The U.S. Department of Commerce's Bureau of Industry and Security (BIS) and the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) made headlines this week, announcing both the largest BIS settlement in history and the first OFAC enforcement action of 2018. In doing so, the agencies ended a relative lull in enforcement activity in a year in which significant changes to U.S. sanctions on Iran and Russia have been in the spotlight. 

On June 7, 2018, BIS announced a $1.4 billion settlement agreement with Zhongxing Telecommunications Equipment Corporation and its subsidiary, ZTE Kangxun Telecommunications Ltd. (together, ZTE). The revised settlement is the second historic U.S. government settlement with ZTE and the latest development in the company's export and sanctions-related troubles, coming 15 months after ZTE entered a $1.19 billion combined settlement in March 2017, seven-and-a-half weeks after BIS imposed a denial order against the company for making false statements to the U.S. government, and just three-and-a-half weeks after President Trump's tweet signaling his objection to that denial order. BIS emphasized that this week's settlement contains the "strictest BIS compliance requirements ever," which may create new compliance challenges for U.S. and foreign companies going forward. The BIS announcement also makes clear that the settlement will not be implemented fully until ZTE takes various steps, so U.S. exporters are not yet cleared to deal with ZTE.

The ZTE settlement came one day after OFAC's June 6, 2018, announcement of its $145,893 settlement agreement with Swedish telecommunications company Ericsson AB and its U.S. subsidiary Ericsson Inc. (together, Ericsson), for an apparent violation of the largely terminated U.S. sanctions on Sudan. The apparent violation arose from the participation of three former Ericsson employees in a conspiracy with Lebanese company BCom Offshore SAL (BCom) to violate the Sudanese Sanctions Regulations (SSR) through export and re-export of a satellite hub and satellite-related services from the United States to Sudan. OFAC also found that Ericsson AB appeared to have violated the International Emergency Economic Powers Act (IEEPA), the underlying statutory authority for the Sudan sanctions program, when it caused the U.S. seller of the satellite hub to violate the SSR. Though OFAC determined that the conduct giving rise to the apparent violation was egregious, Ericsson's prompt investigation, remediation, and disclosure of the problematic conduct likely contributed to the relatively low value of the settlement. 

The ZTE Settlement of June 7, 2018 

The June 7 BIS settlement with ZTE will replace the April 15 denial order with a new, 10-year denial order, which BIS will suspend during a 10-year probationary period that will include imposition of "severe compliance measures." BIS emphasized that the suspension of the denial order, which will remove ZTE from the BIS Denied Persons List of parties whose U.S. export privileges have been rescinded, will only remain in place subject to compliance with strict requirements, and that BIS may reactivate the denial order should additional violations occur during the probationary period. The "severe compliance measures" will include replacement of its entire board of directors and senior leadership and retention of a team of "special compliance coordinators" embedded in the company, but selected by and answerable to BIS. ZTE has further agreed to pay an additional $1 billion in penalties on top of the $892 million that it has already paid under its 2017 settlement, and to place an additional $400 million in suspended penalties in escrow. 

The revised settlement raises several key points for consideration. 

• U.S. exporters should not "jump the gun." Until ZTE meets the specified prerequisites and BIS formally amends its Denied Parties List to remove ZTE, U.S. exporters remain prohibited from engaging in export transactions with ZTE and its suppliers. Furthermore, the U.S. Congress has introduced legislation designed to reverse the BIS deal with ZTE, although at this early stage it remains unclear whether the legislation will gain traction and, even if it does, whether that legislation would be subject to serious legal challenge. What is clear is that despite Thursday's announcement by BIS, the ZTE saga continues to unfold and U.S. companies should monitor developments carefully to ensure that they do not re-engage with ZTE prematurely. 
• "Severe" penalties underscore the importance of transparent government communications. According to BIS press releases and public comments on ZTE's candor with the U.S. government over the past several years, one of the most notable aspects of ZTE's continued interactions with BIS is the lack of transparency and proffering of false statements despite warnings regarding the potential consequences for such conduct. Though political considerations, including President Trump's disapproval of the denial order and prior BIS engagement with ZTE, may have precipitated the latest settlement discussions, the ultimate outcome of the renegotiation – namely, the imposition of the "most severe penalty that BIS ever imposed on a company" – was likely due to the company's alleged pattern of continued misrepresentations in dealings with the U.S. government. Companies and attorneys seeking to mitigate penalties and restrictions in similar cases are well-advised to ensure that they are receiving clear and accurate statements of facts regarding the underlying conduct, and that all information communicated to the U.S. government is truthful. 
• ZTE's "special compliance coordinators" represent a novel BIS approach to compliance. BIS's announcement that it intends to appoint and install "special compliance coordinators" within ZTE represents a novel BIS requirement, the implementation and effectiveness of which has yet to be tested in other corporations in the U.S. or abroad. The settlement announcement states that such coordinators will significantly improve the speed at which BIS will be able to detect and respond to violations. It does not, however, describe the scope of the compliance coordinator role, how BIS intends to orchestrate reports back to the agency from abroad – especially in light of Chinese information security concerns and restrictions on data sharing – or what the reporting metrics will be. Going forward, companies that continue to do business with ZTE will want to pay close attention to the function that the coordinators will serve in ZTE's remediation efforts, and what, if any, role those coordinators may play in helping ZTE's business partners gain assurances that any business they conduct with ZTE going forward is fully compliant with U.S. law. 
• Creative strategies for U.S. government engagement may lead to more effective resolution of export controls and sanctions disputes in the future. Although the process by which BIS reached its renewed settlement with ZTE was admittedly unconventional, the settlement may ultimately achieve the compliance effects sought by BIS while limiting collateral damage to third parties, including U.S. companies. In calling for the removal of the ZTE leadership and requiring installation of BIS-selected coordinators, in tandem with imposition of a significant additional monetary penalty, BIS may ultimately obtain the compliance results it sought from the original settlement in March 2017. If the June 7, 2018, settlement is representative of a trend, companies willing to engage in creative negotiations may find increased traction in satisfactorily resolving difficult export and sanctions matters with the U.S. government.

