Office of
Sponsored Programs

University Compliance Program

Stevens Institute of Technology conducts research to advance knowledge, enhance student learning experiences, and build its reputation in the scientific and technical communities while fostering productive experiences for our sponsoring partners.  While SIT endorses the principles of freedom of inquiry and open exchange of knowledge, the university is committed to compliance with export control regulations.

The export of certain technologies, software and hardware is regulated and controlled by Federal law for reasons of national security, foreign policy, competitive trade reasons and to prevent the spread of weapons of mass destruction.   SIT and all its employees are required to comply with the laws and implementing regulations issued by the Department of State through its International Traffic in Arms Regulations ("ITAR"), the Department of Commerce through its Export Administration Regulations ("EAR") and the Department of the Treasury through its Office of Foreign Asset Controls ("OFAC").

World events dictate the increased need for security and vigilance over the technology controlled on the Department of State's United States Munitions List ("USML") and the Department Commerce's Commerce Control List ("CCL").  Accordingly, the importance and scrutiny for compliance with the regulations has increased and research contracts and agreements received by universities from sponsors, both Federal and non-federal, which contain export control provisions have increased significantly.  Export control regulations apply regardless of the source of funding, both external and internal.

Although most research conducted on U.S. college and university campuses is excluded from these regulations under the Fundamental Research Exclusion, university research involving specified technologies controlled under the EAR and/or ITAR, or transactions and exchanges with designated countries, inpiduals and entities may require SIT to obtain prior approval from the appropriate agency before allowing foreign nationals to participate in controlled research, collaborating with a foreign company and/or sharing research - verbally or in writing - with persons who are not U.S. citizens or permanent residents.  Export control regulations affect not only research conducted on campus, but also travel and shipping items outside the U.S.  Simply traveling to certain sanctioned countries could require a license from OFAC.  OFAC sanctions prohibit transactions and the exchange of goods and services in certain countries and with designated persons and entities.  SIT is committed to export control compliance, and the export control compliance function within the Office of Sponsored Research is staffed to advise and assist faculty in conducting activities related to research and sponsored projects.  More information regarding these and other regulations that impact university activities can be found at the Department of Commerce/BIS website; the Department of State/ITAR website; and the Department of the Treasury/OFAC website.  

 

Introduction

The objective of this EMCP is to ensure that our university's exports, deemed exports, re-exports, transfers, and activities are transacted consistent with all applicable federal requirements.  Various departments have a role in the management of our export transactions and compliance with U.S. export laws and regulations.  It is the university's expectation that each employee understands the standards described and the importance of creating a synergistic system to manage the overall export responsibilities.  A vital part of an EMCP is the establishment of mechanisms within the university's daily operational procedures to provide safeguards for maintaining controlled technology.  Such mechanisms help ensure that the right questions are being asked in order to preclude making shipments that are contrary to U.S. export controls, and therefore inconsistent with the university's and country's best interests.

A soundly implemented EMCP, coupled with good judgment, can greatly reduce the risk of inadvertently exporting to a restricted end-user, or for a prohibited end-use or activity.

To ensure the integrity of this system, inpidual feedback and suggestions for strengthening the procedures are encouraged.  For questions and to send feedback and suggestions related to the EMCP procedures, please contact: Barbara DeHaven, Executive Director/Empowered Official, OSR, bdehaven@stevens.edu, 201.216.8762.

 

General Discussion

GENERAL DISCUSSION

The U.S. export control system generally requires export licensing for dual-use defense items, i.e., items that have both commercial and military applications, and for exports to sanctioned persons and destinations.  U.S. national security, economic interests and foreign policy shape the U.S. export control regime.  The export laws and regulations aim at achieving various objectives, such as preventing the proliferation of weapons of mass destruction, advancing the U.S. economic interests at home and abroad, aiding regional stability, implementing anti-terrorism and crime controls, and protecting human rights.

These controls generally restrict the export of products and services based on the type of product and the destination of the export.  In both the defense and high-technology sectors, the U.S. Government tightly regulates the export not only of equipment and components, but also of technology.  Technology includes technical data, such as blueprints and manuals, as well as design services (including the transfer of “knowledge”) and training.  U.S. laws assert jurisdiction over U.S.-origin equipment and technology even after it is exported (i.e., restricting the re-export or re-transfer to third parties).  In addition to general export licensing, the United States maintains economic embargoes against a number of countries whose governments consistently violate human rights or act in support of global terrorism.  Such embargoes bar most transactions by U.S. persons with these countries.

