When Experience Matters ®
< Back to Previous Page
Attorneys
Related Practices

International Law Advisory - BIS Publishes Proposed Rule on License Exception for Intra-Company Transfers

October 6, 2008

On October 3, 2008, the US Department of Commerce Bureau of Industry and Security (“BIS”) published a proposed rule amending the Export Administration Regulations (“EAR”) to add a new license exception entitled Intra-Company Transfer (“ICT”).  License Exception ICT would allow an approved parent company and its approved wholly-owned or controlled entities to export, reexport, or transfer many items on the Commerce Control List (“CCL”) among themselves for internal company use.   This rule is only a proposal and is not yet effective.  BIS is accepting comments on the proposed rule until November 17, 2008.

BIS explained that this proposed rule is issued in response to the President’s January 22, 2008 directive on export control reform.  It is intended to reduce the regulatory burden on companies that currently must obtain licenses to export commodities, software, and technology to and among foreign branches and subsidiaries for internal company use.  In the context of increased globalization, this rule is expected to aid in integrating and facilitating companies’ international operations, including cooperation in research and development.

Proposed license exception ICT would allow for license-free exports and reexports to and among affiliated entities, as long as certain requirements are met.  The license exception would not be available automatically.  Instead, a parent company must first submit an internal control plan, among other information, which BIS would review to determine whether the company merits use of the exception.  Even then, the exception would be restricted to pre-approved subsidiaries and ECCNs.  There would also be reporting, audit, and recordkeeping requirements for companies that make use of this license exception.  Further details on the proposed License Exception ICT are provided below:

  • Eligible Entities:  Only a parent company would be authorized to apply for use of the license exception, although it does not have to be an ultimate parent company.  Also, the parent company must be incorporated in or have its principal place of business in the United States or one of 37 other countries listed in Supplement 4 to Part 740 of the EAR.  Eligible applicants do not include colleges and universities, although a professor that contracts with a company to perform proprietary research could potentially be considered an “employee” for purposes of this rule.

    Eligible users and recipients under this license exception would include wholly-owned or controlled in fact subsidiaries or branches of the parent company.  “Controlled in fact” would be defined generally to mean the authority or ability to control day-to-day operations, with a presumption of control existing when:  (a) one entity owns or controls more than 50% of another’s outstanding voting securities; (b) one entity operates the other pursuant to an exclusive management control; or (c) members of one entity’s governing body comprise a majority of the other’s governing body.  The proposed rule does not seem to require that any of approved affiliated entities be located in the United States.

    License exception ICT may also be used for deemed export and reexports.  In other words, “non-US national employees” and “foreign national employees” (defined as non-US nationals who are not citizens/permanent residents of the country in which they are employed) may be eligible users or recipients if the requirements specified below are met.

  • Restrictions:  The most important restriction is that license exception ICT may not be used to export, reexport, or transfer items to any countries (or nationals thereof) in Country Group E or North Korea.  Items exported, reexported, or transferred under this license exception may be subsequently exported, reexported, or transferred in accordance with the EAR, but not under license exception APR (Additional Permissive Reexports).  The license exception also does not apply to items controlled for Encryption Items (EI) or Significant Items (SI) reasons, nor can it be used to transfer technology to foreign national employees without valid work authorization or those on any US Government end-user list of concern.

  • Information to be Submitted to BIS:  Before being approved to use license exception ICT, a parent company must submit the following information to BIS for review:  (1) an internal control plan; (2) documentation showing that the control plan has been implemented; (3) list of wholly-owned or controlled in fact entities that it intends to be eligible users or recipients; (4) a list of entities that own at least a 10% interest in the company and any eligible users or recipients; (5) list of ECCNs of items intended to be exported, reexported, or transferred; (6) a description of the purpose for which these ECCNs will be used; (7) description of its relationship with each eligible user or recipient; and (8) a signed statement that each entity will allow BIS to conduct audits on the use of the license exception.

