Overview
On April 30, 2025, the US Department of Justice’s (DOJ) National Security Division (NSD) announced a still-rare corporate declination under the NSD’s Export Control and Sanctions Enforcement Policy for Business Organizations (the “Policy”) in connection with a voluntary self-disclosure by Universities Space Research Association (USRA). This announcement – only the second publicly acknowledged declination since the Policy’s update in March 2024 – is significant insofar as it reflects a new ceiling for potentially criminal activity that, if quickly reported, may nevertheless warrant a declination under the Policy. It is also notable in that the current DOJ leadership is maintaining the Policy, at least for now, despite numerous material changes within NSD under the Trump administration.
On April 23, 2025, NSD and the U.S. Attorney’s Office for the Northern District of California entered into an agreement resulting in the declination of charges against USRA for export control and related criminal violations. DOJ confirmed its declination notwithstanding criminal conduct by a former employee, Jonathan Soong, who recently pleaded guilty to the unlicensed export of flight control software to Beihang University in China. As described in DOJ’s announcement and the publicly available agreement with USRA, DOJ based its decision not to prosecute USRA on USRA’s voluntary and prompt disclosure of Soong’s activity, shortly after retention of external counsel, even prior to the conclusion of USRA’s internal investigation of his activities; its implementation of remedial measures, including the repayment of portions of contract payments obtained from the National Aeronautics and Space Administration (NASA); USRA’s discipline of Soong’s supervisor; and the relatively low sensitivity of the technology illegally exported.
The Policy creates a presumption that a company will receive a non-prosecution agreement (NPA), or, where appropriate under the provisions of the Justice Manual, a full declination of any action (and no fine) when it voluntarily self-discloses potentially criminal violations of U.S. export controls and sanctions laws to NSD’s Counterintelligence and Export Control Section (CES), fully cooperates, and timely and appropriately remediates. The presumption of an NPA or declination does not apply where aggravating factors are present. “Potentially” aggravating factors include egregious or pervasive criminal misconduct within the company, concealment or involvement by upper management, repeated administrative and/or criminal violations of national security laws, the export of items that are particularly sensitive or to end users of heightened concern, and a significant profit to the company from the misconduct. Where such aggravating factors are present, NSD has the discretion to seek a different resolution, such as a deferred prosecution agreement or guilty plea.
DOJ’s first-ever announced declination under the Policy involved allegations of export control violations by pharmaceutical developer MilliporeSigma. The MilliporeSigma declination, however, was not particularly instructive for industry: in that case, as we have previously written, the publicly disclosed facts suggest that MilliporeSigma could not possibly have been charged criminally by DOJ – the company in that case was actively deceived by a rogue employee. Were that case taken as the ceiling for misconduct for which a declination was possible, that would have been a low ceiling indeed.
By contrast, the USRA matter suggests that companies may well stand to gain under the Policy even where the prospect of liability is at least plausible. While DOJ’s announcement and the declination agreement itself certainly describe some efforts by Soong to conceal his activities, the agreement also specifically notes that a supervisory employee received discipline as a result of USRA’s internal investigation. Whereas the DOJ described MilleporeSigma as a victim, the USRA declination includes no such language.
The USRA declination also describes a more sensitive technology than that described in the MilleporeSigma declination. Whereas in MilleporeSigma the unlicensed products included chemical compounds that did not present a significant threat to US national security in the quantities and concentrations sold and, in most instances, did not require an export license; in USRA’s case, flight control software falls within the ambit of dual civilian/military technology, even where the export controls at issue are relatively permissive and the illegally licensed software itself was based on EAR99 information.
What does it all mean? First, the USRA case demonstrates that declinations are not only for the absolutely spotless, as the MilleporeSigma matter may have suggested. This may well comfort a broader swath of companies facing the choice between self-disclosure and quiet remediation. In turn, the USRA declination may make for a more effective voluntary self-disclosure regime for DOJ, as incentives for disclosing in less-than-ideal circumstances come into sharper focus.
Second, notwithstanding the slightly higher ceiling, DOJ still plainly values certain key factors. Though not necessarily self-initiated, USRA swiftly undertook a full internal investigation upon learning of a potential problem. Moreover, as with MilleporeSigma, disclosure to DOJ did not wait for the conclusion of an internal investigation. Gauging precisely the moment when a disclosure is appropriate and prudent always involves a degree of subjective judgment and risk, but DOJ continues to signal an incentive for swift action. Issuing that signal in a case where the beneficiary is a company that faced a more plausible chance of prosecution only reinforces the value of early self-disclosure in the right case.
Third, despite indications that DOJ may substantially revise its approach to voluntary self-disclosures, it is maintaining the Policy and its approach to assessing and crediting corporate conduct in resolving criminal investigations of business organizations, at least in the export controls and economic sanctions context. Time will tell if that approach holds or evolves as ongoing policy reviews within DOJ continue forward.
For additional information about the Export Control and Sanctions Enforcement Policy, please contact a member of Steptoe’s National Security & Cross-Border Transactions team.
