Export Controls & Sanctions
Every international shipment carries a compliance obligation that extends beyond customs duties and documentation: the shipper, freight forwarder, and carrier must ensure that the goods, the destination, and the parties involved in the transaction are not subject to export controls or economic sanctions. Violations — even unintentional ones — can result in criminal penalties, massive fines, loss of export privileges, and reputational damage.
Export controls restrict the transfer of specific goods, technology, and software to certain destinations or end users. Economic sanctions are broader restrictions that limit or prohibit trade, financial transactions, and other dealings with specific countries, entities, and individuals. Together, these regimes form a complex web of regulations that every participant in the supply chain must navigate.
The Regulatory Landscape
U.S. Export Control Agencies
The United States maintains multiple overlapping export control and sanctions programs administered by different agencies:
| Agency | Regulation | Scope | Key Lists |
|---|---|---|---|
| Bureau of Industry and Security (BIS) — Dept. of Commerce | Export Administration Regulations (EAR) | Dual-use goods, technology, and software with both civilian and military applications | Entity List, Denied Persons List, Unverified List |
| Directorate of Defense Trade Controls (DDTC) — Dept. of State | International Traffic in Arms Regulations (ITAR) | Defense articles, defense services, and related technical data on the U.S. Munitions List (USML) | Debarred Parties List |
| Office of Foreign Assets Control (OFAC) — Dept. of Treasury | Various sanctions programs (31 CFR Part 500 series) | Country-based and list-based economic sanctions | Specially Designated Nationals (SDN) List, Sectoral Sanctions Identifications (SSI) List |
| Nuclear Regulatory Commission (NRC) | 10 CFR Part 110 | Nuclear materials and equipment | N/A — license-based control |
| Department of Energy (DOE) | 10 CFR Part 810 | Nuclear technology and assistance | N/A — authorization-based control |
Dual-use goods are items that have legitimate civilian applications but could also be used for military purposes, weapons of mass destruction (WMD) development, or other controlled end uses. Examples include high-performance computers, precision machine tools, certain chemicals, encryption technology, and advanced materials.
EAR vs. ITAR: Key Distinction
The two most commonly encountered U.S. export control regimes — EAR and ITAR — cover different categories of items and are administered by different agencies:
| Feature | EAR (Commerce/BIS) | ITAR (State/DDTC) |
|---|---|---|
| Items covered | Dual-use goods, technology, software (Commerce Control List) | Defense articles, defense services, technical data (U.S. Munitions List) |
| Classification | Export Control Classification Number (ECCN) | USML Category (I through XXI) |
| Default category | EAR99 — items subject to EAR but not on the CCL | No default — if on USML, it is controlled |
| License requirement | Depends on ECCN + destination + end use + end user | Most exports require a license; limited exemptions |
| Penalties (criminal) | Up to $1M per violation and/or 20 years imprisonment | Up to $1M per violation and/or 20 years imprisonment |
| Penalties (civil) | Up to $364,992 per violation (adjusted annually) | Up to $1,282,564 per violation (adjusted annually) |
| Re-export controls | Yes — EAR controls follow the item globally | Yes — ITAR controls follow the item globally |
ECCN Classification
The Export Control Classification Number (ECCN) is an alphanumeric code that identifies the level of control applied to a dual-use item under the EAR. ECCNs are organized on the Commerce Control List (CCL), which is divided into 10 categories:
| Category | Description | Examples |
|---|---|---|
| 0 | Nuclear materials, facilities, and equipment | Reactors, fuel elements, heavy water |
| 1 | Special materials and related equipment | Composites, alloys, lubricants, bearings |
| 2 | Materials processing | Machine tools, dimensional inspection equipment |
| 3 | Electronics | Integrated circuits, semiconductors, signal analyzers |
| 4 | Computers | High-performance computers, digital computers |
| 5 — Part 1 | Telecommunications | Transmission equipment, optical fiber, network equipment |
| 5 — Part 2 | Information security | Encryption, cryptanalysis, network surveillance |
| 6 | Sensors and lasers | Cameras, radar, underwater detection, lasers |
| 7 | Navigation and avionics | Gyroscopes, GPS, flight control systems |
| 8 | Marine | Submersibles, propulsion systems, sonar |
| 9 | Aerospace and propulsion | Engines, spacecraft, launch vehicles |
Each ECCN follows a structure: X Y ZZ where:
- X = Category (0–9)
- Y = Product group (A=equipment, B=test/production equipment, C=materials, D=software, E=technology)
- ZZ = Control number (00–99)
For example, 3A001 = Category 3 (Electronics), Product Group A (Equipment), Control 001 (specific IC types).
