What Is Export Compliance?
Export compliance is the set of laws, controls, checks, and operating procedures that govern how goods, software, technology, and services move from the United States to foreign persons or destinations. In practice, it means more than filling out shipping paperwork. A compliant export process starts with product classification, checks whether the item, end use, end user, or destination is restricted, confirms whether a license or license exception is available, and preserves the documentation needed to prove that each decision was made correctly.
The stakes are high because export controls are not just trade administration rules. They are national security and foreign policy tools. A shipment can be legal from a customs perspective and still violate export control law if it goes to a sanctioned party, involves a prohibited end use, or contains controlled technology sent without authorization. That is why legal, sales, operations, engineering, procurement, and forwarding teams all need a shared understanding of export compliance responsibilities.
Any company that manufactures, sells, brokers, forwards, or transmits products or technical information across borders should have an export compliance program. That includes industrial exporters, SaaS and hardware companies, distributors, freight forwarders, non-vessel-operating common carriers, customs brokers that touch export workflows, and 3PLs supporting global customers. Small businesses are not exempt from the rules; they are simply more exposed when export control decisions live in ad hoc spreadsheets or tribal knowledge.
- Manufacturers shipping dual-use items, controlled components, spare parts, or replacement equipment
- Technology companies sharing software, source code, or technical data with overseas affiliates, vendors, or customers
- Freight forwarders and 3PLs preparing bookings, export filing data, shipping instructions, or routing decisions
- Distributors and resellers shipping under third-party purchase orders or to high-risk destinations
- Service providers that support installation, training, maintenance, or technical assistance for regulated items
U.S. Export Control Framework
Most export compliance programs in the United States are built around three core control layers. First, the Export Administration Regulations, or EAR, regulate many commercial, dual-use, and less sensitive items. Second, the International Traffic in Arms Regulations, or ITAR, control defense articles, defense services, and related technical data. Third, the Office of Foreign Assets Control, or OFAC, administers sanctions programs that can block transactions even when the item itself is not highly controlled. Companies also need to account for agency-specific rules from bodies such as the Nuclear Regulatory Commission, Department of Energy, and Drug Enforcement Administration when their products or end uses fall into those sectors.
Export Administration Regulations (EAR)
The EAR, administered by the Bureau of Industry and Security, cover most dual-use items: commercial products, software, and technology that may have civilian applications but could also support military, intelligence, or proliferation activity. Classification under the EAR often starts with the Commerce Control List and an Export Control Classification Number, or ECCN. When an item is specifically described on the CCL, the ECCN drives the license analysis by tying the item to control reasons such as national security, missile technology, nuclear nonproliferation, chemical and biological controls, regional stability, or anti-terrorism.
If an item is subject to the EAR but is not specifically listed on the CCL, it is often designated EAR99. That label does not mean "uncontrolled in all cases." EAR99 items can still require a license when exported to sanctioned destinations, prohibited end users, or prohibited end uses. EAR99 also does not eliminate screening obligations or documentation responsibilities. Many compliance failures happen because teams treat EAR99 as a free pass instead of a starting point for the rest of the export review.
International Traffic in Arms Regulations (ITAR)
The ITAR, administered by the Directorate of Defense Trade Controls, govern defense articles, defense services, and related technical data enumerated on the U.S. Munitions List. If a product or technical dataset falls under the USML, the compliance burden rises quickly: registration requirements may apply, licensing is stricter, and controls extend well beyond physical exports to technical disclosures, training, services, and brokering activity. Companies working near aerospace, unmanned systems, military electronics, firearms, or other defense-related applications need a disciplined process for identifying potential ITAR scope early.
The most important practical difference between EAR and ITAR is not simply which agency regulates the item. It is how narrow the authorization path becomes once ITAR applies. Many transactions that can move under an EAR license exception have no equivalent ITAR shortcut. That is why companies that operate near the line between commercial and defense markets often create an escalation rule: if a product could plausibly land on the USML, classification must be reviewed by trained internal compliance staff or outside counsel before sales or operations continue.
