Manufacturers and exporters who only view sanctions and export controls evasion risks from a technocratic item classification perspective will fail to recognize and correctly analyze evasion risks in the era of sanctions as the “new FCPA”

December 18, 2023 ­ Several cultures and religions tell the parable of blind men encountering an elephant for the first time. Each man touches a different part of the elephant, thinking it to be something else. The blind men fail to appreciate the totality of the beast and descend into disagreement until a passer-by alerts them to the connectivity between the parts of the whole.

Today, the inverse is happening in sanctions- and export controls-evasion compliance and enforcement. Since July 2022, the U.S. Department of Justice (“DOJ”) has repeatedly warned that sanctions and export controls are the “new” Foreign Corrupt Practices Act (“FCPA”), i.e., a new elephant. Through both words and deeds, DOJ and other U.S. agencies have demonstrated that corporate compliance programs need to adopt a parallel approach—what I have characterized as an FCPA "mindset"1—aligning anti-corruption risk management (think of it as “anti-bribery evasion”) with sanctions- or export controls-evasion risk management. Applying such a mindset in detecting and preventing evasion when vetting potential commercial relationships allows manufacturers and exporters to recognize, anticipate, and hopefully avoid entirely potential enforcement risks.

Taking a parallel approach is necessary not because the myriad regulations that underlie sanctions programs and export controls are similar to the text of the FCPA—they are without question far more voluminous and technical. Sanctions and export controls compliance obviously begins with correctly understanding and applying complex regulations related to, for example, product classification and commodity jurisdiction.

Instead, taking a parallel approach is necessary because the DOJ is now evaluating corporate compliance programs for sanctions and export controls the same way that it has historically evaluated anti-corruption compliance programs. Whether companies are investigated—and what happens to them if they are—depends on DOJ’s views regarding how companies are identifying and assessing evasion risks, how companies are investigating and (potentially) mitigating those risks, and how companies are responding to allegations or reports of evasion. Effective trade compliance today accordingly requires both regulatory expertise and applying the proper mindset to evaluating proposed trade flows. Encouraging collaboration between traditional trade compliance teams and anti-corruption teams can help achieve this.

Failure to take this approach can have significant costs: DOJ has followed its statements with several high-profile, multi-agency corporate resolutions (two of which exceeded $1 billion in penalties) and jail sentences for individuals.

Yet some commentators express curiosity and skepticism regarding the attention being given to DOJ’s anti-evasion enforcement pronouncements, suggesting that the DOJ’s public statements are bluster and that not much has changed. These commentators characterize trade compliance as being anchored in the technocratic exercise of item classification, with the implication that trade compliance is best left to an anointed “bar magisterium2 whose doors are closed to the unwashed.

Properly classifying an item does not absolve subsequent evasion sins, and future prosecutions emanating from DOJ’s more aggressive enforcement efforts are unlikely to be based upon unintentional, good-faith misapplications of, for example, the highly technical details of item classification or the foreign direct product rule. While item misclassification certainly is one means of export controls evasion, classification is a forward-looking exercise pre-shipment and does not address other serious evasion risks, for example those evidenced by counterintuitive shipment routes or nonsensical end-user identifications. An over-reliance on assumed sufficiency of item classification further invites reprisals from regulators who do not consider national security interests to be furthered by a focus on technicalities3 or cleverness.4

It is dangerous to fail to see (let alone deliberately avoid seeing) the elephant that the DOJ is describing. It is not only dangerous for companies and individuals who fail to design and implement proper risk-based anti-evasion programs. Following a technocratic approach that fails to identify and address holistic evasion risks has not prevented U.S. origin components from finding their way into Russian and Iranian-built weapons that have killed Ukrainian civilians and soldiers. It seems a bit late in the day to take a “not our problem” approach when confronted with such battlefield proof of diversion, particularly if a manufacturer or exporter has never genuinely stress-tested their sanctions and export controls compliance program considering DOJ’s now-parallel expectations for anti-corruption compliance programs.

