Export control compliance – October 11, 2024

• What happened? On October 9th, the Department of Commerce’s Bureau of Industry and Security (BIS) published guidance for financial institutions (FIs) complying with the Export Administration Regulations (EAR).
• What does the guidance say? The guidance focuses on General Prohibition 10 (GP 10), which prohibits anyone, including financial institutions, from financing or otherwise servicing any item subject to the EAR with knowledge that a violation of EAR has occurred, is about to occur, or is intended to occur. Such knowledge of a circumstance includes not only positive knowledge that the circumstance exists or is substantially certain to occur, but also an awareness of a high probability of its existence or future occurrence. It also includes a reminder that items “subject to the EAR” include a wide variety of items that originate or move through the U.S., even when no U.S. person or FI is involved in the transaction. The guidance recommends steps financial institutions can take to minimize the likelihood of EAR violations, including:
  • Due diligence: The guidance calls on FIs to incorporate EAR-related due diligence into their risk management and compliance processes. This includes reviewing customers against lists of persons subject to BIS's end-user restrictions and lists of entities that have shipped Common High Priority List (CHPL) items to Russia since 2023. It states that FIs should heavily weigh a customer's presence on a BIS restricted-party list when determining their overall risk profile for potential EAR violations.
  • Ongoing reviews: The guidance recommends that FIs conduct ongoing reviews of transactions to identify red flags indicating potential export control evasion and refrain from future transactions with relevant parties if red flags cannot be resolved satisfactorily. They can also resolve red flags by confirming that the item is not subject to the EAR, outside the scope of the license requirement, or authorized by a BIS license exception or license.
  • Real-time screening: It also recommends real-time screening for all known parties to cross-border payments and other transactions likely associated with exports from the U.S. against BIS-administered restricted-party lists. FIs should decline to proceed with transactions involving matches to restricted parties until determining that the underlying export, reexport, or transfer is authorized under the EAR.
  • Customer confirmation: It suggests that FIs seek confirmation from customers regarding BIS-issued licenses, including obtaining a copy of the export license or tracking the status of an export license application using the System for Tracking Export License Applications (STELA).
  • Reminders of obligations: The guidance reminds FIs that they need to report all suspicious activity related to EAR violations using the appropriate Suspicious Activity Report (SAR) terms. It also actively encourages the submission of voluntary self disclosures (VSDs) from parties who suspect they may have violated the EAR. Finally, it reminds FIs that they may not willfully self-blind or deliberately avoid becoming aware of facts or circumstances, as doing so may demonstrate "knowledge" for purposes of GP 10.

Our Take

BIS clearly articulates export control expectations after limited monitoring by FIs. As geopolitical activity over the last several years has sharply increased the list of items subject to the EAR and entities restricted by BIS, this guidance reflects BIS’s recognition that FIs need to do more to monitor and detect export control violations by their clients. Whereas FIs may have historically expected their clients to make sure that their exports do not violate EAR, this guidance makes clear that FIs can be held responsible for not conducting sufficient due diligence or overlooking red flags. While the guidance applies to all FIs, those with trade finance programs should be particularly on alert - including foreign banks that may be impacted by the broad scope of items and entities subject to the EAR. Trade finance transactions are often reviewed separately from business-as-usual customer and transaction screening in a process that is document-heavy, with many vessels and companies involved, increasing the risk and the compliance burden. Confirming that all of these entities are vetted and screened efficiently throughout the lifecycle of trade transactions is critical to establishing compliance.

In addition to reviewing current practices against the recommendations in the guidance, FIs should examine their know-your-customer (KYC) and due diligence programs to ensure that they understand all parties involved in transactions, including the end users of goods and not just the beneficiaries. Trade finance teams must be diligent when reviewing documentation and flag activity that involves the high-risk jurisdictions and sensitive goods outlined in the report. Any changes, particularly last minute changes, with regards to the details of these higher-risk trade finance transactions should trigger re-screening. Firms should also conduct periodic training sessions that are updated regularly to capture the most recent red flags and evasion typologies. Considering the amount of documentation involved in trade finance transactions, firms should consider tools such as optical character recognition and advanced technologies (e.g., AI, machine learning) to reduce manual processes, where possible, in activities such as transaction monitoring, screening and alert handling.