2011 OFII General Counsel Conference Washington, D.C. Compliance Challenges For Multinational...

2011 OFII General Counsel Conference Washington, D.C.

Compliance Challenges

For Multinational Companies


Export Controls Enforcement “Each year, billions of dollars in ‘dual-use’

items—which have both commercial and military applications— and defense items

are exported from the U.S. To protect national security, foreign policy, and

economic interests, the U.S. government controls the export of these items

[collectively referring to commodities, software, technology and services]. The Departments of Commerce and State are principally responsible for regulating the

export of dual-use and defense items, respectively.”

--Government Accountability OfficeReport, December 2006


U.S. Interests

• National Security: Iran

• Foreign Policy: Cuba

• Economic Interests: China


Export Controls Enforcement Landscape

• National Security Issues: Post-9/11

• Economic Concerns: Global Market Challenges

• Customs Enforcement: Munitions– Clearer violations involving weapons and classified technology

• Commerce Enforcement: Dual Use– More difficult compliance issues/classification

• FBI: Jurisdiction as of 2003– Resources


What Do We Mean By Export Controls?

• Bureau of Industry and Security (BIS)– “Dual-use” commodities, software and technology

(collectively “items”)– Export Administration Regulations (EAR)

• Directorate of Defense Trade Controls (DDTC)– Defense articles and defense services– International Traffic in Arms Regulations (ITAR)

• Office of Foreign Assets Control (OFAC)– Range from total embargoes to more limited sanctions – Various regimes, each unique


Penalties/Consequences

• Criminal Prosecution

• Denial of Export Privileges/Debarment

• Fines

• Intrusive Monitorships

• Reputational Harm


Drastic Rise in Enforcement Penalties

$50,000

$250,000

$100,000

$150,000

$200,000

1979 2001 2002 2003 2004 2005 2006 2007 2008 2009


Iran

National Security Interest

• Enforcement / FBI

• Cooperation

• U.S. Persons– International Internal Investigations

• Inventory Rule

• Broader Pressures


Cuba

Foreign Policy

• U.S. Embargo

• Canada / European Union

• 10 Percent Rule – U.S. Content

• S.E.C. Reporting


China

Economic Interests

• Economic Espionage / FBI

• Market Forces

• Competition


Deemed Exports


What is a Deemed Export?

• “Release” of technology/technical data or source code to a “foreign person”– Can occur in the United States or abroad (deemed reexport)– Deemed to be an export to the home country or countries of the

foreign national

• A “release” includes:– Visual inspection by foreign nationals of U.S.-origin equipment

and facilities– Oral exchanges of information– Application to situations abroad of personal knowledge or

technical expertise acquired in the U.S.


When Do Deemed Exports Happen?

• Foreign national employee or visitor at your U.S. facility– Involved in developing sensitive/controlled software– Using sensitive/controlled equipment– Repairing a sensitive/controlled part– Observing the production of a sensitive/controlled device– Reviewing blueprints


Why Can Deemed Exports Be More Likely for a U.S. Subsidiary?

• Foreign management and technical experts often visit facilities of subsidiaries– Ensure that global quality standards are being met– Collaborate on a technical problem– Install a new production line to mirror overseas production

• Headquarters staff are often seconded to subsidiaries – Develop relationships within the global enterprise– Share ideas across entities in a global group

• Multinational companies often attract international talent• Parent company employees are unfamiliar with requirements and

find them intrusive


Technology Transfers


What is a Technology Transfer?

• Closely related to deemed exports because typically not characterized by physical shipments

• Transfer of controlled technology/technical data to a foreign person abroad

• Examples:– Email– Fax– Technical discussions– Electronic file access


Why Can Technology Transfers Be More Likely for a U.S. Subsidiary?

• Collaboration with headquarters technical experts is common– Pool resources to develop a new product– Collaborate on a technical problem– Share technical tips to improve global output

• Sales territory may extend into Canada, Mexico and/or Central/South America

• Sourcing is centralized to achieve economies of scale across the corporate group

• IT management is centralized at headquarters to reduce costs and ensure that global systems interface smoothly


Tips for Accessing Data• U.S. subsidiaries should not assume that their electronic data

are stored in the United States– Increasingly common for parent company to institute centralized

IT systems, with systems located abroad– Consider location of:

• Document server• Email server• Technical specification database (e.g., MFG/Pro)

– Be comprehensive:• Primary server• Backup server• Backup tapes

• Must incorporate export controls into physical set-up of IT system


Tips for Accessing Data (cont.)• Note that many parent companies maintain global sales and

invoicing databases– Example: U.S. subsidiary has access to all sales files of

overseas affiliates

• Does not implicate U.S. export controls – This is because data is being transferred to the U.S.– Export controls of other countries may be implicated

• But may implicate U.S. economic sanctions (facilitation)– Example: U.S. subsidiary has access to and in some way helps

to process sales files from overseas affiliates, which sell products to Iran

– Consider need for access controls here as well


Other Export Vulnerabilities

• Acquisitions– Buying an Export Problem– Company-Wide Policy Flowing Down to Local Levels and

Locations

• Anti-Boycott Rules

• Lack of Industry Standards– Resources / Training / Background– Structure / Reporting


Environmental Compliance and the Global Supply Chain – An Update

Sam BoxermanSidley Austin LLP

November 16, 2011


Summary

• Environmental issues in your supply chain – an update

• Real world examples

• Some thoughts on best practices


Global Supply Chain• Wherever you manufacture, assemble, sell – you are

connected to the global supply chain– Raw materials, components, finished products, etc.– Not limited to a single home market

• EHS / product compliance increasingly extended– Back to suppliers/forward to customers– You can outsource: but still retain the risk

