Past compliance with the full range of international trade, export controls, and economic sanctions, and customs laws and regulations should be a critical element of due diligence in mergers and acquisitions. Unfortunately, trade compliance is often overlooked. As in other areas of law, successor liability has been applied repeatedly to hold acquiring companies liable for export and import violations that occurred before the acquisition. Penalties for violations of these laws can exceed $1,000,000 per violation. In addition, remedying past violations can be time consuming and could potentially restrict the company’s future ability to export and contract with the government. As such, any company contemplating a merger or acquisition should ensure they have a framework in place to screen a target company’s export and import activities.

Relevant Government Agencies and Successor Liability

Government agencies responsible for export and import laws include the State Department’s Directorate of Defense Trade Controls (DDTC), the Commerce Department’s Bureau of Industry and Security (BIS), the Treasury Department’s Office of Foreign Assets Control (OFAC), and U.S. Customs and Border Protection (CBP). DDTC is responsible for administering the International Traffic in Arms Regulations (ITAR), which regulate temporary imports and exports of defense articles, defense services, and technical data. BIS administers the Export Administration Regulations (EAR), which control items classified under the Commerce Control List (CCL), primarily including dual-use goods (i.e., items that have both civil and military applications). OFAC is responsible for implementing the various U.S. economic sanctions programs. Finally, CBP regulates and facilitates imports by collecting import duties and enforcing U.S. import regulations.

All of these agencies have acknowledged and applied the principle of successor liability, holding acquiring companies liable for the misconduct of acquisition targets, even where the violative activity occurred before the closing of the merger or acquisition. While successor liability is not necessarily created merely by the sale of a company’s assets or stock, there are many situations where the sale of a company’s assets or stock creates successor liability. These include when:

i) there is an agreement, either explicit or implicit, to assume liability;
ii) the transaction is considered a de facto merger;
iii) the transaction is a mere continuation of the predecessor’s business; and
iv) the transaction was fraudulent and used to escape liability.

A de facto merger occurs when a company sells all of its assets and then dissolves. A mere continuation applies when there is a retention of the same employees, supervisory personnel, production facilities, and location; the same products are produced; the same business name is retained; the same assets and business operations exist; or the new company holds itself out to the public as a continuation of the previous corporation.

Successor liability has long been applied to both import and export violations. With regard to import law, for example, the Court of International Trade (CIT) has found an acquiring company liable for the wrongdoings of the target company it had acquired under the “mere continuation” principle. Successor liability is even more commonly found with respect to export violations. Both BIS and DDTC have found successor liability in relation to export control violations even in the context of sales of assets only.

Elements of Trade Compliance Due Diligence Review

Because courts and government agencies will not hesitate to apply the principle of successor liability to an acquiring company, it is important to do appropriate due diligence before consummating a transaction. While not an exhaustive list, the following items ought to be included on any due diligence questionnaire or checklist:
 

• Review the target company’s current export compliance procedures. These include current product classifications, how products are classified under the CCL and USML, risks based on the end-use and the end-users, and risks arising from export destinations.

• Review the target company’s current import compliance procedures. Make sure the products have proper markings and classifications.

• For both imports and exports, ensure the target company maintains records.

• Determine whether foreign nationals are employed by the target company and identify their nationalities. Make sure the company has deemed export licenses in place if necessary. If these foreign nationals have access to information controlled under the CCL or USML, that transfer would be a deemed export and a license would be required.

• Ensure the target company has policies in place to ensure compliance with applicable OFAC sanctions. These sanctions are generally applied on a country by country basis, so acquiring companies should review product types, countries of destinations, and end-uses and end-users to determine which sanctions programs are applicable.

• Determine whether the target company has any past violations with DDTC, BIS, or OFAC.

• Determine whether the target company requires its employees to be trained on import and export law. This includes online or in-person training sessions, manuals, and management support of the overall compliance program.

• Review the target company’s Foreign Corrupt Practices Act (FCPA) compliance program. The FCPA makes it unlawful to bribe foreign government officials to obtain or retain business. Determine if employees have received FCPA compliance training and whether there have been previous FCPA related investigations.

• When a transaction could result in the control of a U.S. business by a foreign person, parties should consider whether to file a voluntary notice of the transaction with the Committee on Foreign Investment in the United States (CFIUS), or if a mandatory filing with CFIUS is required. CFIUS has the authority to review covered transactions and may block or unwind these transactions.

• Review the target company’s policies related to cloud computing. The transfer of files controlled by the CCL or USML may require a license. Make sure the target company has acquired licenses where necessary and has procedures in place to determine whether a license is necessary.

This type of due diligence will help the acquiring company determine whether the target company has any outstanding export or import violations. Additionally, this information can be used by the acquiring company to determine what needs to be done to strengthen the target’s export and import compliance programs after the merger or acquisition. The issues identified above are an important part of any export or import compliance program even after a merger or acquisition.

In sum, any company considering a merger or acquisition should ensure they conduct thorough due diligence, as any violations committed by the target company can prove costly for the acquiring company.