How Itar & Ear Advisory Can Secure Your Company's Global Trade?

Correct classification is the foundation of compliance. A misclassified item can expose your company to enforcement action even if you believed you were complying. Under ITAR, you must determine whether an article or technical data is on the United States Munitions List (USML). Under EAR, you must check the Commerce Control List (CCL) and apply the appropriate Export Control Classification Number (ECCN). Courts and regulatory agencies focus heavily on whether a company exercised reasonable care in making this determination. In practice, borderline cases between ITAR and EAR jurisdiction create the most litigation exposure because companies often defer classification decisions or apply inconsistent standards across business units.

Deemed export doctrine holds that disclosure of controlled technical data to a foreign national in the United States is treated as an export to that person's country of nationality. This rule catches many companies off guard. If you permit a foreign national employee, contractor, or visitor to access technical drawings, source code, manufacturing specifications, or engineering discussions without an export license or exemption, you may have violated export control law. The regulatory agencies take this rule seriously because it prevents technology transfer without official authorization. Real-world outcomes depend heavily on whether your company maintained clear access controls and documented the citizenship status of personnel with access to controlled information.

A comprehensive audit reviews product classification decisions, export transaction records, technical data access logs, employee training documentation, and customer screening procedures. The audit should verify that your company maintains current denied party screening against the Commerce Department's Entity List, the Treasury Department's Specially Designated Nationals list, and the State Department's debarred contractors list. Many companies fail at this step because they screen new customers but do not re-screen existing customers or re-check denied party lists periodically as they are updated. The audit should also confirm that your organization has documented the basis for every classification decision and maintains evidence of the licensing process for controlled shipments.

New York does not impose separate export control licensing requirements; federal law preempts the field. However, New York contract law and fiduciary duty principles apply to disputes between companies and their export compliance vendors or consultants. If your organization relies on third-party advisors for classification or licensing decisions, the terms of that engagement and the standard of care expected of the advisor become relevant if disputes arise. Additionally, New York courts have recognized that board-level decisions affecting export compliance can implicate director and officer liability under New York Business Corporation Law if negligence or recklessness in compliance oversight can be demonstrated.

Agency investigations typically begin with a civil investigative demand (CID) requesting documents, testimony, and records related to specific transactions or product lines. Responding to a CID requires careful coordination because your response becomes evidence in potential enforcement proceedings. You should treat every CID response as if it will be reviewed by prosecutors and judges. The investigation may expand to interviews with company officers, employees, and business partners. If the agency concludes that criminal conduct occurred, it may refer the matter to the Department of Justice for prosecution. Cooperation during the investigative phase, including voluntary disclosure of violations, can significantly influence agency discretion in charging decisions and penalty recommendations.

Before responding to any government inquiry, your organization must retain experienced export control counsel and coordinate with your business advisory team to assess the scope of potential exposure. Decisions about voluntary disclosure, scope of remediation, and litigation strategy should be made with full legal advice and documented for attorney-client privilege. Do not assume that transparency alone will result in favorable treatment; agencies have enforcement policies and penalty guidelines that apply regardless of cooperation level. The timing and scope of your response can affect whether the matter remains civil or escalates to criminal referral.

Documented classification decisions, maintained in a centralized database with audit trails, provide evidence of reasonable care if violations are later alleged. Quarterly denied party list screening and re-screening of existing customers demonstrate ongoing diligence. Training records for all employees with access to controlled technical data create a paper trail showing that your organization invested in compliance awareness. Export transaction records should include the ECCN or USML category, the licensing determination, the basis for any license exception claimed, and the identity of the approving officer. A table summarizing key compliance touchpoints is helpful:

If your compliance review identifies a violation, the decision to pursue voluntary disclosure under Commerce or State Department procedures should be made with counsel. Voluntary disclosure can result in reduced penalties, but it also creates a record of the violation that could be used in subsequent litigation or enforcement proceedings. The threshold question is whether disclosure is strategically advantageous given the scope of the violation, the likelihood of detection by agency audit, and the company's enforcement history. This is where arraignment and bail hearing experience with government procedures informs the analysis of how agencies evaluate cooperation and mitigating factors in penalty determinations.