Multiple Companies Say They Were Mistakenly Caught in BIS Red Flag Letters

BIS began circulating so-called red flag letters, along with the list of roughly 700 flagged foreign suppliers, to U.S. companies earlier this year, saying the listed suppliers appeared to be shipping their products to Russia, including possibly for use by the country’s military (see 2406060041). The agency said it relied on commercially available customs data to compile the list, but it hasn’t released the list publicly.

At least three companies told Export Compliance Daily that they believe their inclusion was an error. And while the list doesn't impose any formal legal restrictions on the firms, two companies said they feared it could spark uncomfortable questions from business partners or damage their reputations. One said it plans to take legal action against BIS.

Former BIS officials and industry lawyers said the backlash from companies underscores the hurdles plaguing U.S. efforts to shut down Russian supply lines as well as the limits of supply chain data that both the government and private sector rely on to investigate suppliers. In interviews, they also said it highlights the challenges faced by companies inadvertently targeted by the government during a time of intense public scrutiny on businesses perceived as violating Russia sanctions.

Two lawyers said they were already aware of suppliers trying to get themselves removed from the list. Others said the removals were a likely consequence of a lack of government transparency.

“It doesn't surprise me,” said Erich Ferrari, a Washington-based lawyer whose firm regularly advises companies on sanctions delisting petitions before the Office of Foreign Assets Control. He added that the legal and evidentiary standards for federal agencies to list parties are “so low, and the standard of review is so deferential -- or in some contexts nonexistent.”

Though BIS has asked exporters in recent months to invest more in their export control compliance programs (see 2403270007 and 2407100027), it also has acknowledged its own resources need updating. U.S. officials, including Commerce Secretary Gina Raimondo, have made several funding pleas to Congress over the past year, specifically requesting better supply chain illumination tools for BIS export enforcement agents (see 2403210068).

Lawmakers have so far rejected those requests. Some Republicans called on BIS to first strengthen its export controls on China before they would support a budget increase (see 2312060072 and 2403040061).

Ajay Kuntamukkala, a trade lawyer and former BIS senior adviser, also said he was “not surprised that there could be errors” in the list attached to the BIS red flag letters, partly because the agency often faces the same supply chain visibility problems as the exporters it regulates.

“Yes, the government has resources the private sector doesn't,” he said. “But to a certain extent, we're all in the same boat in terms of the visibility into companies’ organizational structures and activities outside the United States.”

A BIS spokesperson declined to comment.

Several companies on the list said they were unaware they had been included. One company, Switzerland-based ATP Supply Sarl, said it “initiated legal proceedings” against BIS shortly after Export Compliance Daily asked for comment about their placement on the list.

The firm provides medical devices and prosthetic limbs, among other items, to disabled survivors of conflict, including in Russia, CEO Christophe Broillet said in an email. Broillet added that ATP Supply’s products are “purely humanitarian in nature” and the company is in “full compliance with international regulations.”

“Any obstruction to our operations could not only hinder our ability to assist those in greatest need,” he said, “but could also lead to legal action before the International Court of Human Rights against entities or institutions attempting to harm or block our activities.”

The company has “successfully handled several wrongful penal procedures against us in the past,” Broillet said. “In all instances, we were fully exonerated, and in some cases, we even secured compensation for moral damages.”

Another company also said its listing was an error and contacted BIS to be removed. The agency deleted the firm from the list earlier this year, according to an email BIS sent to the firm and that Export Compliance Daily has seen.

A trade compliance official with the company, who spoke on the condition of anonymity to avoid further association with the list, said the company had no way of knowing whether the agency sent a correction to the host of U.S. distributors, manufacturers and exporters that originally received the list in BIS red flag letters earlier this year, and the hundreds more that have viewed it since.

“Even though we have an email from BIS that confirms they removed us, we don't know who will see it,” the person said. “Who will say: ‘You were on this list. What were you doing?’”

Unlike the BIS Entity List or Unverified List, the official noted that there are no published protocols for trying to get a listing removed from a list of customers sent along with a BIS red flag letter.

“As a compliance practitioner, how the heck do I deal with that? We want to be compliant and meet the regulatory expectations, but this is a bit off the rails,” the person said. “This doesn't provide for transparency and due process.”

The company so far hasn’t received questions from business partners or customers about its placement on the list, the official said. It also wasn’t told by BIS why or how it was added.

Companies that believe they were accidentally included in the list -- and are later removed -- may consider launching a “charm offensive” by reaching out to their business partners or shareholders to make clear that they aren’t subject to any sanctions or export restrictions, said Anthony Rapa, a trade lawyer with Blank Rome.

Farhad Alavi, a lawyer with Akrivis Law Group who has advised companies on being removed from the Entity List, said removals from government denied-party lists can be challenging, even for less restrictive lists that don’t impose punitive export restrictions.

Unlike the Entity List, which places specific and often strict license requirements on exports to listed entities, the list attached to the BIS red flag letters carries no explicit legal requirements. But BIS has warned U.S. distributors that they may need a license to ship to suppliers on the list absent “affirmative information” that the supplier isn’t engaged in export control violations, including through shipments of sensitive items to Russia (see 2407100027 and 2408270021).

