Exporting EAR99 Items to China: Not as Simple as NLR

The Takeaway: Exporting to China Carries Immense Risk

In case you do not read any further, remember this take-away: Exporting to China, either directly or indirectly, whether tangible or intangible items, carries immense risk.  All scenarios are affected, whether it be directly to your Chinese customer or through a domestic or international reseller/distributor; whether it be hardware, software, services, or technical data; regardless of whether it is exported electronically or physically, orally or visually – all scenarios are affected by the current regulations surrounding China.  This includes deemed exports.

Why Export Compliance with China Has Changed

So, what does this mean for companies like yours?  It means that robust due diligence is required and that the old way of thinking about export compliance may be inadequate.  Times have changed, forcing companies to enhance their current policies and procedures to not only ensure that their transactions are legal, but also to protect our national security.  Export controls and enforcement are at the center of national security efforts by the United States Government, and they expect you to be aware of the risks and adjust your compliance programs accordingly.  So many of these technologies (AI, quantum computing, semiconductors, aerospace technology, gene editing, etc.) are so powerful that they have profound military applications.  This is significant – whoever can get these technologies in a superior state first can radically enrich and improve their military capabilities – this is why advanced technology is being restricted; to prevent it from getting into the hands of bad actors.

China’s Military-Civil Fusion Strategy

According to a 2021 Department of Defense report,  China is working to develop the People’s Liberation Army (PLA) into a “world-class military” by 2049 and is using a military-civil fusion strategy to accomplish this.  Military Civil Fusion means increasing collaboration between China’s civil research and commercial sectors and its military and defense industrial sectors with the goal of achieving military dominance.  China also contributes to other nations’ Weapons of Mass Destruction programs and supplies Iran and Russia as well as others.  Both heavily sanctioned countries.

But it goes beyond advanced technologies that were referenced earlier, such as AI and quantum computing.  And this is important – China is relying on low-tech, widely commercially available components made with US technology to accomplish their long-term goal. Keep in mind that low tech can also mean EAR99 items.

From a regulatory standpoint, you can count on export licenses submitted for ITAR items, as well as commercial satellites and firearms under the EAR to be denied.  Items subject to multilateral controls require an export license, and officers are taking the time to review those applications for risk of contributing to China’s military capabilities.

Understanding Military End Uses and Military End Users

Hopefully you are familiar with the terms Military End Use and Military End Users, as well as Military Intelligence End Use/Users, all defined with the EAR under § 744.21 Restrictions on certain ‘military end uses’ or ‘military end users’.  This is one of those times where words matter and in-depth analysis is required by exporters to understand what these terms mean per the regulations.  In case you are not familiar and need a refresher – no problem!  At a very high level, if you export an item to China or Hong Kong (including EAR99), that is to be incorporated into a military item, the EAR captures that as a military end use.

Let’s think about military end users (MEU).  The EAR describes an MEU as national armed services such as the army, navy, marines, air force, or coast guard, as well as the national guard and national police, government intelligence or reconnaissance organizations, or any person or entity whose actions or functions are intended to support ‘military end uses’.   So what exactly does that mean?  Well, if you export an EAR99 item NOT to a traditional military service, such as the army, but instead to an entity that supports a military end use or user then they are a military end user.  For example, Jincheng Group. This is a well-established entity, founded in 1995 and specializing in motorcycles and vehicles.  Because of their support of military end uses and users, they are designated as an MEU.  Things are not always what they seem when it comes to China.

