Today with the increase in online transactions, we have also been witnessing a huge spike in cyber crimes. It is therefore essential to secure online transactions and keep confidential data like the PIN (Personal Identification Number) secure. For these reasons the PCI Security Standards Council, a global forum responsible for online payment security laid down PCI PIN Security Standards to protect PIN data. In the set Standards they have defined a complete set of requirements and testing procedures to be followed for securing the management, processing, and transmission of personal identification number (PIN) data during online and offline payment card transaction processing at ATMs and attended and unattended point-of-sale (POS) terminals. 

To learn more about the Standards and Requirements, you can join us on our live webinar “PCI PIN Security Requirements and Standards”On 9th July. We will have an interactive live Q&A session wherein we can discuss and clear your doubts on PCI PIN. 

Topics Covered

  1. Introduction to PCI PIN
  2. Scope and Applicability to PCI PIN
  3. Basics of Cryptography
  4. PCI PIN Certification Process
  5. QnA

Registration Links

India: 2 PM :- Register Here

London: 3 PM:- Register Here

PST: 11 AM:- Register Here

The post FREE WEBINAR – PCI PIN Security Requirements & Applicability appeared first on Global Compliance News.


This Week in Government Enforcement

Please join us for a new weekly video series, hosted by Baker McKenzie’s Government Enforcement partners Tom Firestone and Jerome Tomas.

This episode features Maurice Bellan, Managing Partner of Baker McKenzie’s Washington D.C. office. Maurice was previously a prosecutor in DOJ’s Civil Rights Division and in this episode, he discusses the legal issues relating to the George Floyd case and police reform in the United States.


Join us as we recap the previous week and cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

Our weekly briefings cover:

      • High-profile DOJ case updates and implications
      • SEC enforcement developments and insider trading
      • CFTC guidance on civil penalties

To view previous videos, click here.


The post United States: This Week in Government Enforcement appeared first on Global Compliance News.


Shelter-in-place or stay-at-home orders have been prevalent throughout the United States since March 2020 as state and local governments have sought to protect their citizens from the spread of the COVID-19 virus. With the spread appearing to slow in parts of the US, several states are now implementing plans to relax these orders and reopen their economies. Keeping up with the evolving nature of these orders and plans is critical to the functioning of all businesses throughout the country.

We are pleased to provide this tracker, which identifies the relevant state-wide shelter-in-place orders and their related expiration dates, as well as the applicable state-wide reopening plans, in each of the 50 United States plus Washington, D.C.

While most states continue to encourage or even require telework or work-from-home where possible, many states continue to gradually reopen sectors of their economies as indicated in the “What’s Open?” table, which we have added to each page to highlight the reopening status of four major sectors (office, manufacturing, retail and bars/restaurants).

Please check back for regular updates.

This week, the tracker reflects these latest developments:

  • The Governors of Connecticut, New Jersey and New York announced a joint travel advisory, directing anyone (including their own residents) traveling to the tristate area from a state that has a new daily positive test rate higher than 10 per 100,000 residents or a state with a 10% or higher positivity rate over a 7-day rolling average, to self-quarantine for a 14-day period from the time of last contact within the identified state. The original list of states that qualified when the order was announced on June 24 were Alabama, Arkansas, Arizona, Florida, North Carolina, South Carolina, Texas and Utah.
  • The Governor of Texas rolled back certain reopening measures, while Illinois and certain regions of New York entered into the next phases of their respective reopening plans.
  • Several states will remain in the current phase of their reopening plans rather than proceed to the next phase as originally planned, including Florida, Idaho, Kansas, Louisiana and North Carolina.
  • Unless extended or amended, the existing shelter-in-place orders are set to expire this week in Georgia, New Mexico and Rhode Island.

Please call or email your regular Baker McKenzie contact if you require additional analysis regarding these matters.

Last updated 26 June 2020


The post United States: US 50 State Shelter-In-Place/Reopening Tracker appeared first on Global Compliance News.


In brief

The Baker McKenzie State and Local Tax (SALT) Subpractice Group presented “Handling a State Tax Controversy”, the twelfth in a series of short webinars to keep members of the SALT community abreast of recent developments in these less than certain times on 10 June 2020.


This webinar walks through strategy considerations and potential pitfalls of a state tax controversy, from audit through litigation, including considerations regarding the future of SALT controversy in a post COVID-19 world.

View the recorded webinar.

Download the materials.

