Refreshed Compliance Regulations and Controls

The Office of Research Compliance and Security (ORC&S) has undergone changes, now led by Director Kacey Strickland. This presentation aims to update awareness on Export Compliance Regulations like EAR, ITAR, and OFAC. It covers topics such as data security management, controlled technology transfers, and regulatory frameworks for preventing proliferation and terrorism. Learn about the different government departments governing various programs and the importance of compliance in international transactions. Stay informed to ensure adherence to legal requirements and maintain security protocols effectively.

• Compliance
• Regulations
• Security
• Export
• Technology

job_ta Follow

Uploaded on Sep 18, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. 1

2. 1. ORS is no longer a standalone department. We are now part of the Office or Research Compliance and Security (ORC&S) and the Director is Kacey Strickland. 2. We have physically moved away from the Research Park and are now located on campus at 53 Morgan Ave. 3. ORED has added a new position to ORC&S for Data Security Management. This position will provide policy guidance on CUI, NIST, CMMC, and overall compliance with restricted research data. 2

3. The goal of this presentation is to refresh your awareness of the Export Compliance Regulations EAR, ITAR & OFAC. This refresher should only be taken by those personnel who have completed either the CITI training or have attended one of the in-person ITAR briefings (MSU or ECS LLC provided). Credit will only be given to those personnel who have completed one of the 2 sessions mentioned above. This presentation does not count for an initial ITAR briefing. 3

4. Transfer of controlled technology, information, equipment, software or services to a foreign person in the U.S. or abroad by any means. For example: actual shipment outside the US visual inspection in or outside the US written or oral disclosure

5. Restrict exports of goods and technology that could contribute to the military potential of adversaries Prevent proliferation of weapons of mass destruction (nuclear, biological, chemical) Prevent terrorism Comply with U.S. trade agreements and trade sanctions against other nations 4

6. Depending on your specific program it can be governed by 1 of 3 different Departments of Government: State Department: International Traffic in Arms Regulations (ITAR), which pertain to inherently military technologies Commerce Department: Export Administration Regulations (EAR), which pertain to dual use technologies (civilian or military use) Treasury Department, Office of Foreign Assets Control (OFAC): Prohibits certain transactions with countries subject to boycotts, trade sanctions and embargoes 6

7. ITAR or the International Traffic in Arms Regulations is administered by the U.S. Department of State Directorate of Defense Trade Controls (DDTC) ITAR is based upon the AECA (The Arms Export Control Act), 22 USC 2778 & the International Economic Emergency Powers Act: 50 USC 1701-1707 The actual ITAR regulations that provide the governance of ITAR are found in 22 CFR 120-130 Chapter I, Subchapter M, Parts 120-130 ITAR governs Classified and Unclassified Defense Articles, Defense Services, Technical Data, Significant Military Equipment (as defined in ITAR 22 CFR 120) and items designed and developed, adapted, or modified in any manner for military use.

8. The US government restricts the release of strategically important technology and products for the purpose of: Limiting Weapons of Mass Destruction (WMD) proliferation Preventing our adversaries from obtaining the capability to threaten US national security Ensuring U.S. allies have the best equipment and know-how Preventing supply shortages of critical materials Supporting US foreign policy (human rights, trade sanctions, embargoes) 8

9. ITAR EAR (Dual Use Items) Heavily regulated Encourages trade Protection of national security primary 95% may be exported without license United States Munition List (USML) Commerce Control List (CCL) USML Category and Sub (ex. VII(a)(5)) ECCNs (ex. 9A610.y.8) Exemptions may authorize export without prior approval from DDTC Exceptions may authorize export without prior approval from BIS Everything is controlled Only services controlled are those associated with WMD proliferation 9 Extra-territorial jurisdiction for all items Country Chart

10. 10

11. 11

12. 12

13. Deemed Export - The release or transmission of controlled information, technology or source code that is subject to export control to a foreign national inside the U.S. This can be via discussions with students, graduate students, visitors or foreign researchers. Such a release of controlled information is considered to be an export to the foreign national s home country. Fundamental Research As defined by the National Security Decision Directive 189 (NSDD 189), fundamental research is any basic and applied research in science and engineering, the results of which are ordinarily published and shared broadly within the scientific community Information that results from Fundamental Research is not subject to export control. However, if a company, college or university accepts any type of restriction on a contract or project, be it on publication rights, dissemination of results, etc., the fundamental research exemption will not apply. Also known as Fundamental Research Exemption (FRE). 13

14. Technology Control Plan (TCP) The TCP is an internal university compliance document that is prepared by ORC&S with heavy input from the PI. It states the type of export-controlled information associated with a research project, and security measures to be taken by the PI to ensure access to the export-controlled information is controlled and managed. The TCP is signed by the PI and all who are working on the project. Once the TCP is in place it is the responsibility of the PI to ensure that all the security measures listed to safeguard the controlled information or technology are enforced. All members working on a controlled project must: 1. complete CITI training, 2. provide citizenship documents to ORC&S, and 3. sign the applicable NdA and TCP acknowledgement before working and charging time to the contract/fund number. 14