• Supply chain interruptions critical business issues– Reliability critical, “just-in-time” manufacturing – EHS supply chain issues are business issues


Some pressure points• Environmental chemical/product content restrictions

– EU: REACH, RoHS– US: Conflict minerals CA: “Green Chemistry”

• Other product performance, labeling– Globally Harmonized System (GHS) of classification and

labeling– Prop 65

• “End of life” requirements– EU WEEE directive + states in the U.S.: “take back” electronics

• http://www.electronicstakeback.com/promote-good-laws/state-legislation/

• Increased attention to outsourced operations– E.g., California Transparency in Supply Chains Act


EU – REACH - Update

• Registration implementation continues– 3500 dossiers for existing + 1300 new chemicals– Next dossier registration deadline - May 31, 2013

• Manufacture/import > 100 tonnes/yr of covered substance

• Listing of “Substances of Very High Concern”– Growing: 50+ listed and more under consideration– Some widely used (e.g., boric acid, used in glass/fiberglass)

• SVHC listing triggers supply chain notifications– “Articles” contain > 0.1% = notice to ECHA, customers/recipients

• Q: complete product (ECHA) or components (States)


EU - REACH – Annex XIV• REACH Annex XIV ‘authorisation’ list

– No use/mfg in EU after sunset date (3-4 yrs)– Can obtain authorisation – but burden on petitioner– Several listed this year – more under consideration

• Should be actively managed – Users should monitor and engage in advocacy on SVHC and

authorisation listings to avoid supply disruptions– http://echa.europa.eu/chem_data/authorisation_process_en.asp

-- can track authorisation activities

• Risk of market removal of SVHCs


EU – RoHS

• Restriction of Hazardous Substances Directive– Restricts usage of lead, mercury, cadmium, etc. in electrical and

electronic equipment (EEE)

• EU has “re-cast” RoHS effective July 2011– Member States have 18 months to adopt national law– 3–8 year compliance phase-in for newly covered equipment

• List of restricted substances was not expanded – But – there will be enhanced compliance obligations


EU – RoHS

• Existing requirements for demonstrating compliance– Putting a product on the market was a declaration of compliance– So – implemented through voluntary declarations / due diligence

• ROHS Recast expands compliance requirements– Require documented declaration of compliance and CE marking– Additional notification and record keeping requirements

• Note: Similar process underway for EU’s “WEEE”


US – TSCA

• TSCA “reform” received a lot of attention

• Proposals would make it more like REACH:– Review of chemicals that have not gone through PMN– Enhanced testing and information gathering– Whether should be requirement to prove a chemical is safe– Any legislation in this Congress unlikely

• EPA regulatory initiatives


US – California’s “Green Chemistry”

• New proposal 10/31/2011 – creates multi-step process:– Identify “chemicals of concern”– Identify/prioritize combinations of products and chemicals of

concern for which assessments must be conducted– The “responsible entities” (i.e., mfrs, retailers, importers) will

have to notify CA of their “products of concern” and conduct “alternatives assessments” on those products (e.g., how to reduce use of or exposure to chemicals of concern), and

– CA will then take regulatory action based on those assessments

• Given size of CA market, this would be very significant


US - Conflict Minerals Law

• Buried in financial legislation– Dodd-Frank § 1502

• Intent – curb “conflicts minerals” sourced in central Africa – E.g., tin, tungsten, tantalum, gold (and others to be identified by

State Department) from Democratic Republic of Congo + neighboring countries

• SEC reporting requirement – Disclosure, not a prohibition


US - Conflict Minerals Law

• Scope to be defined by regulation– Draft regulations – final due November/December 2011

• Who is subject– Files with the SEC + minerals are “necessary to the functionality

or production” of products manufactured

• What will be required – still uncertain– A “reasonable” inquiry + declaration “conflict free” or not– If use / cannot declare non use – “Conflicts Minerals Report”

• Need active engagement – 4Q 2012/1Q 2013– To comply will have to know what is in your products


Some examples• Who bears the risk of errors in declarations

• Engineer signs a “declaration” of compliance; but customer’s products are denied entry due to what you supplied.

• Communication among marketing, EHS, and Legal• Your marketing dept. sees opportunity to ship into a market, only to find out

that the product was not properly registered.• Your operations/purchasing find a new supplier with a lower cost raw

material, but that supplier has not registered or properly labeled its product.

• Know the details• An R&D program to conclude with roll-out of a new product, but you can’t

ship key materials because not registered and volume exceeds exemption.

• Do your due diligence• You are importing a product into the U.S. You rely on supplier assurances,

but find out that the product contains a regulated hazardous substance and there might be both worker and public exposure.


What to Know….• Know your products

– What substances are in them? What is in the design pipeline?– Take EHS into account when considering new markets, new

product lines, transactions, etc.

• Know your supply/value chain– Who is in it? Where are they? What do they do/supply? – How do they get it to you or your customers?– How do you manage changes (e.g., in supplier or substances)?

• What are the impacts and risks?– Over the life cycle of your products and services?– What is “carbon footprint” of supply chain, products services?– Regulatory trends in key markets?


Managing the Risk• Integrate EHS into supply chain/vendor selection

– Include competence on complying with regulatory requirements

• Communication– Avoid surprises to/from suppliers, customers or the public

• Traditional risk management measures– E.g., insurance

• Auditing and verification– The fact that a contract says it is so doesn’t mean that it is true

• Advocacy – Don’t just let it happen to you: monitor what is going on and get

involved to defend your interests

2011 OFII General Counsel Conference Washington, D.C. Compliance Challenges For Multinational...

Documents

Transcript of 2011 OFII General Counsel Conference Washington, D.C. Compliance Challenges For Multinational...