Three principal agencies regulate exports from the United States: the U.S. Department of State Directorate of Defense Trade Controls (“DDTC”) administers export control of defence exports; the U.S. Department of Commerce Bureau of Industry and Security (“BIS”) administers export control of so-called "dual-use" technology exports; and the U.S. Department of the Treasury Office of Foreign Assets Control (“OFAC”) administers exports to embargoed countries and designated entities.

 

General Aspects of the University's Compliance Program

Where possible, the organizational structure of the university has centralized the key export functions and coordinated export activities with other departments that may become involved in export-related issues, i.e., legal counsel, shipping, university contracts, and sponsored research. Each export control task discussed in Section III (A) has a specific person assigned to perform the task and a specific person who is responsible for assuring that it is performed. Personnel assigned export control functions have been given authority commensurate with their responsibilities. Formal lines of communication between key personnel and other with export-related functions have been established. Underscoring its commitment to promote aggressive management of controlled technology by all Stevens' employees, university administration will hire, train, and motivate quality export compliance personnel. Compliance personnel must have a working knowledge of export control laws and regulations and be able to competently ensure the university's compliance through the effective management of its export management and compliance program. Export control personnel will have authority commensurate with their responsibilities, including authority to stop export transactions when warranted; and training, expertise and authority sufficient to safeguard the university against long-range legal implications that it risks through an ineffective export management and compliance program. Compliance personnel must not only possess the ability to discern the right thing to do but will be supported by university management and the university community.

  1. MANAGEMENT OF THE EMCP There are inpiduals and functions that are central to a successful EMCP. At SIT those are:
      1. EMPOWERED OFFICIAL (EO) - assigned responsibilities 
        The Executive Director of the Office of Sponsored Research is the Empowered Official for Stevens Institute of Technology. In this capacity, the EO has authority to represent the university before the export control regulators in matters related to registration, licensing, commodity jurisdiction requests, or voluntary disclosures. While certain oversight functions may be delegated, only the EO has the power to sign such paperwork and bind the university in any proceeding be DDTC, BIS, OFAC, or any other government agency with export control responsibilities. The EO will oversee management of the university's ECMP and all related aspects including communication to the Provost, the Director of Risk Management, and General Counsel when necessary.
         
      2. EMPOWERED OFFICIAL - responsibility monitoring
        The Director of Risk Management shall monitor activities and performance of the Empowered Official by means of a quarterly meeting and reporting in order to identify and assess potential areas in need of strengthening and improvement.
      1. UNIVERSITY EXPORT CONTROLS OFFICER - assigned responsibilities 
        The UECO has authority and the responsibility for implementation and enforcement of the procedures set forth in the EMCP. 

        The UECO works closely with the EO: OSR and the OSR in performing his/her duties. The UECO:
        1. makes the determination as to whether a project involves controlled technology, if a TCP is needed or if a license is required
        2. establishes a monitoring and visitation timeline in order to visit and audit key campus functional areas and PIs as to their respective oversight activities. The UECO will document discussion content as well as recommended improvements and follow-up on progress at the next visit. Any serious breaches in protocol or deviations from the ECMP that are detected during the visit will be reported immediately to the EO:OSR/ED for implementation of a mitigation strategy
        3. Identifies areas at SIT relative to research and other activities that are impacted by export control regulations;
        4. Develops control procedures to ensure the university remains in compliance;
        5. Recommends procedures to the senior SIT administration to strengthen SIT compliance;
        6. Educates inventors, principal investigators, center directors, and academic unit heads about export control regulations and procedures followed at SIT;
        7. Educates other units within SIT such as Finance, Purchasing, Travel, International programs, Human Resources, and Academic Entrepreneurship about export control regulations and procedures followed at SIT;
        8. Monitors and interprets legislation;
        9. Works with other on campus to facilitate understanding and compliance with export controls;
        10. Assists investigators, researchers and offices within SIT when research or research results are export controlled;
        11. Seeks assistance from EO and SIT legal counsel when uncertain about classification and in filing license applications;
        12. Develops a Technology Control Plan ("TCP") for each export-controlled project consistent with these procedures to aid the principal investigator ("PI") in meeting his/her export control responsibilities;
        13. Conduct training for the university community and coordinate the maintenance of an export controls website, or the export controls section of the OSR website; and,
        14. Liaison with EOs or UECOs of other universities who may be involved in multi-institutional research projects
           