The post United States: Handling a State Tax Controversy appeared first on Global Compliance News.


In brief

The Idaho Supreme Court recently affirmed a District Court’s judgment that the gain from the sale of a 78.54% membership interest in a limited liability company did not constitute ‘business income’ under Idaho Code section 63-3027.  In Noell Indus. Inc. v. Idaho State Tax Comm’n, Docket No. 46941 (Idaho 2020), the court determined that “this type of gain does not meet the definition of ‘business income’ under either the transactional test or functional test (including the unitary business test),” and was therefore not apportionable income.


Noell Industries, Inc. (“Noell Industries”), incorporated in 1993 in Virginia by Mike Noell, was created to develop and sell combat and tactical gear.  Noell Industries manufactured and sold tactical gear until 2003, when it transferred its business assets to a new company, Blackhawk Industries Products Group Unlimited LLC (“Blackhawk”), in exchange for a 78.54% membership interest (the remaining membership interests were held by third parties).  Mike Noell was the President and Chief Executive Officer of Blackhawk.  Blackhawk, a Virginia limited liability company, established a physical presence in Idaho in 2004, and by 2010, held approximately $20 million of real and personal property in Idaho.

Upon selling its majority interest in Blackhawk for a net gain of $120 million in 2010, Noell Industries reported the gain on its Idaho tax return, but did not apportion any of the gain to Idaho, instead allocating the gain entirely to its state of commercial domicile, Virginia (where Noell included the gain as apportionable income and paid taxes thereon).  After conducting an audit, the Idaho Tax Commission concluded that the gain from the sale of the membership interests in Blackhawk was ‘business income’ under Idaho Code section 63-3027 and assessed a tax deficiency of $1.4 million.  The Idaho District Court found in favor of Noell Industries, determining that the gain was not ‘business income’ and, therefore, was not apportionable to the state.  The Idaho Tax Commission appealed.

In affirming the District Court’s determination, the majority rejected the Idaho Tax Commission’s argument that Noell Industries’ gain from the Blackhawk sale constituted business income “because the ‘acquisition and management of Blackhawk LLC constituted a necessary part of its business operations.’”

Idaho Code section 63-3027(a)(1) adopts the Uniform Division of Income for Tax Purposes Act definition of  ‘business income’, which Idaho has interpreted as providing for both a transactional and functional test.  Under the transactional test, ‘business income’ is “income arising from transactions and activity in the regular course of the taxpayer’s trade or business.”  Under the functional test, ‘business income’ is “income from the acquisition, management, or disposition of tangible and intangible property when such acquisition, management, or disposition constitute integral or necessary parts of the taxpayer’s trade or business operations.”  In reviewing the application of both tests de novo, the majority concluded that the District Court did not err in ruling that Noell Industries’ gain from the Blackhawk sale was nonbusiness income.

In applying the transactional test, the court relied on case law from other jurisdictions that use a similar definition of ‘business income’ for the general principle that “the gain arising from a holding company’s sale of a subsidiary can qualify as business income if the holding company regularly engages in the buying and selling of subsidiaries; however, a one-time sale does not qualify.”  See e.g., E.I. DuPont De Nemours & Co. v. Indiana Dep’t of State Revenue, 79 N.E.3d 1016, 1023 (Ind. T.C. 2017), with PPG Indus., Inc. v. Dep’t of Revenue, 765 N.E.2d 34, 45 (Ill. App. 2002).  Here, the court determined that Noell Industries’ primary business was investing and holding interests in subsidiary companies.  The court further concluded that Noell Industries, in holding its investments, did not appear to have regularly engaged in the trade or business of buying and selling subsidiary companies.  Thus, “a one-time sale over a seven-year span does not constitute a ‘regular’ trade or business,” and the gain from the sale of Blackhawk did not satisfy the transactional test.

With respect to the functional test, the court noted that Idaho Income Tax Administrative Rule 333.08 provides two methods for meeting the functional test: (a) by finding that the intangible interest serves an operational function, rather than a passive investment, or (b) by meeting the unitary business test.  Importantly, the court noted that even though these appear to be two independent methods, the U.S. Supreme Court has rejected the notion that the operational function test and unitary business test are separate principles.  MeadWestvaco Corp. ex rel. Mead Corp. v. Illinois Dep’t of Rev., 553 U.S. 16, 29–32 (2008).

