Consumer Electronics Daily was a Warren News publication.

US Highlights ‘Legal Obligations’ for Companies to Prevent Iranian UAV Procurement

A new joint document issued by several Cabinet agencies last week provides guidance on Iran’s drone procurement activities and highlights due diligence policies, compliance structures and internal controls companies should be using to prevent illegal exports. The departments of the Treasury, Commerce, Justice and State said it’s “critical that private industry be aware of its legal obligations vis-à-vis entities and items involved in such procurement efforts,” adding that violators could be subject to fines, criminal penalties and suspensions of export privileges.

The 11-page guidance -- issued a little more than two months after a Commerce official said the agency was increasing its focus on stopping U.S. parts and components from being used in Iranian unmanned aerial vehicles (see 2303220037) -- highlights a range of “key items” Iran is looking to source. Those include various electronics, such as transceiver modules, processors, memories, amplifiers and other electronic integrated circuits; guidance, navigation and control equipment, such as accelerometers, gyroscopes and inertial measurement units; and aircraft components, such as aircraft spark-ignition and compression-ignition internal combustion piston engines.

Exporters, manufacturers and distributors of these items “should be aware of the importance of carrying out customer due diligence” and should “track to whom they are selling and/or shipping their items,” the guidance said. Manufacturers that supply items associated with UAVs should establish “multiple methods to track such items due to the observed prevalence of methods used to obscure the sources of components found in Iranian UAVs,” the agencies said, “such as the lasering off of serial numbers and other identifying information.”

The guidance stressed that companies should have in place “effective and comprehensive compliance programs that detect” red flags, including transactions involving shell companies to “obscure” ownership, a customer’s reluctance to share information about the end use of a product or to complete an end-user form, a customer that declines “customary installation, training or maintenance” of the item, or customers that cyber-spoof an email or web address “to give the appearance that an illegitimate inquiry is coming from a legitimate business.”

Companies should also look out for internet protocol addresses that don’t correspond to a customer’s reported location data, transactions involving entities with little or no web presence, use of personal email addresses, last-minute changes to shipping instructions, payments coming from a third-party country or business not listed on the end-user statement, customers using residential addresses and transactions using freight-forwarding firms or other mail forwarding addresses as the product’s ultimate customer address, the guidance said.