There has never been a time in recent memory where export controls and sanctions have played such a role in the geopolitical landscape. The day’s leading stories will often have an international trade angle, and the Russian invasion of Ukraine is no exception. Whether it is a Western-origin technology or commodity found on the battlefield, a release of customs documents indicating sanctions-busting imports to Russia, or the arrest of a diverter by Export Enforcement, it all seems to be a compliance officer’s worst nightmare. American companies with a good compliance plan are not immune from bad actors: even the government can be fooled by a well-constructed front company. So, what should you do if your gear ends up somewhere it shouldn’t be?

First, let’s discuss the hard part: finding out. The active way is to regularly review your transactions for the tell-tale red flags of a diversion and compare your current sales and exports to those pre-sanctions. The passive way is to open a web browser and see your corporate logo on a piece of Russian drone wreckage or get a call from an intrepid reporter or a government agent asking about a particular commodity or technology. It is a reactive scenario, as it usually means someone else has put the pieces of the puzzle together before you even realized there was a picture in that jigsaw. We all strive to be the former, but even the best programs can miss a sign, so we should all prepare for the latter as well.

Your strategy should start before you have any indication of a problem. Review the transactions your firm had before the sanctions and compare them to the orders of clients who started buying after the February 2022 invasion. Look for similar orders and, if your product is customizable, similar patterns in fit, form, or function to those now subject to sanctions. Review requests for quote for similarities: sometimes, the only change is the ship-to address.

If you realize you have some suspiciously similar transactions, don’t panic. Review the payment type and routing for clues as to who paid and how. Check company registration data online: a company established after the invasion should be scrutinized. Check end-use and end-user data thoroughly where available. And most importantly, do not be afraid to ask questions. Legitimate transactions can look strange, but you’ll never get a good answer if you don’t ask a question. Verify the answers using all available data: your company files, accessible government records, and other open sources of information.

If you confirm that your goods are somewhere they should not be, or you’re still unsure, it may be best to stop transactions and consider voluntary self-disclosure. Gather the facts, and proceed as you would with any other potential violation. Ascertaining the ultimate end-user can be challenging, but sending goods that might be headed to an unauthorized end-use or end-user is risky. We can help you put the pieces together and map out a strategy to help keep your goods from ending up where they shouldn’t be.