Change can be hard, and nothing reminds us of that more than each Federal Register notice published that announces a new way in which the regulations are amended to implement sanctions. In the latest round of the now familiar game of “don’t get comfortable,” BIS published on June 18, 2024, a Federal Register notice that included, among other updates, the implementation of changes to the Entity List structure whereby now addresses only can be added to the Entity List. Here’s why that’s not as simple as it sounds and why it may be time to revisit your current screening processes.

First, a little background on why the change was implemented. In their justification of the change BIS pointed out that a company co-located at the same address as a party on the Entity List has long been considered a red flag, but further asserted that “there are some situations where a more definite license requirement is warranted for addresses that are repeatedly used by companies engaged in activity contrary to U.S. national security or foreign policy interests.” Therefore, to prevent dealings with any company operating at high-risk addresses, BIS is now adding the addresses to the Entity List without an accompanying individual or company name. Now any party with a restricted address is to be treated as a restricted party, named or not.

For those of you currently thinking, “it’s only 8 addresses in China, what’s the big deal?” don’t get comfortable. Once upon a time the Entity List was only a handful of countries long, but it has grown exponentially over recent years. Therefore, you can only expect this address-listing approach to grow as well. Taking a proactive approach setting up your systems and processes now will give you something less to worry about as the list grows.

For those of you currently thinking “we use an automated screening solution that is fully integrated and should be fine,” don’t get comfortable. The odds are that your screening solution isn’t currently set up to screen addresses only. In our experience, they’re set up to screen parties by name only or by party names and addresses combined, where a flag is raised only when the screening match exceeds a designated percentage threshold. To stay ahead of the game, talk to your screening solution vendor to understand how they’re addressing this change, and what you’ll need to do internally to screen addresses individually on a going forward basis. This review may also require some meetings with IT to test the tool’s current screening algorithms, to understand if all of the required information you need to screen is accessible for screening, and to ensure that addresses are screened at every designated screening point from customer and order entry through to pack list/commercial invoice generation. If addresses are not currently accessible, then you’ll also need to meet with the owners of the business systems that maintain the data you need and discuss how to make the data available for screening. Then, determine how your company will conduct the screening until any new systems or logic is integrated.

For those of you currently thinking, “we screen manually, and we can just add addresses to our screening process,” don’t get comfortable. Manual screening processes can be troublesome as well. For example, companies who only screen for restricted parties on a post-transaction basis already face a high risk for compliance violations. Then, if you only screen, say, once a quarter, and if you’ve shipped multiple times to or through a restricted party or address, that will result in multiple violations that could have been prevented with earlier screening. Can you pull in your screening earlier to prevent a violation, rather than having to face a fire drill if something is caught after the fact?

Whether your screening is automated or manual, we leave you with these final considerations:

Do you screen all known parties and addresses on record per transaction, or do you screen your customer only? Review your records to understand whether you have additional parties and addresses in other departments or systems that haven’t previously been captured in screening but should.

Do you screen parties and addresses only once at the beginning of an engagement? What if their address changes? What if they ask you to drop ship on their behalf to a previously undisclosed location? Ensure that your business processes capture screening at each of these points as well, and certainly prior to any export.

Do you screen parties and addresses involved in Return Material Authorizations (RMAs)? Not everyone returning a product to your company was the original ship-to party. Your procedures should include screening to ensure that you aren’t providing services to, or shipping repairs or replacements to, a restricted party.

But wait, there’s more! Once you’ve assessed the implications of this new change, don’t forget to update your procedures and to train all parties responsible for screening so that they’re aware of the changes and can identify anything you may have missed.

For those of you thinking, “screening, what’s screening?” don’t get comfortable. BPE Global can certainly help you review your operational processes and establish a screening program that is right sized for you.

Let BPE Global know if we can help you with any of your trade compliance needs, including any of this months suggested activities. BPE Global is a global trade consulting and training firm. Evelyn Bernal is a Director of BPE Global. You can reach Evelyn by email at ebernal@bpeglobal.com or by phone at 408-718-0265.

View/Download PDF version here