Restrictions on U.S. Persons and Service Providers

There are even Restrictions on US Persons under Part  § 744.6 Restrictions on specific activities of “U.S. persons.”  This states that US persons may NOT ‘support’ several prohibited activities, including supporting a military intelligence end use or a military intelligence end user in several countries, including China.  The EAR goes further to explain what support means and what you might find most surprising is the first bullet – which captures items NOT subject to the EAR where you know it will be used by a Military Intelligence End User (MIEU) and that facilitating such a shipment, transmission or transfer or performing any contract, service, or employment you know may assist or benefit a MIEU is prohibited. This seems confusing, so let’s break it down:  If you are a US person (remember that includes foreign subsidiaries to US entities) conducting business with China, you must ensure that the Chinese entities, including those in your supply chain, are not MIEUs.  And it’s not only related to export sales, but support also means ordering, buying, removing, concealing, storing, using, selling, loaning, disposing, servicing, financing, transporting, freight forwarding, or conducting negotiations in furtherance of.  Support includes activities such as brokering or facilitating sales of foreign-origin items that are not even subject to the EAR, as well as consulting services, etc.

What if you are a company that provides a service such as Training?  You are not necessarily exporting hardware, but perhaps you are conducting training for an AI model in China.  You may think this is benign, but as the entity providing the training, it is your responsibility to ensure that attendees and the entities they work for are not involved in activities that may support weapons of mass destruction or military-intelligence end uses or end users.

China Hospital Example: Why Due Diligence Matters

What if you are exporting to a hospital in China and it is not EAR99? As with any export, classification is key to determining the applicability of the regulations.  Is your item controlled in China?  Does it fall under Supplement No 2 to Part 744, which is a specific list of items subject to the military end use or end user export license requirements?  What about the end user and end use?  When conducting due diligence on the Chinese hospital, it is important to not make assumptions that a hospital is not an MEU.  For example, is this hospital a “military hospital” that is part of the national armed services of China?  What is the patient population served by the hospital?  Does it develop, produce, maintain, or use military items?  As a Communist Country, China can leverage benign places such as a hospital to do not-so-benign things.

Let’s take a deep dive into this example.  There is a hospital in China called 301 Hospital.  I do not see it called out on any lists as an entity that we cannot do business with, yet, going through the Know Your Customer (Supplement No. 3 to Part 732—BIS’s “Know Your Customer” Guidance and Red Flags) due diligence steps, they appear to be a Military Hospital.  A little bit of online sleuthing shows that they are the largest military hospital in China and serves mainly military personnel and I found articles that showed certain sections of the hospital are restricted due to senior officials being treated there, where it is common to conduct business while an admitted patient.  If I were sitting in your shoes and was performing due diligence on this entity, I would determine that this was a Red Flag and classify it as a Military End User.

You may be thinking – well, if they are an MEU why doesn’t BIS add them to the MEU list?  If only things were that simple!  BIS stated in the regulations that the MEU list is not exhaustive, meaning that the burden is placed on industry to assess and understand if their customer is going to collaborate towards military end uses.  You may be wondering, “Why is this so confusing?!”  This all comes down to what was mentioned earlier: China is working to develop the PLA into a “world-class military” by 2049 and is using a military-civil fusion strategy.  It is becoming increasingly difficult to distinguish “dual use” from commercial technology.

As an example, I learned recently that the same chip that is used for an algorithm to recommend which movie to watch at home is the same one that can test hypersonic missiles.  This is what is meant by military-civil fusion.  This makes it extremely difficult to determine whether an end user is a “military end user” or if the end use is a “military end use”.   Although these rules have been in place for several years, many companies, small and large, are struggling to comply with the limited tools available today.

Why Screening Against Government Lists Is Not Enough

What we have learned over the years is that if your company is engaging with China, long gone are the days of a quick screening against the CSL.  Now, screening against the CSL is only Step 1 of a multi-step process.  Exporters must vet the entire proposed transaction to ensure compliance with the regulations.  Exporters must also screen addresses to capture shell companies that change their name to avoid detection but remain at the same address.  Remember – the CSL is a public list; it is not a secret when an entity has been added to a List and many bad actors will do all they can to avoid a disruption in business.  Understanding who your Chinese customer is, including all end users and end use, is vital to compliance.