      2. University Export Control Officer - responsibility monitoring 
        The UECO reports to the EO: OSR/ED who shall monitor activities and performance by means of a monthly meeting and a quarterly report of activities in order to identify and assess potential areas in need of strengthening and improvement.
      1. OFFICE OF SPONSORED RESEARCH - assigned responsibilities 
        The OSR provides assistance and expertise with export controls by working closely with the UECO and EO: OSR/ED in identifying export control issues and providing support for their solution. The OSR:
        1. Provides assistance to PIs in reviewing the terms of a sponsorship agreement or grant to identify restrictions on publication and dissemination of the research results, and to negotiate such restrictions out of the agreement;
        2. Completes Export Control Checklists (including pre-and postaward) for every project and sends them to the UECO for review if export controls issues are indicted or likely;
        3. Is responsible for maintaining a centralized database of all documentation relating to a research project or education activity; and
        4. Coordinates with the PIs and the UECO to ensure that foreign nationals will be isolated from participation in an export-controlled project in accordance with the TCP, unless the university applies for and obtains a license from the appropriate federal agency
           
      2. OFFICE OF SPONSORED RESEARCH - responsibility monitoring 
        OSR reports to the EO:OSR/ED who shall monitor activities and performance by means of a monthly meeting that includes the Preaward and Postaward managers and the UECO and a quarterly report of inter-related activities in order to identify and assess potential areas in need of strengthening and improvement.
      1. KEY UNIVERSITY MANAGERS - assigned responsibilities 
        Academic deans, directors, and department heads share the responsibility of overseeing export control compliance in their respective schools, departments, centers, or institutes and supporting the UECO in implementing procedures as deemed necessary by the UECO for export control compliance. 

        Additionally, directors of other offices or units on campus including, but not limited to: Finance, Risk and Safety Oversight Task Force, Human Resources, International Programs, Academic Entrepreneurship, Travel and SERC share the responsibility of overseeing export control compliance in their units and supporting the UECO in implementing procedures as deemed necessary by the UECO for export control compliance.
         
      2. KEY UNIVERSITY MANAGERS - responsibility monitoring 
        The UECO shall establish a monitoring and visitation timeline in order to visit and audit key campus functional areas as to their respective oversight activities. The UECO will document discussion content as well as recommended improvements and follow-up on progress at the next visit. 
      1. PRINCIPAL INVESTIGATOR -- assigned responsibilities
        PIs have expert knowledge of the type of information and technology involved in a research project or other university activity, such as presenting at conferences, and discussing research findings in class with fellow researchers or collaborators. PIs must ensure that they do not disclose controlled information or transfer controlled articles or services to a foreign national without prior authorization as required. To meet his/her obligations, each PI:
        1. Must understand his/her obligations under export controls, and participate in regular trainings to help her/her identify export control issues;
        2. Must assist the UECO to classify the technology involved in the research or other university activity;
        3. Identify foreign nationals that may be involved and, if export control is likely, initiate the process of clearing foreign national participation well in advance to ensure that a license is obtained in a timely manner, or implement proper measures to isolate foreign nationals from participation;
        4. Must if undertaking an export controlled project, brief the students and other researchers involved in the project of their obligations under export controls; and
        5. Cooperate with the UECO in developing the TCP for which the PI has the responsibility to follow and implement. The TCP is located at Appendix C
           
      2. PRINCIPAL INVESTIGATOR - responsibility monitoring
        The UECO shall establish a monitoring and visitation timeline in order to visit and audit inpidual PIs as to their respective oversight activities, including maintenance of any developed TCPs. The UECO will document discussion content as well as recommend improvement and follow-up on progress at the next scheduled meeting. Any serious breaches in protocol or deviations from the ECMP that are detected during the visit will be reported immediately to the EO: OSR/ED for implementation of a mitigation strategy. 
         
