On 17 August 2020 the Department of Commerce, Bureau of Industry and Security (BIS) issued a final rule:
- adding additional Huawei non-US affiliates to the Entity List;
- confirming the expiration of the temporary general licence (TGL); and
- amending the so-called 'Foreign Direct Product Rule' (FDPR).
BIS also issued another final rule clarifying that prohibitions on Entity List entities apply regardless of the role that the entities play in a transaction.
Addition of entities to Entity List
BIS's final rule added 38 additional non-US affiliates of Huawei to the Entity List because, as with the other 115 Huawei entities on the Entity List, they pose "a significant risk of involvement in activities contrary to the national security or foreign policy interests of the United States". The additional 38 entities are in 21 countries. Entities located in China's Hong Kong Special Administration Region are listed under the Entity List heading for China, consistent with other recent export control changes relating to Hong Kong.
As with most other entity listings, the export restrictions are high: a licence is required for the export, re-export or transfer (in country) of any item subject to the Export Administration Regulations (EAR), including EAR99 items, and there is a presumption of denial for licence applications. The newly listed entities are also subject to the new Foreign Direct Product Rule discussed below.
A narrow carve out exists for the release of EAR99 technology or technology controlled for anti-terrorism reasons only when released to members of a standards organisation for the purpose of contributing to the revision or development of a standard.
As clarified in the second final rule issued on 17 August 2020, BIS considers the Entity List restrictions to apply regardless of the Huawei entity's role in an export transaction. As such, exports, re-exports and transfers (in country) are prohibited without a licence if a Huawei entity is the purchaser, intermediate or ultimate consignee or end user.
The Final Rule allowed the TGL that was in place for Huawei and its non-US affiliates to expire. The TGL was initially put into place days after Huawei's original designation on the Entity List in May 2019 and originally permitted limited transactions with Huawei to support:
- continued operations of networks and equipment;
- existing handsets;
- cybersecurity research and vulnerability disclosure; and
- engagements as necessary for the development of 5G standards by a duly recognised standards body.
Over the past year, the TGL was extended and narrowed but is now no longer available.
In place of the TGL is "a more limited permanent authorization that will further protect US national security and foreign policy interests", relating only to cybersecurity research and vulnerability disclosure. In March 2020 BIS asked the public for comments regarding the TGL's expiration and this limited authorisation is the result. To effect this change, BIS amended the licence requirements for designated Huawei entities in the Entity List itself, inserting a footnote that is based on the TGL permitting the export, re-export or transfer (in country) of items subject to the EAR if the disclosure to the designated Huawei entities is limited to:
information regarding security vulnerabilities in items owned, possessed, or controlled by Huawei or any of its non-US affiliates when related to the process of providing ongoing security research critical to maintaining the integrity and reliability of existing and currently 'fully operational network' and equipment.
Two of the original authorisations from the TGL are no longer available (continued operation of existing networks and equipment and support to existing handsets) an the authorisation relating to standards organisation has been formalised in an interim final rule from BIS.
Effective 15 May 2020, BIS changed General Prohibition Three, also known as the FDPR, to further limit technology releases to designated Huawei entities, primarily targeted at the semiconductor industry (for further details please see "Government hurls another export control grenade at Huawei"). Specifically, the 15 May rule made subject to the EAR products designed or produced by a designated Huawei entity, or products of Huawei software or technology if the products were also the direct product of technology or software that was subject to the EAR and fell into a subset of export control classification numbers (ECCNs) (or were the direct product of a plant or a major component of a plant that was the direct product of US-origin 'technology' or 'software' that falls into a list of specific ECCNs). The ultimate impact of that rule was to require exporters (as well as non-US re-exporters) to be able to identify any Huawei-designed or produced products or technology that they were supplying to Huawei.
