Picture it. You’ve been chasing down an End Use/End User Certificate (EUC) on a new customer for weeks. Just when you thought you’d never get it, it appears in your inbox. You take a quick glance and note that all the boxes are filled in and it’s been signed. You’re done…or are you? There’s always a great sense of satisfaction when we can close one item and turn to our next activity. But how confident are you that you can just file away that EUC and move on? It’s become increasingly evident that we must pay attention to those EUCs and the information they contain. Here’s why.

First, EUCs are no longer one-size-fits-all in terms of certification statements. For example, if your company exports equipment subject to the Bureau of Industry and Security’s (BIS) 2022 Semiconductor and Advanced Computing Rules, you’ll want to ensure that your EUC addresses those specific prohibited end uses and end users in China. Besides this, in September BIS published guidance with a list of items by Harmonized System codes that they deemed “most significant to Russian weaponry requirements.” In this guidance, they advised that prior to shipping these items exporters should obtain a written assurance from consignees in countries outside of the Global Export Controls Coalition (GECC), whose participating countries include Australia, Canada, the 27 EU member states, Iceland, Japan, Liechtenstein, New Zealand, Norway, South Korea, Taiwan, the U.S., and the UK. Although BIS indicated that their suggested language was not meant to replace an exporter’s existing EUC, they did highly “recommend” that EUC language be reviewed to help prevent diversion through third countries to Russia.

Next, multinational companies must take into consideration that the countries in which they operate may require additional, more specific certifications to comply with their own export laws and regulations. For example, Taiwan has a Written Assurance template required to be completed and submitted with export permit applications. Companies must consider how to balance their screening accordingly to ensure that certifications are collecting sufficient information to satisfy each applicable country’s regulatory requirements.

Finally, Red Flag and Know Your Customer guidance continues to abound. Last March, the Justice, Commerce, and Treasury Departments published a Tri-Seal Compliance Note in which they underscored that common tactics to evade sanctions and export controls often include the use of third-party intermediaries or transshipment points to circumvent restrictions, disguise the involvement of Specially Designated Nationals (SDNs) or parties on the Entity List in transactions, and obscure the true identities of end users. The Note included a list of Red Flags to look for that could indicate a customer is using one of these tactics, such as last-minute changes to shipping instructions, use of personal email accounts instead of company email addresses, and transactions involving entities with little or no web presence. Some of this information is usually collected on those EUCs we file away.

Keeping up with EUCs and taking the time to review them carefully can been a challenge in today’s fast-paced environment, but in their model certification for Advanced Computing BIS was clear that “Obtaining the certification set forth in this supplement…does not relieve exporters, reexporters, and transferors of their obligation to exercise due diligence in determining whether items are subject to the EAR, including by following the “Know Your Customer” guidance in Supplement no. 3 to part 732 of the EAR.”

Here are some helpful tips to refresh those EUCs and define the due diligence work to be conducted once they’re in:

1. Draft an EUC procedure that lists all the scenarios for which an End Use Certificate must be collected. Identify who is responsible for initiating the request for completion, who is responsible for reviewing it, what the escalation process, if any, would entail, and where they should be stored.
2. Make sure the proper internal parties are reviewing the End Use Certificate. For example, is GTC the only team reviewing the EUCs? Are they most familiar with the customer? If not, who is? Add them to the review process and train them on Red Flag reviews.
3. Review your End User Certificates on an annual basis to ensure that the latest regulatory requirements impacting your products and technology are reflected. If you haven’t done so in a while, review Part 734 of the EAR, Control Policy: End-User and End-User Based to confirm your current EUC captures any additional required language. Communicate edits internally and don’t forget to update the page to which you may post your EUC templates.
4. After any EUC updates, identify any customers that should re-certify and request their review.
5. Make sure that End Use Certificates are listed among the documents required to be maintained with your export records.

Let BPE Global know if we can help you with any of your trade compliance needs, including a refresh to your EUCs. BPE Global is a global trade consulting and training firm. Evelyn Bernal is a Director of BPE Global. You can reach Evelyn by email at ebernal@bpeglobal.com or by phone at 408-718-0265.

View/Download PDF version here