In applying the operational function test, the court focused on the fact that Noell Industries was merely a holding company, and therefore, “[t]he sale of its interests in Blackhawk was a passive investment because the sale was not ‘an integral, functional, or operative component to the taxpayer’s trade or business operations.’”

The court noted that by selling Blackhawk, Noell Industries lost its primary source of income in exchange for the financial betterment of $120 million.  Therefore, the sale was not conducted in furtherance of Noell Industries’ trade or business of holding interests; rather, the sale discontinued it. The court also applied the unitary business test and determined that no unitary business existed primarily because Noell Industries was merely a parent holding company with no shared control or operations with Blackhawk.  The court determined that Noell Industries did not share centralized management, oversight, or headquarters with Blackhawk, nor did it share resources or employees, with the exception of utilizing the same accounting and legal firms.  Although Mike Noell acted as Blackhawk’s president and CEO, and served on a six-member management team, the court was persuaded by the fact that he did not manage Blackhawk’s day-to-day operations.  The court noted that “his presence at both companies alone does not suggest the level of oversight that the unitary principle requires for functional integration, centralized management, and economies of scale.”  Importantly, this conclusion regarding management and control further amplifies the conclusions of the U.S. Supreme Court that actual control, as opposed to the potential to control through majority ownership, is the critical inquiry for a unitary business analysis.  Here, Noell Industries held a 78.54% membership interest in Blackhawk (and Mike Noell was the sole owner of Noell Industries), an interest that arguably gave Noell Industries (and Mike Noell) the potential to control Blackhawk; however, because the court found that the actual day-to-day management of the company was not controlled by Noell Industries (or, Mike Noell), it concluded that centralized management did not exist.

Finally, the court handed the taxpayer an additional win by rejecting the Idaho Tax Commission’s argument that the decision would open a tax loophole to companies by “permitting them to dodge taxes through the creation of sham shell entities.”  On the contrary, the majority noted that Noel Industries paid taxes to Virginia (albeit on an apportioned share of the gain) because that was its commercial domicile, and therefore, “[t]here has been no fraud or subterfuge.”

In sum, the court here concluded that despite the fact that the seller owned an almost 80% membership interest in a subsidiary that it originally formed (using its own operating assets), and because the seller’s sole activity was investing, the gain derived from sale of the membership interests was non-business income.  This case is an important win for taxpayers and provides much needed guidance regarding the application of the unitary business principle, including the operational function test, to gains derived from sales made by passive holding companies.

The post United States: Idaho’s Supreme Court means business, handing taxpayers a win on definition of ‘Business Income appeared first on Global Compliance News.


In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

      • High-profile DOJ case updates and implications
      • SEC enforcement developments
      • CFTC enforcement developments
      • Other white collar defense industry developments


26 May 2020

Video Link

9 June 2020

Video Link

17 June 2020

Video Link

22 June 2020

Video Link

The post United States: This Week in Government Enforcement appeared first on Global Compliance News.


In brief

Baker McKenzie attorneys discuss the increased risks under the section 382 loss limitation rules in the COVID-19 environment. This article was previously published in Bloomberg Tax’s Daily Tax Report.


In the current Covid environment, many companies are facing unprecedented net operating losses. The CARES Act generally allows companies to carry back losses incurred in 2018, 2019, and 2020 for five years in an effort to provide liquidity. Unfortunately, many companies will not be able to absorb these losses within this time frame, particularly if the company had NOLs in the years to which the five-year period relate.

Impact of Section 382 Limitations

In general, net operating losses can be carried forward for use in future years, but a company’s ability to use such losses (and certain other tax attributes) is fundamentally altered if it undergoes an ownership change under tax code Section 382. Once there has been an ownership change, Section 382 generally limits the amount of pre-change losses that can be utilized against post-change income on an annual basis. An ownership change occurs when one or more 5% shareholders increase(s) its ownership percentage by more than 50 percentage points over a testing period (generally a rolling 3 year period). A 5% shareholder generally is any person or public group owning 5% or more of the corporation’s stock. To identify 5% shareholders, a corporation must generally look through entities until it reaches a person or public group. These rules can make a change in ownership difficult to prevent, or even determine, if a company’s stock is owned by large funds or corporations.

For example, a change in ownership most clearly occurs when an acquirer takes a 51% ownership interest in a company. However, it can also occur if existing 5% shareholders increase or decrease their ownership to manage their own balance sheet positions (even if their shares are merely redeemed by the company). These examples are all the more likely in the current environment due to market volatility, dramatic swings in individual stock prices, and low interest rates (cheap money).

