For any company with any sort of presence in the defense industry, understanding ITAR compliance is crucial. ITAR, or International Traffic in Arms Regulations, is a set of government-issued compliance standards governing the manufacture and movement of certain defense-related weapons and equipment. In short, if a company makes, buys, sells, or transports goods and services relating to national defense, it should ensure its operations are pursuant to ITAR regulation.
Like many government regulations, it can be difficult to understand with any clarity exactly what falls under the purview of ITAR or even what it means to be ITAR certified – something often required per contracts and purchase orders between companies subject to these trade restrictions. And because the national defense and geopolitical implications of disregarding ITAR could be significant, penalties for noncompliance are often severe.
To help you better understand ITAR regulations, we’ve broken down the key information you’ll want to know as you come up to speed with this body of inter-trade rules and regulations.
At its most basic level, the intent of ITAR is to ensure that only U.S. citizens are allowed access to certain defense weapons and related technical data. Providing such goods, services, or information to unauthorized foreign nationals constitutes a major violation of ITAR.
ITAR can trace its roots to 1976, when the U.S. government implemented tighter restrictions on weapons exports in light of the ongoing Cold War. The move also helped align the U.S. with the arms export restrictions against the Soviet Union that had been enacted years earlier by Western European countries. The foundations for such oversight were borne out of the 1930s, when public concern regarding the profiteering of arms manufacturers during the era’s global unrest prompted the government to regulate U.S. companies engaged in international defense trade.
Since its inception, ITAR has been enforced by the State Department’s Directorate of Defense Trade Controls, or DDTC. The mission statement of the DDTC doesn’t mince words: they work to ensure commercial exports of defense articles and defense services advance U.S. national security and foreign policy objectives. One of the main tools they rely on to execute this mission is the ITAR framework.
For a business to be ITAR compliant, it must register with the DDTC. By doing so, a company joins a list of other businesses certified to deal in this regulated trade space. Once a company is formally recognized by the DDTC, ITAR compliance largely becomes a case of ensuring that any good, service, technology, or information that might be covered by the regulatory framework is only accessible by U.S. nationals.
To determine what exactly falls under the purview of ITAR, companies must refer to the United States Munitions List, or USML. The USML is a diverse, wide-ranging list of various defense articles, services, and technologies that is broken up into 21 different categories. These categories range from Military Electronics to Gas Turbine Engines and Related Equipment. Nested within each category is everything that is restricted by ITAR regulations. Any company that supplies, manufactures, sells, trades, exchanges, buys, or is in any way involved with the supply chain of defense products and data called out in the USML is subject to ITAR trade restrictions.
That’s an important point because oftentimes, multiple companies are involved in the supply chain of any given product. From suppliers engaged in OEM partnerships to the shipping companies moving these goods to their final buyers, it’s rare for one company to control the entire end-to-end journey of their manufacturing and logistics process. When it comes to ITAR, this adds a unique point of consideration because one company’s failure to comply with these trade restrictions can result in all companies potentially being implicated for noncompliance.
Global companies sharing information with foreign coworkers are also not exempt from ITAR restrictions. For example, imagine a defense company had offices in both the U.S. and Spain. American workers could not share files with their Spanish counterparts containing protected technical data because such a move would be a violation of ITAR. It goes to show that the legal verbiage is clear: only U.S. citizens can have access to goods, documents, or data covered by ITAR.
The DDTC generally works with businesses to ensure their compliance with ITAR regulations. However, more serious violations can incur swift and severe penalties. The DDTC works closely with Homeland Security, the FBI, the DoJ, and other federal law enforcement and justice agencies to conduct any necessary investigations and support criminal prosecutions. If found guilty of criminal violations, offenders can spend up to 20 years in prison and be liable for a fine of up to $1 million per individual violation.
A few well-known examples of ITAR violations include companies FLIR and ITT. FLIR paid $30 million in fines for providing data restricted by ITAR to non-authorized employees. ITT was hit with a $100 million fine for the illegal exporting of its night-vision technology.
Yes, but only with the proper approval. Per the ITAR framework, a U.S. person who wants to trade with a foreign national must obtain authorization from the DDTC before proceeding with export. A U.S. person can be any American citizen, company, permanent resident, or political asylee; a foreign person is defined as anyone who is not a lawful resident of the U.S.
Due to the nature of what’s covered by ITAR, the government can and will also enforce retransfer limitations – in other words, limiting to whom a foreign entity can sell their approved ITAR-traded goods. For instance, if Country A bought goods in a compliant, authorized export transaction from a United States defense company, it cannot later sell those same goods to Country B without U.S. approval.
An example of this retransfer governance was when Venezuela was blocked from selling used F-16s to Iran in 2006; Venezuela had bought the fighter jets from the US in the 1980s and was therefore subject to the retransfer limitations.
Understanding the implication of ITAR is critical to maintaining compliance, but putting that into practice requires the right tools and technologies. The ability to track weapons and goods is especially important for adhering to ITAR regulation, which is why many companies turn to solutions such as our Firearm Tracking Labels and Tags. Products such as these are designed to last the lifetime of the weapon and are resistant to sunlight fade, abrasion, and cleaning solvents, making them excellent for all tracking needs. With their focus on improving accountability and tracking travel and ownership, our firearms labels comply with a variety of strict traceability regulations, including ITAR.
If your business is involved in any way with international arms dealings – or the trade of anything called out by the USML – you need to know the importance and implication of ITAR. It affects not only manufacturers of weapons but anyone involved in the supply chain of qualifying goods, services, technologies, and data. You can even be noncompliant with ITAR by just sharing files with the wrong co-worker.
Our advice? Develop a robust internal controls system for monitoring the tracking and sharing of all pertinent data and defense articles. You can never be too cautious when it comes to ITAR, so play it safe and invest in the internal processes and tracking tools you need to stay compliant.