Compliance Programs

On February 10, 2025, President Trump issued an Executive Order on “Pausing Foreign Corrupt Practices Act Enforcement to Further American Economic and National Security” (“the E.O.”). The E.O. orders Attorney General, Pam Bondi, to cease initiation of new enforcement actions under the Foreign Corrupt Practices Act (“FCPA”), review all existing investigations and enforcement actions, and issue new guidelines and policies as necessary.

On December 5, 2022, the U.S. Department of State Directorate of Defense Trade Controls (“DDTC”) issued new Compliance Program Guidelines (“the Guidelines”) intended to provide an overview of DDTC’s expectations for an effective compliance program. The Guidelines discuss controls contained in the Arms Export Control Act (“AECA”) and the International Traffic in Arms Regulations (“ITAR”). The Guidelines also outline key elements of an effective ITAR Compliance Program (“ICP”), and identify suggestions, common compliance pitfalls, and tips for best practices.  

To more effectively counter transnational corruption and economic sanctions evasion, recent changes to the U.S. anti-money laundering (“AML”) whistleblower regime expand and reinforce whistleblower protections and rewards in the Bank Secrecy Act of 1970, as amended (“BSA”).¹ These changes to the BSA/AML whistleblower framework have significant implications, not only for “financial institutions” (as defined in the BSA) already subject to regulation under the BSA, but for all individuals and entities seeking to comply with U.S. economic sanctions administered by the U.S. Department of the Treasury (“Treasury”) Office of Foreign Assets Control (“OFAC”).

We have seen a tremendous year in the trade and national security front and are now, more than ever, deeply aware of the impact trade compliance professionals have on safeguarding national security in the face of continued geopolitical threats. Here are some of the 2022 year-end review highlights.

DOJ’s new compliance certification requirement seeks to “empower” CCOs.

A new policy at the U.S. Department of Justice (“DOJ”) pertaining to Foreign Corrupt Practices Act (“FCPA”)/anti-corruption compliance has recently sent shockwaves through the corporate compliance community. The change was first previewed by Assistant Attorney General (“AAG”) for the DOJ’s Criminal Division Kenneth Polite in a speech delivered on March 22, 2022:

Lately there has been much chatter about Environmental, Social, and Governance (“ESG”) policies in business. Elon Musk has called ESG “an outrageous scam.” And while there is no clear definition, investors and ratings agencies, as well as ultimate buyers and consumers, increasingly look for financially and morally sound companies that are committed to these principles, and the U.S. government is codifying various aspects of the wider ESG umbrella into law. While commenters tend to focus much attention on the Environmental side, this article will look at the trade-related areas encompassed by the Social and Governance aspects of ESG, including Human Rights, Forced Labor, Trade Controls, Anti-Corruption, and other areas of trade-related corporate compliance.

The U.S. Department of Justice ("DOJ") is making it harder on companies that commit corporate crimes. A lot harder.

That’s the message that Deputy Attorney General Lisa Monaco recently gave attendees at the American Bar Association's White Collar Crime Conference in Miami. In her speech, DAG Monaco laid out the major changes to how the DOJ will approach corporate crimes and the individuals who commit them.

On October 28, 2021, Deputy Attorney General Lisa Monaco addressed the ABA’s National Institute on White Collar Crime, in which she made clear that monitorships are back on the menu as a means of ensuring corporate compliance. DAG Monaco stated that, “to the extent that prior Justice Department guidance suggested that monitorships are disfavored or are the exception,” she is rescinding that guidance, emphasizing “that the department is free to require the imposition of independent monitors whenever appropriate.”¹

Knowledge of the monitorship process – what may lead to it and what it can mean for your organization – is crucial for general counsels and employees alike. This article intends to demystify these court appointments, providing an overview of Department of Justice² Monitorships, when they are imposed, what they can entail and cost, and what they mean for both industry and counsel.

On December 21, 2020, the Department of Defense (“DoD”) published a final rule with request for comments (the “Final Rule”), effective on February 24, 2021, codifying NISPOM in Title 32, Part 117 of the Code of Federal Regulations (“CFR”). In addition to codifying the NISPOM, the Final Rule makes other changes relevant to industrial security.

On September 21^st, the U. S. Food and Drug Administration (FDA) announced a proposed rule change to the Food Safety Modernization Act (FSMA).

In order to better manage the Defense Industrial Base’s compliance with cybersecurity obligations under the Defense Federal Acquisition Regulation Supplement (“DFARS”), the Department of Defense (“DoD”) is instituting a new program that requires defense contractors and subcontractors to obtain a certification of compliance with cybersecurity requirements to be eligible for bidding on and receiving government contracts. 

Agreements executed under the International Traffic in Arms Regulations (“ITAR”) serve as a licensing tool for the transfer of defense articles, technical data, manufacturing know-how, and defense services between a U.S. party and a foreign party. Fulfilling the requirements of those agreements is a critical part of ITAR compliance, as demonstrated by the recent L3Harris Technologies, Inc. (“L3Harris” or “the Company”) consent agreement with the U.S. Department of State (“State”), Directorate of Defense Trade Controls (“DDTC”).

Yesterday the Directorate of Defense Trade Controls published an update to its operations. Read this trade alert for full details.