  2. MAINTAINING AND DISTRIBUTING THE EMCP DESCRIPTION AND MANUAL 
    An official electronic copy of the EMCP Program and Manual will be maintained in the Office of Sponsored Research by the Executive Director/Empowered Official. The UECO has primary responsibility to ensure that the EMCP Program and Manual is updated and distributed annually every July. Also, the EMCP Program and Manual may be found posted on the OSR website. Updates made prior to July will be distributed and posted as necessary. 
     
  3. COMPLIANCE TRAINING 
    Training is one of the critical elements of the university?s export management and compliance program. Because export control regulations change and technologies and their end-users are continually evolving, it is essential for the university to include a training component the Export Management and Compliance Program. The greatest risk of non-compliance of export laws and regulations occurs during casual conversations in person, on the telephone, or via email. Informed users minimize the likelihood that inadvertent violations of export laws and regulations will occur. Ambiguities can lead to confusion which could contribute to an export violation. 

    An important component of the EMCP is the effective communication of policy and procedures to all employees. Anyone involved in export-related functions, including top management, faculty, staff, contractors, consultants, and even student workers should fully understand export compliance responsibilities as they might relate to their responsibilities. SIT will provide these employees with sufficient training in order to ensure they possess a working knowledge of current export control regulations as well as the specific requirements of the company's EMCP. By ensuring that function-specific elements are considered while developing the EMCP, SIT will develop and maintain a Program that is clearly understood by all employees. That understanding will include the awareness of the importance of their roles as it relates to the university and to the nation. The UECO will prepare updated training materials and will ensure that employees or students engaged in an export controlled project receive the appropriate briefing. 

    The UECO will also maintain records of training or briefings provided. General export control information and presentations will be available for the university community online at the following link: http://www.stevens.edu/osr/export/index.html 

    Academic deans, directors, or department heads will assist the UECO in implementing the export control training sessions or briefings relative to their respective schools, departments, centers, or institutes. In addition, the directors of other offices or units on campus including, but not limited to : Finance, Risk and Safety Oversight Task Force, Human Resources, International Programs, Academic Entrepreneurship, Travel and Systems Engineering Research Center (SERC) will assist the UECO in implementing the export control training sessions or briefings relative to their units. 
     
  4. EXPORT CONTROL ANALYSIS Export control analysis for sponsored research begins when a PI submits a proposal, receives an award, or changes the scope of an existing project.
    • INITIAL REVIEW
      OSR performs the initial review by completing the Export Control Checklists in Appendices A and B. OSR will look for the following items as 'red flags' that might indicate possible export control issues:
      • References to U.S. export regulations (beyond a mere statement to comply with the law);
      • Restrictions on publication or dissemination of the research results;
      • Pre-publication approval from the sponsor;
      • Proprietary or trade secret claims on project results;
      • Involvement of foreign sponsors or collaborators;
      • Travel, shipping, or work performed outside the U.S.;
      • Military applications of the project results; or
      • Funding from the Department of Defense, the Department of Energy, the Army, the Air Force, the Office of Naval Research, NASA, the National Reconnaissance Office, or other U.S. defense related agencies
    • FINAL REVIEW 
      If the initial review indicates a possible export controls issue, the project will be referred to the UECO for final review. Upon completing the final review, the UECO will advise the PI concerning the export controls which might apply to the project, the restrictions on access by foreign persons, and any other relevant requirements pursuant to ITAR and EAR. 
       
  5. TECHNOLOGY CONTROL PLAN (TCP)

    •  DEVELOPMENT
      If the UECO determines a project is export controlled, the UECO will work with the PI to develop and implement a TCP to secure the controlled technology from access by unlicensed non-U.S. citizens. A sample TCP is included as part of this Program in Appendix C. The UECO will work with the PI to develop the TCP as needed.

    • TRAINING AND CERTIFICATION
      Before any inpidual may observe or access the controlled technology, he/she must be briefed on the procedures authorized under the TCP, certify his or her agreement to comply with all security measures outlined in the TCP and have his/her certification authorized the UECO or the EO. Appendix D contains a template for the briefing and certification. If an award is received, regardless of the project?s nature, each PI will receive a PI Memo describing export controls. An example of the PI Memo is included as Appendix E.

