This presentation discusses the FLIR Consent Agreement, which stemmed from violations of the International Traffic in Arms Regulations (ITAR). The presentation focuses on what went wrong (the Proposed Charging Letter) and touches on the mandatory requirements (Consent Agreement). This is Part 1 in a multi-part series.

1. FLIR Consent Agreement
Retrospective Analysis &
Insights for Industry
Part 1
© 2018 TC Engine All Rights Reserved.

2. Matt Henson is an Export
Compliance Modernization
Specialist working to
address the gap between
the traditional approach to
trade compliance and
virtualization of business
processes. His focus is on
achieving Cyber
Compliance, or compliance
with laws, regulations,
standards and policies in
IT environments.
Scott Edwards is a national
expert and speaker on NIST
800-171, DFARS, and FAR
compliance and
implementation with Office
365 and Azure. Scott’s
technical experience was
honed at NASA as a Senior
Computer Engineer and
the Chief Engineer and
Engineering Manager for
the NASA Datacenter.
PRESENTERS
Follow us on Linked In.

3. Agenda
• Regulatory Overview
• Introduction to Consent Agreements
• FLIR Overview
• FLIR Proposed Charging Letter Review
• FLIR Consent Agreement Review
• Q&A

4. Regulatory Overview

5. REGULATING AUTHORITIES
• Export Compliance – the execution of business transactions in accordance
with the laws and regulations governing exports
EAA / IEEPA AECA
President
Congress
ITAR
USML
EAR
CCL
BIS DDTCRegulators
Regulations
Control Lists
Commercial
/ Dual Use
Items
Military
Items

6. ITAR Compliance
www.pmddtc.state.gov

7. Introduction to Consent
Agreements

8. What is a Consent Agreement?
www.pmddtc.state.gov

9. Anatomy of a Consent Agreement
Modern "Penalty and Oversight Agreements" typically include three documents:
• Proposed Charging Letter (PCL)
• The "what went wrong"
• A description of the alleged charges/violations
• Consent Agreement (CA)
• The “thou shalts"
• Commitment to compliance, applicability to mergers/acquisitions/divestitures, remedial measures,
Designated Official (DO) responsibilities (if applicable), audit requirements, whether or not the
Respondent has been debarred, and other legalese
• Order
• A summary of the PCL and CA
• Upon execution, the CA is effective and the alleged charges included in the PCL are addressed (so long as
the Respondent holds-up their end of the bargain)

10. HOW DO CONSENT AGREEMENTS HAPPEN?
AECA
ITAR
USML
DDTC
VSD
Directed Disclosure
• Multiple Repeat Violations
• 126.1 Countries
• SME/MDE
• Willful Violations
• Multiple Repeat Violations
• 126.1 Countries
• SME/MDE
• Willful Violations
• Multiple Repeat Violations
• 126.1 Countries
• SME/MDE
• Willful Violations
• Multiple Repeat Violations
• 126.1 Countries
• SME/MDE
• Willful Violations
DDTC perceives
systemic gaps
Risk
How do you know? Receipt of non-
standard response
BE EXTREMELY
ACCURATE &
FACTUAL IN YOUR
RESPONSES.

11. HOW’D THE FLIR CONSENT AGREEMENT HAPPEN?
• 18 VSDs
• Directed Disclosures
• Multiple corrective action failures
• Repeat discovery and disclosure of violations
• Disclosed activity continued in violation of the ITAR (1 instance of “willful
violation”)
• Significant Military Equipment (SME)
• 126.1 Countries (Iran, Cuba, Iraq*, Lebanon*, & Vietnam*)
• Issues are “not localized to a specific facility, product line, sales territory, or
authorization type. (i.e., “systemic gaps”)
• 347 alleged ITAR Violations “resulting from Respondent’s inadequate internal
controls and commitment to compliance”
• $30 million penalty

12. HOW’D THE FLIR CONSENT AGREEMENT HAPPEN?
In DDTC’s words:
•Significant compliance program and internal control
deficiencies that directly contributed to the violations
•Deficient ITAR expertise and senior leadership oversight
•Failure to effectively investigate, uncover, and disclose
violations
•Frequency and repetitive nature of the same violations
•Failure to implement remedial compliance measures
(“corrective actions”) represented to the Department

13. MITIGATING FACTORS
In DDTC’s words:
•Submitted 18 VSDs
•Entered into an agreement with DDTC
•Instituted a number of self-initiated compliance program
improvements during the course of DDTC’s review
If your company is in DDTC’s crosshairs, you must
stand-up a Trade Compliance Improvement Program
to mitigate Consent Agreement risk.