Companies often must decide whether to conduct internal investigations after receiving information that could indicate ongoing violations of export control or economic sanction laws and regulations. It is important that they take adequate steps to preserve attorney-client privilege, immediately stop ongoing violations, and ensure resources and personnel are assigned to the investigative team. Deciding whether to conduct an investigation will ultimately depend on a variety of factors, and there are a number of decisions to be made at the outset of the investigation as outlined below.

Today the Directorate of Defense Trade Controls published an update to its operations.

The intersection of immigration, anti-discrimination, and U.S. export control laws can be confusing for employers. But recent settlement agreements between the U.S. Department of Justice (“DOJ”) and multinational corporations and large international law firms, demonstrate that the DOJ will not tolerate employers discriminating against non-U.S. persons. This article will provide an overview of the intersection, and friction between, U.S. immigration, anti-discrimination, and export control laws and regulations.

***This article first appeared in the WorldECR journal in their November 2019 Issue.

In recent years, the U.S. Securities and Exchange Commission appears to be taking a more active role in a regulatory area for which it is not traditionally associated: economic sanctions.

In the United States, when violations of the export rules are discovered, exporters have the option to prepare and submit Voluntary Self-Disclosures to the U.S. export agencies in exchange for reduced penalties. These VSDs are formal statements containing a description of the violation and a promise to remedy the conduct that led to it.

Unfortunately, companies do not always follow through with the full implementation of the promised corrective measures, in some cases discontinuing the remedial process measures altogether. 

Since the Trade Facilitation and Trade Enforcement Act of 2015 (“TFTEA”) was signed into law in February 2016, U.S. Customs and Border Protection (“CBP”) has increased enforcement of U.S. import laws and regulations. Increased enforcement and associated risks should drive an increased focus by importers on compliance with CBP regulations. However, there remains a knowledge gap among some importing companies and non-trade attorneys related to a few of the basics of import regulations. In this regard, businesses and corporate attorneys should familiarize themselves with the issues below in order to navigate the increasingly risky waters of customs compliance.

On April 30, 2018, the Directorate of Defense Trade Controls (“DDTC”) announced it had launched a new, redesigned version of its website. This is the first time DDTC has made changes to its website in several years. The new website is designed to improve the navigation, searchability, accessibility, and improve the experience on mobile devices. The improvements are expected to continue in the future, as the Department of State seeks to improve and provide a more consistent experience across all Department sites. If you have any questions about the redesign, or where information is located on the new website, please feel free to contact us or DDTC’s response team at (202) 663-1282. To access the new website, go to https://www.pmddtc.state.gov/.

Pursuant to Section 231(a) of the Countering America’s Adversaries Through Sanctions Act (“CAATSA” or “the Act”),[1]  beginning January 29, 2018, President Trump is required to impose five or more of the Act’s laundry list of sanctions, found in Section 235, on persons that the President has determined to have knowingly engaged in a “significant transaction” with a person that is part of, or operating for or on behalf of, the defense or intelligence sectors of the Russian government. This article reviews the extraterritorial impact of the Act on non-U.S. persons, and provides some guidance regarding how to best prepare for these new developments.

The deadline for full compliance with NIST 800-171 was December 31, 2017. Originally it was believed that, in order to be fully compliant with NIST 800-171, defense contractors would be required to have implemented all 110 of the security requirements by December 31, 2017. However, subsequent guidance from the Department of Defense (“DoD”) shows this is not necessarily the case.

On October 6, 2017, the U.S. Census Bureau’s International Trade Management Division (“ITMD” or “Census Bureau”) published an Advanced Notice of Proposed Rulemaking (“ANPRM”) seeking public comments regarding standard and routed export transactions.[1] The comment period will end on December 5, 2017. The Census Bureau is particularly interested in comments regarding the definition of a routed export transaction and the responsibilities of parties in routed export transactions. 

This article is the second part of a two-part series. In the first article, we introduced the types of company visits conducted by the two major U.S. export agencies,[1] and discussed potential outcomes and consequences of these visits. In this second article, we discuss what to expect during a visit from the agencies and best practices to prepare for them.  The first article can be accessed here.

Many exporters are at least vaguely familiar with the “company visits” or “outreach visits” conducted by the export control agencies, but most have very little idea what these visits actually entail, how a company is selected for a visit, or the potential consequences of such a visit. Exporters, freight forwarders, non-exporting manufacturers of defense articles, and companies that share controlled technology with foreign persons, resulting in “deemed exports” should thoroughly prepare for these visits if they are ever “lucky enough” to be selected.

It is easy to think of the various U.S. government agencies with trade control responsibilities as operating entirely separate from one another. Often, that can be the case. Industry professionals have learned through the process of Export Control Reform that many trade procedures are not at all synchronized amongst the respective agencies. A final rule published by the Department of State this year serves as a reminder that, in many ways, certain functions of the various trade agencies are inextricably linked, and these agencies rely on one another to perform certain tasks. 

On June 29, 2017, in an effort to continue to transform the way U.S. Customs and Border Protection (“CBP”) approaches trade through the Centers of Excellence and Expertise (“Centers”), CBP released a new trade process document that includes new responsibilities and procedures for importers, brokers, agents, or filers.

On January 19, 2017, the Bureau of Industry and Security (“BIS”) published a final rule regarding new support documentation requirements with respect to exports to Hong Kong.

This article briefly discusses the types of activities that trigger the brokering registration requirement under the International Traffic in Arms Regulations for freight forwarders.