| Framework | Agency | What it covers | Key classification concept | Common risk point |
| EAR | BIS | Dual-use and many commercial goods, software, and technology | ECCN or EAR99 | Assuming EAR99 means no further review |
| ITAR | DDTC | Defense articles, defense services, and related technical data on the USML | USML category | Treating defense-related engineering data like ordinary product support |
| OFAC | Treasury | Sanctions against countries, parties, vessels, and blocked interests | Program and list review | Shipping to a prohibited party or sanctioned geography |
| Other agencies | NRC, DOE, DEA and others | Sector-specific controlled items or activities | Agency-specific authorization rules | Missing a niche regulator because the item seems commercial |
OFAC Sanctions
OFAC sanctions work differently from item-based controls. The question is often not "what is the ECCN?" but "who is involved, where is the transaction going, and does any blocked person or embargoed program apply?" Screening against the Specially Designated Nationals and Blocked Persons List is essential, but it is only one part of sanctions compliance. Some country programs are broad, some are targeted, and many transactions require review of ownership, vessel data, routing, financial counterparties, and the use of intermediaries. A shipment may be clear under EAR classification and still be prohibited under OFAC rules.
Other Agencies
Not every export control issue sits neatly inside BIS, DDTC, or OFAC. Nuclear materials, certain energy technologies, controlled chemicals, and pharmaceutical or law-enforcement-sensitive items can trigger additional agency requirements. The operational lesson is simple: if your products touch regulated sectors, your compliance intake process should ask more than "Is it EAR or ITAR?" It should also ask whether another agency has approval authority, licensing conditions, or reporting obligations that need to be checked before shipment.
How to Classify Your Exports
Export classification is the foundation for every later compliance decision. If the classification is wrong, the license analysis, screening logic, and record set are usually wrong too. A defensible classification process starts with the product's technical characteristics, not the marketing label on the quote or commercial invoice. Engineering, product management, and compliance should agree on a consistent way to gather specifications, compare them to control text, and preserve the reasoning behind the final classification.
ECCN Classification Process
For EAR items, the typical workflow is to identify the relevant category and product group on the Commerce Control List, read the technical parameters carefully, and follow the order-of-review logic before deciding on an ECCN or EAR99. Self-classification is common and often appropriate when the product is straightforward and the company has personnel who understand the item's specifications. Higher-risk products, edge cases, and transactions that may attract regulator attention often justify a more formal internal memo, legal review, or a commodity classification request through BIS.
- Collect the engineering and commercial data that actually describe the item: function, material composition, performance thresholds, software capability, encryption features, and technical documentation.
- Determine whether the item is potentially subject to ITAR before assuming it belongs in the EAR workflow.
- Review the Commerce Control List and apply the order of review to find a specific ECCN, or document why the item is EAR99.
- Match the ECCN to reasons for control and review the Commerce Country Chart, end-user restrictions, and end-use restrictions.
- Retain the classification rationale, supporting specifications, reviewer, and date so later transactions can rely on a controlled baseline.
Schedule B vs. HS Code vs. ECCN
Teams regularly confuse customs classification with export control classification. Schedule B and HS codes are customs and statistical classifications used for trade reporting and tariff administration. ECCNs are export control classifications used to determine licensing treatment under the EAR. One product can have a Schedule B number for customs filing and a separate ECCN, or it can have a Schedule B number while remaining EAR99. Because the systems answer different legal questions, no compliance program should use Schedule B as a shortcut for export control classification.
Self-Classification vs. BIS Classification Request
Self-classification works when the item is well understood and the team can explain the technical match against the control text. A BIS commodity classification request is helpful when customers, banks, investors, or internal stakeholders need regulator-confirmed treatment, or when the classification is genuinely ambiguous. The real decision is not whether self-classification is allowed. It is whether the organization can defend the classification if a regulator, customer, or counterparty asks how the decision was made.
Commodity Jurisdiction: EAR vs. ITAR
When the central question is whether an item is governed by the EAR or the ITAR, companies may need a formal jurisdiction analysis rather than an ECCN exercise. In high-consequence cases, that can involve a commodity jurisdiction request through DDTC. Operationally, the warning sign is a product that sits near defense use, military integration, or USML-style technical parameters. A good escalation policy treats EAR-versus-ITAR uncertainty as a stop condition, not something to resolve casually in a freight booking queue.
Export Licensing
Licensing analysis asks whether the planned transaction needs government authorization before export, reexport, transfer, or service activity occurs. Under the EAR, the answer depends on the item classification, destination, end user, end use, and any applicable prohibition in Part 744 or sanctions overlays. Under the ITAR, licensing is often tighter and turns on whether the article, technical data, or defense service is covered by the USML and whether a valid approval exists for the exact transaction in scope.
When Is an Export License Required?