  6. THE LICENSE PROCESS AND PROCEDURES 
    All licenses for the export of controlled technology as described in the ITAR and EAR and as controlled by OFAC, will be the responsibility of the Empowered Official. The EO will advise the Provost of each circumstance that is determined to require a license. 

    The EO has authority to represent the university before the export control regulators in matters related to registration, licensing, commodity jurisdiction requests, negotiations, or voluntary disclosures. While certain oversight functions may be delegated, only the EO has the power to sign such paperwork and bind the university in any proceeding be DDTC, BIS, OFAC, or any other government agency with export control responsibilities.
     
  7. LICENSE EXCEPTION/EXEMPTION RELATED TO TRAVEL OUTSIDE THE U.S. 
    Any travel or transmission to destinations outside the U.S. may trigger export control regulations. A license may be required depending on which items are taken, which countries are visited, or whether defense services are provided to a foreign person. However, an exception of exemption from license requirement may exist. 

    A Licence Exception may be available for EAR controlled items, technology, or software if the inpidual travelling outside the U.S. can certify that he/she meets the criteria of the available exception. An example of the Checklist for qualification is included in Appendix F. 

    A License Exemption may be available to ITAR controlled technical data transmitted outside the U.S. if the inpidual transmitting/sending the technical data can certify that he/she meets the criteria of the available exemption. An Example of the Checklist for qualification is included in Appendix G. 

    Other exceptions and exemptions may be available. Anyone intending to travel or transmit controlled data outside the U.S. should first consult with the UECO. All exceptions or exemptions must be documented with the OSP and the record maintained for at least five years after the termination of the project or the travel return date. Certification forms are located on the OSR website at Appendix H.
     
  8. FOREIGN NATIONALS 
    The presence of a large graduate student and postdoctoral fellow community of foreign nationals poses significant challenges for the institution as it regards compliance with export control regulations. While the university desires to provide the best educational and research experience for all faculty, students and other research-related employees; this must be balanced against the responsibility levied by the government as it pertains to protecting and managing the export of controlled technology. 

    The UECO will be apprised by OSR of any circumstances where the potential exists for an export control issue. As previously described in Section III (A) (2) of this Program, the UECO will review the Checklists generated by the OSR Specialists in order to determine if a project is, or will be, restricted in such a way that the presence of foreign nationals is prohibited. If such a circumstance is indicated, the UECO will initiated a dialogue with the PI, or Project Manager, in order to ensure understanding that the project may not include any foreign nationals, to ensure a TCP is developed, and to ensure that all research personnel understand the issues of compartmentalizing the restricted research from other department/project activities. 

    All communication, dialogue and exchanges with project personnel will be documented and maintained in the relevant project files. This documentation will be maintained for five years.
     
  9. MAINTENANCE OF RECORDS 
    SIT's policy is to maintain export-related records on both a project and an inpidual basis, depending on the circumstances. If there is a specific and discreet project to which the export activity can be related, then all export documentation relevant to that project will be maintained in the project file. However, it will be the case that some export-related documentation, such as analysis of whether the burden has been met to qualify for the FRE and the exemption certification for carrying laptops abroad, will be specific to inpiduals. Unless specified otherwise, all records shall be retained no less than five years after the project?s TCP or license termination date, whichever is later. 

    If ITAR-controlled technical data is exported under an exemption, certain records of the transaction must be kept even beyond the standard five year period. Those records must include:Information which meets the criteria of being in the public domain, being educational information, or resulting from Fundamental Research is not subject to export controls under the ITAR as qualifies for an exception; however, it is SIT's policy that all documentation for these analyses be maintained for five years after the analysis has been done. In the event of any audit, this demonstrates that an assessment was done to determine the designation of exemption or exception. 

