ITAR (International Traffic in Arms Regulations) is a United States set of regulations that controls the exportation of defense and military technology and data. If you are a manufacturer that deals with U.S. defense related items, either within in the U.S. or outside of it, you need to follow ITAR.
ITAR specifically controls the export and import of defense articles and services on the United States Munitions List (USML). This includes the products on the USML, defense services, and the technical data used to build/support the products. Examples of the technical data include, software, part-drawings, and photos.
The aim of ITAR is to protect U.S. national security by preventing sensitive military and defense information from falling into the wrong hands. Unless otherwise authorized, only U.S. citizens and U.S. Green Card holders can access items on the USML.
ITAR requirements for manufacturers
If manufacturers gain a customer or project that involves defense articles, services, or technical data listed on the USML then they will need to ensure that they are complying with ITAR. Additionally, if you’re working with subcontractors, vendors, or other companies in your supply chain during the transaction or handling of ITAR-controlled items, you will need to verify that they are also complying with the regulations.
How can I ensure my business is complying with ITAR regulations?
The ITAR is intentionally vague in order to give the U.S. government more flexibility over how it controls military and defense technology. However, at a minimum, if your business is subject to ITAR, you need to:
Register with the U.S. State Department’s Directorate of Defense Trade Controls (DDTC). This is a requirement for all businesses that are subject to ITAR, and is generally a prerequisite for obtaining any further export licenses or approvals.
Understand how ITAR applies to your USML goods, services, or data, and make sure you are meeting ITAR requirements.
The U.S. Department of State leaves it up to manufacturers to develop, implement and maintain their own policies to ensure they meet the requires of the ITAR. There is no specific ITAR certification to obtain, only your responsibility of registering with the DDTC and being compliant.
For organizations with a global reach, extra security needs to be in place to ensure that non-U.S. citizens do not have access to any information on ITAR related data or projects.
For manufacturers, it may require a lot of effort to put these data security and access measures in place, but if you work with ITAR-controlled products, either directly with the U.S. military or as part of a supply chain for contractors, then this is absolutely essential so that you don’t miss out on a significant amount of business.
Steps to follow
Here are the steps you can take to ensure compliance with ITAR:
1. Determine whether ITAR applies to your business
2. Register with the DDTC
3. Implement an ITAR compliance program across your organization
4. Comply with reporting and recordkeeping requirements
5. Obtain the necessary export/import licenses, manufacturing agreement approvals, and authorization for defense services
6. Ensure other organizations in your supply chain are ITAR compliant
7. Understand whether any exemptions apply to your organization
8. Report any ITAR violations that occur
What are the penalties for failing to comply with ITAR?
Penalties for violating ITAR requirements include:
- Civil or criminal fines of up to $1,000,000 per violation
- 20 years imprisonment per violation for criminal charges
- Debarment from participating in ITAR-controlled transactions
Recently, Airbus were fined $3.9 Billion, for among other issues, violating ITAR.
Becoming ITAR registered and compliant can create new opportunities for small manufacturers and open the door to new customers who want to produce ITAR-controlled parts.
Get your free ITAR checklist
Find out more about how you can become ITAR compliant by downloading our ITAR Requirements ChecklistDownload now