Items not listed on the CCL are designated EAR99 — they are subject to the EAR but generally do not require a license for export, unless the destination, end user, or end use triggers a restriction.
Economic Sanctions (OFAC)
What Are Sanctions?
Economic sanctions are foreign policy and national security tools that restrict or prohibit economic activity with targeted countries, entities, and individuals. In the United States, OFAC administers more than 30 active sanctions programs.
Types of Sanctions
| Type | Description | Examples |
|---|---|---|
| Comprehensive country sanctions | Broad prohibitions on nearly all trade and financial transactions with a country | Cuba, Iran, North Korea, Syria |
| Sectoral sanctions | Target specific sectors of a country's economy (energy, finance, defense) | Russia — energy, financial, defense sectors |
| List-based sanctions | Target specific individuals, entities, and vessels regardless of country | SDN List entries, blocked persons |
| Secondary sanctions | Target non-U.S. persons who engage in certain transactions with sanctioned parties | Iran secondary sanctions affecting non-U.S. companies |
Comprehensive sanctions do not just prohibit exports — they prohibit virtually all transactions, including importing goods from the sanctioned country, providing services, transferring funds, and facilitating transactions by third parties. Even freight forwarders who never touch the goods can be liable if they facilitate a prohibited transaction.
Key OFAC Lists
| List | Maintained By | Description |
|---|---|---|
| SDN List (Specially Designated Nationals and Blocked Persons) | OFAC | Individuals and entities whose assets are blocked; U.S. persons may not deal with them |
| Sectoral Sanctions Identifications (SSI) List | OFAC | Entities subject to sectoral sanctions (limited prohibitions) |
| Foreign Sanctions Evaders (FSE) List | OFAC | Non-U.S. persons determined to have violated or attempted to evade sanctions |
| Non-SDN Chinese Military-Industrial Complex Companies (NS-CMIC) List | OFAC | Chinese companies connected to military-industrial complex |
| Entity List | BIS (Commerce) | Entities subject to specific license requirements for exports |
| Denied Persons List | BIS (Commerce) | Individuals/entities denied export privileges |
| Unverified List | BIS (Commerce) | Parties where BIS was unable to verify end use in prior transactions |
| Debarred Parties List | DDTC (State) | Parties prohibited from participating in defense trade |
| Consolidated Screening List | ITA (Commerce) | Single searchable database combining 13 U.S. government screening lists |
The 50% Rule
OFAC's 50% rule means that any entity owned 50% or more, individually or in the aggregate, by one or more SDN-listed persons is itself considered blocked — even if the entity does not appear on the SDN List by name. This makes ownership analysis a critical part of sanctions compliance.
Denied Party Screening (DPS)
What Is Denied Party Screening?
Denied party screening (also called restricted party screening or trade compliance screening) is the process of checking all parties to a transaction against government-maintained lists of restricted, denied, or sanctioned entities. It is a legal obligation — not optional — for any company involved in international trade.
Denied party screening is the systematic comparison of transaction parties (buyers, consignees, end users, freight forwarders, banks, intermediaries) against government-maintained restricted party lists to identify prohibited or controlled parties before completing a shipment or financial transaction.
