On: November 10, 2021 | By: Matthew Silverman | 7 min. read
Whether you’re sitting down to write your company’s export compliance manual from scratch or already have a framework in place and just need to make revisions and updates, developing and implementing an export compliance manual can be a daunting task. The following provides tips and insights into drafting a comprehensive, accessible and auditable export compliance manual that can be implemented companywide.
One of the first questions to ask as you put together your export compliance manual is how you are going to differentiate between export policies and export procedures. “Policies and Procedures” often get grouped together, but really, your corporate policies (whether related to export compliance, FCPA, labor/employment, etc.) are different from the specific procedures and/or processes that help ensure compliance with such overarching policies.
In my time as a trade compliance lawyer and professional, I have seen export “policies” that are five or ten-plus pages in length—when you add them all up, those can make for an export compliance manual that is 100-plus pages! A lengthy manual may suit your team and your organization, however, it certainly isn’t a requirement from the regulator’s perspective. Whatever your personal preference, the applicable regulatory agencies, such as the US Department of Commerce, Bureau of Industry and Security (BIS), are not necessarily looking for a long export compliance manual filled with detailed desktop procedures and processes. But that also doesn’t mean such procedures and processes don’t have a place and should not be included within your manual.
Consider writing trade policies that are concise, understandable and that include within them links or addendums to procedures, processes and/or step-by-step work instructions that provide more detailed guidance and help to ensure the policy is being adhered to. For example, an export licensing policy could be as simple as the following four points:
Of course, your company’s export licensing policy doesn’t have to be only four sentences. The point is: Policies should simply set the framework, not tell the entire story. Your export compliance team probably follows step-by-step instructions or guidelines to request licenses, collect end-use statements and to utilize different types of license exceptions/exemptions—but all of that doesn’t necessarily need to be in your policy. That information can be included in a separate document that is linked to from your overall policy, but not necessarily included within its four corners.
When it comes to maintaining an export compliance manual, BIS gives straightforward and succinct guidance , including the following pieces of insight, on which I have elaborated below:
This guidance seems simple, but the reason BIS likely includes it is because many companies tend to write very generalized policies and procedures—so generalized that they provide little to no actual guidance to the export compliance professionals and other internal stakeholders who require detailed instruction and/or step-by-step processes to do their job, which can also make for difficulty in auditing such processes down the road. Policies or procedures may also be irrelevant to the company’s industry, products, or operations and therefore, should be excluded. A few examples:
Again, relatively simple guidance offered by BIS that is still necessary to iterate because so many export compliance manuals are written by export compliance professionals who have knowledge and familiarity with terms, legalese and/or shorthand that the average company employee may not understand. This can be aided by including a “glossary of terms” within the manual for reference by employees. Also, be sure to spell out acronyms (e.g., FTA, DDTC, AES) and define/explain concepts (e.g., deemed export), at least initially, in the body of the document itself—this is especially true for policies and procedures that will be consulted by non-export compliance personnel. As for the overall structure and form of the policy or procedure itself, be sure to seek input and accept constructive criticism from those same non-export compliance personnel to ensure they are able to understand and follow the guidance, prior to its publication.
As mentioned earlier, while an export compliance manual should be comprehensive, there is no reason that it needs to include every single export procedure, detailed process and/or step-by-step instruction within the four corners of the manual itself. An organization may be better served in having an export compliance manual with generalized policies that include references or links to those operations and procedures that BIS wants to be “captured” by the manual. This same BIS guidance states that the length of an export compliance manual could “range from a dozen or so pages to 100 or more.” Length, therefore, doesn’t seem to be a defining characteristic of a well written and comprehensive export compliance manual. What’s more important is that your manual is relevant, understandable and comprehensive. There is flexibility as to exactly how you and your team accomplish these objectives, as BIS has left a lot of room for professional creativity!
Regardless of how your export compliance manual is structured, organized or the length it, if your manual isn’t implemented within the business, it’s not doing much good. Companies spend a tremendous amount of time drafting and improving export policies and procedures, include them in a well-organized and designed manual … and then simply let them sit on the proverbial shelf. Maybe the compliance group goes a step further by sending a mass email to the company, to the effect of: “Here is the new export compliance manual, please read it.” But no one does.
While some of the policies and procedures included within your manual may only be relevant to the export compliance team, many others will likely have impact and overlap with numerous functional groups within the organization—e.g., sales, HR, engineering, IT, procurement, supply chain, and logistics. And to a larger extent, many of the concepts and policies within export compliance could arguably apply to everyone within a company, regardless of title, role or geographic location. Therefore, the step of implementing an export compliance manual after it has been drafted and published is crucial to the success of a company’s export compliance program. But what does it mean to implement the manual? Below are a few ideas and suggestions:
Before writing your export compliance manual, get the necessary approval to conduct in-person or virtual training on the relevant sections of your manual for the applicable functional groups, sites and/or individual stakeholders within your organization. If your manual is 200 pages, don’t try to train on all 200 pages (your HR team in the U.K. doesn’t need training on the export license determination process in the U.S.). Instead, choose policies and procedures that are most applicable and most relevant to the trainees, and develop a training program (or programs) based on those. Finally, training doesn’t have to be all or nothing; consider splitting up training sessions based on the content or audience over an extended period of time.
Maybe you have an export policy on hiring foreign nationals; maybe you have a technology control plan that dictates how ITAR-controlled technology can be shared; maybe you have a visitor management policy specific to export-controlled sites. All these are examples of export policies that have significant overlap with other functional groups: HR, IT and security, respectively. If your policies are not part of their policies, they may not be adhered to. No employee is going to look to two different manuals when it comes to sending a secure email or hosting a foreign national visitor, nor should they need to. Work with different functional groups proactively (ideally before publication) to ensure that your export policies and procedures are consistent with and incorporated within similar and/or overlapping policies and procedures across the business.
There’s a long list of potential policies and procedures that should be included in an export compliance manual. While you and your team are working hard to develop those, don’t forget the “simple” things that BIS also wants to see in a compressive export compliance manual:
Like what you read? Subscribe today to the International Trade Blog to get the latest news and tips for exporters and importers delivered to your inbox.
Matthew Silverman is the Global Trade Director & Senior Counsel at VIAVI Solutions in Scottsdale, Arizona. Prior to joining VIAVI Solutions, Matt held trade compliance roles in the technology, aerospace and energy industries, with specialization in export controls, economic sanctions, antiboycott law and customs. Matt is the CEO of The Blueprint Organization, a consulting firm dedicated to building champions networks. Matt’s new book, The Champions Network: A Blueprint to Expand Your Influence and Spread Big Ideas in Any Organization, is available October 3, 2023. Prior to his corporate career, Matt worked in Washington D.C. on trade policy and legislation. Matt began his legal career as a litigator in Chicago, Illinois. Matt earned his bachelor’s degree from the University of Michigan - Ann Arbor, his J.D. from Loyola University Chicago School of Law and his LL.M. from Georgetown University Law Center in Washington D.C.