A license may be required when the item's control reasons intersect with the destination on the Commerce Country Chart, when the shipment involves a restricted end user or end use, when a sanctions program blocks the transaction, or when the export involves ITAR-controlled articles, services, or technical data. License questions also arise in deemed export scenarios, where controlled technology is released to foreign nationals in the United States. That is why export compliance cannot live only in shipping operations; HR, engineering, and IT can trigger export control obligations too.
- Controlled ECCN plus a destination that triggers one or more reasons for control
- Exports, reexports, or in-country transfers involving prohibited end uses or restricted parties
- ITAR-controlled hardware, technical data, or defense services with no applicable approval
- Deemed exports of controlled technology to foreign nationals
- Transactions affected by country sanctions, blocked parties, or ownership concerns under OFAC rules
License Exceptions
Under the EAR, a license exception can authorize specific transactions without a full export license application, but only when every condition in the regulation is satisfied. Common examples include temporary exports under TMP, baggage under BAG, government-related transactions under GOV, and replacement parts under RPL. The key control is discipline: a license exception is not a general permission. Your records should show why the exception applied, what conditions were checked, and who approved the decision.
How to Apply for an Export License
For EAR licenses, companies generally apply through BIS SNAP-R. For ITAR, DDTC has separate application and approval workflows. In both cases, poor input quality slows everything down. The best applications align classification, end-user details, end-use statements, routing, and supporting documents before submission. Missing consignee details, weak end-use descriptions, or inconsistent documentation can create agency questions that stretch the timeline and increase operational uncertainty.
License Processing Times and Conditions
There is no universal processing clock that compliance teams can safely promise to the business. Some cases move faster than others, especially when interagency or national security review is involved. Build licensing lead time into order management instead of treating approvals as same-week paperwork. Once approved, licenses may carry provisos, quantity limits, reporting obligations, or recordkeeping requirements that operations must follow exactly. A license that is ignored operationally is not a control; it is an unclosed risk.
Denied Party Screening
What Is Denied Party Screening?
Denied party screening is the control that verifies whether anyone in the transaction chain is restricted, prohibited, or subject to additional conditions. It should cover more than the buyer's company name. Screening should include the ship-to party, ultimate consignee, intermediate consignees, notify parties, banks, freight forwarders where relevant, vessel data when sanctions risk is elevated, and beneficial ownership where a simple name match does not tell the full story. The U.S. government's Consolidated Screening List is useful because it pulls together multiple lists from Commerce, State, and Treasury into one search workflow.
Key Screening Lists
- BIS Entity List for parties subject to additional licensing requirements or license denials
- BIS Denied Persons List for parties that have had export privileges denied
- BIS Unverified List for counterparties whose reliability or bona fides could not be confirmed
- OFAC Specially Designated Nationals and Blocked Persons List
- Other lists surfaced through the Consolidated Screening List maintained by the U.S. government
When to Screen
A practical screening cadence is to screen when a customer or transaction is created, again before booking or document submission, and again before shipment or release if there has been any delay or change in parties, routing, or destination. That cadence is an operational best practice rather than a single bright-line regulatory timing rule, but it reflects how risk actually behaves. Lists change. Counterparties change. Shipment details change. A screen performed once at quote stage does not protect a transaction that ships weeks later under materially different facts.
What to Do If You Get a Match
Do not clear a possible match with a quick visual guess. A good workflow pauses the transaction, escalates to compliance, compares identifiers such as address, country, aliases, registration data, and ownership, and documents why the match was either cleared or escalated further. If the match is real or cannot be cleared responsibly, shipment activity should stop until legal or compliance leadership determines the next step. The record of the review matters almost as much as the decision itself.
Automated vs. Manual Screening
Manual screening can work at very low transaction volume, but it becomes fragile quickly. Spelling variation, alias management, list updates, and repeat checks are difficult to manage with manual search logs. Automated screening tools improve coverage and repeatability, but they still need policy around match thresholds, escalation handling, ownership review, and rescreen timing. Technology should make the process consistent, not replace human judgment when a transaction raises red flags.
Record-Keeping Requirements
Export compliance records need to prove what the company knew, what it decided, and why it decided it. That includes product classification records, screening evidence, licenses and provisos, customer communications about end use, commercial and transport documents, AES or EEI data where applicable, internal approvals, and correspondence showing how exceptions or escalations were handled. If a regulator asks why a shipment moved, your records should let someone reconstruct the decision without relying on memory.
