2021 was another exciting year in the world of Israeli export controls and sanctions. As always, this field of technology and regulation continued to be informed by shifts in global politics and the state of international affairs.
Here is a review of some of the major developments from this past year and what we might expect to see in the year ahead.
The Ministry of Finance continued to identify Iran, Syria, Lebanon, and Iraq as enemy states under Israeli sanctions legislation – meaning, they are subject to comprehensive sanctions. However, for a number of years now, this regulator has issued annual (or bi-annual) general permits for trading with Iraq. These permits effectively have exempted Iraq from “enemy” status and, therefore, comprehensive sanctions. The current general permit is set to expire on December 31 of this year but is expected to be renewed.
With respect to specific sanctions designations, the Israeli Ministry of Defense (MOD) recently was in the news for designating six Palestinian human rights groups for (alleged) terror related activity. Generally, Israeli sanctions lists correspond to sanctions adopted by the UN Security Council. However, these six designations are unique to Israel and, more broadly, reflect a growing trend of fragmentation in international sanctions regimes and “blacklists.” The consequence for companies is that, while screening against UN lists historically has provided much certainty vis-à-vis compliance with Israeli sanctions lists, the need to focus on screening against Israeli lists specifically is becoming increasingly important.
Israeli Export Controls
Generally, none of the Israeli export control lists changed between 2020 and 2021 (as background, Israel’s control lists are closely based on lists adopted by the Wassenaar Arrangement, Missile Technology Control Regime, Australia Group, Nuclear Suppliers Group and under the Chemical Weapons Convention). One narrow exception was the addition of certain biotech software related to nucleic acid assemblers and synthesizers to the Israeli Chemical, Biological, and Nuclear-Sector List (following this addition by the Australia Group to its own lists), which is administered by the Israeli Ministry of Economy and Industry (MOE).
Looking forward, be prepared for significant changes to the Wassenaar Arrangement List of Dual Use Goods and Technologies in 2022. This list is implemented both by the Israeli MOD, when exports are intended for defense uses, as well as by the Israeli MOE, when exports are not intended for defense uses. For the MOD, changes to this list will be adopted immediately. However, the MOE may adopt a grace period for industry to study the changes as it has done in the past. As a result, there may be a few months where the lists implemented by the MOD and MOE diverge.
Defense Export Controls
With respect to defense export controls, the year’s most critical development was the November addition of two Israeli spyware companies, NSO and Candiru, to the Entities List by the US Department of Commerce’s Bureau of Industry and Security (BIS). While the Israeli offensive cyber industry has come under greater scrutiny in recent years (recall this summer’s “Pegasus Papers”), this was a major step by an ally that caught this industry off-guard. Indeed, the BIS stated its reasoning for the move,1 however, the true political and professional motivations behind the listings are hazy. This has encumbered the adoption of self-regulation and risk management strategies by industry actors. In this context, the Israeli MOD responded to the listings by doubling down on its oversight efforts, such as by narrowing the number of white countries where offensive cyber technology can be sold (from 102 to 37 countries) and by adopting a new end use/user declaration form for the export of systems intended for investigation and prevention of terrorism and crime.
Dual Use Export Controls
Finally, with respect to Israel’s dual use export control regime, the MOE has become more aggressive in its efforts to enforce exporter compliance. It has done so in a number of ways, including engaging exporters in regulatory audits and opening a whistleblowing hotline for sharing information about known or suspected export control violations. In October, the MOE even publicized developments in connection with its first enforcement event. Taken together, these activities have helped increase awareness of this regime and establish its credibility as a regulator with teeth that can induce exporters to fall in line with the law.
In parallel to its more adversarial activity, the MOE also has continued to work closely with industry to facilitate (compliant) cross-border business. This is especially apparent in the flexibility that it has shown through its export licensing practices and efforts to tackle case-specific hurdles and be an enabler of controlled exports. The lesson is clear – industry should not shy away from engaging this enlightened and effective regulator when it comes to licensing.
What to Look for in 2022
So, what should we expect from 2022?
In the sanctions world, expect Israeli lists to continue diverging from UN lists and from lists implemented by other countries. In other words, Israel will continue to follow broader global trends of fragmentation in this field. For this reason, now is the time to implement multi-jurisdictional sanctions screening strategies to manage risks that differ from one country to the next.
In the defense export control world, expect tighter controls in the cyber industry – particularly over Category 4 and 5(2) exports under the Wassenaar Arrangement List of Dual Use Goods and Technologies and Category 11 and 23 exports under the Israeli Munitions List. Tighter controls likely will be implemented through mandatory regulatory guidance and can take a variety of forms, such as due diligence requirements, end use/user statements and other contractual undertakings, technology-based controls (“kill switches”), and country-specific restrictions. Our suggestion to the cyber industry is to stay ahead of the curve – review your business risks and fine-tune your approach to risk management.
Additionally, look out for list-based reform in the defense world. Two long-awaited reforms include changes to the Israeli Munitions List,2 such as amending controls over drones/UAVs and over systems for monitoring data communications and audio traffic, as well as reforming the regulation of encryption technology by shifting away from broad controls over all uses of all forms of encryption to export-based controls focusing on Category 5(2).
In the dual use export control world, look out for the MOE’s first significant enforcement event. In this regard, do not expect the MOE to slow down its auditing efforts. In addition, this regulator is expected to continue studying export control policy and reforming the dual use export control regime in Israel. To this end, we may hear an announcement regarding changes to the current legislative framework.
To conclude - stay tuned