On October 3, 2008, the U.S. Department of Commerce, Bureau of Industry and Security ("BIS") published a proposed rule on a new export license exception authorizing intra-company transfers ("ICT") of products, software and technology restricted under the Export Administration Regulations ("EAR") (15 CFR Parts 730-772). 73 Federal Register 57554. The proposed rule is similar, in effect, to the current policy permitting special comprehensive licenses (15 C.F.R. Part 752); BIS hopes, however, that the new proposed rule will be better able to streamline the export licensing process for internal company exchanges of hardware and technology. If adopted, the proposed ICT rule would significantly reduce existing barriers to the unlicensed, world-wide, intra-company transfer of large categories of controlled products and technology. The freedom that would accompany the rule, however, comes with a heavy administrative burden.
Some of the highlights of the proposed rule are described below.
The proposed license exception would allow an approved parent company and its approved "controlled in fact" affiliates to export, reexport, or make in-country transfers when the approved products are intended for internal company use.
- Approved Companies. The license exception would apply only to certain approved companies that have specifically applied for and received permission, and to their "controlled in fact" affiliates – all of which must be listed in the BIS application and subsequently approved. The license exception would extend, under certain circumstances, to "non-U.S. national employees" and to "foreign national employees" of the approved companies. "Controlled in fact" is defined in the proposed rule.
- Approved Countries. The ICT license exception would only be available to companies incorporated in the United States and certain "friendly" countries, including countries in the European Union, NATO, ANZUS, Japan, South Korea, Switzerland, and Argentina. Note that this license exception is not available for applicants incorporated or having their principal place of business in countries such as India, Singapore, Thailand, or China. It would, however, allow intra-company transfers to "controlled in fact" subsidiaries that are located in any of these countries.
- Approved Products. Beyond limiting the ICT license exception to certain approved applicants and affiliates, it would also be limited to certain approved products and technologies specifically enumerated in the ICT application packet and approved by BIS. The ICT license exception would not be available, however, for certain "hot technologies," e.g., those relating to space-use, missile technology, and other enumerated products.
- Internal Use Only. The ICT license exception is limited exclusively for internal company use. Thus, for example, an approved company could not use this license exception to ship a product to a foreign office in China for marketing and resale there without a required license. Such exports would still need BIS approval as required under the EAR.
The proposed license exception would be limited to those companies that demonstrate effective internal controls.
- ICT Control Plan. In order to qualify for the ICT license exception, the parent company must have an approved ICT Control Plan. The ICT Control Plan could be integrated and included with a company’s more comprehensive export control plan, but the ICT Control Plan must be approved by BIS prior to any intra-company transfer that would otherwise require a license. A required ICT Control Plan would include a number of features outlined in the proposed rules, including mandatory training protocols, security plans, clear lines of export-related responsibility, and the requirement to conduct periodic self-evaluations and self-audits. A company may negotiate with BIS to narrow the scope the exception, resulting in a narrower plan.
- ICT Application Packet. The formal ICT application to BIS should include detailed information on the applying company, all "controlled in fact" affiliates for which the license exception would be requested, and a statement as to why the company needs to utilize the license exception. In issuing the final ICT approval, BIS would: (i) set specific terms and conditions under which the license exception could be used; and (ii) enumerate the specific companies that qualify, as well as the specific products and technologies that are covered under the license exception. Exports to any companies not listed or of any products or technologies not included in the approved ICT application will continue to require a separate license from BIS. While the proposed rule is silent as to how long the BIS review period is expected to take, it seems that BIS expects the reviews to take approximately 5-6 weeks.
- Annual Reports. Approved parent companies would also be required to submit annual reports on their use of the ICT license exception. The mandatory reports would identify the names of foreign national employees (both those currently employed and those leaving the company within the last year) who received technology or source code under the ICT license exception during the reporting year. Company officers must also certify that all approved entities are complying with the terms and conditions of the ICT license exception, including the results of all self-evaluations.
- Ongoing Audits. In submitting the initial ICT application request, a company would authorize BIS to conduct compliance audits. While BIS claims that it will conduct an audit every other year, BIS would also reserve the right to conduct other "special unannounced system reviews" if BIS feels that a company has failed to comply with its obligations under the ICT license exception. It seems reasonable to conclude that the results of any internal self-evaluations that are disclosed to BIS in connection with the annual reports will undoubtedly be among the first issues scrutinized during a BIS audit.
The proposed license exception could provide a significant benefit to approved companies.
Among the apparent benefits of the ICT license exception are:
- Reduced administrative burdens in applying for and tracking individual licenses for intra-company transfers;
- Reduced oversight obligations on the day-to-day operations of foreign-national employees;
- Elimination of the license processing lag-time; and
- Improved ability to engage in product development and testing – both with regard to foreign national employees working in the United States, as well as at overseas facilities – by allowing more streamlined information exchange procedures.
The proposed rule, if adopted, could streamline and expedite the flow of certain information and commodities within a single enterprise, potentially increasing efficiency and facilitating the operation of a controlled enterprise as a unitary entity. Whether the ICT license exception would be sufficiently broad to satisfy a company’s needs (based on the types of products or technologies that would be exported under the license exception), is a question that would obviously vary from company to company and across industries. The proposed exception, however, would come at a cost, namely: (i) the one-time cost of developing a robust ICT Control Plan; (ii) annual reporting obligations; and (iii) recurring and regularized audit scrutiny. Several of the public comments on the proposed rule question its utility in light of the existing availability of special comprehensive licenses and its broad compliance requirements. Should the rule become final, companies will obviously need to assess as an individualized business proposition whether the benefits outweigh the additional compliance burdens in determining whether to avail themselves of the license exception.