Home-International Traffic in Arms Regulations ITAR- ISO PROS #21


International Traffic in Arms Regulations (ITAR) Implementation

The International Traffic in Arms Regulations (ITAR) is a set of regulations of the United States government that control the export and import of a specific list of munitions and services related to its defence. ITAR also includes Technical Assistance Agreements (TAAs), which may simply mean transferring knowledge of how to do something rather than the devices themselves.

Designed to control access by nationality and geography to different types of technology and information associated with them, ITAR prevents the disclosure of sensitive data to organizations or individuals overseas with a view to safeguarding US national security. The rules are very complex in detail and are applied rigorously.

ITAR-controlled exporters or manufacturers of items are obliged to register with the USA Directorate of Defense Trade Controls (DDTC) of the State Department. Then, these organizations are encouraged to create record-keeping ITAR compliance programs that include identifying, receiving and tracking ITAR-controlled items and technical data.

This is where ISo Pros will assist you to become compliant and stay compliant. Since 1999, penalties for ITAR infringements have sky-rocketed with the highest enforcement action to date being a $100 million action in 2007.

Penalties against companies generally require mandatory expenditures on compliance measures, including the selection of an Internal Special Officer for Enforcement. They may need an external audit as well. Companies may lose the right to export or participate in specific programs for a specific period of time in serious cases.

Need to be compliant with ITAR?

All defense articles manufacturers, exporters, and brokers, defense services, and related technical data must comply with ITAR.

Three big types of defense services are:

  • Providing support to international people, through training, for issues relating to articles of protection. That includes architecture, creation, fabrication, maintenance, etc.
  • Provision of managed technical data to foreign persons.
  • International groups and services for military training.

Technical data

Finally, there are three key technical data types:

  • Information for the design, development, manufacturing, and so on of defense items other than software. That contains sketches, graphs, documents, and more.
  • Classified details on publications in military and intelligence departments.
  • Technology contributing directly to the articles of protection.

Any public domain knowledge, or typically learned in classrooms, is not deemed to be regulated technological information. Neither are commercial details nor generic explanations of articles of protection. See a document from the Department of Defense Trade Controls: Getting Started with Defense Trade to help you determine if ITAR refers directly to you.

What are the sanctions for failing to comply with ITAR?

What happens if you disobey ITAR? We promise that this is a condition which you would rather avoid. ITAR breaches will result in penalties of $1 million or more per offense, as well as prison time and debarment (that means you risk your export license). Simply put, whatever the trouble of becoming compliant with ITAR, it’s considerably smaller than the consequences of not doing it! Today is the right time to call us at ISO Pros, to make sure you avoid any ITAR breaches.

On January 6, 2020, the US Department of State’s Directorate of Military Export Controls (“DDTC”) released a series of Frequently Asked Questions (“FAQs”) offering long-awaited information on the Foreign Traffic in Weapons Regulations (“ITAR”) registration and authorization conditions related to the delivery of security services abroad through natural US persons. This summarizes the main points below:

The FAQs explain that for a normal US individual to provide security services abroad, no registration with DDTC is needed, so long as it is the United States person that is also physically located outside of the US. Nonetheless, such a United States citizen will require DDTC permission until any security programs may be created, irrespective of whether it’s the assistance to be given inside or beyond the US. That is often the case of a United States contractor providing protection services to an international entity or through them. In some situations, DDTC may require security services that are provided by US natural persons to all foreign employers especially via general communications and pursuant for the relevant ITAR section.

All of the authorization shall be carried out for a total of four years, this is unless otherwise stated in the conditions of the authorization issued by the DDTC. While each foreign entity, including for a U.S. foreign contractor, may assist in promoting the filing of a request for authorization, the FAQs do make it very clear about the applicable compliance obligations which are imposed primarily on the U.S. natural person, this is rather than each specific foreign entity to which the U.S. natural person is to render the security facilities or for whom they are provided for.

While the practical application of this guidance is in the FAQs, it could also potentially address non-US concerns regarding local privacy legislation, the FAQs state specifically that international regulatory compliance requirements, as well as the EU General Data Protection Regulation, ” which happens independently of the ITAR, still doesn’t alter its criteria.”

The FAQs further specify that, with the degree that exporters and/or foreign entities are in proper faith adopting the frameworks proposed which have been revised by the law of 2015 on the procurement by defense services by U.S. persons overseas, which, amongst other items, included an exception for a U.S. contractor of any foreign person under certain circumstances, DDTC would generally consider the delivery for defense services by the U.S.

For more clarity on, inter alia, the specific information needed for the authorization request and the conditions to be fulfilled before the authorization request is sent, please see the full text of the FAQs.

