Turn COMPLAIN into COMPLIANCE:  Building an Export Controls Compliance Program That Works

Turn COMPLAIN into COMPLIANCE: Building an Export Controls Compliance Program That Works


I type fast.  Am I always accurate in my fast typing?  Well…no.  The backspace is my friend.  Recently, as I was, once again, typing “trade complaince,” it dawned on me that COMPLAIN and COMPLIANCE are linked in more ways beyond my inadvertent typos.  Why is a culture of compliance seemingly more easy to achieve at some companies versus others? Are there basic principles to consider, regardless of the specific regulatory area?

Government regulations don’t always “make sense” to the people that need to follow them.  Thus, following the rules and regulations aren’t always easy.  And if people across an organization don’t follow the rules…well, that’s where potential risks turn into actual compliance gaps and eventually to violations.  Sensible internal “rules” (think: policies, processes, and procedures) that are established with business growth in-mind are the essence of an effective compliance program.

There are three key points that form the basis of an effective compliance program.  These apply to the U.S. export control regulations, as much as any other set of federal or state regulations.  Given the broad impact that the Export Administration Regulations (EAR,) International Traffic in Arms Regulations (ITAR,) and Office of Foreign Assets Control (OFAC) Regulations can have across industries and across roles within a company, encompassing these points into one’s approach can mean the difference between a compliance program that has been truly integrated into an organization’s culture and operations versus a compliance program that primarily exists on paper.

1. Engage Your Stakeholders

Once you have a clear understanding of who your stakeholders are, it’s critical to engage them in a positive manner.  That means explaining the rules and regulations with a friendly customer-service attitude.  And teaching your stakeholders how to follow the rules in the context of their day-to-day responsibilities.  The good news is that most people want to do the right thing. So entice your stakeholders with easy solutions rather than mandate ways of working.  Make it easy for them to learn what they need to know by bringing innovative training or other educational tools to their usual forums, in-person or online, versus requiring a separate training session.  Make it easy for them to weave compliance checkpoints into their day-to-day tasks.  Stakeholders will be more likely to help drive compliance versus propagate complaints.

2. Eliminate the Waste

A core idea behind Lean Six Sigma or Lean Management is “waste.” In simple terms, waste is essentially dead-time in a process.  For a compliance process, one source is time delays due to excessive approvals.  Are you able to identify the “waste” in your compliance processes?  Mapping out the processes step-by-step often sheds light on where waste exists.  Consider the turn-around time for each step.  Which steps cause your stakeholders the most heartache (heartache equals complaints)?  Are there back-up approvers for critical steps?  Are there ways to streamline workflows by consolidating steps or improving communication between step owners?


Entice your stakeholders with easy solutions rather than mandate ways of working.


3. Don’t Reinvent the Wheel

A company-wide compliance policy is the foundation of any processes or procedures.  A written policy sponsored by senior level management shows employees, faculty, and staff that compliance really matters.  HOW a policy is established and rolled out is the next question.  Consider if a brand new compliance policy is really the most effective way to show the leadership support.  Is it possible to embed the compliance requirements into existing policies?  Similarly, is it possible to add a step or two to existing operational processes or procedures?  Effective compliance often does require an organization to maintain records and track certain data (such as ECCNs).  Can a new field be created in an existing database versus creating a new database?  Can existing IT systems be utilized versus bringing on a new application?  Anytime you can leverage existing processes or systems, stakeholders across an organization will be more likely to adopt the new details and do their part to drive compliance without complaining.

In fact, if you factor in all three points, then you might even turn peoples’ complaints into compliments about how efficient and effective the internal compliance measures are at your organization.  Compliance.  Done Right.

Leave a Comment