- Classification memos, technical specifications, ECCN or EAR99 determinations, and jurisdiction analyses
- Screening results, match-resolution notes, end-user reviews, and risk escalations
- Export licenses, license exceptions relied upon, provisos, and supporting end-use documentation
- Commercial invoices, packing lists, purchase orders, booking records, routing data, and shipping instructions
- AES or EEI filings, proof of export, internal approvals, training acknowledgments, and audit records
Under the EAR, recordkeeping requirements in Part 762 generally require records to be retained for five years from the latest relevant export event. Under ITAR, 22 CFR 122.5 generally requires five-year retention measured from license expiration or from the relevant transaction tied to an exemption or other approval. OFAC's general recordkeeping rule changed from five years to 10 years effective March 12, 2025. The important operational point is that retention should be policy-driven and system-backed. If compliance evidence is spread across email inboxes, forwarder portals, spreadsheets, and personal drives, the organization does not really have a recordkeeping system.
Maintain a complete audit trail for every shipment with Terminal49. A centralized milestone history and document trail make it easier to tie shipping events back to your AES filing, shipping instructions, and broader export documentation workflow.
Building an Export Compliance Program (ECP)
An export compliance program is the operating system behind all of the point controls above. The best programs are not built around a single compliance manager manually reviewing shipments after the business has already committed to ship. They define ownership, decision rights, escalation triggers, system controls, and evidence standards across the company. Regulators consistently reward companies that can show management commitment, documented procedures, training, monitoring, and corrective action discipline.
- Secure visible management commitment so commercial teams understand that export controls are a release gate, not an optional review.
- Document a written compliance manual covering classification, screening, licensing, shipping, record retention, and escalation paths.
- Train the teams that create risk, including sales, customer success, engineering, procurement, logistics, and finance.
- Establish screening procedures with defined rescreen triggers, match-handling rules, and ownership checks where needed.
- Build a recordkeeping system that ties product, party, shipment, and document data together in one auditable workflow.
- Run internal audits and spot checks to compare actual shipment behavior against written policy.
- Define how the company investigates potential violations and when it will pursue a voluntary self-disclosure.
Management Commitment
Management commitment makes the rest of the program enforceable. Leadership should define stop-ship authority, support compliance escalations even when revenue is at risk, and review meaningful metrics such as screening hits, license queues, audit findings, and corrective actions.
Written Compliance Manual
A written manual should explain how classification, screening, licensing, shipment release, document handling, and escalation work inside the company. The goal is not to restate regulations. It is to convert them into operating instructions that cross-functional teams can follow consistently.
Training Program
Training should be role-specific. Engineers need to understand technical data risk, sales teams need to understand end-use and end-user questions, and operations teams need to know when a shipment cannot move. Generic annual awareness training is useful, but it is not enough for higher-risk functions.
Screening Procedures
Screening procedures should define which parties are screened, which lists are used, when rescreening happens, what creates a potential match, and who can clear or escalate the hit. A screening tool is not the procedure by itself. The procedure is the timing, evidence, review logic, and decision trail around it.
Record-Keeping System
A defensible recordkeeping system ties product decisions, party checks, shipment events, and final documents together. If teams cannot pull the classification record, screening evidence, license logic, and shipment file in one place, the company does not really have a usable compliance record.
Internal Audits
These controls reinforce one another. The best programs make compliance decisions before shipping urgency takes over.
Internal audits should test real transactions. Pull a sample of shipments and ask whether the classification record exists, whether screening evidence is complete, whether the routing matched what was reviewed, whether the filer used the right data, and whether any license condition was actually followed. This is also the point where many teams discover that process descriptions and system behavior do not match. Auditing is less about blame than about finding the gap before enforcement does.
Handling Violations and Voluntary Self-Disclosures
When a possible violation is found, speed and structure matter. Preserve the records, stop any ongoing activity that may be noncompliant, investigate what happened, assess whether the issue is isolated or systemic, and determine whether a voluntary self-disclosure is appropriate. Both BIS and OFAC explicitly treat timely, complete self-disclosures as a mitigating factor. That does not erase the underlying problem, but it can materially improve the enforcement outcome and shows that the company is serious about remediation.
Red Flags: Warning Signs of Diversion
Red flags are the patterns that tell you the transaction deserves deeper review before you move it. BIS know-your-customer guidance emphasizes that exporters cannot ignore suspicious facts simply because the paperwork looks complete on the surface. In operations, red flags often show up as routing oddities, vague end-use statements, pressure to ship immediately, inconsistent product knowledge, or party relationships that do not make commercial sense.
