Industrial Security

Subscribe to Industrial Security

On October 7, 2022, in a move that was hailed by senior U.S. government officials as a paradigm shift in U.S. export controls policy toward China, the Department of Commerce’s Bureau of Industry and Security (BIS) issued an interim final rule that amends the Export Administration Regulations (EAR) to impose new and expanded controls on advanced computing integrated circuits (ICs), computer commodities that contain such ICs, and certain semiconductor manufacturing items. Transactions for supercomputer end-uses and transactions involving certain entities on the Entity List are now subject to additional export controls, as are certain semiconductor manufacturing items and transactions for certain IC end uses. U.S. person activities as they relate to certain semiconductor activities in China are also now restricted.

Certain aspects of the rule, specified below, including the availability of license exceptions, became effective immediately on October 7, 2022. The new restrictions on U.S. person activities under § 744.6 became effective on October 12, 2022. The remainder of the provisions with a delayed effective date are specified below and will become effective on October 21, 2022. BIS is also accepting public comments on the interim final rule through December 12, 2022.

Separately, also on October 7, 2022, BIS issued a final rule, which revised the Unverified List (UVL) and clarified the activities and criteria that may lead to the addition of an entity to the Entity List. BIS stated that a sustained lack of cooperation by the host government in a country where an end-use check is to be conducted, such as China, that effectively prevents BIS from determining compliance with the EAR, will be grounds for adding an entity to the Entity List.

The U.S. policy goals behind the new rules are ambitious and seek to degrade China’s advanced computing capabilities in an unprecedented manner. As summarized recently by National Security Advisor Jake Sullivan: “On export controls, we have to revisit the longstanding premise of maintaining ‘relative’ advantages over competitors in certain key technologies.  We previously maintained a ‘sliding scale’ approach that said we need to stay only a couple of generations ahead. That is not the strategic environment we are in today. Given the foundational nature of certain technologies, such as advanced logic and memory chips, we must maintain as large of a lead as possible.”

The broad implications of these new rules, along with their efficacy from a policy standpoint, may take some time to come fully in to focus. For now, it is clear that any U.S. or non-U.S. individuals or entities that play any role in the global semiconductor supply chain—whether as manufacturers, producers, consumers, or otherwise—need to carefully review the new rules to determine what is required to comply and, if necessary, seek guidance or a license from BIS.

Continue Reading BIS Issues Expansive New Rules Targeting China

The Department of Commerce’s Bureau of Industry and Security (BIS) has announced policy changes designed to strengthen its administrative enforcement of U.S. export controls. In a memorandum released on June 30, Matthew Axelrod, Assistant Secretary for Export Enforcement at BIS, outlined four new policy changes including (1) significantly higher penalties for egregious violations, (2) elimination of no admit/no deny settlements, (3) offering non-monetary settlement agreements in cases where the violations “do not reflect serious national security harm” but are more serious than cases that receive warnings or no-action letters, and (4) implementation of a dual-track processing system for Voluntary Self Disclosures (VSDs) involving minor or technical infractions and those involving potentially more serious violations. These changes have the potential to significantly increase export enforcement risks for U.S. and non-U.S. companies, and suggest it is time for exporters and reexporters to conduct internal audits, assessments, and monitoring for potential compliance gaps. It may be necessary for some exporters to consider tailoring and enhancing internal export compliance programs, processes, and resources to avoid costly penalties, investigations, business disruptions, and brand damage.

Continue Reading Revamping BIS’s Administrative Enforcement Authorities: Time to Consider More Investment in Internal Corporate Compliance

On June 15, 2022, the United Kingdom will introduce a strict civil liability standard for violations of UK financial sanctions committed after that date.  In anticipation of this important change to the enforcement powers of HM Treasury’s Office of Financial Sanctions Implementation (OFSI), the OFSI enforcement and monetary penalties for breaches of financial sanctions guidance (Monetary Penalties Guidance) has been updated and will take effect from June 15.  OFSI Director, Giles Thomson, also has outlined OFSI’s enforcement approach in light of these imminent changes in a blog post.

For more information on how these developments could impact your organization, contact the author of this post, Alexandra Melia, in Steptoe’s Economic Sanctions team in London.

Continue Reading UK Updates Sanctions Enforcement Guidance in Readiness for Imminent Introduction of Strict Civil Liability for Financial Sanctions Breaches

Between March 24 and April 1, 2022, the US Treasury Department’s Office of Foreign Assets Control (OFAC) designated over 400 Russian elites, Duma members, and defense companies as Specially Designated Nationals (SDNs) pursuant to Executive Order (EO). 14024. OFAC also published four new, limited General Licenses regarding certain humanitarian, import-related, diplomatic, and journalistic activities, added one new FAQ, and published a determination for EO 14024. Separately, the White House has indicated that the United States is seriously considering imposing secondary sanctions against companies engaged in evasive activities with Russia or in business that otherwise undermines sanctions.

Additionally, on April 1, the Commerce Department’s Bureau of Industry and Security (BIS) added 120 entities in Russia and Belarus to the Entity List.

For a summary of prior US sanctions and export controls related to Russia adopted since February 21, 2022, please see our Steptoe blog posts from March 21, March 8, and February 27.

Continue Reading A Summary of The Latest US Sanctions on Russia

On September 21, 2021, the US Department of the Treasury’s Office of Foreign Asset Control (OFAC) issued an updated advisory on the sanctions risks of facilitating ransomware payments.  OFAC issued a prior version of its advisory on October 1, 2020. In the months since, attacks have continued and target entities in the United States, including many in sensitive industries, generating increased concern over the scale of the problem. OFAC’s updated advisory is part of the Biden administration’s ongoing efforts to address the national security and economic risks posed by such attacks. The updated advisory emphasizes that OFAC “strongly discourages” victims from making ransom payments and reemphasizes the sanctions risks of doing so, but also seeks to provide victims with greater clarity about the steps that can be taken to reduce the likelihood of a public enforcement response if a company inadvertently makes or facilitates ransom payments that may have a sanctions nexus.

Continue Reading OFAC Issues Revised Ransomware Advisory