Some short facts

  • When an item on the United States Military List (USML) is used in a broader item, then the broader article would be regulated under ITAR.
  • ITAR is based on an: Without an authorization or exception, no USML item can be published.
  • Arms Embargo: No USML item can be shipped to countries prescribed in 22 CFR § 126.1 without a warrant or authorization exception.
  • Further limitations extend to certain nations where shipments do not actually support international stability and US protection and foreign policy, as further forbidden in 22 CFR § 126.1.

Many executives in the defense sector know that failure to comply with the International Trade In Arms Regulations (“ITAR”) will contribute to severe liabilities for their companies.

Nonetheless, they also forget that enforcement may often be an essential aspect of a company’s marketing plan-good compliance with ITAR will strengthen the reputation of an organization and give it a leg up in a dynamic business climate. Here’s how.

  1. Competitive edge over other firms

Many of the goods and services rendered by government contractors are vital to the national protection of our country. Government consumers are keenly conscious of the value of conformity with ITAR to achieve this goal. When the business demonstrates advanced ITAR expertise, contracting officers may find this a beneficial advantage and a differentiating factor when comparing you with certain firms. Nevertheless, if the company needs essential ITAR expertise, contracting officers can see that as a nightmare waiting to happen. Companies structured to comply with ITAR have a competitive edge over other firms and offer them a leg up in the acquisition and retention of defense companies.

  1. For prime contractors, you will be more appealing

Under DFARS 252.225-7048, prime contractors are expected to meet ITAR specifications while performing their government contracts. They do need to “flow down” certain specifications to their subcontractors. If a subcontractor performs a violation of ITAR, such as inappropriate processing of technological data regulated by ITAR or failure to receive a TAA, the prime contractor might also be liable. As a consequence, prime contractors have been particularly reactive to their subcontractor ‘s enforcement capability. Simply stated, subcontractors with proven ITAR enforcement capabilities are healthier and more attractive for the prime contractor – those who do not have this capacity face greater risk. Thus being organized in compliance with ITAR will dramatically improve your capability in the eyes of your prime contractors and create expanded opportunities for business.

Let's say that your company is regulated under ITAR, what's your strategy to address this?

What is your regulatory game plan? We propose a three-prong approach for ITAR enforcement: classification, application, compliance plan.


This ensures you actually have to decide if the company is on the Munitions List and subject to ITAR. That is often referred to as deciding the product’s “export control and registration.” Remember at first, “When the company is on the Munitions Register, you are subject to these tests.” Ok, if you don’t search to see whether you’re on the registry, how do you know if you’re subject to such reviews? The first move, though, is to check the Munitions List and see if your product or service is on the list. At this point, businesses are still reviewing to see if their goods are classified under the Export Administration Regulations on the Commerce Control List (CCL).

The second approach is applied.

If you need a license for something, that simply means applying for it. Speak with ISO Pros, and get the certificate. Many people say, “If my commodity is ITAR relevant, I am not allowed to export it. I can’t manage international companies at all.’ That’s not the best way to look at it. Probably nothing is farther from the facts. In certain cases, if the item is subject to such restrictions, you should always conduct business overseas. Simply get a certificate or a Technical Assistance Arrangement (TAA), then obey the licensing conditions. Although the State Department does ban some goods that go to other countries, it also allows a vast amount of transactions. There are several companies doing vigorous foreign trading, even though their goods are dominated by ITARs. You only have to request for the correct licensing authority to negotiate with overseas companies and meet the other ITAR criteria.

Compliance Plan is the third approach here.

A compliance program is a management system for compliance with those laws in your company. Now, that you understand the rules, how can you bring all the other people in your company to recognize these requirements? Well, that is where this program for compliance comes in. In an enforcement plan, you are nominating an individual in your business to be in control of export enforcement, the coordinator of implementation, and it is the responsibility of that manager to be up to date with certain regulations. You follow formal rules and protocols on what to do in various circumstances, on export deals, for receiving TAAs, interacting with international citizens, foreign workers, handling information in your computer system containing ITAR technological data- Are we generating records in your computer system containing ITAR technical data? Because these rules are so complicated you do need some kind of system of enforcement in effect.

Legal support in cases concerning ITAR and USML

Our work with ITAR has helped us to cover every area of the regulations. We include advice on the classification of USML in terms of both hardware and software details and have recently been called upon to discuss developments arising from the overhaul of export control. We have received Material Jurisdiction determinations, where applicable, as to how an item is protected by the ITAR. ISO Pros often assists companies in securing export authorization and post-export retransfers of ITAR products. We have considerable familiarity with technical data problems in particular and have secured or amended hundreds of professional assistance agreements and production license agreements and applications for DSP-5 technical data licenses. We often support clients in the implementation or enhancement of enforcement systems and management monitoring strategies, ensuring that their ITAR approvals are properly configured and solving compliance concerns. Companies have also employed our administrative expertise in performing enforcement investigations, and due diligence on prospective acquisitions.

Our expertise and know-how are at your side. Tell us about your ITAR and USML issues using our contact form and one of our experts will be glad to assist you.