Regardless of why it occurs, a company’s ability to use its net operating losses to offset future cash taxes can be severely delayed or possibly forgone if an ownership change occurs. This has two important consequences. First, this delayed utilization can dramatically decrease the net present value of these net operating losses—and thus degrade the value of the company. Second, the company could be required to book a valuation allowance against those losses in the period in which the ownership change occurred. A company could have an internal control weakness if this is not done in the appropriate quarter and, if large enough, a financial restatement. While under the regulations a publicly traded company may generally rely on the existence or absence of certain SEC filings to identify 5% shareholders, the determination often remains complex due to the need to trace indirect ownership through multiple tiers of entities and aggregated public groups.

In a normal macro-economic environment, these rules may result in a costly limitation on the use of NOLs and other tax attributes. In the current macro-economic environment, the result is much worse. The annual income limitation calculated under Section 382 is generally a function of the fair market value of the old loss corporation immediately prior to the ownership change multiplied by the applicable long-term tax-exempt rate prescribed by Section 382(f) (calculated monthly by the IRS). Both of these variables are at some of their lowest levels in history due in part to Covid-19 (the May 2020 rate is 1.47%, while the May 2019 rate was 2.20%) and the valuation variable is particularly difficult to argue when the company is publicly traded. This has the effect of lowering the annual income limitation to very low levels, making the above problems more likely. Making matters worse, the Section 382 limitation is actually reduced if the new loss corporation has “substantial non-business assets”—defined as one-third of value of total assets. Cash is considered a substantial non business asset and many companies have stockpiled more of it on their balance sheet due to Covid-19.

NOL Shareholders Right Plans

Public and private companies can try to avoid a Section 382 ownership change by instituting a shareholder monitoring program and implementing an NOL shareholders rights plan or by altering their charter to prohibit large share transfers. An NOL shareholders rights plan can be used to prevent shareholders from accumulating a 4.9% or greater interest in a company’s stock by diluting their interest through the issuance of a large number of additional shares to other shareholders at a substantial discount to their future market price. Alternatively, a company can amend its charter to prohibit any 4.9% or greater transfer of shares that would be taken into account for purposes of Section 382.

These types of actions tend to subject the board to scrutiny from investors and proxy advisory firms, although legitimate NOL shareholders rights plans often attract less controversy than rights plans intended primarily as a takeover deterrent. While an NOL shareholders rights plan can generally be adopted by the board without seeking approval from shareholders, a charter amendment will require shareholder approval—potentially difficult to obtain if shareholders are unsatisfied with the company’s financial performance. Nonetheless, if a company has large net operating losses or tax credits on its books, it is important that the board consider these actions to prevent an avoidable reduction in the company’s value and potential internal control violations due to Covid-19.

The post United States: An Ounce of Prevention – Plans to Protect Loss Deduction in COVID-19 Environment appeared first on Global Compliance News.


In brief

Following a recent announcement of the European Commission’s proposal for a three-month deferral of reporting deadlines under the new DAC6 mandatory disclosure regime in the EU and UK, the Committee of the Permanent Representatives of the Governments of the Member States to the European Union (COREPER) has now reached an agreement on a revised proposal which could possibly defer the reporting deadline for six months. On the basis that the draft Directive, once approved, may be adopted at the discretion of each member state, it is imperative that businesses do not delay in preparing to meet their existing compliance obligations should reporting dates not be deferred (or not be deferred in all Member States where they operate).


Background to DAC6

The EU mandatory disclosure regime known as DAC6 goes live on 1 July 2020 and reporting obligations were set to begin within 30 days from that date.

Under the wide-ranging DAC6 regime, intermediaries (such as tax advisors but in some cases extending to non-tax personnel) will have to report cross-border transactions going back to 25 June 2018 to EU tax authorities. The reporting obligation reverts to the taxpayer where there is no intermediary involved or legal professional privilege prevents the intermediary from reporting.

Arrangements are in scope if they involve either two EU member states or one EU member state and a third state and the transaction contains certain “hallmarks” that suggest potentially aggressive tax planning. Some of these hallmarks apply even where obtaining a tax advantage is not the main benefit, or one of the main benefits, of the transaction. This means that many commercially-driven transactions could fall within the regime and need to be reported. Failure to report could result in significant penalties, which vary considerably among member states and which, in limited cases, include criminal liability.

