How Do Itar and Ear Regulations Apply to Corporate Export Compliance?

ITAR and EAR operate under different statutory authorities, enforcement agencies, and penalty structures, requiring corporations to adopt tailored compliance protocols for each regime. ITAR governs defense articles and technical data under State Department jurisdiction, while EAR regulates dual-use items and technical information under Commerce Department authority. A corporation exporting the same item may face overlapping or sequential regulatory obligations depending on the item's classification, destination, and end-use, creating compliance complexity that demands early legal review.

From a practitioner's perspective, many corporate export violations stem not from deliberate circumvention but from misclassification, inadequate screening of foreign nationals or end-users, or failure to update internal controls as regulatory guidance evolves. The distinction matters because ITAR violations often carry higher criminal penalties and mandatory license revocation, while EAR violations may allow for settlement or administrative remedies in some contexts. Corporations that establish documented classification procedures, maintain audit trails, and seek timely advisory opinions demonstrate a compliance posture that can influence agency discretion in enforcement decisions.

Determining what constitutes a controlled item or technical data under ITAR and EAR is the threshold legal question for any corporation engaged in international transactions. ITAR's U.S. Munitions List (USML) includes weapons, military components, and related technical data; EAR's Commerce Control List (CCL) covers dual-use items, such as semiconductors, encryption software, and advanced manufacturing equipment. Both regimes extend liability to technical data in tangible form (blueprints, software source code, specifications) and intangible form (oral disclosures, email exchanges, training sessions).

Deemed exports represent a particularly high-risk area. Under both ITAR and EAR, disclosure of controlled technical data to a foreign national on U.S. .oil—without an export license—is treated as an export subject to the same regulatory requirements as physical shipment abroad. Corporations with foreign national employees or contractors, or those hosting international conferences or site visits, must screen participants and restrict access to controlled information with the same rigor applied to overseas transactions. Courts and administrative tribunals have upheld enforcement actions based on inadvertent oral disclosures, emphasizing that intent to export is not required; knowledge that technical data is controlled and that the recipient is a foreign national suffices for liability.

Both the State Department and Commerce Department pursue administrative enforcement through civil penalty proceedings, which typically precede or occur in parallel with criminal investigation. Administrative liability does not require proof of criminal intent; a corporation may face civil penalties for negligent misclassification or failure to implement adequate controls. Agencies typically issue a charging letter or notice of violation, triggering an administrative hearing process in which the corporation may contest the factual allegations, argue mitigating circumstances, or propose settlement.

The administrative hearing process varies by agency. For ITAR violations, the State Department may convene an administrative law judge hearing; for EAR violations, the Commerce Department's Bureau of Industry and Security conducts civil penalty proceedings. In practice, many corporations negotiate settlement agreements that include monetary penalties, enhanced compliance certifications, and periodic audits—avoiding both the expense of protracted litigation and the reputational harm of public adjudication. Settlement frameworks often reflect agency assessments of compliance history, cooperation, and remedial measures, meaning that early legal engagement and documented corrective action can significantly influence outcomes.

Criminal prosecution under ITAR and EAR requires proof of willful violation or knowing conduct, a higher scienter standard than civil liability. The Department of Justice, working with agency investigators, pursues criminal cases involving deliberate circumvention, false statements on export license applications, or exports to sanctioned jurisdictions or designated end-users. A corporation's compliance posture—or lack thereof—becomes central evidence in criminal cases; agencies scrutinize whether the company maintained classification procedures, trained personnel, and sought guidance when uncertain.

Investigative triggers include licensing audits, customs inspections, industry referrals, and whistleblower reports. Once an investigation commences, corporations typically receive target letters or subpoenas requesting documents, witness interviews, and compliance records. At this stage, engaging experienced counsel is critical. An attorney can advise on privilege protections, coordinate document production, and assess exposure across administrative and criminal tracks simultaneously. The intersection of administrative and criminal proceedings creates strategic complexity; statements made during administrative proceedings may be discoverable in criminal cases, and vice versa.

Effective export control compliance requires a documented framework that addresses classification, foreign national screening, deemed export protocols, and record-keeping. Agencies publish regulatory guidance, classification rulings, and commodity jurisdiction determinations; corporations that track and implement these updates demonstrate a culture of compliance that can mitigate enforcement risk. Many corporations engage counsel to conduct compliance audits, develop classification manuals, and establish internal review processes for high-risk transactions.

Recent enforcement trends show increased focus on foreign national access to controlled information, supply chain diversion, and emerging technology sectors, such as artificial intelligence, semiconductors, and biotechnology. Agencies have also expanded sanctions-related enforcement, particularly regarding Iran, North Korea, and Russia, creating heightened exposure for corporations with global operations or supply chains. Consulting with counsel experienced in ITAR and EAR advisory services allows corporations to align compliance programs with current regulatory priorities and reduce the likelihood of enforcement contact.

When an administrative agency issues a civil penalty or license revocation, a corporation may request a hearing before an administrative law judge or appeal to the agency's review authority. These hearings operate under Administrative Procedure Act standards; the agency bears the burden of proving the violation by a preponderance of evidence, but the corporation must affirmatively establish any affirmative defenses or mitigating factors. The hearing process allows for discovery of agency investigative files, examination of witnesses, and presentation of expert testimony on classification or compliance standards.

In New York and other federal jurisdictions, corporations that exhaust administrative hearings may seek judicial review in federal court under the Administrative Procedure Act, challenging agency decisions as arbitrary, capricious, or unsupported by substantial evidence. However, judicial review is narrow; courts defer to agency expertise on technical classifications and regulatory interpretation. The practical significance of administrative exhaustion is that it creates a final administrative record on which judicial review proceeds, making the quality of evidence and legal arguments presented during the administrative hearing critical to any subsequent court challenge.

As export control regulations expand and enforcement priorities shift, corporations should evaluate their classification protocols, foreign national access controls, and record documentation systems against current agency guidance. Early consultation with counsel allows identification of compliance gaps, remediation before enforcement contact, and strategic positioning should investigations arise. The goal is not merely avoiding penalties but building an operational posture that withstands regulatory scrutiny and positions the corporation for sustainable international commerce.