With new and evolving export controls due to the invasion of Ukraine, manufacturers, distributors, and exporters should be alert to potentially illicit export schemes and attempts to divert U.S.-origin goods and technologies to unauthorized end-users. Compliance personnel must be vigilant in their reviews and provide client-facing staff and order-preparation workers the ability to identify suspicious shipments. Here are some best practices to adopt:

"Red Flags" Reminders. The classic "Red Flags" guidance is an excellent place for the front-line worker to start. Simply providing a good, old-fashioned printout of the BIS Red Flags can refresh the memory of prior export-control training. Posting a copy in a place visible to employees while on break or in high-traffic areas of the building or warehouse can also serve as a reminder. And since many of our workplaces are still virtual, consider sending a brief email containing the most relevant red flags to key employees who would have visibility into export operations.

Due Diligence on New and Traditional Clients. A review of new and established clients should include a risk assessment of exposure to potential transshipment or diversion concerns. A distributor with a history of sales to government agencies in Russia or Belarus would require a hard look, but don't assume that a lack of apparent connections is enough to go on. Most Russian diversion schemes utilized cut-out companies to obscure the ultimate end-user, often in countries with a land-border crossing to Russia.

Corporate records will often indicate the business owners' nationality and should be reviewed for sanctions risk. Establishing a business abroad is not in and of itself an issue. Still, many diversion schemes rely on members of the diaspora: for cultural familiarity, language skills, and in some cases, past experience in government or intelligence services.

Doing a "deep dive" on the principal or key officers, including any publicly available information or social media presence, can help identify past connections to the military, law enforcement, or intelligence units. Use this information to develop a picture of the person and the organization: identify the risks and seek mitigation. When in doubt, ask yourself if the deal is worth your reputation.

Understand How Clients Are Using Your Products. Know the capabilities and past use of your goods or technology in military or intelligence end-uses. Have the engineers or technical specialists review the stated end-use to see if it makes sense. Why pay for a rad-hard chip when a simple commercial version would do?

Ask Questions. Always ask questions about the businesses you are working with; legitimate companies will often bore you to tears with detailed pitches about how they are unique in the field and do amazing things. On the other hand, front companies often lack a good backstory and cannot answer even basic questions about their purported business. An example from the files of an actual BIS investigation is instructive. A company that claimed to be in the business of manufacturing traffic signals was in reality just an exporter of electronics to Russian military end-users.

In retrospect, a compliance professional with a few questions and perhaps a site visit would have quickly identified the company as fraudulent. In that same case, the suspects gave instructions to ensure that any information provided to the U.S. manufacturers or distributors did not include military end-uses. Specifically, they advised that the end-use be listed as, for example, a "fishing vessel" and not a "fishing and anti-submarine vessel."

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.