State Department Consent Agreements with Aeroflex, Inc. and Meggitt-USA, Inc. Provide Blueprint for Compliance Success

by BakerHostetler
Contact

On August 6 and 23, 2013, the US Department of State entered into Consent Agreements with Aeroflex, Inc. (Aeroflex) and Meggitt-USA, Inc. (Meggitt) to resolve numerous alleged violations of the Arms Export Control Act (AECA) and the International Traffic in Arms Regulations (ITAR). In both cases, the alleged violations cover a litany of actions over a number of years that evidenced ineffective compliance programs that repeatedly failed to take into account export control requirements.

The alleged violations, in the case of Aeroflex, included (i) multiple exports, without required licenses, of ITAR-controlled electronic and microelectronic items, some of which were satellite-related, to 30 countries, including China, a U.S. arms-embargoed destination, (ii) causing the unauthorized export of ITAR-controlled items by selling them to domestic buyers who exported them without required licenses due to Aeroflex's failure to identify properly items subject to State Department export control jurisdiction, (iii) selling ITAR-controlled items with knowledge that they would be reexported without the required authorization of the Directorate of Defense Trade Controls (DDTC), and (iv) misuse of the Canadian Exemption for the export of ITAR-controlled items to Canada resulting in unauthorized exports.

In addition, the company is alleged to have incorrectly relied on commodity classification guidance from the Department of Commerce for items that were, in fact, subject to State Department export control jurisdiction, instead of seeking classification guidance under the State Department's Commodity Jurisdiction, procedure. Even where Commodity Jurisdiction determinations were requested and received, the company is alleged, in at least one case, not to have appropriately disseminated them within the organization, and to have read them too narrowly. Moreover, it allegedly exported, without a required license, certain items for which a Commodity Jurisdiction request had been submitted, while that request was under review (in contravention of longstanding DDTC guidance to treat items covered in a Commodity Jurisdiction request as ITAR controlled, unless and until DDTC determines they are not ITAR controlled).

In the case of Meggitt, the alleged violations included (i) unauthorized exports, not only of ITAR-controlled products, but also of technical data and defense services, to a variety of countries, including the PRC - - a proscribed destination, (ii) violating the terms, conditions, and provisos of licenses, (iii) failing to notify DDTC that it was exporting ITAR-controlled defense articles to the PRC, (iv) failing to abide by various administrative requirements related to approved licenses, Manufacturing and Technical Assistance Agreements, and (v) not maintaining required license records.The majority of the violations occurred prior to Meggitt acquiring the companies that committed them.

Aeroflex's settlement involved a fine of $8 million (a, per violation, penalty of more than $50,000), $4 million of which is suspended on the condition that Aeroflex spends this amount on pre/post-settlement remedial compliance measures. Meggitt's settlement involved a $25 million fine (a, per violation, penalty of more than $367,000), $22 million of which is suspended if the funds are spent on pre/post-Consent Agreement compliance improvements.

The number of violations charged and the resulting potential penalties would have been higher, but for the facts that Aeroflex and Meggitt voluntarily disclosed some of the violations and, by the time of the settlement, they had already taken remedial compliance measures. An aggravating factor applied to Meggitt's settlement was the long-standing nature of the violations within the subsidiaries it had acquired and their unfamiliarity with, and apparent disregard of, ITAR compliance, providing yet another example of why full export control due diligence is critical for companies making acquisitions.

The Proposed Charging Letters and Consent Agreements not only provide a cautionary tale for exporters of ITAR-controlled items who fail to meet their compliance obligations, but also provide a blueprint for the type of measures companies subject to DDTC's jurisdiction can take to be compliant, including:

1. Dedication of sufficient employee staff and adequate resources to ensure proper compliance. Procedures addressing lines of authority for responsible ITAR-compliance employees, adequate staffing/staffing increases, performance evaluations, career paths, promotions and compensation must be established.

2. The designation of a qualified individual as a responsible compliance official. While the Consent Agreements require that designated special compliance officials who are to oversee their implementation serve only for the terms of the agreements, most of their mandated functions identify generally applicable compliance measures that should be implemented by a responsible compliance official at all companies subject to ITAR jurisdiction.

3. Involvement of senior management. The Consent Agreements require preparation by the compliance official of periodic reports to the company's board of directors, or an appropriate committee thereof, and its Senior Vice President and General Counsel, concerning compliance, resource allocation, ITAR guidance, any compliance findings/recommendations by the official, the company's response thereto/implementation of the same, and the status of AECA and ITAR compliance generally within the company and with the terms of the Consent Agreements.

4. The establishment of formal ITAR policies and procedures. The Consent Agreements obligate the compliance official to monitor company policies and procedures, including those for:

i. the identification, including export control jurisdiction determination and marking, as necessary, of defense articles, including technical data;

ii. incorporating AECA and ITAR compliance into the company's management business plans at the senior executive level;

iii. the management and handling of State Department communications, Commodity Jurisdiction determinations, authorized agreements and licenses, including temporary import and export authorizations;

iv. the export, re-transfer and re-export of defense articles and services;

v. the identification of ITAR-controlled technical data, to include the use of derivative drawings or derivative technical data, and marking thereof;

vi. the transfer and retransfer of technical data;

vii. tracking research and development work to ensure that all such work on defense articles, including technical data, is in compliance with the AECA and ITAR from conception to completion of the project;

viii. preventing, detecting and reporting AECA and ITAR violations; and

ix. encouraging company employees to report ITAR compliance problems without fear of reprisal.

As set forth in one or both of the Consent Agreements, the companies' export compliance systems should track the decision process from the initiation of a sales order/request for potential export authorization or clarification of an existing authorization to its conclusion that will reflect the exporter's ability to oversee and monitor export activity, and should cover the initial identification of all technical data and technical assistance in any form proposed to be disclosed to any foreign persons.The systems should also provide for automated management of compliance with ITAR Part 124 agreements and Part 123 temporary import and export authorizations, and procedures need to cover the electronic transfer of ITAR-controlled technical data, and the movement of laptops and portable storage devices containing such data.

5. Training. The Consent Agreements mandate that Aeroflex and Meggitt provide training to employees responsible for ITAR-regulated activities and to their supervisors.

6. Verify export control jurisdiction. Under the Consent Agreements, the companies are to make sure that they establish the proper agency jurisdiction for control over their exports.

7. Periodic audits. The Consent Agreements require that outside consultants conduct two audits of ITAR compliance during their term — the first is to assess the overall effectiveness of the companies' ITAR compliance programs/their implementation of the measures set forth in the Consent Agreements, and the second is to confirm whether the companies have addressed the compliance recommendations from the first audit report. Such initial and follow-up audits, conducted on a periodic basis, are a key component of any effective export control compliance program as they promote continuing awareness and accountability.

8. Legal Department Support. The Consent Agreements require the companies' Legal Departments to provide proper support for all AECA and ITAR matters.

Exporters would be well advised to review the Consent Agreements. (See United States Department of State Bureau of Political-Military Affairs Washington, D.C 20520, In the Matter of Aeroflex Incorporated and In the Matter of Meggitt-USA, Inc.) and compare them to their existing procedures to make sure their compliance programs meet the department's compliance expectations.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© BakerHostetler | Attorney Advertising

Written by:

BakerHostetler
Contact
more
less

BakerHostetler on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):
hide

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.

Security

JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.