Check a name against active restricted-party lists
Screen any company or person against BIS, OFAC, and 6 other jurisdictions instantly.
The Basic Idea
Export control is the set of laws and regulations that govern the movement of goods, software, technology, and technical knowledge across borders — and, critically, across nationalities. Most people picture export control as customs paperwork for physical shipments. In practice it covers far more: cloud access granted to a foreign national, a technical drawing emailed to an overseas contractor, or a demo given to a visiting engineer can all be regulated "exports" even though nothing physically crossed a border.
Governments maintain export control regimes to prevent sensitive technology — weapons-relevant, dual-use, or strategically significant — from reaching destinations, organisations, or end-uses that would threaten national security, foreign policy, or non-proliferation objectives.
Why Export Control Exists
Modern export control traces back to Cold War-era efforts to prevent Western technology from strengthening Soviet military capability. The framework has since expanded well beyond its original scope — today it addresses semiconductor manufacturing equipment, encryption software, biotechnology, aerospace components, and the proliferation of weapons of mass destruction technology.
The policy logic is straightforward: a government cannot directly stop a foreign adversary from developing sensitive capability, but it can control whether its own companies' technology contributes to that development. Export control is the mechanism for exercising that control at the point of transfer.
The Major Regimes You Need to Know
- EAR (Export Administration Regulations) — US, Commerce Department: Covers "dual-use" items — goods with both civilian and military applications, which is the large majority of controlled technology, including most semiconductors. Administered by the Bureau of Industry and Security (BIS).
- ITAR (International Traffic in Arms Regulations) — US, State Department: Covers defense articles and services on the US Munitions List. Stricter than the EAR, with no low-value exemptions and mandatory registration for manufacturers.
- EU Dual-Use Regulation (2021/821): The EU's equivalent of the EAR, applied uniformly across 27 member states, with national licensing authorities implementing a shared control list. See our EU dual-use controls guide for detail.
- UK Strategic Export Control: Administered by the Export Control Joint Unit (ECJU), based on the UK's own Strategic Export Control Lists post-Brexit, aligned closely with but independent from the EU regime.
- Japan METI / FEFTA controls: Japan's Ministry of Economy, Trade and Industry regulates exports under the Foreign Exchange and Foreign Trade Act, with particular significance for semiconductor manufacturing equipment.
These regimes overlap constantly. A single semiconductor shipment from an EU manufacturer using US-origin design tools can trigger EAR jurisdiction (via the Foreign Direct Product Rule), EU dual-use licensing, and — if the destination is sanctioned — OFAC restrictions, all at once.
Export Control vs. Sanctions — A Common Confusion
Export control and sanctions are frequently conflated but are legally distinct. Export control regulates specific items and technologies against specific destinations or end-users (the EAR, ITAR, EU dual-use regime). Sanctions are typically broader prohibitions on transacting with an entire country, government, sector, or list of designated individuals — in the US, administered by the Treasury's Office of Foreign Assets Control (OFAC), entirely separate from BIS and the EAR.
A transaction can implicate both simultaneously: a semiconductor sale might require an EAR export licence because of the item's classification, and separately be prohibited outright because the buyer is an OFAC-designated entity. Compliance programmes that screen for one but not the other have a structural gap.
Who Actually Has to Comply
Export control applies more broadly than most companies initially assume:
- Hardware exporters — the obvious case, but jurisdiction usually follows the origin of the technology, not the shipper's location.
- Software and cloud companies — granting access to software, source code, or cloud compute to a foreign national can constitute a controlled "export" even with no physical shipment.
- Employers of foreign nationals — "deemed exports": disclosing controlled technical data to a foreign national employee or visitor, even inside your own facility, is regulated based on that person's nationality.
- Universities and research institutions — collaborative research involving controlled technology and foreign national researchers is squarely in scope.
- Service providers and distributors — reselling or servicing controlled items on behalf of a manufacturer carries independent compliance obligations.
What Non-Compliance Costs
Penalties scale with the severity and intent of the violation. Under the EAR, civil penalties can reach $300,000 per violation or twice the transaction value, whichever is greater. Willful violations carry criminal exposure, including imprisonment. Beyond formal penalties, a violation can mean loss of export privileges — an existential outcome for a company whose business depends on cross-border trade — plus reputational damage with customers, suppliers, and investors.
Where to Go Deeper
Export control is broad enough that most compliance teams specialise by regime or region. Start with the area most relevant to your business:
- US Export Control: The Complete Guide — EAR, ITAR, the Entity List, and FDPR in depth.
- China Export Controls — what's restricted, why, and how the rules have escalated since 2018.
- UK Export Control Guide — the ECJU, UK Strategic Export Control Lists, and post-Brexit divergence from the EU.
- Export Control Law — the legal and regulatory architecture underpinning all of the above.
- Export control governs cross-border movement of goods, software, technology, and technical knowledge — not just physical shipments. Software access and disclosures to foreign nationals count too.
- Major regimes include the US EAR and ITAR, the EU dual-use regulation, UK strategic export controls, and Japan's METI/FEFTA rules — and they frequently overlap on a single transaction.
- Export control and sanctions are legally distinct but often apply together. A robust compliance programme screens against both simultaneously.
- Jurisdiction typically follows the origin of the technology, not the location of the company shipping it — which is why export control catches companies that don't think of themselves as exporters.
- Penalties are severe and asymmetric: civil fines up to $300,000 per violation under the EAR, criminal exposure for willful violations, and loss of export privileges.