U.S. enforcement actions provide ample guidance on what questions a risk-based anti-evasion program would ask. Such questions are focused less on item classification and more on a holistic view of the circumstances: Do we really think that a ship chandler is stepping into the shoes of a tobacco manufacturer?5 Can we accept end-user certifications that we know to be false?6 Should we continue delivering items to a customer on the Entity List, when both of our competitors in that market have publicly indicated they will not do so without authorization?7 Do we really think that a general trading company or freight forwarder is the “end-user” or “ultimate consignee,” particularly for heavy industrial equipment?8 Why are we shipping 25,000 dual-use components to Estonia with an ultimate consignee in Turkey—and how will they get from Estonia to Turkey?9 Why would Latvian and Tajik customers need the assistance of a Cypriot intermediary?10 Why are we shipping electronics to a tandoori restaurant in Brooklyn?11

The DOJ and four other U.S. agencies described yet again the sanctions and export controls compliance elephant in their recently issued, December 11, 2023, “Quint-Seal” Compliance Note, stressing repeatedly the need for companies involved in exporting and international shipping to apply holistic, risk-based approaches to anti-evasion compliance.12

Manufacturers and exporters should accordingly not take false comfort in successfully completing item classification or other front-end technicalities. Although proper item classification is still necessary, a holistic, risk-based due diligence approach is required. Applying the proper item classification to each part of the elephant is still an important task but is no excuse for failing to see the elephant—particularly after you have been told it is there.

  1. Michael Huneke, How to Prepare for Sanctions Compliance & Investigations (“SCI”) in the Era of the “New FCPA” (Nov. 21, 2023). For an analysis of the legal frameworks underlying both the FCPA and U.S. sanctions and export controls laws, see Michael Huneke & Jan Dunin-Wasowicz, Converging Practices for Bribery, Export Controls and Sanctions Anti-Evasion Regimes, Westlaw Today, Part 1 (June 22, 2023) & Part 2 (July 6, 2023). ↩︎
  2. Akin to the magisterium of the Catholic Church. See Catechism of the Catholic Church 85 (under “The Magisterium of the Church . . . . The task of giving an authentic interpretation of the Word of God, whether in its written form or in the form of Tradition, has been entrusted to the living teaching office of the Church alone.”). ↩︎
  3.  See Peter Martin, “We cannot let China get these chips”: Commerce Secretary Raimondo says more funding needed for AI export controls, Fortune (Dec. 3, 2023). ↩︎
  4.  See Brent Carlson, When Loopholes Create Liability Pitfalls: A Fresh Look at Export Controls, NYU Program on Corporate Compliance & Enforcement (“PCCE”), Compliance & Enforcement Blog (Aug. 25, 2023). ↩︎
  5.  See Department of the Treasury, Office of Foreign Assets Control (“OFAC”), Settlement Agreement with British American Tobacco p.l.c. (Apr. 25, 2023), and Aqiul Hamzah, S’pore unit of British American Tobacco did not break local laws on trade ban with N. Korea: Police, The Straits Times (May 7, 2023) (naming the SUTL Group). ↩︎
  6.  See, e.g., Department of the Treasury, Financial Crimes Enforcement Network (“FinCEN”), In the matter of Binance Holdings Ltd., et al., Consent Order at 9–10 (describing a self-certification by U.S. persons that was accepted even where Binance possessed contrary information). ↩︎
  7.  See Department of Commerce, Bureau of Industry and Security (“BIS”), Order Relating to Seagate Technology LLC and Seagate Singapore International Headquarters PTE. LTD (Apr. 19, 2023). ↩︎
  8.  See generally Criminal Indictment, United States v. Hajavi, 1:19-cr-00443 (N.D. Ga. Dec. 4, 2019). ↩︎
  9.  See generally Indictment, United States v. Arkhipov, et al., 1:23-cr-00429 (E.D.N.Y. Oct. 27, 2023). ↩︎
  10.  See generally Complaint, United States v. Petrov, 1:23-mj-06023 (S.D.N.Y. Aug. 11, 2023). ↩︎
  11.  See generally Indictment, United States v. Goltsev, et al., 1:23-cr-00452 (E.D.N.Y. Nov. 6, 2023), and New York Department of State, Division of Corporations, Entity Information for SN Electronics, Inc. (showing an address that, per GoogleMaps, is a tandoori restaurant); see also “Who is Salimjon Nasriddinov and what does America accuse him of?” (Nov. 3, 2023) (suggesting the tandoori restaurant link). ↩︎
  12.  See OFAC, Publication of Quint-Seal Compliance Note-Know Your Cargo: Reinforcing Best Practices to Ensure the Safe and Compliant Transport of Goods in Maritime and Other Forms of Transportation (Dec. 11, 2023); see also Hughes Hubbard & Reed LLP, QuintSeal Compliance NoteKnow Your Cargo: Best Practices for Maritime and Other Transportation Industries (Dec. 12, 2023). ↩︎