Workshop on Export Administration Regulations compliance for software, hardware, and technology firms. Covers ECCN classification methodology, the Commerce Country Chart, license exceptions, the Entity List, deemed export rules, and recordkeeping. Companion piece to the ITAR session for dual-use exporters.
Export Administration Regulations compliance is not a checkbox exercise — it is a living program that touches every product decision, hiring action, and customer transaction at a dual-use technology company. This four-hour workshop led by Carl B. Johnson, President and CISO of Cleared Systems, translates the dense language of the EAR into practical, repeatable workflows your team can apply the next business day.
We open with the engine of every EAR compliance program: Export Control Classification Number (ECCN) determination. Participants work through the Commerce Control List structure, learn how to read each ECCN's parameters, software, and technology notes, and practice the self-classification logic that distinguishes a controlled item from EAR99. Common misclassification patterns in software, semiconductor, and systems integration contexts are examined in detail.
Once an ECCN is established, the next question is always: does this shipment require a license? We walk step-by-step through the Commerce Country Chart, cross-referencing reason-for-control columns against destination countries to produce a defensible license-requirement determination. Participants learn how to document that analysis so it survives a Bureau of Industry and Security (BIS) audit.
Applying the wrong license exception — or missing an available one — are equally costly mistakes. This segment covers the most operationally significant exceptions, including License Exception TMP, ENC, TSR, and STA, with attention to the eligibility criteria, conditions, and recordkeeping obligations attached to each. We address how to structure exception determinations as written records rather than informal assumptions.
The Entity List is updated frequently, and a single missed screening can expose a company to significant civil and criminal liability. Participants learn how to build a screening cadence into order management and procurement workflows, how to evaluate name and address variations, and what steps to take when a potential match surfaces. We also cover the Unverified List and Denied Persons List as companion screening obligations.
For technology and software companies, deemed export risk is often the compliance gap most likely to be overlooked. This section addresses how releasing controlled technology to a foreign national inside the United States constitutes an export to that individual's country of nationality, what that means for hiring, on-boarding, and collaborative research, and how to structure a deemed export review process that is both legally sound and operationally workable.
The workshop closes with EAR recordkeeping obligations — what must be retained, for how long, in what form, and how to structure a document management approach that supports both internal audits and BIS inquiries. Participants leave with a clear picture of how recordkeeping connects to every earlier topic covered in the session.
This workshop is designed for the practitioners who own or support export compliance day-to-day at defense contractors, federal contractors, and commercial technology companies that develop or sell dual-use software, hardware, or technical data. That includes export compliance officers, trade compliance analysts, legal and regulatory counsel, and senior compliance managers who need authoritative grounding in EAR mechanics rather than a high-level overview.
Managers approving this training investment should know: this session directly reduces classification error rates, screening gaps, and deemed export exposure — the three areas where BIS enforcement actions most frequently originate in technology company contexts. It also complements any team already engaged in ITAR compliance work; this workshop is explicitly designed as a companion piece for dual-use exporters navigating both regimes. If your team has completed or is pursuing ITAR and export controls compliance work, EAR fluency is the natural next capability to build.
A single training session sharpens skills — a structured compliance program sustains them. If your organization is ready to move from event-based learning to a durable EAR compliance architecture, Cleared Systems offers hands-on compliance program development services tailored to dual-use technology companies. For teams navigating broader federal regulatory obligations alongside export controls, our Regulatory vCISO services provide ongoing expert guidance without the cost of a full-time hire. Carl and the Cleared Systems team are ready to help you build what comes next.
Ask about group rates, private delivery of this curriculum for your team, or whether this session fits your compliance roadmap.
Contact Us
