DATE: October 16, 2008 SUBJECT: NCITD Meeting of October 8, 2008 This memorandum summarizes the presentations and discussion at the National Council on International Trade Development (“NCITD”) Trade Compliance Committee Meeting held in Washington, D.C. on October 8, 2008. Comments are in [square brackets]. The principal author within MK Technology was Kay Morrell, Esq. and Terence Murphy was the reviewer under standard procedure.

I. Off-the-Record Comments by Mr. Ori Lev, Esq., Senior Advisor to the Director, Office of Foreign Assets Control and Mr. Brad Brooks-Rubin, Esq., Attorney Advisor to OFAC, Office of the Chief Counsel, Office of Foreign Assets Control

Mr. Lev and Mr. Brooks-Rubin were invited to discuss the new enforcement guidelines recently published by the Office of Foreign Assets Control (OFAC). Because new laws have recently increased the maximum penalties that may be imposed on parties that violate the laws and regulations administered by OFAC, these guidelines were published to guide the actions of OFAC in assessing criminal fines and civil penalties. These new guidelines are intended to focus on cases that are of higher concern because of the threat involved to national security. One of the main features of the new guidelines is that it lists the factors, in the order of importance, that are used to determine if the case should result in a criminal action or an administrative penalty and the size of the criminal fines or civil penalties to be imposed. Mr. Lev reviewed these factors and questions asked by investigators in the same order of importance as established in the guidelines:

1. Willful or reckless violation of the law – If it appears that the violator was attempting to avoid compliance with the law, the matter probably warrants criminal action.

2. Awareness of the conduct – Is the company or individual aware of the transaction, even if they do not realize it is illegal?

Page 2

3. Harm to sanctions program objectives – Did the transaction confer an economic benefit to a sanctioned party? OFAC looks at the number of similar transactions, the size of the transaction, and whether or not the transaction would have been eligible for a license if there had been an application.

4. Characteristics of the person or entity involved in the case – How sophisticated is the individual or company with respect to these types of transactions? How big is the company? How many transactions is the person or company involved in on an annual basis? Is there a history of violations?

5. Compliance program in place – Does the individual or company have a compliance program in place and are they trying to follow its direction? Does the program assess risk for various transactions and provide meaningful guidance?

6. Remedial response to the violation – Did the individual or company take immediate steps to address the violation in order to prevent a similar violation from reoccurring? What steps were taken to change the practices which led to the violation?

7. Cooperation with OFAC in the investigation – Was this violation brought to OFAC’s attention as part of a voluntary self disclosure? Was the voluntary disclosure promptly made to OFAC as soon as the violation was discovered? Was all of the information in the violator’s possession regarding the transaction provided to OFAC as part of the disclosure? Did the violator conduct research to determine if there were similar, undiscovered violations in the past? If the disclosure was not a voluntary disclosure, was the individual or company responsive to OFAC investigator’s requests?

8. Timing of the violation – Did the violation occur because the foreign party was only recently added to one of the sanctions lists?

9. Enforcement actions by other U.S. Government agencies – Is the transaction already being investigated or pursued by another enforcement agency? Generally OFAC does not want to investigate and prosecute a case that is already being handled by another agency. This is partly due to limited OFAC resources and from a desire by OFAC not to over punish a violator.

10. Future compliance/deterrent effect – Will the investigation and prosecution of this case have a positive effect on preventing other companies or individuals from making a similar mistake?

11. Case-by-case factors – Are there any special circumstances or factors that should affect how this case is handled? This factor provides OFAC discretion to reduce civil penalties.

Although the new guidelines were published as an interim rule, they are currently being followed by OFAC investigators. Because they are part of an interim rule, the public is encouraged to provide comments or suggestions for further changes.

Page 3

Mr. Lev expressed OFAC’s belief that these guidelines will reduce the number of cases in which criminal sanctions are sought or large civil penalties are imposed. Mr. Brooks-Rubin then highlighted some of the other features of the new guidelines. One particularly important feature is the new “cautionary letter.” Under OFAC’s old practices, some cases remained open for several years, and the parties being investigated were not sure if a final decision would ever be reached. Under the new guidelines, OFAC investigators will have the authority to issue a cautionary letter as a final enforcement response. This cautionary letter allows OFAC to close a case without making an specific finding of whether or not a violation has occurred. It does not mean that the party is guilty or innocent, it simply means that the case is closed. A cautionary letter does not constitute a violation for purposes of determining if a company or individual has a prior violation, which can be important when OFAC calculates penalties in subsequent cases. A question was raised with respect to these cautionary letters. If OFAC has decided to issue the letter to close the case without determining if a violation has occurred, how will the party know if they can or cannot conduct a similar transaction? Mr. Brooks-Rubin responded that OFAC will attempt to draft the cautionary letter so that the party involved will know which activity in the transaction was of concern to OFAC. However, these letters will not always provide answers to every question that is raised. If the party still has questions about how to conduct a similar transaction, they should seek further guidance from OFAC through an advisory opinion request. Another important feature of the guidelines is the penalty matrix, which defines the penalty based on whether or not a case was egregious and whether or not there was a voluntary disclosure. The matrix provides a built in method for OFAC to avoid imposing maximum penalties unless the matter is an egregious case. It is OFAC’s goal to treat similar cases in a uniform manner. Mr. Brooks-Rubin issued a warning to companies that file an initial notice with OFAC that they are preparing a voluntary self-disclosure that will be formally filed with OFAC as soon as the company’s internal investigation is complete. While this is generally a good practice, companies should avoid taking too long to file the official voluntary disclosure or they run the risk of losing voluntary self-disclosure status. This is the result of several companies who have filed an initial notice and then taken several years to file the official disclosure or decided not to file any disclosure. Another feature of the guidelines is the “pre-penalty notice.” This notice is issued before the final determination by OFAC in order to provide notice to the company under investigation what penalties are permitted by the penalty matrix and what aggravating and mitigating factors are being considered. After such a notice has been issued, if additional facts are discovered that would warrant a larger penalty

Page 4

than was proposed in the notice, the final penalty may not be more than 10% above the amount proposed in the notice unless OFAC withdraws the initial notice and issues a new pre-penalty notice.