- The customer refuses to explain the end use, or the explanation stays generic after follow-up questions.
- The requested routing is unusual for the destination or appears designed to pass through unnecessary transshipment points.
- The product capability does not fit the buyer's stated business profile.
- The customer wants to remove labels, alter documents, or minimize technical descriptions without a valid commercial reason.
- A new intermediary appears late in the process and changes the ship-to, end-user, or payment structure.
- The buyer is unfamiliar with the item's normal performance or support requirements.
- The transaction involves cash, uncommon payment behavior, or urgent pressure for a high-value shipment.
A mature compliance program treats red flags as triggers for inquiry, not automatic rejections. Sometimes the explanation is legitimate. The risk arises when no one asks the second question, no one documents the answer, or the business proceeds because the shipment window is tight. Forwarders and logistics providers are especially exposed here because they may not own the classification decision but can still see routing and documentation anomalies that others miss.
Penalties for Export Compliance Violations
Export violations can produce more than a fine. Depending on the regime, outcomes can include civil monetary penalties, criminal charges, denial of export privileges, debarment, forfeiture, monitors, audits, remedial undertakings, and reputational damage that affects customers, banks, insurers, and suppliers. Even when the ultimate penalty is manageable, the investigation cost, shipment disruption, and leadership attention drain can be severe.
| Regime | Civil exposure | Criminal exposure | Operational consequences |
| EAR | As of January 15, 2025, BIS states the maximum civil monetary penalty is $374,474 per violation or twice the value of the transaction, whichever is greater. | Up to $1 million per violation and up to 20 years imprisonment. | Denial of export privileges, license revocation, audits, and remediation orders. |
| ITAR | Civil penalties are authorized under the Arms Export Control Act and can exceed $1.2 million per violation after inflation adjustments. | Up to $1 million per violation and up to 20 years imprisonment. | Debarment, registration impact, consent agreements, and enhanced oversight. |
| OFAC | Penalties vary by sanctions program and are adjusted annually; many IEEPA-based cases can involve the greater of a statutory cap or twice the transaction value. | Willful violations can create criminal exposure, including substantial fines and imprisonment. | Blocked payments, transaction unwinds, mandatory holds, and intensified sanctions review. |
EAR Violations
EAR cases often involve unlicensed exports, false statements, prohibited end uses, shipments to restricted parties, or failures to respond to red flags. Administrative penalties matter, but denial of export privileges can be even more disruptive because it affects future business, not just the shipment under review.
ITAR Violations
ITAR violations can arise from unauthorized exports, technical data releases, defense services, registration failures, or poor handling of provisos and exemptions. DDTC resolutions often carry intensive remediation expectations because the regulator expects a documented and actively managed control environment around defense trade activity.
OFAC Violations
OFAC cases turn on sanctions nexus rather than only item classification. A shipment may be commercially routine and still violate the law if blocked persons, prohibited regions, sanctioned vessels, or restricted ownership interests are involved. That makes party screening, ownership review, and routing visibility core controls rather than side checks.
Recent Enforcement Examples
Recent enforcement underscores how often violations grow out of ordinary operational breakdowns rather than dramatic criminal plots. On January 17, 2025, OFAC announced a $1,044,781 settlement with Haas Automation and noted a concurrent BIS settlement of $1,500,000, for combined penalties of $2,544,781 tied to prohibited transactions involving sanctioned and Entity-Listed parties. Cases like that matter because they show how export controls, sanctions screening, distribution oversight, and documentation controls can intersect in one fact pattern.
The lesson for exporters and forwarders is not only that penalties are large. It is that regulators expect companies to connect the dots across classification, customer onboarding, sanctions checks, and shipment execution. A weak handoff between commercial teams and logistics teams is often enough to create a serious exposure profile.
Voluntary Self-Disclosure Benefits
Voluntary self-disclosure is not amnesty, but it can materially change the outcome when a company uncovers a possible violation and responds quickly. Agencies look for timeliness, completeness, candor, root-cause analysis, and real corrective action. If the business waits until a customer complaint, bank inquiry, or government subpoena forces the issue, it loses much of the credit that early disclosure can provide.
