The Bureau of Industry and Security (“BIS”) released today the text of its proposed rule which would implement a new license exception for intra-company transfers and which the agency dubs, not surprisingly, license exception ICT. The new license exception will permit, among other things, transfers of technology between U.S. and foreign subsidiaries. It will also allow transfers of technology by a company to its foreign national employees working in the United States or for the company’s foreign subsidiaries. However attractive the exception is in concept, it is much less so as implemented by the rule, which runs to 23 pages of complex eligibility requirements and even contains what most would consider not one but two poison pills. Not to mention a raft of unanswered questions.

In order to be eligible to use the ICT license exception, a company must first submit a detailed application to BIS which requires, among other thing, a compliance program that meets certain requirements set forth in the proposed regulation, including corporate commitment to export compliance, a physical security plan, an information security plan, personnel screening procedures, a training and awareness program, a self-evaluation program, and non-disclosure agreements by foreign employees. In addition to providing the plan itself, the application must submit documentary evidence by the company of its compliance with each of the mandatory requirements just described. Only upon approval of this submission may a company begin to use the license exception.

So what are the poison pills? First, if the self-evaluation program required for ICT eligibility reveals any export violations they must be “voluntarily” disclosed, which could lead to criminal penalties including jail time and civil penalties of up to $250,000. Second, the exporter relying on the exception must agree to a BIS audit every two years. I suspect that for many companies, the mandatory “voluntary” disclosure and the mandatory biennial audit may constitute a strong deterrent to utilizing the new license exception.

As for the unanswered questions, the rule is less than clear about how it operates in the context of a merger or takeover of a company using the exception. Without further clarification it would seem that a company that uses the exception would need to have the merger or takeover “approved” by BIS prior to closing. Otherwise all technology transfers subject to the exception would have to cease at closing, something which is likely to be quite impractical.

Another significant limitation of the proposed rule permits use of the license exception in only 37 of the 194 countries of the world. Countries eligible include the countries of Europe, including Eastern Europe and Scandinavia, as well as Turkey, Japan, Australia, and New Zealand. The only eligible countries in the Western Hemisphere are Canada and Argentina. Mexico, Brazil and Costa Rica, among others, were deemed unworthy by BIS, as were Russia and the former Soviet States, the entirety of Africa, the Middle East and Asia. Luxembourg is eligible but, strangely, Liechtenstein is not. H.S.H. Prince Han-Adam II is said to be not amused at all.

The Bureau of Industry and Security (“BIS”) released today a revision of the de minimis rules which BIS touted as a major simplification of the rules. I think most people when reviewing the new rules will find them as complicated as ever.

The de minimis rules are an effort by BIS to define when the U.S.-origin content of a commodity is sufficiently small that the commodity will not be deemed to be subject to the export control restrictions set forth in the Export Administration Regulations. When U.S. content doesn’t satisfy the requirements of the de minimis rule, then the incorporation of that content, even if that content is not itself subject to U.S. export controls, into a commodity may subject that commodity to U.S. export controls.

Leaving aside whether the new rules are ultimately a simplification or not, there is one significant area in which the new rule may permit a de minimis finding where the old rules would not — namely, hardware commodities that bundle U.S. origin software. Under the prior rule, the de minimis calculation had to be made separately for hardware, software and technology. Under the new rule, the value of “bundled” U.S.-origin software will be compared with the value of the hardware. If it constitutes less than 25% of the commodities value (or 10% in the case of exports to Cuba, Iran, North Korea, Sudan or Syria), then the de minimis rule applies and the commodity is not subject to U.S. export controls.

The new rules define bundled in a broad way that would go beyond pre-installed software but which would also include un-installed software distributed on a separate disk with the hardware. Think printer drivers, for example. To qualify as bundled software, the software must be exported or re-exported with the hardware and must be configured for the hardware. Additionally, if the software is listed on the Commerce Control List it must only be controlled for anti-terrorism reasons. Software that is controlled for export for other reasons can slip out of the country under the de minimis rule no matter what percentage its value bears to the value of the hardware with which its bundled.