- Humanitarian exports to Iran are permitted – within limits.
- Corruption can flourish in the midst of crisis.
- Export controls limit sharing technical data related to the virus with some countries.
- Compliance professionals should be proactive and visible during a time of crisis.
Despite the sobering news reports on the global spread of COVID-19, companies are continuing to try to conduct operations as (relatively) normally as possible. International business is particularly affected given the different responses and newly imposed rules in various countries. Moreover, the U.S. government response is continuing to evolve and what is permitted today could be restricted or prohibited tomorrow.
We thought it would be useful to highlight a few considerations for conducting business internationally in light of where things stand currently with COVID-19.
U.S. Emphasizes that Assistance Can Be Provided to Iran – To A Limit
U.S. sanctions prohibit U.S. companies and individuals from conducting virtually any transaction with or involving Iran. This has not changed.
However, there is a limited exception to these prohibitions when providing certain humanitarian assistance to Iran. To highlight the circumstances in which such assistance is permissible, the U.S. Treasury Department, Office of Foreign Assets Control (OFAC) recently published guidance about when such assistance is permitted. OFAC is the primary U.S. government agency responsible for administering U.S. economic sanctions.
In particular, U.S. companies and individuals can export medical devices and medicine to Iran when intended to minimize human suffering. U.S. nonprofits are also authorized to conduct certain transactions with Iran to directly support the Iranian people.
Yet even when transactions are authorized, there are limits on doing business involving the government of Iran or a Specially Designated National (SDN) of Iran. Given the significant role that the state of Iran plays in many of the country’s industries, including in the healthcare space, it is essential to proceed carefully even when a transaction is well-intended. All parties to a transaction, the financial terms of the transaction, and all goods and services to be supplied must be vetted carefully to avoid a violation.
Recognize Potential FCPA Issues in the Context of Crisis Response
The U.S. Foreign Corrupt Practices Act (FCPA), the primary U.S. law penalizing U.S. companies and individuals from bribing or offering, authorizing, or promising to bribe foreign officials, was not enacted to address bribery in the context of responding to a crisis such as the COVID-19 pandemic. But the U.S. government has aggressively interpreted and enforced the law over the past 15 years. There is no reason to think the U.S. government would decline to pursue enforcement action simply because it occurred in the context of a global health crisis.
It is often crises or other structural breakdowns – such as in the context of inordinately long permitting periods, challenging regulatory approval processes, or unilateral, opaque government demands – that create opportunities for corruption. It is easy to envision a situation where a poorly paid Customs official in the developing world refuses to allow the import of hand sanitizer without a bribe. A well-intended importer could very easily decide that payment is worth making to provide critical health supplies to a disadvantaged population.
Good intentions are not a defense to an FCPA violation. Many FCPA enforcement actions involve bribes paid to facilitate transactions that benefit both the bribe payer and the country in which the bribe was paid. Red tape and bureaucracy often slow down or even deter transactions that otherwise make a lot of sense. Even in the context of a global pandemic, the U.S. government is likely to view a bribe as a bribe and take corresponding enforcement action. This is especially true when the transaction is viewed through the lens of a regulator several years later, after the dust has settled.
U.S. Export Controls Limit Some Sharing of Information on COVID-19
The U.S. Commerce Department, Bureau of Industry & Security (BIS) administers U.S. export controls on samples of and technical data related to certain viruses and other diseases. In many cases, the controls are significant and exports can only be made with a license.
Importantly, U.S. export controls extend to the sharing and transfer of technology with non-U.S. persons in the United States. For example, a U.S. healthcare company that employs a non-U.S. national in its research & development department could require an export license to share certain technology and technical data with the non-U.S. employee, even when that employee is authorized to live and work in the United States.
The newness of COVID-19 means that BIS is still assessing how tightly samples of the virus – and technology related to it – should be controlled for export purposes. In February, BIS announced that COVID-19 is currently covered under Export Control Classification Number EAR99. As stated in the BIS announcement, the EAR99 designation means that an export license “is generally not required for export of [the] virus or its genetic elements to most destinations” or nationals. However, BIS also underscored that “certain end-users, end-uses, and destination countries may require a license for the export of [COVID-19, including technical data related to the virus].”
Remain Attuned to Policy Changes to Promote Compliance
While international compliance may not be the primary concern for many companies at present, the risk of potential violations has not decreased. In fact, in the context of this sort of crisis, there is perhaps more opportunity for personnel to take action without properly considering the legal ramifications. Compliance personnel should remain present, even if working remotely, and be proactive. When communicating with personnel, it is important to remind them that compliance and ethics are as important now as ever.
If you have any questions about international compliance during the COVID-19 global pandemic, please contact the authors of this post.