Option for six month delay to reporting

The proposal for a deferral of time limits was a response to the severe disruption caused by the COVID-19 pandemic. The three-month deferral was not deemed adequate by some EU member states and agreement has now been reached on a six-month deferral. However the draft Directive makes it clear that the deferral will be optional for member states.

The DAC6 mandatory disclosure regime will still apply from 1 July 2020 and, if member states exercise this option, the following amendments will apply:

  •  the deadline for filing information in respect of reportable cross-border arrangements implemented in the period between 25 June 2018 to 30 June 2020 (originally 31 August 2020) will be postponed to 28 February 2021 (a six-month delay);
  • The deadline for the first automatic exchange of information on reportable cross-border arrangements between member states will also be deferred from 31 October 2020 to 30 April 2021;
  • Where a reporting obligation arises between 1 July 2020 and 31 December 2020 the period of 30 days for reporting begins on 1 January 2021 and will thus end (for all reportable matters arising in that period of six months) on 30 January 2021 (which thus becomes the new filing deadline for that entire period of six months). The reporting obligation for that period might be triggered by (a) the implementation of the first step of a reportable cross-border arrangement, (b) the fact that an arrangement becomes ready for implementation, (c) the fact that an arrangement is made available for implementation or (d) the fact that an intermediary provides aid, assistance or advice in relation to a reportable arrangement, all within that period of six months; and

In the case of marketable arrangements, the first periodic report will have to be made by the intermediary by 30 April 2021 at the latest.

The draft Directive also allows for a further three-month extension of the time limits if “severe hindrances, economic disturbance and risks for public health caused by the COVID-19 pandemic continue to exist and Member States implement lockdown measures”.

So far, Belgium, Luxembourg and Sweden have made announcements that they expect to adopt the deferral in full should the draft Directive be agreed. The authorities in the UK have stated that they intend to wait until “the proposals are finalised” before confirming how this will apply to the UK’s rules.

The deferral must be unanimously approved by the Economic and Financial Affairs Council (ECOFIN). A European Parliament (EP) opinion is also required and is expected by 30 June 2020. Furthermore, the opinion of the European Economic and Social Committee is expected by 14 June 2020.

On the basis that the draft Directive, once approved, may be adopted at the discretion of each member state, it is imperative that businesses do not delay in preparing to meet their existing compliance obligations should reporting dates not be deferred (or not be deferred in all Member States where they operate).

The post EU: Possible six-month deferral to DAC6 reporting appeared first on Global Compliance News.


Latest release of the HITRUST CSF furthers benefits towards One Framework, One Assessment, Globally™

FRISCO, Texas – June 22, 2020 – HITRUST, a leading data protection standards development and certification organization, today announced the availability of version 9.4 of the HITRUST CSF information risk and compliance management framework, further delivering on its mission of One Framework, One Assessment, Globally.

HITRUST CSF version 9.4 now incorporates and harmonizes the largest number of authoritative sources of any security and privacy framework, most recently adding the CMMC framework and two communityspecific standards, as well as updating existing sources for continued relevancy.

As security and privacy requirements change in response to new and updated global laws and regulations, or breaches and other cyber events, HITRUST is committed to maintaining and expanding the relevancy and applicability of the HITRUST CSF to meet the continually evolving regulatory and risk-management landscape and associated control requirements. HITRUST CSF v9.4 related updates include:

  • Integrating the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) v1.0,
  • Updating the NIST SP 800-171 r2 mappings to ensure continued alignment,
  • Piloting the inclusion of communityspecific authoritative sources to further extend the Assess Once, Report Many™ benefits of the HITRUST Approach™, and
  • Enabling HITRUST MyCSF® platform functionality which provides DoD CMMC customers the ability to select CMMC Maturity Level specific CSF requirements in support of compliance pursuits.

“HITRUST recognizes the complexity of managing information risk and compliance—no matter what industry you are in,” said Sarah Phillips, Senior Manager of Standards for HITRUST. “We are committed to helping organizations address these challenges through maintaining the relevance of the HITRUST CSF by adding and updating authoritative sources, providing the depth and breadth of controls needed, while eliminating redundancies and the need for organizations to interpret and harmonize a multitude of global frameworks, standards, and regulations.”