  • Control Plan:  The purpose of the ICT control plan would be to ensure that items on the CCL are not transferred outside the corporate structure in violation of license exception ICT.  The proposed rule lists the following mandatory elements of an ICT control plan: 
    • Corporate commitment to export compliance 
    • Physical security plan 
    • Information security plan 
    • Personnel screening procedures 
    • Training and awareness program 
    • Self-evaluation program 
    • Letter of assurance for software and technology 
    • Signing of non-disclosure agreements by non-US national employees 
    • Screening foreign national employees against BIS end user lists

Note that any deficiencies discovered through the self-evaluation process must be disclosed to BIS, and any violations discovered should be “voluntarily” self-disclosed.  The proposed rule specifies that the ICT control plan must also describe how each mandatory element will be implemented.  If a company plans to use this license exception for commodities and/or software only, then the company may state in the ICT control plan that certain mandatory elements (specified in the proposed rule) are inapplicable. 

  • BIS Authorization:  Upon reviewing the ICT control plan and other information submitted, BIS will use the following factors to determine whether to grant ICT authorization:  prior licensing history; demonstration of an effective ICT control plan; the need for the license exception, including the requested ECCNs and the relationship of the affiliates to the parent company or other entities of national security or foreign policy concern; and compliance deficiencies and corrective actions detailed in the self-evaluation element of the ICT control plan.

    If BIS grants a company ICT authorization, the license exception may only be used in relation to the pre-approved affiliates and ECCNs.  Additional entities or ECCNs may be authorized after review by BIS.  In case of changes of ownership, the license exception will no longer be valid and the parent company must re-submit information for a new authorization.

  • Reporting Requirements:  Approved companies must submit an annual report to BIS, including the following information:  (1) data on foreign national employees that received technology or source code under license exception ICT during that year; (2) data on foreign national employees that terminated their employment during that year; and (3) a certification that all approved eligible users and recipients are in compliance with the applicable terms and conditions, including the results of the self-evaluations.

  • Audits:  BIS will conduct biennial audits of approved companies, eligible users, and eligible recipients.  While BIS will normally provide notice of its audits, it may conduct an unannounced audit if it has reason to believe that an entity has violated the terms and conditions of the license exception.

  • Recordkeeping Requirements:  Approved companies must retain copies of the ICT control plan and related materials.  All approved entities must also maintain records, by ECCN, of the items that have been exported, reexported, or transferred under license exception ICT, including the release of technology or source code to foreign national employees.

If implemented, license exception ICT may reduce the regulatory burden on certain companies that have multi-national operations.  In particular, it would be useful for companies that currently seek numerous export/reexport licenses (including for deemed exports) for intra-company transfers.  However, in order to obtain authorization to use this license exception, companies would still need to provide BIS with a good deal of detailed information, both for the one-time authorization and continuing reporting requirements.  Primarily, eligible companies would need to implement robust internal control plans and submit documentation to BIS to establish such implementation.  BIS has stated informally that during the authorization process, it will focus on a company’s recordkeeping and retention practices to ensure compliance with the license exception.  Another significant requirement is the disclosure of any compliance deficiencies discovered as part of the self-evaluation process, along with the self-disclosure of any violations found.  While the self-disclosure technically remains voluntary, a company’s decision whether to self-disclose would certainly be influenced by the fact that the company must disclose the compliance deficiencies that gave rise to the violation.

It also remains to be seen how BIS would review requests for ICT authorization, and in what circumstances it would deny authorization.  BIS is likely to analyze closely internal control plans and may even require changes or additional documentation before granting ICT authorization.  Other factors, such as the need for the license exception, could be unpredictable and may potentially limit the application of this proposed rule.

This license exception is most likely to benefit large companies with multiple international affiliates.  BIS estimates that between 2004 and 2006, approximately 200 companies had licenses approved that could potentially qualify as intra-company transfers.  It may be worth the time to complete the one-time authorization process for corporate families that routinely transfer items for service, repair, testing, research and development, and other purposes.  However, for smaller companies and those with fewer intra-company transfers, it may still be more efficient and less burdensome to request individual licenses than to obtain authorization and comply with reporting, recordkeeping, and audit requirements.

If you have any questions about this proposed regulatory change and its implications, or would like to file comments with BIS, please contact Ed Krauland at 202.429.8083 or Michael Gershberg at 202.429.6208.

CONTACT US | PRIVACY | TERMS OF USE | © 2008 STEPTOE & JOHNSON LLP, ALL RIGHTS RESERVED | ATTORNEY ADVERTISING | SITE BY FIRMSEEK
Washington | New York | Chicago | Phoenix | Los Angeles | Century City | Brussels | London