Alavi said he was recently contacted by a company that was placed on the BIS boycott requester list -- a separate list launched by the agency in March that also doesn’t impose specific legal requirements (see 2403290025). Alavi said that list instead “shames” entities that, according to BIS, have asked other businesses to boycott goods from certain countries in violation of the Export Administration Regulations.

Alavi said the company that reached out to him was “perplexed” about how it could have been included. BIS in June removed 127 entities from the boycott requester list, including some that it acknowledged were wrongly added after a U.S. company misidentified a foreign business as having made a boycott request (see 2406270021).

“That just highlights the potency of getting into the BIS’ crosshairs,” Alavi said in an email. “It’s arguably difficult to undo mistakes and oftentimes damage can persist even if rectified.”

Another company, Finland-based logistics firm Avind International Oy, also told Export Compliance Daily it shouldn't have been included in the list BIS attached to the red flag letters. Its managing director, Michael Mayer, said in an interview that the company ended its business in Russia in 2023.

He said “many companies” in Finland did business in Russia before the country’s invasion of Ukraine, and it was challenging for them to pivot out of the market. He also noted that Finland closed its border with Russia last year.

“There are not any kind of cars, any kind of trucks, anything going across the borders,” Mayer said. “We know that even some of the companies [we work with] are very careful checking and having contracts with their clients that they are not leaving from these countries to Russia.”

BIS has said it has an export enforcement officer stationed in Finland, though Mayer said BIS never contacted him to ask whether his company has shipped to Russia. He also said he doesn’t plan to ask BIS to remove Avind from the list because the company doesn’t have any U.S.-based customers and believes its business will be unaffected by the listing.

Kuntamukkala, who advises clients on export controls and other international trade issues at Hogan Lovells, said even non-U.S. companies with no U.S. business relationships could face penalties under the EAR if they illegally trade in certain foreign-produced items made with controlled U.S.-origin technology or software.

He also noted that European companies may be screening against lists sent in BIS red flag letters -- including potentially Avind’s business partners -- especially if they’re using a third-party customer screening provider that has incorporated those lists into their systems.

“If you're a European company, and you're screening, and this comes up as a hit, you may well decide that you don't want to do business with this company,” Kuntamukkala said. “So I think there are a number of risks here for a non-U.S. company that doesn't have a whole lot of business with U.S. suppliers.”

Kuntamukkala added that the U.S. is prioritizing enforcement against both American and foreign businesses violating Russia controls. He said he's working on a sealed case in which DOJ is investigating a non-U.S. company for allegedly shipping items to Russia.

“I think DOJ is very active with regard to investigating and prosecuting, not only U.S. companies, but non-U.S. companies that divert items to Russia,” he said. “I think that is a focus.”

Other companies suggested to Export Compliance Daily they should not have been included in the list but didn’t respond to follow-up questions when pressed about their export compliance procedures.

One company, China-based Epic Crystal, said it “regretted” hearing it was on the list. “We nearly don't have the business with Russia” because its Russian customers “can not make payment into China,” a company official said in an email.

Customs data compiled by supply chain mapping firm Trademo shows Russia was Epic Crystal’s top importer the last four years.

Many of the other suppliers on the list have also been linked to trade with Russia in publicly available customs data, and Export Compliance Daily found references to Russian sales on several supplier websites.

Multiple former BIS officials, who requested anonymity to speak candidly about the agency, said BIS may be using the list as a way to pause sensitive U.S. shipments to shadowy companies as the agency investigates them for possible inclusion on its formal Entity List or Unverified List. BIS in August added about 30 of the suppliers to the Entity List, publicly accusing them of procuring items for Russia’s military or defense industrial base, including by selling U.S. origin parts to sanctioned Russian companies (see 2408230016).

Although former BIS officials applauded the red flag letter strategy -- saying it could help U.S. firms from inadvertently doing business with foreign suppliers that may be violating U.S. export controls but that aren’t yet subject to formal export restrictions -- industry officials said it can have lasting consequences for law-abiding businesses added by mistake.

The trade compliance official whose company was removed from the list said the error may have been caused by incomplete shipping data. The person guessed that shipping data may have shown that one of the company’s products was delivered to Russia, but it perhaps didn’t show, for example, that the company was using an export license or license exception.

David Lynch, global head of analytical solutions with risk intelligence firm Sayari, noted that company licenses aren’t captured in public data. Supply chain mapping tools and company ownership databases are used by many exporters to help with their export and sanctions compliance procedures, Lynch said, but they don’t always have complete information.

He said one challenge faced by companies is: “How do you bridge the gap between a public data feed and a nonpublic data feed?”

“We're proud supporters of BIS,” added Lynch, who said the agency is a customer of Sayari. “But I think they've got similar visibility challenges, if not more than those in the private sector."

Kuntamukkala made similar points, saying it can be “challenging” for both the government and exporters to glean information from murky company ownership structures and limited shipping data.

“It's easy to confuse one company for another, whether it's a translation issue or just confusion about what company owns another company,” he said.

“There's always some element of unknown."