The US government is increasingly prioritizing trade enforcement of the tech industry's global data services. This is reflected in
SAP, a multinational software company based in
SAP's apparent EAR and ITSR violations came about in two ways. First, SAP and third-party resellers allowed users in
The US government's NPA with SAP is part of a larger pattern. In the past 18 months, the US government has begun to focus on the tech industry's sanctions compliance and has brought enforcement actions against companies of all sizes—including Apple and Amazon—for providing services to sanctioned parties. For instance, in early 2020, OFAC took action against SITA, a Swiss telecommunications company, settling apparent violations involving the provision of messaging services that were routed through hardware located in
The SAP action highlights the great importance of risk-based sanctions compliance programs for global companies providing software products online, including cloud-based services. Just as the US government expects banks to monitor global money flows and to prevent prohibited transactions, these recent cases demonstrate that companies are similarly expected to monitor and ensure compliance throughout the global flow of data.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
Arnold & Porter
601 Mass. Ave., NW
DC 20001-3743
Tel: 202942.5000
Fax: 202942.5999
E-mail: Anna.shelkin@apks.com
URL: www.arnoldporter.com
© Mondaq Ltd, 2021 - Tel. +44 (0)20 8544 8300 - http://www.mondaq.com, source