Any business that exports products outside the U.S. has to comply with an alphabet soup of trade regulations. For high-tech companies, one of the main trade concerns is preventing leading-edge technology from falling into the wrong hands. However, even companies that sell exclusively within the U.S. are not exempt from these regulations: what a device is used for; who is using it and where it’s being used can all impact a sale.
"Export compliance is a hugely complicated activity and hugely painful if it is done incorrectly," said Barney Martin, vice president of industry practices for the Electronic Components Industry Association (ECIA). "There are significant financial and criminal penalties for noncompliance."
Although component makers and end-customers are ultimately responsible for compliance of their products, distributors ship hundreds of thousands of component orders every day. Distributors not only have to be cognizant of prohibited destinations; they have to ensure the flow-through of compliance-related data from the component supplier through to the end customer.
The vast majority of products handled by distributors fall under the auspices of Export Administration Regulations (EAR). These cover commercial, dual-use, and minor military commodities. "Dual-use" refers to items which have both commercial and military applications. International Traffic in Arms Regulations (ITAR) controls the export of specific military and space-related commodities through direct commercial sales and through the U.S. Government’s Foreign Military Sales (FMS) Program. The U.S. government identifies and flags nations, businesses and individuals who are prohibited from receiving certain goods and makes that information available to businesses. It is a data-intensive process that some distributors automate in-house; others use software or third parties to vet their shipments.
"The majority of our export goods are designated EAR99 and do not require a license to ship to our international customers," said Gary Wash, director trade compliance for TTI. "Only a small percentage of our exports involve products that are ITAR or EAR-controlled. Regardless, TTI takes seriously its compliance obligations to identify and account for EAR and ITAR-controlled items and technical data the company handles."
Many distributors internally collect and manage trade-related data supplied by U.S. government agencies. Software and third-party solution providers may also be used by the channel. "Export-controlled technical data has its own unique set of rules designed to ensure that it is not inadvertently released or ‘exported’ to foreign persons either inside or outside the United States," explains Wash. "As an ITAR-registered company, we are required to have procedures in place that enable us to trace processing steps of ITAR-controlled transactions from the time we receive controlled parts to the time they are shipped. And, similar processes exist for export-controlled parts under the EAR."
Once a part TTI purchases is identified as export-controlled, the distributor sets controls in its purchasing system with appropriate identifiers to indicate it as EAR or ITAR-controlled. "When orders for that part hit the system, our sales and product teams are trained to recognize and treat it as an order requiring review and approval by the Office of Trade Compliance," said Wash. "System security will not allow the order to process until such time export due diligence has been performed and compliance requirements are satisfied. Restricted party screening is part of the review process, with a goal of ensuring that none of the end users of our products downstream are trade-prohibited parties."
Products are not the only concern for companies that export goods: the supply chain itself is a security risk. Some businesses participate in voluntary programs to "harden" the supply chain such as the Customs-Trade Partnership Against Terrorism (C-TPAT). Companies sign an agreement to work with U.S. Customs and Border Protection (CBP) to protect the supply chain, identify security gaps, and implement specific security measures and best practices. Businesses then provide CBP with a security profile outlining the specific security measures the company has in place. Once a company is certified to C-TPAT it is considered low risk, resulting in expedited processing of their cargo.
Distributors not only comply with trade regulations but can assist suppliers and customers if conflicts arise. "TTI partners with its supplier community to determine the export jurisdiction of parts they supply to us, and our internal processes and procedures support our customer’s need-to-know the export classification of the parts they purchase from us," explains Wash. "Should conflicts arise with regard to the classification of goods, TTI works diligently with both the supplier and customer to resolve them so that all parties are on the same page and arrive at the most accurate conclusion."
TTI participates in C-TPAT, and ITAR and its related internal controls provide a high level of security across the supply chain, concludes Wash. "Trade compliance is not a ‘one and done’ process," he adds, "it is constantly changing and evolving, especially as the federal government introduces new laws and regulations which TTI and other affected parties must be prepared to understand and follow as the law of the land."