HITRUST understands the challenges of assembling and maintaining the many and varied programs needed to manage information risk and compliance. The HITRUST CSF is a key component of the HITRUST Approach, which provides organizations an integrated information risk management and compliance solution that ensures all programs are aligned, maintained, and comprehensive to support an organization’s information risk management and compliance objectives.

In developing a framework that can meet the needs of organizations locally, nationally, and globally, HITRUST recognizes that various organizations may have requirements imposed as a result of being part of a smaller community—such as a subset of an industry group, a State Agency, or by a cooperative sharing agreement. In many cases these may not be new security or privacy controls, but more specific implementation requirements. HITRUST has established a mechanism in the HITRUST CSF, that is enabled through MyCSF for these requirements to be incorporated, harmonized, and selected for inclusion during the assessment process and then included in the HITRUST CSF Assessment Report. The intent is to reduce any additional assessments by enabling organizations to Assess Once, Report Many™. HITRUST CSF v9.4 includes two such community standards and we are evaluating the inclusion of others based on market demand.

“The HITRUST CSF maps to CMMC requirements and we have developed a white paper to help organizations understand and instill confidence in the HITRUST Approach,” explained Dr. Bryan Cline, Chief Research Officer, HITRUST. “Organizations utilizing HITRUST to operationalize CMMC as part of their existing information protection program can quickly assess CMMC Practice and Process maturity with accuracy and precision.”

To download the HITRUST CSF go to:

To watch a brief overview video on the HITRUST CSF new features go to:

To learn more about how HITRUST helps organizations demonstrate compliance with the DoD’s CMMC program go to:

The post HITRUST Releases Version 9.4 of the HITRUST CSF Incorporating the DoD CMMC, and Approach to Community Standards appeared first on HITRUST.


In brief

On 19 May 2020, the US Commerce Department’s Bureau of Industry and Security (BIS) published an interim final rule effective on 15 May 2020 amending the Export Administration Regulations’ (EAR) General Prohibition Three (the foreign-produced direct product rule) and Entity List to impose new controls on the reexport, export from abroad, and transfer (in-country) of certain foreign-produced semiconductor-related items when such items are the direct product of certain designated US technology or software and are destined to Huawei Technologies Co. Ltd. and 114 of its non-US affiliates designated on the BIS Entity List (collectively, Huawei). BIS is seeking comments on the interim final rule, which must be submitted on or before 14 July 2020.


In depth

Concurrently, effective 15 May 2020, BIS issued a final rule extending through 13 August  2020 the validity of the Temporary General License (TGL) authorizing certain transactions involving the export, reexport, and transfer of items subject to the EAR to Huawei. BIS noted in the final rule that it is in the process of reviewing submissions received in response to its request for comments on future extensions of the TGL, which may be submitted until 22 April 2020. Please see our prior blog posts on the initial designation of Huawei and sixty-eight of its non-US affiliates to the Entity List on 16 May 2019 here; on the issuance of the original TGL on 20 May 2019 here; on the designation of forty-six additional non-US affiliates of Huawei to the Entity List and on the TGL updates issued on 19 August 2019 here; on BIS’s publication of Huawei-related FAQs on 9 September 2019 here; on BIS’s previous extensions of the TGL here and here; and on BIS’s request for comments on future extensions here and here.

The Expanded Foreign-Produced Direct Product Rule in General Prohibition Three

The final rule expands General Prohibition Three’s existing controls on foreign-produced items that are the direct products of certain designated US technology or software by adding a new control in § 736.2(b)(3)(vi). This new control prohibits the reexport, export from abroad, or transfer (in-country) of (1) certain foreign-produced items controlled under the new footnote 1 to the Entity List (2) when there is “knowledge” (as defined in the EAR) that the foreign produced item is destined for an entity on the Entity List with a footnote 1 designation. Currently, the footnote 1 designation has been added to the Entity List entries for Huawei and its listed affiliates only.

The new footnote 1 to the Entity List imposes a licensing requirement for the reexport, export from abroad, or transfer (in-country) by any person of foreign-produced items destined for a footnote 1 Entity List party when the foreign-produced item is either:

  1. The direct product of designated “technology” or “software” (as defined in the EAR) subject to the EAR, i.e., the foreign-produced item is both:
    • produced or developed by an entity with a footnote 1 designation on the Entity list, and
    • a direct product of designated “technology” or “software” that is “subject to the EAR” (note that such a direct product can include designated technology that is itself newly subject to the EAR through the new control, such as a design developed by an entity with a footnote 1 designation from designated technology or software that is subject to the EAR); or
  2. The direct product of a plant or major component of a plant, i.e., the foreign-produced item is both:
    • produced by a plant or major component of a plant that is itself a direct product of designated U.S.-origin “technology” or “software”, and
    • a direct product of “technology” or “software” produced or developed by an entity with a footnote 1 designation on the Entity list, regardless of whether such “technology” or “software” is itself subject to the EAR.

