at least two reports: the new FDI and the five-year benchmark survey.

  • New FDI. All U.S. entities must file this report within 45 days of completing any transaction described above.

*Exemptions are available if the total, actual or expected cost of the transaction is $3 million or less, but to receive an exemption, the entity still must file a report

  • Five-year benchmark survey. All U.S. entities with qualifying foreign investment must file this
    comprehensive survey every five years (the most recent benchmark survey was issued in 2017).

* Exemptions are available if foreign ownership is less than 10 percent, the business is consolidated with another U.S. affiliate, or the business was liquidated or dissolved. Exemptions still require filing a report

  • The BEA may contact entities to require additional quarterly or annual reporting. Directed reporting may involve transactions between foreign parents or organizational changes, such as the establishment, acquisition, liquidation or sale of the business.

Similar filings are required when U.S. entities make foreign investments. For more information on determining whether a BEA filing is required, review the BEA website here, or contact the Lowenstein Sandler Global Trade and Policy Group. Watch for our upcoming alert on BEA filing requirements for U.S. outbound investments.

[1] Affiliate means a business enterprise located in one country that is directly or indirectly owned or controlled by an entity of another country to the extent of 10 percent or more of its voting stock for an incorporated business or an equivalent interest for an unincorporated business enterprise.

With "compliance" being the buzzword for corporate executives and legal counsel, there is renewed focus on reducing legal risks when exporting or selling overseas. The key is a robust compliance program that outlines the company's policy as well as various internal procedures to implement the policy and a solid set of documents to evidence the compliance activities at all levels of the company.

A Compliance Policy is Nothing Without Procedures

A good compliance policy should include a statement of the prohibition that it seeks to enforce and should state that it is every employee’s responsibility to be vigilant in identifying and reporting potential violations. Clearly identifying the name of the compliance officer is another must. Also beneficial are questionnaires and certifications to ensure that new employees, agents, partners, distributors, and other third parties understand the policy and to determine any red flags related to those parties. Indemnification language and appropriate dispute resolution provisions in third party contracts will give force to such certifications and representations. 

Internal forms and standard form contracts offer opportunities to include compliance verification mechanisms in existing procedures and to regularly remind employees of compliance obligations. For example, a form that a business development manager completes to report the engagement of a new agent abroad can include answers to questions intended to elicit red flags for bribery. A form contract for the sale of software can require the buyer to agree that it is not in violation of and will not violate any U.S. export controls laws.

A Must Have Element for Success- "Buy In" by Senior Management

The crucial and most often neglected element of a compliance program is the human element. Actual compliance is driven by the subjective intent of the board of directors, officers, and senior management which will trickle down to all employees in the company. All policy documents should articulate a "tone at the top" that compliance is a priority and that management expects employees at all levels of the organization to comply with all applicable laws. Most companies are choosing to adhere to a zero tolerance policy for any wrongdoing, especially now that senior executives are actually going to jail for violations of Anti-Boycott, Foreign Corrupt Practices Act, and export and sanctions laws. Examples help educate employees. For example, ignoring export licensing requirements in order to fulfill a lucrative order because it "can't wait" is not consistent with company policy for employees or overseas agents. Training all employees on these topics is crucial and protects the company if a violation does occur.

Specifically Tailored Training

Training sessions should be tailored by job function within the company and should cover the laws that directly affect how these employees do business as well as potential violations by others that the employees might be able to spot and prevent by their due diligence. For example, employees who have any responsibility for accounting and payment processing should learn the not so obvious red flags related to foreign bribery such as a charitable contribution by a local representative. All training should include procedures for reporting violations and compliance risks, and all new employees as well as employees who are assigned new duties should be evaluated for compliance training needs.

Companies Turning On Each Other

With increasing frequency and effectiveness, prosecutors in the U.S. and elsewhere are using leniency for cooperating witnesses to prosecute companies, their individual employees, and even foreign companies who bribe foreign government officials. An executive who helped to arrange bribes to foreign officials in order to obtain business for his company now has to choose between ratting out his company and coconspirators in exchange for a brief (if any) custodial sentence in order to avoid jail time and fines if someone else rats to the prosecutors first.

Additionally, companies are now reporting alleged violations of competitors. One of the largest foreign bribery prosecutions, which was led by American authorities against Halliburton’s Kellogg, Brown & Root and its foreign partners, began after a former executive of French partner company Technip elucidated the conduct of his former company in meetings with French prosecutors. He saw it as a sort of “we’re not as bad as the competition” defense against allegations of wrongdoing at his new company.