Recognizing and Investigating Red Flags

Let’s talk about what the due diligence requirements are, starting with Red Flags – a term used by BIS with guidance provided in Supplement No. 3 to Part 732—BIS’s “Know Your Customer” Guidance and Red Flags of the EAR.  Some  examples of Red Flags are:

Perhaps your Chinese customer or entity involved in your transaction is not called out on any government lists, but their name is like an Entity Listed name. This is why it is important to utilize “fuzzy” searches or to adjust the algorithm within your screening tool to capture these nuances.  This would be considered a Red Flag to be further investigated.

Do their English and Foreign name variants match?  Be on the lookout for the use of commercial aliases and subsidiaries for state-owned research institutes and factories.  This means understanding the legal name of the entity you are doing business with, compared to an alias used for business.

Does the Chinese Entity share spaces with entities of concern?  Remember that the EAR defines “knowledge” and if your Chinese customer shares space with an entity of concern, that would certainly be a Red Flag.

Does the Company have production agreements or close affiliation with the military?

Is the Company address different than the proposed export destination?  Remember, a change in entity, entity name, or address should trigger a new due diligence review.  Why?  Because the fact pattern has changed, your due diligence process will need to start over to reflect that.

What about end uses that are generic?  Do not fall for “this item is for civilian end use”.  It is important to drill down and gather additional details.

Does the entity have little to no online presence?

Is the end user listed as a distributor, reseller, or freight forwarder?  Remember, these are not end users!

Do they manufacture, sell, etc., both commercial and military items?

Does the Chinese entity have both commercial and military production at the same location?

Has your Chinese customer done business with Russia, Iran, North Korea?  Think about OFAC and secondary sanctions.

Are there differences between the English and non-English versions of the company’s website that raise red flags?  It is known that some Chinese entities have 2 versions of their website – when you click the American flag at the top or “translate to English”, the “translation” does not always match.

Is this a new customer ordering items that were customized or modified for a prior customer, who is now designated on the Entity List?  Orders resembling those of prior Entity List customers may indicate ongoing prohibited activities.  This is not a coincidence; it is a Red Flag.

Building a Defensible Due Diligence Process

Remember your record-keeping requirements and to keep all your due diligence, or what I will call proof, of any export transaction.  Depending on how your company conducts screening, this may include screenshots of an entity that has been cleared. The key here is to have a defensible position if you determine that your export to China is compliant.  This is in addition to the record-keeping requirements in the EAR.  Your due diligence file should include: Where is my item really being used?  For what purpose?  Is this even a “real” company or a shell company?  Not sure – Request their business license.  Why does this company want my item?  My software?  My technology?  For what purpose?  Even if you are not exporting, perhaps you’re performing a service.  Questions to ask: Why?  How is this Chinese entity benefiting from the service we are offering?

We know that Chinese companies are not truly independent in China – it’s a Communist Country.  We know that they are held to China’s internal governmental authorities.  Remember that these are National Security issues – the US Government is not trying to curtail your business, but instead, protect our country.  If you are performing a service, even if it is EAR99, and your end user is developing or producing, for example, advanced-node IC’s, that is prohibited under Part § 744.6.

So how are companies that do not have 100’s of compliance personnel supposed to accomplish this?  Slowly and methodically.  It’s not about just obtaining an end user certificate, because we all know that bad actors most likely aren’t worried about lying on an End User Form.  They will certify anything to get the technology needed to advance their needs.  Additional forms assist with risk mitigation, but it’s also important to know all the details.  Companies need to assess their risk appetite and understand that when dealing with a high-risk country such as China, what was done at your company 5 years ago needs to be reviewed due to the rapidly changing regulations.  The export environment has changed, supported by laws and regulations that must be followed – they are not optional.  Companies need to be thoughtful and understand there is not a 1 size fits all approach.

A Practical Framework for China Transactions

This means that if you have a transaction to China, exporters should pause… it takes a long time to perform the due diligence as explained here.  It is not practical to receive an order for China and think that the due diligence will take an hour or two.  Think through and perform the following:

Screening (remember to screen the entity and then its address, be on the lookout for aliases)

Know Your Customer – this goes beyond googling and obtaining a website, but it’s a start.  Use the guidance provided by BIS as a starting point.  What is the company structure?  What are their commercial activities?  Remember that Chinese companies could be supporting civil-military fusion.

