BIS Suggests Exporters Use New Screening Database to Minimize Russia Risks

The Bureau of Industry and Security is recommending exporters, reexporters and other businesses add a new customer screening tool to their due diligence steps before trading in goods that could later be diverted to Russia’s military, especially for microelectronics and other sensitive goods Russia is looking to import. In new guidance published this week, BIS also clarified the specific compliance steps companies and universities should take if they receive a red-flag letter, an is-informed letter or other written warnings from the agency about certain risky customers or transactions.

The guidance, which BIS said is meant to better help industry identify and respond to “transaction parties of diversion risk,” was published several months after the agency began sending red-flag letters to certain companies whose products were later found in missiles, drones and other military or dual-use items used by Russia in its war against Ukraine. Those letters included a list of 700 foreign suppliers that BIS said have been buying those sensitive products and sending them to Russia, warning the recipients of the letters that exports to those suppliers may require a license (see 2406060041).

Although BIS hasn’t yet publicly released this list, it’s now recommending that businesses and others start screening their customers against an online database that includes some of those listed parties. The list, run by The Trade Integrity Project, an initiative that BIS said was launched by the U.K.-based Open-Source Centre, uses public trade data to compile entities that have shipped certain sensitive items to Russia since 2023.

BIS said it “strongly encourages” companies trading in goods on its list of common high priority items -- a list of 50 items identified by their six-digit Harmonized System codes that Russia is seeking for its weapons programs -- to start screening against The Trade Integrity Project database as a “best practice.”

“Companies and universities that transact [common high priority list] items should closely scrutinize parties identified on the TIP website to determine whether any red flags are present before proceeding with an export, reexport, or transfer (in-country) to them,” BIS said. The agency noted that the TIP website includes both a search tool and a downloadable list of third-country parties “with a history of exporting” those items to Ukraine.

An agency spokesperson declined to comment about why BIS hasn't itself publicly released the list of nearly 700 foreign suppliers that it sent in red-flag letters earlier this year, many of which are included in the TIP database.

Matthew Axelrod, the top export enforcement official with BIS, said the agency views partnering with industry and universities as “a cornerstone” of its enforcement strategy. “By sharing information in these different ways -- from supplier lists made available by BIS or The Trade Integrity Project, to parties identified in ‘red flag’ letters or ‘is informed’ letters, to persons identified on the Entity List -- we are helping U.S. exporters to better screen their customers and protect U.S. national security.”

The five-page guidance issued by BIS describes the different purposes of various letters BIS can send to exporters and universities, including supplier list letters, Project Guardian requests, red flag letters, and is-informed letters. It also outlines how recipients of these letters should respond.

When receiving a red-flag letter, “companies and universities have a duty to evaluate red flags and determine whether they can be explained or justified,” BIS said. If the agency sends a company a list of parties that may have reexported items in violation of the Export Administration Regulations, the company “should identify affirmative information that the party is no longer engaged in reexport or transfer (in-country) activities in violation of the EAR before exporting to them," BIS said.

If the company decides to continue exporting to the listed party, it should keep “detailed records of the information received,” the steps it took to verify that information, and any “documentation of the decision-making process that led to the conclusion that the customer’s activities with respect to the proposed transaction was explained or justified,” BIS said. “In the absence of being able to resolve the red flag, the company or university should either refrain from the transaction or seek BIS authorization by submitting a license application.”

If a business or university continues with the transaction without first obtaining a BIS license or without resolving red flag risks -- “especially when BIS affirmatively identified that red flag” in a letter -- the agency said it will consider that as an aggravating factor in a possible future enforcement action against the business or university. That could, for example, lead to a higher penalty if BIS determines they violated the EAR.

The agency also said it could lower a possible penalty under a potential future enforcement action against that company or university if it cooperates with a red flag letter or Project Guardian request, which asks the recipient “to be on the lookout for transactions with a specific party” and contact a BIS agent if they receive a product inquiry from that party.

“BIS will take such cooperation into account as a mitigating factor if an enforcement action is later brought against the company or university, even for unrelated conduct,” the agency said.

A table on page five of the guidance outlines the different responsibilities of a company or university that receives a letter from BIS or is considering doing business with a party on the Entity List or another “publicly proscribed party.”