If your business exports products, technology, and/or software that are subject to the International Traffic in Arms Regulations (“ITAR”) or the Export Administration Regulations (“EAR”), then you should consider the implementation of an Export Control Plan (“ECP”). This post discusses the proper foundation of an ECP. Although such a plan is not mandated by ITAR or EAR, it is a valuable proactive measure that can save your business millions of dollars it might otherwise spend in penalties to the United States government.
Once you make the decision to create an ECP, your employees should understand and observe the commitment from management. Management should ensure that employees do not regard this plan as a set of written procedures that simply collect dust. Employees will take these measures seriously only when they see that management is devoting time and resources to the implementation of the ECP and that the rules and procedures will be strictly enforced.
The next step in implementing an ECP is to appoint a compliance officer from within the company with sufficient authority to demand compliance. Due to potential bias, this person should not be involved in export sales.
Before any written polices and procedures are put into place, management should conduct a risk assessment, which is usually performed along side an outside expert. During a risk assessment, the individuals involved will discuss, in detail, the present environment surrounding the companies’ export transitions, including the likelihood of certain violations, the severity of consequences, and the controls already in place.
These elements are essential to building a solid foundation for an ECP. Once accomplished, your business can begin creating the ECP’s written policies and procedures. If you would like more information on export control regulations or an Export Control Plan, please feel free to contact me at email@example.com. –R. Ellen Coley