Skill Guide

US Export Administration Regulations (EAR) and dual-use technology classification

A U.S. federal regulatory framework administered by the Bureau of Industry and Security (BIS) that controls the export, re-export, and in-country transfer of commercial items, software, and technology that have potential military or proliferation applications (dual-use).

This skill is critical for mitigating severe legal and financial risk, enabling the lawful international sale of advanced technology, and protecting national security interests. Mastery directly prevents multi-million dollar fines, criminal penalties, and loss of export privileges, while enabling market expansion.

1 Careers

1 Categories

9.2 Avg Demand

25% Avg AI Risk

How to Learn US Export Administration Regulations (EAR) and dual-use technology classification

1. Master the structure of the Commerce Control List (CCL) and the Export Control Classification Number (ECCN) system. 2. Understand the core concepts of 'dual-use' and the distinction between EAR (commercial items) and ITAR (defense articles). 3. Learn the fundamentals of the license determination process, including reviewing reasons for control and license exceptions.

1. Apply classification rules to complex, integrated systems (e.g., a server with controlled cryptographic hardware). 2. Navigate specific regulatory frameworks like the Entity List and the De Minimis Rule. 3. Avoid the common mistake of over-classifying (placing items on the CCL when they are EAR99) or under-classifying (missing a controlled component within a larger assembly).

1. Design and implement an enterprise-wide Export Management and Compliance Program (EMCP). 2. Conduct internal audits and manage voluntary self-disclosures (VSDs) for potential violations. 3. Advise senior leadership on strategic business decisions involving restricted geographies (e.g., China, Russia, Iran) and align compliance with corporate risk appetite.

Practice Projects

Beginner

Case Study/Exercise

Classifying a Commercial Encryption Device

Scenario

Your company manufactures a network firewall with advanced encryption features (AES-256) for commercial sale. You need to determine its ECCN for a potential sale to a European subsidiary.

How to Execute

1. Use the BIS website to locate the Commerce Control List. 2. Navigate to Category 5, Part 2 (Information Security). 3. Apply the 'Note to Category 5' to determine if your product qualifies for mass-market treatment under ECCN 5A992 or if it falls under the more restrictive 5A002. 4. Document your classification rationale using the BIS classification request form (BIS-748P) as a template.

Intermediate

Case Study/Exercise

Assessing a Complex Technology Transfer

Scenario

A U.S.-based engineering team needs to share detailed schematics and manufacturing process data (controlled under ECCN 3E001) with a team in a foreign country to set up a production line. The destination country is not embargoed but has certain end-use concerns.

How to Execute

1. Identify the specific controlled technology (3E001) and its reasons for control (NS, AT). 2. Check the Commerce Country Chart to determine if a license is required for the destination. 3. Evaluate available license exceptions (e.g., TSR). 4. Conduct an end-use and end-user screening against the Entity List, Denied Persons List, and Unverified List. 5. Draft a memo recommending a license application or detailing the use of an exception.

Advanced

Case Study/Exercise

Designing an EMCP for a Fabless Semiconductor Company

Scenario

As the new Export Compliance Director, you must build a program from the ground up for a company that designs AI chips (potentially ECCN 3A090) and outsources fabrication to Taiwan and assembly to Malaysia.

How to Execute

1. Conduct a product audit to classify the entire portfolio. 2. Map the entire supply chain and data flow to identify all export, re-export, and deemed export points. 3. Develop written procedures for classification, screening, and recordkeeping. 4. Implement a training program for engineering, sales, and finance. 5. Establish a monitoring and audit schedule, and create a protocol for handling red flags and conducting VSDs.

Tools & Frameworks

Regulatory Databases & Software

BIS Consolidated Screening List (CSL)Commerce Control List (CCL) & ECCN Search ToolAutomated Export System (AES) / ACE Portal

The CSL is used for end-user/end-use screening. The CCL tool is essential for product classification. AES/ACE is the mandatory system for filing export information (EEI) for shipments.

Mental Models & Methodologies

Decision Tree for License DeterminationDe Minimis Rule Calculation FrameworkRed Flag Indicators Checklist

The Decision Tree is a step-by-step guide to determine license requirements. The De Minimis framework helps calculate the percentage of U.S.-origin controlled content in a foreign-made item. The Red Flag checklist is a tool for sales and compliance staff to identify suspicious orders.

Interview Questions

Answer Strategy

The interviewer is testing the candidate's practical, systematic approach to classification. A strong answer follows a clear methodology: 1) Gather technical specifications. 2) Search the CCL, starting with Category 3 (Electronics) and specifically ECCN 3A090 for advanced computing items and 4A090 for computers. 3) Analyze against the specific parameters (e.g., Total Processing Performance, Adjusted Peak Performance). 4) Check for applicable notes (e.g., the Footnote 4 to 3A090 for certain Nvidia chips). 5) Consult the Commodity Classification Automated Tracking System (CCATS) for prior BIS classifications on similar items. 6) Document the analysis and decide on self-classification or submitting a classification request to BIS.

Answer Strategy

This tests knowledge of 'red flags' and due diligence procedures. The core competency is assessing transaction risk. A professional response would: 1) Identify the red flags (suspicious end-user, high-risk destination, potential diversion to military end-use). 2) Place a hold on the order. 3) Conduct enhanced due diligence: request an End-User Certificate, verify the distributor's legitimacy, research the university's programs, and directly contact the end-user for clarification. 4) If suspicions are not alleviated, decline the transaction and consider reporting the incident to the BIS's Office of Export Enforcement via a voluntary self-disclosure or tip.