    BIS has specific record-keeping requirements. Generally, records required to be kept by EAR must be kept for a period of five years from the project's termination date. However, if BIS or any other government agency makes a requires for such records following a voluntary self-disclosure, the records must be maintained until the agency concerned provides written authorization concerning the records' release.
    • A description of the unclassified technical data;
    • The name of the recipient/end-user;
    • The date/time of export;
    • The method of transmission (e.g., email, fax, telephone, FedEx); and
    • The exemption under which the export qualified

    Responsibility for records:

    • Office of Sponsored Research
      • EAR One-time and Annual Certifications for travelling abroad with a laptop
      • EAR Temporary Export of Beta-Test Software
      • EAR Temporary exhibitions, demonstrations, replacement parts and broadcast material
      • EAR baggage
      • Fundamental Research
      • Decision Matrix
      • Checklist for consideration of information in the public domain
      • OSR Routing Form
      • License Applications
      • License Approvals
      • Documentation of any investigations or correspondence with a government agency
      • Proposal memo
      • PI memo
      • UECO recordkeeping includes:
        • Project Technology Control Plans
        • Log of all random-sample reviews of existing TCPs
        • Confirmation and record of all training presentations
        • All documentation generated by the UECO in pursuit of that inpidual?s designated duties
        • Documentation of all conversations and meetings with PIs and other research-related personnel regarding export control responsibilities
    • PI
      • "Shipment of U.S. Origin Items to Foreign Recipient"
      • Copies of shipping labels
      • TCPs
    • SIT Internal Auditing
      • Documentation of any investigations of alleged violations
    • SIT Legal Counsel
      • Documentation of any legal action, including but not limited to, filings, notices, settlements
         
  10. MONITORING AND AUDITING In order to maintain SIT?s export compliance program in good order and to ensure consistent adherence to U.S. export laws, the UECO may conduct internal reviews of TCPs at any time and as needed. In any event, the UECO will conduct a 10% random-sample review of current, unexpired TCPs each fiscal year. This is in addition to the monitoring and visitation timelines already discussed in Section III (A)(2)(i) The purpose of the review is:
    • Identify possible violations; and
    • Identify deficiencies in training, procedures, etc., that can be corrected
       
  11. DETECTING AND REPORTING VIOLATIONS
    It will be the policy of SIT to voluntarily self-disclose violations as required and identified. All federal agencies have dramatically increased the investigation in and successful prosecution of export regulation violations. The penalties for these violations can be very severe, including personal liability, monetary fines, and imprisonment. However, government agencies assign great weight to voluntary self-disclosures as a mitigating factor. 

    Any inpidual who suspects a violation has occurred must immediately notify the Empowered Official in the OSR, and only the Empowered Official. The EO will notify the Provost and send an initial notification about the suspected violation to the appropriate government agency. The initial notification advisement will contain:
    • Precise description of the nature and extent of the violations;
    • Exact circumstances surrounding the violations(s);
    • Complete identities and addresses of all inpiduals and organizations, involved in the questioned activities;
    • Export license numbers, if applicable;
    • USML or CCL identifications
    • Description of any corrective actions already undertaken; and
    • Name and address of the person(s) making the disclosure and a point of contact

    The Provost will authorize a member of the SIT Internal Audit function to conduct an internal review of the suspected violation by gathering information about the circumstances, personnel, items, and communications involved. Once the review is complete, the circumstances will be reviewed with the EO and the Provost and the EO will provide the government agency with a supplementary letter that contains a narrative account of the institution's findings. 

    Once the agency has been notified, about either the initial advisement or the results of the subsequent discoveries, the EO will follow the government agency?s instructions.
     
  12. CORRECTIVE AND DISCIPLINARY ACTIONS 
    Recognizing the seriousness of non-compliance with export controls, SIT will address non-compliance in accordance with the SIT Faculty Handbook at section entitled "Dismissal, Suspension, or Other Sanctions." Further, all SIT employees responsible for export control compliance or participating in export-controlled projects must be aware of the substantial criminal and civil penalties imposed for violation of the export regulations including personal liability, monetary fines and imprisonment.
     
  13. EMPLOYEE PROTECTION 
    In accordance with University Policy entitled "Conscientious Employee Disclosure Policy," no inpidual shall be punished solely because he or she reported what was reasonably believed to be an act of wrongdoing or export control violation. However, a SIT employee will be subject to disciplinary action if the employee knowingly fabricated, knowingly distorted, or knowingly exaggerated the report.