One lesson of the BAES plea is that the greatest legal and regulatory risk challenges facing the aerospace and defense industry are ITAR and FCPA compliance. US regulators have interpreted the ITAR to impose new compliance obligations on non-US companies and are bringing ITAR enforcement actions against non-US companies with increasing frequency. Further, as evidenced by the recent action against BAES the US Department of Justice (DOJ) alleging both ITAR and FCPA-related violations, US and non-US enforcement agencies are increasingly coordinating their investigations and pursuing companies based outside of the United States.

ITAR Compliance. The State Department’s Directorate of Defense Trade Controls (DDTC) has significantly stepped up ITAR enforcement against non-US companies. DDTC’s extra-territorial application of the ITAR requires non-US companies to obtain DDTC approval for re-exports and re-transfers abroad of US-origin defense articles, and extends to “ITAR contamination” of non-US products incorporating US-origin defense article components, requiring non-US companies to obtain DDTC approvals for the export of their products from one country to another country. The reach of DDTC’s assertion of ITAR contamination jurisdiction is broad because DDTC does not recognize any de minimis standard for the US munitions content, asserting jurisdiction regardless of the comparative value of the US-origin defense article and the non-US-made product into which the US-origin defense article is incorporated.

Extraterritorial ITAR compliance obligations also are “pushed down” to non-US companies who are parties to DDTC-approved warehousing and distribution agreements, manufacturing and license agreements, and technical assistance agreements with US companies. ITAR obligations imposed under technical assistance agreements (TAAs) not only restrict the ability of non-US parties to the agreement to reexport or re-transfer technical data or defense services provided to them by the US party to the agreement, but also will dictate the nationalities of the non-US companies’ employees who may have access to such data and services. Even companies based outside the United States who are not parties to TAAs may find themselves subject to ITAR controls to the extent they become sub-licensees under these agreements. Typically, sub-licensees are customers of non-US parties to the agreement who serve as prime contractors to foreign governments in defense programs. Sub-licensees must be pre-approved by DDTC and are required to enter into a nondisclosure agreement with their vendors who serve as licensees under the TAA.

FCPA Compliance. 2009 witnessed an explosion of FCPA enforcement actions, with a record 40 cases brought by the DOJ and the US Securities and Exchange Commission (SEC). Presently, there are more than 140 FCPA matters pending investigation at DOJ. The jump in enforcement actions has been matched by increased monetary penalties with DOJ collecting almost US$1.5 billion in fines and penalties over the past two years. In addition to monetary penalties collected by the DOJ, publicly traded companies have recently announced the setting aside of reserves in anticipation of settling FCPA enforcement actions. These reserves, collectively, total more than US$1 billion. Another FCPA trend is the increased prosecution of individuals under FCPA, with 17 prosecutions and four individuals taken to trial and convicted in 2009, and 60 percent of all 2008 FCPA prosecutions being against individuals. More than 91 percent of the individuals prosecuted in the past 10 years either pleaded guilty or were convicted at trial. Industry-based targeting by the DOJ and SEC also continues to be a trend with the defense industry announced target for 2010.

Recent Enforcement Actions. ITAR and FCPA enforcement actions against non-US companies and individuals have been at the forefront of actions in 2010. The trend toward more vigorous FCPA enforcement, including prosecutions of individuals, was highlighted on January 19, 2010 when a sting operation resulted in the arrest of 21 executives and employees of military and law enforcement products manufacturers, including several foreign nationals, attending a trade show in Las Vegas. The DOJ announced that these arrests were part of “the largest single investigation and prosecution against individuals in the history of the DOJ’s enforcement of the FCPA.” The DOJ investigation in this case was also noteworthy for its use of investigative techniques that are typically applied in narcotics and organized crime cases.

In the first ITAR penalty action taken in 2010, DDTC announced on February 3 that it had entered into a consent agreement with a non-US company, Germany-based Interturbine Aviation Logistics Gmbh, and its Grand Prairie, Texas branch office, Interturbine Aviation Logistics GmbH, LLC, to resolve violations of the AECA and the ITAR, under which Interturbine agreed to pay a civil penalty of US$1 million.

As discussed above, on March 1, 2010, BAES, Europe’s largest defense company, agreed to plead guilty to a charge of making false statements to the US government and will pay the DOJ a US$400 million fine. BAES also agreed to plead guilty to false accounting after another investigation by the Serious Fraud Office (SFO) in the UK, for which it will pay the SFO £30 million. The plea agreements stemmed from DOJ charges related to false representations made by BAES concerning payments to government officials in violation of the FCPA. In addition to the FCPA violations, BAES was charged with violating the ITAR for not disclosing these payments in applications submitted to DDTC to export US-sourced technology.

Growing Coordination of US and Non-US Investigations and Enforcement. During the same time the arrests were made by FBI agents in the Las Vegas sting operation in January, UK’s City of London police were executing seven search warrants in connection with their own investigations into the companies involved, demonstrating the trend toward international coordination of investigation and enforcement agencies. Similarly, the BAES enforcement action noted above, which stemmed from parallel investigations by the DOJ and the British SFO, reflects the growing coordination of investigations and enforcement around the world.

In this regard, the DOJ is providing evidence, technical and forensic training, and FCPA-trained lawyers to assist non-US prosecutors with local bribery prosecutions. The International Organization of Securities Commissions has had a multilateral memorandum of understanding in place since 2003, which promotes sharing and exchanging investigative data, including bank and brokerage records, with securities regulators around the world. According to SEC Chairman Mary Schapiro, the SEC is “working vigorously across borders to detect and punish such illicit conduct.” Most recently, on February 2, 2010 the United States signed a new Mutual Legal Assistance and Extradition Treaty Agreement with the EU which provides for investigative and enforcement assistance requests to be made by fax and email, thus significantly shortening the time frame within which the DOJ can secure information abroad. The agreement also provides that financial accounts and transactions are discoverable, and that bank secrecy is no defense to production. Furthermore, the agreement allows for the creation of joint investigative teams to operate in both the US and EU-member countries.