The Ericsson Settlement Announced June 6, 2018

On June 6, 2018, OFAC announced a settlement agreement with Swedish telecommunications company Ericsson for an apparent violation of the now largely-terminated U.S. sanctions on Sudan. According to OFAC, the conduct in 2011 and 2012 underlying the apparent violation was egregious and included willful violations of the SSR that featured transshipment of controlled U.S. goods through multiple countries and an agreement among the conspirators to lie about the ultimate end-destination of the goods. The transaction also proceeded despite the fact that Ericsson's internal compliance department explicitly warned against shipping U.S. goods to Sudan in violation of internal company sanctions policies and U.S. law. Nevertheless, despite the serious nature of the underlying conduct, the settlement amount of $145,893 is only about 40 percent of the statutory maximum civil monetary penalty. A few key factors contributed to Ericsson's relatively modest financial penalty and the settlement provides valuable lessons for other companies that may need to navigate similar situations in the future.

• A thorough internal investigation puts your company in the best position to mitigate potential legal exposure. In its summary of the Ericsson settlement and the mitigating factors that led to the ultimate penalty amount, OFAC noted that the company performed a thorough internal investigation. In our experience, a thorough internal investigation is the best way that a company can position itself to mitigate and minimize its potential legal exposure in the face of an apparent sanctions violation. If conducted comprehensively and efficiently, an internal investigation puts a company at a strategic advantage in its dealings with the government because it will be armed with the information necessary to guide its strategic decision making. Beyond that strategic benefit, it also signals clearly to the government that the company is serious about discovering the truth of the events at issue. Moreover, if a company elects to share the results of its investigation with the government, it should establish credibility with the government and a commitment to cooperation and transparency – elements that are crucial if a company is hoping to reach a favorable settlement, as Ericsson did here.   
• Strong remediation and adoption of compliance enhancements. As one of the mitigating factors, OFAC also cited Ericsson's remedial response and adoption of additional compliance controls and procedures. In summarizing these steps, OFAC took the opportunity to note that the enforcement action "highlights the importance of empowering compliance personnel to prevent transactions prohibited by U.S. economic sanctions," with specific reference to the value of adequate compliance team staffing, access to sufficient resources, including technology, and empowerment to implement compliance efforts consistent with a company's risk profile. Companies seeking to mitigate the risks posed by non-compliant individual employees, such as those involved in the Ericsson matter, can be guided by these standards when implementing compliance safeguards.  
• Strategic engagement with the U.S. government can work to your advantage (but be careful). In this case, Ericsson clearly benefited from its decision to make a voluntary disclosure, sign a tolling agreement, and be fully cooperative with OFAC. Under OFAC's Guidelines, the potential financial benefit to companies in terms of the prospect of reduced civil penalties is clear. However, as the ZTE case above demonstrates, engagement with the U.S. government about apparent export control or sanctions violations must be done carefully and strategically so as to avoid compounding a company's legal problems and expanding its financial exposure. 
• Don't overlook exposure for past conduct under now defunct sanctions programs. Although OFAC's Sudan sanctions program was effectively ended in 2017, any violations that pre-dated the program's revocation could still give rise to civil or criminal liability. While OFAC's current enforcement priorities and designation practices would seem to suggest that Sudan is no longer garnering much attention, the Ericsson settlement is a reminder that companies are not entirely in the clear with respect to their Sudan activities. Thus, if you become aware of a potential violation within the five-year statute of limitations, it is still worth considering whether a voluntary disclosure to OFAC and an accompanying internal investigation are necessary and would be in your company's best interests, given the risks of not disclosing or investigating thoroughly.   

For more information, please contact:

Timothy P. O'Toole, totoole@milchev.com, 202-626-5552

Brian J. Fleming*

Abigail E. Cotterill*

Collmann Griffin*

Barbara D. Linney*

*Former Miller & Chevalier attorney

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.