Export Compliance for Freight Forwarders and 3PLs
Freight forwarders and 3PLs do not escape export control risk because they are not the manufacturer. They often handle data and decisions that are central to compliance: routing, booking, export filing details, document intake, shipping instructions, and visibility into suspicious changes late in the process. If a forwarder knows or has reason to know that information is false, incomplete, or tied to a prohibited party or end use, exposure can rise quickly.
- Collect clear shipper instructions and verify who is the U.S. principal party in interest and who is acting as forwarding agent.
- Review document consistency across the commercial invoice, packing list, booking, and export filing inputs.
- Escalate unusual routes, vague end-use language, or party changes instead of treating them as routine last-minute edits.
- Keep an audit trail showing what information was provided, when it was provided, and what the forwarder did with it.
- Train operations teams on when to stop and ask questions rather than assuming the shipper has already handled compliance.
Track and document every export milestone for compliance. Terminal49 gives freight forwarders and 3PL teams a shared timeline for documents, exceptions, and shipment status so control checks are easier to prove when paired with your shipper letter of instruction and certificate of origin workflow.
How Terminal49 Supports Export Compliance
Terminal49 is not a legal determination engine for EAR, ITAR, or OFAC decisions, but it can strengthen the operating controls around export compliance. A strong compliance program needs evidence, timing, and coordination across teams. That is where shipment visibility and document discipline matter.
- Complete shipment audit trails that connect milestones, exceptions, and operational handoffs
- Centralized documentation workflows for storing commercial and transport records that support export decisions
- Milestone visibility for compliance-gated events such as document submission, handoff timing, and release checks
- API-friendly workflows that can complement screening, filing, ERP, and internal compliance tooling
- Shared operational context for shippers, forwarders, and internal teams when a transaction needs to be paused or escalated
Build compliance confidence with end-to-end export visibility. When teams can see what changed, when it changed, and which document or shipment event triggered the change, they can respond to holds, screening questions, and record requests with far less confusion.
Export Compliance FAQs
What is export compliance?
Export compliance is the discipline of making sure exports, reexports, transfers, and related technical disclosures follow the laws that govern classification, licensing, party screening, end-use restrictions, sanctions, and record retention.
What is the difference between EAR and ITAR?
The EAR usually govern dual-use and many commercial items through BIS, while the ITAR govern defense articles, defense services, and related technical data on the U.S. Munitions List through DDTC. The classification result determines which agency rules, approvals, and penalties apply.
When do I need an export license?
You may need a license when a controlled item is going to a destination that triggers its reasons for control, when a restricted party or prohibited end use is involved, when sanctions apply, or when the transaction involves ITAR-controlled hardware, data, or services without an available authorization.
What is denied party screening?
Denied party screening is the process of checking whether any party in the transaction is restricted or prohibited under U.S. government lists such as the Entity List, Denied Persons List, Unverified List, or OFAC SDN List, and then resolving any potential matches before proceeding.
What are the penalties for export violations?
Penalties can include civil fines, criminal fines, imprisonment, denial of export privileges, debarment, audits, consent agreements, and major operational disruption. The exact exposure depends on whether the case falls under EAR, ITAR, OFAC, or multiple regimes at once.
How do I classify my product for export?
Start with the product's technical characteristics, determine whether ITAR may apply, then work through the Commerce Control List to identify an ECCN or document why the item is EAR99. High-risk or ambiguous items may justify a formal regulator classification request.
What is an ECCN?
An ECCN is an Export Control Classification Number used under the EAR to identify a controlled item on the Commerce Control List and determine the reasons for control that drive licensing analysis.
Do freight forwarders need export compliance programs?
Yes. Forwarders and 3PLs should have documented controls for screening, document review, escalation of red flags, recordkeeping, and handling of shipper-provided data because they often see the operational facts that reveal export control risk.
What is a voluntary self-disclosure?
A voluntary self-disclosure is a submission to the relevant regulator when a company believes it may have violated export control or sanctions rules. It is generally treated as a mitigating factor when it is timely, complete, and paired with meaningful remediation.
Key Takeaways
- Export compliance covers classification, screening, licensing, recordkeeping, and escalation controls across the full shipment lifecycle.
- EAR, ITAR, and OFAC each apply differently, so teams need a documented process to determine which rules govern a product, party, or destination.
- Denied party screening should be repeated at multiple control points because counterparties, sanctions lists, and shipment details can change.
- A credible export compliance program depends on management support, written procedures, training, records, and a plan for internal audits and disclosures.
- Violations can trigger shipment delays, civil penalties, criminal exposure, denial of export privileges, and major commercial disruption.