Who Must Be Screened
Every party involved in the transaction must be screened, not just the buyer:
| Party | Why Screen | Example Risk |
|---|---|---|
| Buyer / Purchaser | Primary transaction party | May be on SDN List |
| Consignee | Receives the goods | Different from buyer; may be a front company |
| End user | Ultimately uses the goods | Diversion risk — goods redirected to prohibited end user |
| Intermediate consignee | Handles goods in transit | May facilitate diversion |
| Freight forwarder | Arranges transportation | May be on Entity List |
| Financial institutions | Process payments | Banks in sanctioned countries |
| Vessel / carrier | Transports goods | Vessels on OFAC blocked list |
| Agents / representatives | Act on behalf of parties | May have undisclosed SDN connections |
The Screening Process
Screening Challenges
| Challenge | Description | Mitigation |
|---|---|---|
| Name variations | Transliteration differences (Arabic, Chinese, Cyrillic names), abbreviations, aliases | Fuzzy matching algorithms, multiple search variations |
| False positives | Common names matching list entries that are different people | Scoring thresholds, secondary identifiers (DOB, address, nationality) |
| High volume | Large transaction volumes requiring thousands of screens per day | Automated screening integrated into order management / TMS |
| List updates | Government lists change frequently (OFAC updates multiple times per month) | Daily list updates, re-screening of open orders |
| Ownership analysis | 50% rule requires looking beyond named parties to beneficial owners | Ownership databases, enhanced due diligence for high-risk transactions |
| Vessel screening | Vessels change names, flags, and owners frequently | Maritime databases (IMO numbers), AIS data, vessel tracking |
Red Flags
Even when screening produces no matches, certain transaction characteristics should trigger enhanced scrutiny:
| Red Flag | Description |
|---|---|
| Unusual routing | Goods transiting through countries associated with diversion (transshipment hubs near sanctioned countries) |
| Reluctance to provide end-use information | Buyer unable or unwilling to state what the goods will be used for |
| Cash payment for expensive items | Payment method inconsistent with standard business practices |
| Declined installation or training | Buyer does not want standard installation, training, or maintenance services |
| Mismatch between product and customer | Customer's business does not logically require the product being ordered |
| PO Box or residential delivery for commercial goods | Delivery to non-commercial addresses for industrial equipment |
| New customer in high-risk country | First transaction with a party in a country of concern |
| Request to change shipping destination after order | Last-minute changes to routing or consignee |
"Know your customer" (KYC) is not just a banking obligation. Freight forwarders and logistics providers have independent compliance obligations. A forwarder cannot rely on the shipper's assurance that a transaction is compliant — the forwarder must conduct its own screening and due diligence.
International Export Control Regimes
Export controls are not exclusively a U.S. concern. Multiple international regimes coordinate controls among participating countries:
| Regime | Focus | Members | Key Contribution |
|---|---|---|---|
| Wassenaar Arrangement | Conventional arms and dual-use goods and technologies | 42 participating states | Control lists for dual-use items and munitions |
| Nuclear Suppliers Group (NSG) | Nuclear materials, equipment, and technology | 48 participating governments | Trigger list (nuclear-specific) and dual-use list |
| Missile Technology Control Regime (MTCR) | Missiles and unmanned aerial vehicles capable of delivering WMD | 35 partners | Equipment and technology annex (Category I and II items) |
| Australia Group | Chemical and biological weapons precursors, equipment, and technology | 43 participants | Common control lists for chemicals, biologicals, and equipment |
| Chemical Weapons Convention (CWC) | Chemical weapons and precursors | 193 states parties | Schedules 1, 2, and 3 chemicals; verification regime |
EU Export Controls
The EU maintains its own dual-use export control regulation (EU Regulation 2021/821), which:
- Establishes a common EU control list aligned with international regimes
- Requires member state licenses for exports of listed items
- Introduces new controls on cyber-surveillance technology (human rights due diligence)
- Creates an EU general export authorisation system for low-risk exports within certain parameters
UK Export Controls
Post-Brexit, the UK operates an independent export control regime under the Export Control Order 2008 and the Sanctions and Anti-Money Laundering Act 2018 (SAMLA):
- UK Strategic Export Control Lists — aligned with international regimes but independently maintained
- OFSI (Office of Financial Sanctions Implementation) — UK equivalent of OFAC, administers UK sanctions
- UK Consolidated List — combined list of sanctioned individuals and entities
The Freight Forwarder's Role
Freight forwarders occupy a critical position in export control compliance because they handle documentation, route shipments, and interact with multiple parties:
| Obligation | Description |
|---|---|
| Screen all parties | Forwarders must screen shippers, consignees, and other parties against applicable denied party lists |
| Know your customer | Conduct due diligence on customers; understand the nature of their business and the goods being shipped |
| Recognize red flags | Train staff to identify suspicious transaction characteristics |
| Refuse prohibited shipments | Forwarders must decline to handle shipments that would violate export controls or sanctions |
| Report violations | Report suspected violations or blocked transactions to the appropriate authority (OFAC, BIS) |
| Maintain records | Keep screening records, due diligence documentation, and compliance decisions for the required retention period (typically 5 years) |
| Compliance program | Establish an internal compliance program with policies, procedures, training, and audit mechanisms |
Building a Compliance Program
An effective export control and sanctions compliance program includes five core elements (aligned with BIS and OFAC guidance):
| Element | Description |
|---|---|
| Management commitment | Senior leadership endorsement, dedicated compliance resources, clear accountability |
| Risk assessment | Identify risks based on products handled, countries served, customer types, and transaction patterns |
| Internal controls | Written policies and procedures for classification, screening, licensing, recordkeeping, and escalation |
| Training | Regular training for all staff involved in export transactions — especially frontline booking and documentation teams |
| Audit and testing | Periodic internal audits, testing of screening systems, and review of compliance decisions |
OFAC publishes a "Framework for OFAC Compliance Commitments" that outlines what it considers a strong sanctions compliance program. Companies that can demonstrate a robust program may receive reduced penalties if a violation occurs — making the investment in compliance a form of risk mitigation.
