EDAC Seminar: EDA & Export Compliance
September 26th, 2013 by Peggy Aycinena
EDAC hosted an evening seminar last week that could have taught you everything your company needs to know to meet your Export Compliance requirements – an unbelievably labyrinthine set of rules, created and nurtured by various agencies of the U.S. Government, that are designed in part to prevent sensitive technical IP from falling into the hands of less-than-totally-friendly nation states.
If you weren’t there on September 18th, you were not alone. A surprisingly small number of people showed up for the seminar, although the speaker, Cadence Group Director for Export Compliance and Government Relations Larry Disenhof, is clearly a walking encyclopedia on this stuff, and although EDAC did a great job publicizing the event.
If you didn’t attend EDA & Export Compliance, it was probably for one of two reasons: Your team already knows everything they need to know in order to meet their export obligations, or your team is oblivious to the fact that these requirements are not optional; they’re obligatory and failure to comply can precipitate fines of $250,000 and up, loss of export privileges, cancellation of pending M&A’s, and even jail time.
Disenhof opened the evening by highlighting the various motivations for learning/following the rules, and then spent the next 90 minutes detailing those rules. Needless to say, they’re complicated, starting with the alphabet soup you need to master just to converse about it all: EAR, ITAR, OFAC, TSR, ECCN, NLR, and DDTC for starters.
If you don’t memorize these acronyms, you won’t understand: “The ability to use NLR or a License Exception will be determined by the ECCN, destination and end-use. And most ITAR items will require DDTC licensing.”
Then there are the Commerce Control List Categories, numbered 0 to 9, and A to E. For instance, Category 3D991 includes most EDA software, while various types of IP fall into categories such as 3E991 or EAR99. Meanwhile, no matter that most EDA and IP categories are not restricted, all categories on the Commerce Control List are controlled. Stated otherwise, “unrestricted does not mean uncontrolled.”
And what does controlled versus restricted mean? It means that you need to keep track of which non-US Person will have access to your products, even if that person is working in your offices within the U.S., and you need to keep track of the destination country for your exports. Controlled products cannot be sold at any time to any of the Group E1 countries – Cuba, Iran, North Korea, Sudan, or Syria – while restricted products cannot be sold to any Group D1 countries, which include PRC and Russia, without special permissions.
Okay, this is just the tip of the iceberg and only a small bit of what Larry Disenhof presented on September 18th. The thousands of rules, he told us, are detailed in hundreds of pages of documentation, some but not all of which are available online on various government websites.
And by the way, the rules and regulations change and evolve – sometimes week-by-week and even day-by-day – so companies like Cadence, Mentor and Synopsys keep well-trained folks on staff who are committed to tracking all of it full time. The smaller companies who don’t have that kind of bandwidth, if they’re members of EDAC, can reach out to the Consortium for clarification. Otherwise, it’s not clear what a company’s got to do to master their obligations.
You might be asking why it matters at all, if most EDA and IP software is controlled but not restricted, but that’s not the right attitude. Disenhof emphasized that you’re not only responsible for knowing who you’re selling your products to, and where they’re located, you’re also responsible for making sure that your customers don’t sell products that include your products to entities on the Group E1 list, or possibly the Group D1 list, or any other government-declared restricted/controlled export lists … ever.
Because the agreements you’re required to get your customers to sign are written to last beyond the shelf life of your business relationships with them. Your customers have to honor those agreements, even if you’re no longer trading with them. Are you following this? More importantly, did you even know this?
Yeah, pretty complex stuff that warrants far more attention than just a 90-minute visit to an evening seminar sponsored by EDAC. No matter that these rules may or may not actually succeed in keeping American technical innovation and its implications within the circle of her allied nation states, it’s still your legal obligation, if you produce IP and/or EDA tools, to know the rules and follow them.
For starters …
DDTC – Department of Defense Trade Controls
EAR – Export Administration Regulations [U.S Department of Commerce, Bureau of Industry & Security]
ECCN – Export Control Classification Number
ITAR – International Traffic in Arms Regulations [U.S Department of State, Directorate of Defense Trade Controls]
OFAC – Office of Foreign Assets Control [U.S. Department of the Treasury, Terrorism and Financial Intelligence]
US Person – Person holding US Citizenship, Green Card, or special refugee status. Someone who is legally protected from being deported due to citizenship status.
Wassenaar – An arrangement on Export controls for Conventional Arms Use, Goods & Technology
Tags: Cadence, EDA, EDAC, Export Compliance, Larry Disenhof, Mentor, Synopsys, US Person