This Final Rule substantially expands the scope of what the FDPR captures for Huawei and other Entity List entities with a Footnote 1 restriction. The revised FDPR removes the requirement that the foreign product in question be either developed or produced by a designated Huawei entity or the direct product of Huawei software or technology. Instead, to be captured under the new FDPR, the party exporting, re-exporting or transferring the foreign product need only have knowledge that either:
- the foreign-produced item will be incorporated into, or will be used in the production or development of any part, component or equipment produced, purchased or ordered by any Huawei entity on the Entity List in the licence requirement column of this supplement; or
- a Huawei entity on the Entity List is a party to any transaction involving the foreign-produced item (eg, as a purchaser, intermediate consignee, ultimate consignee or end user).
In other words, the FDPR has gone from covering only products that are developed or produced by Huawei or the direct product of Huawei's software or technology – essentially Huawei-designed or developed products – to capturing all commercial off-the-shelf (COTS) products that:
- happen to be going into something that will eventually be ordered or purchased by Huawei, regardless of whether Huawei takes delivery of the item; or
- are part of a transaction to which Huawei is otherwise a party.
The FDPR items must still be the direct product of US-origin technology or software that falls into the enumerated ECCNs or the direct product of a plant where a major component of the plant is the direct product of one of the enumerated ECCNs. Thus, they still need to be either:
- the direct product of 'technology' or 'software' subject to the EAR and specified in ECCN 3D001, 3D991, 3E001, 3E002, 3E003, 3E991, 4D001, 4D993, 4D994, 4E001, 4E992, 4E993, 5D001, 5D991, 5E001 or 5E991 of the Commerce Control List (CCL); or
- produced by any plant or major component of a plant that is located outside the United States, when the plant or major component of a plant (whether made in the United States or a foreign country) itself is a direct product of US-origin 'technology' or 'software' subject to the EAR that is specified in ECCN 3D001, 3D991, 3E001, 3E002, 3E003, 3E991, 4D001, 4D993, 4D994, 4E001, 4E992, 4E993, 5D001, 5D991, 5E001 or 5E991 of the CCL.
However, critically, the FDPR items no longer need be designed or produced by Huawei. So, COTS products that are the direct product of US-origin software or technology that fall under the above ECCNs, or the direct product of a plant where a major component of the plant is the direct product of one of the above ECCNs, now need a licence for export, re-export or transfer if the company engaging in the transaction has a reason to know that Huawei will order or purchase a downstream product containing those items or is otherwise a party to the transaction.
Unlike most licence applications relating to designated Huawei entities, BIS will consider licences on a case-by-case basis if the sophistication and capabilities of the technology fall below the 5G level.
Parts of rule go into effect immediately
The Final Rule includes two savings clauses:
- one for the added entities and removal of the TGL for the FDPR change relating to the foreign direct product of the technology and software ECCNs; and
- one for the FDPR change relating to the foreign direct product of plants and major components of plants.
For new entities, TGL removal, and the FDPR relating to the foreign direct product of the technology and software ECCNs, the rule is effective nearly immediately. Exports or re-exports that were already en route on the date on which the final rule was filed for public inspection, which is understood to be 17 August 2020, may proceed.
For the foreign direct product of plants and major components of plants, shipments of foreign-produced items that are the direct product of plants or major components of plants that had started production on 17 August 2020 can proceed, provided that they are exported from abroad, re-exported or transferred (in country) before midnight (local time) on 14 September 2020.
As the Huawei and telecoms drama continues to unfold, it is clear that the government is now on a fast track to revise its export control and related laws to respond to perceived national security threats posed by China, as well as Huawei and its affiliates in particular. Exporters – particularly in the semiconductor industry, but also downstream industries – are advised to continue to maintain a robust export compliance programme and be prepared to make changes on little to no notice.
Ultimately, BIS and the government keep sending the same message: if a party is legally selling to Huawei, the government will revise its regulations to ensure that such party is no longer legally selling to Huawei.
Aman Kakar, associate, contributed to the preparation of this article.