How Not to Bribe

The most effective way to protect a company is to have and enforce a policy to vet all new agents and third parties through substantive due diligence. Step one is usually a questionnaire and background check to determine accuracy of education, credentials, and work experience. Potential agents, contractors, and distributors need to disclose relationships and affiliations that will assist or could affect sales and new business. The responses are then reviewed for red flags and further due diligence to ensure that the company is protected from possible violations of U.S. and foreign law, most particularly anti-corruption legislation. Prosecutions related to the payment of foreign bribes have dramatically increased.

Technical Experts May Be Needed To Implement Export Compliance Programs

Export controls are so numerous, and their application requires such a high level of technical knowledge, that compliance programs must be prepared by experts who know the law and the company's business. For example, the export lawyer must know the business well enough to determine, or to assist the in-house export officer in determining, a method for classifying products subject to the U.S. Munitions List and the Commerce Control List. Once products are classified, the lawyers can draft procedures based on the sales organization structure to ensure compliance with the export control regimes of both the State Department and the Commerce Department. Moreover, companies must also be aware of the additional requirements from the Treasury Department.

The Treasury Department's Office of Foreign Assets Control (OFAC) administers economic and trade sanction laws. The laws are constantly changing. Companies must be vigilant in updating employees regarding the regulatory requirements as well as training employees regarding how the sanctions laws affect their business. The compliance procedures must include steps to ensure that their business doesn’t inadvertently violate the regulations. A checklist before a sales transaction is approved is a good methodology. Some companies prepare such checklists for all foreign sales to ensure that there is no transshipment or red flags that could lead to a violation. OFAC has country-specific regulations as well as lists of entities that U.S. persons cannot do business with. The country-specific programs range from outright sales prohibitions (to which there are a few exceptions) such as Iran and Cuba to programs prohibiting sales that aim to benefit specifically named parties or immediate family members of Charles Taylor in Liberia.

Companies that are in businesses remotely related to the defense industry and all companies that deal in high technology products should have a policy to determine whether new products and services are subject to export controls as soon as they are developed. It should be the responsibility of technical personnel to provide as much information as possible about new products to compliance officers or export attorneys, who should check the information against the relevant lists of controlled items.  If a company cannot “self-classify” a product, it should seek assistance of outside counsel or request a binding ruling from the government regarding classification and/or licensing requirements as exports are, in some case, country specific. Of course logistics and shipping department employees must have policies to prevent exports in violation of licensing regulations and OFAC embargo/sanctions laws. Again, checklists and procedure flow charts can be used, and compliance officers can be consulted when red flags are raised based on the product itself or the destination.

Training programs for compliance with general defense and dual use export controls should concentrate on identification of the sorts of things that are controlled, focusing on those that are less obvious. Companies with any involvement in aviation should highlight the prohibition on exports of night vision equipment and night vision compatible lighting. Defense contractors should ensure that technical employees responsible for servicing products are aware that maintenance itself can be controlled and that there are license and notification requirements enforced by Customs and the State Department for temporary importation of controlled articles, even from Canada.

When is the Transfer of Technology in the U.S. an Export?

Finally, all companies must be cognizant of the deemed export rules. If a company transfers controlled technology to a foreign person in the United States, that is a deemed export. If the item related to the technology requires a license for export to the foreign person's country, the transfer of the technology to the foreign person in the U.S. also may require a license. A company must have an understanding of these requirements as they relate to their business and to any temporary or third party employees at their facilities. Such compliance must be coordinated with the human resources department because of a new licensing requirement for

U.S. companies that employ certain foreign workers. Companies with foreign workers who are in the U.S. under visa categories H-1B, L-1 and O-1A must certify in the company's immigration documents that the human resources manager has read the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR) and has determined whether an export license is needed. Such decisions must be documented as part of a company's compliance program.

Empower Managers and Compliance Officers for a Robust Compliance Program

Compliance programs are most effective when they are narrowly tailored for each type of legal risk and prepared for a specific group or type of employees, such as the sales team, and are implemented enthusiastically by empowered compliance officers and management. In designing compliance programs to address foreign bribery, export controls, and other areas of legal risk, companies should focus not on the aesthetics of the overall compliance manual or program but on how useable the actual procedures will be for its employees to understand and incorporate such procedures into their daily job functions.

WSG's members are independent firms and are not affiliated in the joint practice of professional services. Each member exercises its own individual judgments on all client matters.

HOME | SITE MAP | GLANCE | PRIVACY POLICY | DISCLAIMER |  © World Services Group, 2020