- Defense Research Funding: New Export Control Compliance Requirements on the Horizon
- October 11, 2005 | Authors: Stephen B. (Steve) Maebius; Susan M. C. Kovarovics
- Law Firm: Foley & Lardner LLP - Washington Office
The Department of Defense (DOD) has proposed an amendment to the Defense Federal Acquisition Regulation Supplement (DFARS) which would require parties subject to the DFARS (including DARPA-funded contractors) to implement Internal Controls Programs (ICP) to ensure compliance with the International Traffic In Arms Regulations (ITAR) and the Export Administration Regulations (EAR).
The proposed rule does not appear to limit the ICP to the scope of an individual contract. Rather, the contractor must:
1) maintain an effective export compliance program, which must include adequate controls over physical, visual, and electronic access to export-controlled information and technology to ensure that access by foreign firms and individuals (including foreign national employees of the contractor) is restricted - the access control program must specifically include unique badging requirements for foreign nationals, as well as segregated work areas for export-controlled technology;
2) conduct initial and periodic training on export compliance controls for those employees who have access to export-controlled information and technology; and
3) perform periodic assessments to ensure full compliance with Federal export laws and regulations.
The requirement of a periodic assessment is particularly troubling, particularly given the likelihood that the results would have to be provided to the government. Currently, the ITAR and EAR only require a contractor to comply; the details of the ICP are left solely to the discretion of the company. Neither set of regulations requires voluntary disclosures of compliance failures, although companies are strongly encouraged to do so. Normally, internal investigations of compliance problems are conducted by counsel (either in-house or outside) and the results of their investigations are privileged, meaning the company has a choice of whether to provide the details to government law enforcement. The proposed rule suggests, however, that the party to a DFARS contract would be compelled to provide the results of all internal ITAR and EAR investigations to the government.