This week a client company sent into the office a list of end items, parts, components, and accessories to be reviewed for a pending EAR/BIS export license application. The list contained several export-controlled items (i.e., items that require a license to be exported to the country/entity in question) along with a long list of 165+ items to support the export program mainly spares most of which, via the quick eyeballing method, are clearly and unambiguously EAR99. While the list contained jurisdiction and classification details for the major end items, the list did not contain classification details for any of the minor parts and components. Our advice to the client? Put a column on your spreadsheet and label it ECCN, add a second column and mark it Self-Classification, CJ or CCATS #; add a third column and label it Date of Classification; a fourth column and label it Person Who Performed Classification (a record needs to be kept showing who can be held to account); and a fifth column labeled Notes. Yes, as an export compliance best practice, you really should have every single end item, part, component, accessory, software, and all written technical data that resides in your company properly reviewed for both jurisdiction (EAR versus ITAR) and classification [Export Control Classification Number (ECCN) or ITAR Category.] Yes, this is tedious, mundane and let’s face it, boring grunt work, but it needs to be done to keep your company safe from potential export violations (unintentionally exporting something abroad that was misclassified and should not have been shipped without a license or use of a license exception) which can result in draconian fines and penalties. Jurisdiction and classification records will also allow you to survive and pass with flying colors a possible U.S. government audit that could happen at any time. And finally, your master list will prove invaluable when you move to the step of creating a Technology Control Plan (TCP) and an Export Compliance Program Manual for your company, both of which are key documents that will serve as guardrails to ensure that you have proper internal controls in place to prevent unauthorized exports or unauthorized release of technical data to foreign nationals that work at or visit your company here in the United States.
Word-to-the-Wise, do not rely on fly-by-the-seat of your pants eyeballing classifications when determining what goes on a license application. Obtain ECCNs and/or ITAR Categories from your suppliers, go through the formal process to self-classify starting with evaluating the USML/ITAR and if not ITAR move on to the Order of Review. If all else fails, file a Commodity Jurisidiction (CJ) with the Statement Department or a CCATS determination with the Department of Commerce. Document the process, keep all records (hard copy or electronic) for at least 5-years (we recommend 10-years), and do it the correct way. Need help? Contact TSI Global Consulting for assistance determining the regulatory jurisdiction and classification of your products.