End use – is it restricted under the EAR?  Remember Military End Use and Military Intelligence End Use Screening.

End User – is it a Military End User or a Military Intelligence End User?  Remember, these are not solely driven by lists provided by the US Government.  The current MEU list serves as a convenient reference for the public to identify companies already designated as military end users.  However, the MEU rule applies universally to companies meeting the military end user criteria, regardless of whether they appear on the list.

End User Forms – Obtain an end-user form or certification with detailed information on all proposed parties to your transaction, including the end user, and the intended end use for specific transactions. The customer should also certify that it will not export, reexport, or transfer (in-country) advanced computing ICs for restricted ‘military-intelligence end uses’ or ‘military intelligence end users,’ or for WMD.

Remember not to self-blind.  Obtaining the EUF is not a check in the box.  If at any time you gain “knowledge” that an entity is an MEU or the transaction is a military end use; the EUF will not protect you.  The fact pattern has changed.

In summary, exporting to China is not the same as exporting to Canada, meaning the due diligence required should not be the same.  Companies need to not only assess the risk but make decisions on what their risk tolerance is.  It is necessary to get into the weeds and make a risk-based decision when reviewing China requests.  This means All Hands On Deck – compliance does not only sit with your Export Compliance Department or with 1 person.  Sales, Customer Service, Finance, Shipping, the Service Department, IT etc. all have a front row seat to the transaction and need to be hyper vigilant when it comes to high-risk countries such as China.

At the end of the day, companies need to determine if they can support this level of enhanced due diligence required to comply with the current export regulations.  While also thinking about the future – Will this item need support down the line pertaining to parts, service, software upgrades or technical data; and if so, are we prepared to perform this due diligence again from the start?  Do we truly understand the nuances of military end use and end user to make this determination?  Another business decision is thinking through the value of the order while taking into account your risk appetite – is it worth it if you get it wrong?  Some companies have a USD value tied to their program – what I mean by that is if it is a free software trial, they will not fill the request.  If the parts or components are under a certain USD value, they do not fill the request – the value is not worth the risk.

The Future of Export Controls in China

Keeping all of this in mind, it is fair to say that the future state shows tighter US export controls in China, and not only chips, quantum, aerospace or biotech.  It is anticipated that there will be additional ECCNs and export license requirements with more entities added to the BIS list.  BIS revised ECCN 2B352 in December of 2024 to include peptide synthesizers because of BIS’ concern that these emerging technologies could be used to produce controlled toxins for military or intelligence purposes – this means that under ECCN 2B352.k, an export license is required for China.  Industry should certainly expect aggressive export control enforcement going forward as there does not appear to be an end in sight.

Final Thoughts: Risk-Based Decision Making

The best compliance advice I can give when it comes to China is to pause…perform all the due diligence required, obtain certifications, take your time to make sure that there are not any Red Flags prior to proceeding.  Understand your company’s risk appetite and make a risk-based decision on the outcome of your findings.

At the end of the day, after completion of all due diligence, if there is still uncertainty regarding the status of an entity, BIS recommends submitting an Advisory Opinion.  Another option would be submitting an export license application while providing all evidence of why this entity is not an MEU.  Calling out all the steps your company took to research the entities involved to show that they are not an MEU, share screening results, include the steps taken to eliminate Red Flags, include all supporting documentation such as the EUF, etc., and request that the license application be RWA’d (or Returned Without Action).

Need Help Navigating China Export Compliance?

Overwhelmed with the thought of exporting to China?  You are not alone!  Let our team of experts at Export Solutions help you! We can offer assessments to challenge your current compliance program or aid in building one from scratch. Contact us today for a free consultation. The cost to stay compliant will always be less than your costs if you violate the laws.