Cross-border defense and dual-use.
How foreign defense and dual-use firms approach US procurement under ITAR, EAR, and DFARS overlays.
Read the pillar →
The US regulatory regime, codified at 15 CFR Parts 730-774, controlling exports, re-exports, and in-country transfers of dual-use items, less-sensitive military items, and certain technology.
The Export Administration Regulations (EAR) are the US regulatory regime governing the export, re-export, and in-country transfer of items described as dual-use (items with both civilian and military applications), less-sensitive military items, and certain technology and software. The regulations are codified at Title 15 of the Code of Federal Regulations, Parts 730 through 774. The EAR is administered by the US Department of Commerce, Bureau of Industry and Security (BIS), under authority delegated through the Export Control Reform Act of 2018.
Items subject to the EAR are classified by an Export Control Classification Number (ECCN) on the Commerce Control List (CCL), set out at 15 CFR Part 774, Supplement No. 1. The CCL is organised into ten broad categories (Nuclear Materials, Materials, Chemicals, Microorganisms and Toxins; Materials Processing; Electronics; Computers; Telecommunications and Information Security; Sensors and Lasers; Navigation and Avionics; Marine; Aerospace and Propulsion). Items not on the CCL but subject to the EAR's jurisdiction are designated EAR99. License requirements vary by ECCN, country of destination (as set out in the Country Chart at 15 CFR Part 738), end-use, and end-user. Specific reasons for control include national security, regional stability, anti-terrorism, and missile-technology and chemical-and-biological weapons concerns.
The EAR also regulates deemed exports: the release of controlled technology or source code to a foreign person inside the United States is treated as an export to that person's most recent country of citizenship or permanent residency, and may require a licence. Re-exports from one foreign country to another, and de minimis rules covering foreign-made items containing US-origin content, extend the EAR's reach extraterritorially. BIS maintains the Entity List, the Unverified List, and the Denied Persons List as restricted-party screening references.
For internationally-headquartered firms with US subsidiaries handling EAR-controlled items, an export-control compliance programme is structural. The compliance work spans ECCN classification of the firm's products and technology, restricted-party screening of customers and counterparties, deemed-export controls inside the US workforce, technology-control plans for engineering and R&D environments, and licence determinations for cross-border movements. Foreign parent-subsidiary collaboration that involves shared engineering data or jointly developed technology is often where the deemed-export and re-export rules concentrate exposure. EAR violations carry significant civil and criminal penalties, including denial of export privileges.
EAR sits alongside ITAR for State Department-controlled defense articles and interlocks with DOD procurement under DFARS. Further reading: German cyber, FedRAMP, and CMMC and cross-border defense and dual-use technology in US procurement.
How foreign defense and dual-use firms approach US procurement under ITAR, EAR, and DFARS overlays.
Read the pillar →How DACH cyber and cloud firms sequence FedRAMP authorisation, CMMC alignment, and US federal market entry.
Read the pillar →The commercialisation pattern for foreign cyber, AI, and ML firms entering the US federal and regulated commercial market.
Read the pillar →