Senate Panel Calls for Chipmakers to Boost Export Compliance, Scrutinize Distributors

Blumenthal, who chairs the Senate Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations, told Export Compliance Daily his panel found that chipmakers should improve oversight of their distribution networks to root out “shell companies” and “shadowy startups” that engage in illicit transfers.” He said that chip sales “that fuel Russia’s war machine have been done with willful ignorance by companies who should be doing a lot better.”

Blumenthal, who chaired hearings on the matter in February and Sept. 10 (see 2402270065 and 2409050042), said his panel’s focus on the matter is having a positive effect by pressuring chipmakers to make improvements. For example, Analog Devices recently told the subcommittee it will begin conducting an annual audit of its distributors’ export controls and will commission an independent third-party assessment of its export compliance program. Blumenthal said the measures are not enough but are “a step in the right direction.”

A new report written by the subcommittee's majority staff recommends that chipmakers annually audit their entire export control compliance programs, including those of their distributors, and audit “targeted processes” more frequently, especially when problems arise or regulations change. “Regular auditing is needed to address new issues in this rapidly evolving space,” the document says.

The report also suggests that chipmakers routinely submit their export control compliance plans to the Bureau of Industry and Security for feedback. It said BIS is willing to conduct such reviews but that few companies take advantage of that service.

Blumenthal said the U.S. government also needs to step up its efforts to curb high-tech exports to Russia, which uses the equipment to “slaughter” Ukrainians. “I’ve seen the munitions, the bombs, the missiles, the drones” that Russia has used in Ukraine, he said. “I’ve seen the internal guts, the nuts and bolts" and they're mostly made by American companies.

At the Sept. 10 hearing, Blumenthal said that over 40% of nearly 2,500 Russian weapon components recovered from the battlefield were made by four U.S. chipmakers: Advanced Micro Devices, Analog Devices, Intel Corp. and Texas Instruments. "This phenomenon is undeniable," he said.

He also said the subcommittee is continuing to probe those chip companies' export compliance programs. "Our investigation is ongoing," he said, "and we are going to determine whether your failure to stop these products from reaching Russia stems from willful ignorance or perhaps something more."

Representatives of those companies testified that chips found in Russian weapons tend to be many years old, meaning they were made well before Russia invaded Ukraine, and some of those chips are low-tech and not subject to export controls. They also said their companies take significant steps to prevent their products from ending up in Russian weapons.

"Since Russia's invasion of Ukraine, we have strengthened our policies, enhanced our employee training, invested in technology and established our gray market mitigation team, whose entire focus is on identifying red flags," said Michelle Stout, vice president for global trade compliance and government affairs at Analog Devices. "We've denied sales to approximately 5,000 actual and potential customers, including companies with fake websites or that we have identified as product brokers."

"We have no tolerance for the diversion of our products," said Tiffany Scurry, corporate vice president and chief compliance officer at Advanced Micro Devices. "Before we make a sale, we undertake a number of protective measures designed to help us ensure that we know who we are selling to. We invest heavily in diligence efforts to look for red flags. Our systems have software controls to block prohibited parties, locations and end uses. If we see issues of concern, we won't complete the sale. For instance, we've refused to do business with newly formed companies with no web presence, as well as those that may share a physical address associated with a sanctioned entity."