Key Performance Indicators
| KPI | Description | Benchmark |
|---|---|---|
| Screening coverage | Percentage of transactions screened before shipment | Target: 100% |
| False positive rate | Percentage of screening hits resolved as false positives | Industry norm: 95–99% of hits are false positives |
| Resolution time | Time to resolve a screening hit (false positive or escalation) | Target: <4 hours for standard, <1 hour for time-sensitive |
| List update frequency | How often screening lists are refreshed in the system | Target: daily (minimum) |
| Training completion | Percentage of relevant staff who have completed compliance training | Target: 100% annually |
| Audit findings | Number of compliance gaps identified in internal audits | Target: zero critical findings |
| Voluntary self-disclosures | Number of potential violations self-reported to authorities | Lower is better; timely disclosure reduces penalties |
Best Practices
-
Screen every transaction, every time — Never assume a repeat customer is clear. SDN and Entity List entries change frequently. Re-screen when lists are updated and when transaction details change.
-
Automate screening with manual review — Automated screening catches the volume; human analysts resolve ambiguous matches. Neither alone is sufficient.
-
Screen all parties, not just the buyer — Consignees, end users, intermediaries, banks, vessels, and agents must all be checked.
-
Maintain a robust compliance program — A documented program with management commitment, training, and auditing is the strongest defense against both violations and excessive penalties.
-
Classify before you ship — Determine the ECCN (or USML category) of goods before accepting a booking. Classification drives all downstream compliance decisions.
-
Subscribe to list update notifications — BIS, OFAC, and DDTC publish updates regularly. Ensure your screening system receives them promptly.
-
Train frontline staff on red flags — Booking agents and documentation specialists are often the first to encounter suspicious transactions. Equip them to recognize and escalate.
-
Document everything — Keep records of all screening results (including clear results), compliance decisions, escalations, and resolutions. These records are essential in an audit or investigation.
-
Consider the re-export dimension — EAR and ITAR controls follow goods globally. If you handle re-exports or transshipments, U.S. export controls may still apply even if the goods are not shipping from the United States.
-
Engage legal counsel for gray areas — When a transaction involves complex sanctions questions, novel end-use concerns, or potential license requirements, consult with trade compliance legal counsel before proceeding.
Resources
| Resource | Description | Link |
|---|---|---|
| OFAC Sanctions Programs | Full list of OFAC sanctions programs and country-specific information | ofac.treasury.gov |
| BIS Commerce Control List (CCL) | Searchable database of ECCNs and export control classifications | bis.gov |
| Consolidated Screening List (CSL) | Free searchable tool combining 13 U.S. government restricted party lists | trade.gov/consolidated-screening-list |
| OFAC SDN Search | Official OFAC search tool for Specially Designated Nationals and blocked persons | sanctionssearch.ofac.treas.gov |
| EU Sanctions Map | Interactive map of EU restrictive measures by country | sanctionsmap.eu |
Related Topics
- Import/Export Documentation — the documentation requirements for controlled exports, including AES filing
- Supply Chain Security — C-TPAT, AEO, and the broader security framework that intersects with export controls
- HS Codes — tariff classification system that provides the starting point for export control classification
- Cross-Border E-Commerce — compliance challenges for e-commerce exports, including restricted products
- Free Trade Agreements — how FTA benefits interact with export control restrictions
- Foreign Trade Zones & Bonded Warehouses — zone-restricted merchandise and export-only manufacturing