The interim rule clarifies that a “major component of a plant located outside the United States” means “equipment that is essential to the ‘production’ of an item to meet the specifications of any design produced or developed by the designated entities, including testing equipment.”

Designated “technology” and “software” is the “technology” or “software” specified in Export Control Classification Numbers (“ECCN”) 3E001, 3E002, 3E003, 4E001, 5E001, 3D001, 4D001, or 5D001; “technology” specified in ECCN 3E991, 4E992, 4E993, or 5E991; or “software” specified in ECCN 3D991, 4D993, 4D994, or 5D991. In other words, this targeted expansion of the rule applies not only to “technology” or “software” controlled for National Security (NS) reasons, but also to “technology” or “software” controlled under the designated Anti-Terrorism (AT) ECCNs.

The new control captures, for example, a foreign-produced integrated circuit that is produced by a third party pursuant to designs developed by Huawei using designated technology or software, such as Electronic Design Automation software, subject to the EAR. One important effect of the new control may be its application to items produced by foreign companies outside the United States using equipment subject to the EAR pursuant to designs developed by Huawei. For example, as noted by BIS in the Federal Register Notice, integrated circuits produced in a foundry outside the United States through the use of equipment, which is subject to the EAR and essential to the production of the integrated circuit, will be subject to the new control if the design of the integrated circuit is produced or developed from Huawei “technology” or “software.” In that scenario, there is no additional requirement that the Huawei-developed technology or software must be subject to the EAR.  As such, the new control will likely have a significant impact on US semiconductor equipment manufacturers as well as their foreign semiconductor manufacturer customers.

Savings Clause

The interim final rule provides that foreign-produced items, which are the direct products of designated “technology” or “software” subject to the EAR (i.e., items falling within the scope of the first category of covered items above), that were in transit on May 15, 2020 pursuant to actual orders for exports from abroad, reexports, or transfers (in-country) to a foreign destination or to the consignee/end-user, may proceed to that destination under the previous license exception eligibility or without a license.

In addition, the interim final rule provides that foreign-produced items in production prior to May 15, 2020, which are the direct products of a plant or major component of a plant (i.e., items falling within the scope of the second category of covered items above), are not subject to the new control and may proceed as not being subject to the EAR, if applicable, or under the previous license exception eligibility or without a license, so long as they are exported from abroad, reexported, or transferred (in-country) by midnight on September 14, 2020. BIS described this savings clause as a measure intended to prevent adverse economic impacts on foreign foundries utilizing US semiconductor manufacturing equipment that may have initiated production for items based on Huawei design specifications as of May 15, 2020.

The Response from China

The Ministry of Commerce of the People’s Republic of China (“MOFCOM”) raised objection to the new BIS rule targeted at Huawei in a media interview on May 17, 2020. Huawei also made an announcement on the next day and mentioned that it expected to work with customers and suppliers to reduce the adverse impact brought by this “discriminatory” rule. Some Chinese news media commented that the Chinese government was ready to put US companies on an “unreliable entities list,” as part of countermeasures in response to the new limits on Huawei. Having said that, at this moment, whether and how the Chinese government would take countermeasures remains unclear and uncertain. Since MOFCOM announced the introduction of an “unreliable entity list” regime on May 31, 2019, little progress has been made in terms of the implementing rules such as the list itself and relevant restrictive measures. Understandably, the issuance of the “unreliable entities list” may have substantial implications on not only multinational companies but also Chinese companies, and could be very controversial in the international community. Having said that, it is possible that the Chinese government may tighten up enforcement actions against US-headquartered multinational companies in response to the new control on other grounds, e.g., violation of antitrust law, cybersecurity law and national security law, etc.

Authors acknowledge the assistance of Vivian Wu in the preparation of this blog post.

The post USA: Government extends Huawei temporary general license to 13 August 2020 and revises the EAR’s foreign-produced direct product rule to target Huawei’s acquisition of semiconductors appeared first on Global Compliance News.