15. Technical Data For ITAR purposes: Information, other than software as defined in 22 CFR 120.10(4), which is required for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of defense articles. For EAR purposes: an export of technology that is required for the development, production or use of items on the Commerce Control List is controlled according to the provisions in each product category. Technology - Technical information beyond general and basic marketing materials about a controlled commodity. The term does not refer to the controlled equipment/commodity itself, or to the type of information contained in publicly available user manuals. Rather, the terms "technology" and "technical data" mean specific information necessary for the development , production , or use of a commodity, and usually takes the form of blueprints, drawings, photographs, plans, diagrams, models, formulae, tables, engineering specifications, and documentation. The "deemed export" rules apply to the transfer of such technical information to foreign nationals inside the U.S. 15

16. It is the policy of the United States to deny licenses and other approvals for exports and imports of defense articles and defense services, destined for or originating in certain countries. The exemptions provided in this subchapter, or when the recipient is a U.S. government department or agency, do not apply with respect to defense articles or defense services originating in or for export to any proscribed countries, areas, or persons. Exports or temporary imports of defense articles or defense services to countries that the Secretary of State has determined to be State Sponsors of Terrorism are prohibited under the ITAR. Exports to countries that the Secretary of State has determined and certified to Congress, pursuant to section 40A of the Arms Export Control Act (22 U.S.C. 2781) and Executive Order 13637, are not cooperating fully with United States antiterrorism efforts are subject to the policy specified in paragraph (a) of this section. The Secretary of State makes such determinations and certifications annually. 16

18. Sharing controlled information with foreign nationals in the U.S. Misusing the fundamental research exemption Inadvertently disclosing controlled information Forgetting to monitor the transfer of your foreign national employees Forgetting to screen end users even if the export is EAR 99 Misclassifying information & items Assuming a third party has the export control responsibility Failing to document your compliance properly Not understanding the nuances of export control reform Not having enough funding for training and export staff 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. *From Higher Education Webinar dated August 18, 2015, Top Ten Export Control Issues for Colleges and Universities presented by Baker Donelson, Doreen Edelman, Esq., and Klint Alexander, Esq. 18

19. If a student wishes to utilize any data or information that was derived from a controlled project in a dissertation or thesis, permission must be obtained from the contract sponsor prior to the use of the controlled information or data. Obtain the permission early (allow for 45-60 days for authorization) from the applicable contract authority, and get it in writing! 19

20. ITAR Penalties Violations of export control laws can have serious consequences which could affect all involved. The penalties vary depending on the circumstances (whether it was a "knowing" or "willful" violation in other words you knew you were breaking the law!), but the penalties for even lesser violations can include jail time and/or fines. Criminal: up to $1 million per violation and up to 10 years in prison Civil: seizure and forfeiture of articles, revocation of exporting privileges, fines of up to $1,094,010 for most AECA/ITAR violations; $946,805 for certain arms transactions to countries supporting international terrorism and $795,445 for making proscribed incentive payments in connection with offset contracts. Also the U.S. Government agencies that provide oversight & enforcement for the EAR and ITAR regulations are increasing their scrutiny of companies working in this arena. EAR Penalties OFAC Penalties Criminal: $50 thousand-$1 million or five times the value of export, whichever is greater, per violation, up to 10 years in prison. Civil: loss of export privileges, fines $10 thousand- $120 thousand per violation Criminal: Up to $1 million and 10 years in prison Civil: $12 thousand-$55 thousand per instance Note: There will not be just one charge for a single violation. History has shown multiple violations will be charged. 20

21. Know who can or cannot work on a controlled project Know who you can and cannot discuss/share project information Deemed export rule If in doubt keep discussions to your specific project/task group Protect information from unauthorized disclosure Remember security requirements are connected to the data, information, results and technology from a controlled research project UNLESS the contract sponsor has previously approved otherwise If you have any questions contact your respective PI, Co-PI or ORC&S 21

22. Chris Jenkins 325-0400, cjenkins@ors.msstate.edu Export Control Officer cjenkins@ors.msstate.edu ORC&S is now located on Campus at 53 Morgan Ave in the old faculty housing, near Oak Dormitories. Visit us online at www.orc.msstate.edu 22

23. Please print and fill out this slide after completing the 2021 Export Control Refresher training. Scan and attach it to an e-mail to ResearchSecurity@ors.msstate.edu I have completed the Mississippi State University Office of Research Compliance & Security 2021 Export Control Refresher briefing and understand my role in protecting controlled information from unauthorized disclosure. Employee Signature: ____________________________________ Printed Name: _________________________________________ MSU Net ID: _____________ Date : __________________ 23