II. Off-the-Record Comments by Ms. Gillian Van Schaick, Managing Director and Head of Global Compliance, J.P. Morgan Treasury and Security Services

Ms. Gillian overseas compliance for all of J.P. Morgan’s overseas global securities businesses and Treasury services businesses. She was invited to provide NCITD with an overview of how her office handles party and transaction screening. Because of the more than 400,000 daily transactions they conduct, J.P. Morgan has developed their own screening tools. Most of these daily transactions are screened twice in the process before they are completed. On average, the screening process results in 5% potential “hits” involving listed parties or transactions. Ms. Gillian’s office has created a set of rules for addressing these potential hits. After these rules are applied, most of the potential hits are eliminated. Any remaining names or transactions must be reviewed by two different members of her staff. If they do not agree on whether or not to proceed with the transaction, the matter is escalated to a higher level for a final decision. The main issue for the compliance office is crafting the rules that are used to review potential hits. These must be reasonable and address various risk factors that are set by the company. These rules must also be crafted to consider multi-lateral laws and rules. The legal department routinely reviews conflicts-of-laws issues when the statutes and regulations of one country are not in agreement with the statutes or regulations of another country. For example, the laws of some countries do not allow J.P. Morgan to stop a transaction once it has begun. This is in direct opposition to other countries rules which demand that a transaction be stopped if one of the parties is on a watch list or denied parties list. Ms. Gillian’s office must craft their internal decision making rules to try and anticipate these situations. Another issue that is frequently encountered by her office is the difficulty in translating names from one language to another, particularly those languages that do not use Romanized alphabets, such as the Chinese language. The Romanization of Chinese characters can result in several different spellings, and the enforcement agencies have no guidance in how best to handle these issues. Similarly, her office must deal with multiple lists from multiple countries, how best to handle antiboycott issues, and how to identify politically exposed persons. There are no right or wrong answers for how to address these issues, and the way to handle these potential issues may vary from one company to the next depending on acceptable risk determinations by each company.

Page 5

III. Off-the-Record Comments by the Honorable Christopher Wall,

Assistant Secretary of Commerce for Export Administration, Bureau of Industry and Security, U.S. Department of Commerce

Assistant Secretary Wall provided NCITD with a regulatory update and projections for regulatory activity through the end of the year. As he noted last month in his comments to the Regulations and Procedures Technical Advisory Committee, the Bureau of Industry and Security (BIS) has an aggressive regulatory agenda which was developed in response to directives from President Bush. He noted that the Interagency review process tends to slow the regulatory process, and it is his responsibility to push the process forward. Because of these efforts, several measures have been recently published or are nearing completion. The regulatory changes which have been recently published include the following:

- Commerce Control List Reforms – BIS has recently published both the changes adopted in last year’s Wassenaar Arrangement plenary and several unilateral changes to non-Wassenaar items on the control list.

- Encryption Changes – BIS published minor changes to the complicated

encryption regulations. These changes should simply parts of the process, although more substantive changes are still needed and are still in the Interagency process. The changes in the recent rule drop notification requirements for items classified under ECCNs 5A992 and 5D992. The new changes also introduce the concept of “ancillary encryption.” [The definition of this new term has generated hundreds of questions to BIS and the agency is working to prepare additional guidance, which will probably be published on its website.]

- De Minimis Rule Reform – This long-overdue rule change relaxes some of

the requirements for the current rule. A one-time report is no longer required for foreign-made items containing less than the de minimis amount of U.S.-origin software. A report is still required for U.S.-origin technology content. The new rule also provides for the bundling of software and hardware in the value calculation process since it is often difficult to rationally separate these commodities for de minimis calculation purposes.

- Entity List Changes – This new BIS rule consolidated the lists maintained

by BIS. This was done because many companies failed to consult the list maintained under General Order 3. Companies must still separately

Page 6

review the lists maintained by other U.S. Government agencies, but this rule makes it easier when dealing with the BIS list.

- Intra-Company Transfer Exception – BIS published the proposed rule for

the new Intra-Company Transfer license exception. They have requested public comments on the proposed draft. Companies wishing to use this exception must submit an application to BIS. However, unlike a license, which expires after two years, the license exception will be permanent. The applicant must provide evidence of an adequate internal control plan, screening processes, self-audits, and training. The applicant must also agree to periodic outside audits.

Other regulatory initiatives that Assistant Secretary Wall hopes to have published before the end of the year include clarification of the Commodity Jurisdiction process, reforms to the night vision classifications, review of the Export Administration Regulations crime controls, and further unilateral changes to the Commerce Control List. Some of these issues will undoubtedly carry-over into next year, where they will also be considered with regulatory changes proposed by the Deemed Export Technical Advisory Committee and further rule changes to address Iran’s nuclear capabilities.

* * * *