14. FLIR Company Overview

15. FLIR OVERVIEW
•Positions itself as “the world leader in the design,
manufacture, and marketing of thermal infrared cameras”
•Founded in 1978
•Acquisitions in 1990, 1998 (Sweden), & 2003
•Total Revenue: ~$1.8 billion USD (2017)
•3,000+ employees
•3,740 licenses authorizing $9.9 billion in exports over 5 years

16. MY ASSUMPTIONS ABOUT FLIR
•Highly autonomous businesses
•Limited corporate resources (people/capabilities) and
governance
•Disparate networks and systems
•Decentralized policies, processes, and controls

17. FLIR Proposed Charging Letter

18. HOW DDTC VIEWED THE VIOLATIONS
•DDTC’s Categorization:
• Foreign Person Employment
• License Management
• Part 130 Payments
• Additional charges for violations resulting from Respondent’s
inadequate controls and commitment to compliance

19. PROPOSED CHARGES
• Cyber Compliance – failures in IT systems
• Licensing – failures in obtaining, using, and
maintaining licenses & exemptions
• Shipping – failures in physical shipments of
items
• Part 130 – failures to provide required
reporting
• Trade Show Security – failure to physically
safeguard items
• Corrective Actions – failure to implement

20. PROPOSED CHARGES – CYBER COMPLIANCE
April 2008 – August 2012 – 4 VSDs
• Disclosed unauthorized exports to DN/TCN employees from over 15 countries (including
Iran, Iraq, and Lebanon)
• Violations occurred at domestic and overseas locations
• In reliance upon reported corrective actions, DDTC closed without further action
June 2014 - VSD
• Full scope of violations not previously reported (Cuba & Vietnam)
• Corrective actions not implemented (confirming nationalities and terminating unauthorized
access)
• Did not collect DN/TCN attributes of personnel at one subsidiary (FLIR AB of Sweden)
• IT Provisioning & Unauthorized Access
Background

21. PROPOSED CHARGES – CYBER COMPLIANCE
June 2014 VSD - IT Provisioning & Access Controls
US Persons Mixed Users
ITAR = No
ITAR = Yes
Low-Mod
Low Low-Mod
High

22. PROPOSED CHARGES – CYBER COMPLIANCE
Illegal Exports
• Unauthorized reexports of technical data in IT
Systems
• Continued to allow unauthorized reexports of
technical data
• Allowed 126.1 nationals to access technical data
Record Keeping
• Failure to maintain technical data
reexport records on IT systems (logs)

23. PROPOSED CHARGES – EXPORT LICENSING
License Application
• Misrepresented and/or omitted material facts
• Failed to disclose citizenship or permanent
Residency
• Attempted use of ineligible party
License Use
• Violation of terms & conditions
• Unauthorized reexport/change of end-use
License Maintenance
• Failure to reflect corporate restructuring

24. PROPOSED CHARGES – SHIPPING
Temporary Export Shipments
• Failure to obtain endorsements by U.S. Customs (temp)
Shipping Statements
• Misidentification as EAR
• Failure to properly incorporate export control statement
• Failure to ensure freight forwarder correctly identified
SME in EEI filings
Illegal Exports
• Exports to foreign person employees from 126.1
countries
• Exported without license
Record-keeping
• Failure to properly maintain records

25. PROPOSED CHARGES – PART 130
License Applications
• Failures to disclose fees & commissions
Record-keeping
• Failure to maintain records
Reporting
• Failure to provide required report updates

26. PROPOSED CHARGES – TRADE SHOWS
Loss or Theft
• Failure to properly safeguard

27. PROPOSED CHARGES – CORRECTIVE ACTIONS
Corrective Actions
• Failure to stop ongoing violation
• Inaccurate information concerning corrective actions
pertaining to foreign person employees

28. MY ASSUMPTIONS ABOUT FLIR’S COMPLIANCE PROGRAM
•Legacy export compliance program designed for
yesterday’s paradigm
•The focus is on Physical Domain Controls:
•Physical Location Controls – e.g. TCPs, Signage, etc.
•Physical Access Controls – e.g. Foreign Person Employment,
Visitor Controls, Badging, Locks, etc.
•Physical Transfer Controls – e.g. Freight Shipments, Courier
Shipments, and Hand-carry
28

29. •Characteristics of FLIR’s Legacy Export Compliance
Program:
•Paper policy dependent
•Tribal knowledge dependent
•User behavior dependent
•Manually executed
•Opaque
• Manual execution leads to lack of visibility, which leads to…
• Lack of oversight
•Geared for Physical Domain Controls
•Decentralized 29
MY ASSUMPTIONS ABOUT FLIR’S COMPLIANCE PROGRAM

30. •They generally don’t know:
• What their data is,
• Its value,
• Where it is located,
• Who has access,
• When it’s being transferred, and to whom, or
• Whether or not location, access, and transfers are export compliant
•They lack visibility into our cyber assets and transactions
•They lack cyber compliance capabilities
30
MY ASSUMPTIONS ABOUT FLIR’S COMPLIANCE PROGRAM

31. Legacy Approach to Export Controls
Business Cycle
Classify & control
time of export
shipment
Data exchanged with Customers
Data exchanged with Vendors
If your external data exchanges
look like this, you have significant
risk.

32. Legacy Approach to Export Controls
Business Cycle
Data exchanged internally
If your internal data exchanges
look like this, you have significant
risk.
Classify & control
time of export
shipment

33. If the previous slides described your compliance program,
you’re company is at risk of becoming the next FLIR.
33
WORD OF CAUTION

34. FLIR Consent Agreement

35. CONSENT AGREEMENT OVERVIEW
Consent Agreement Terms, Conditions, and Requirements are described in 27 paragraphs:
1. Parties to the CA
2. Department of State (DOS) has jurisdiction
3. Respondent's commitment to compliance & remedial
measures
4. Incorporation of CA requirements into new acquisitions
5. 60 day prior notification of sale/restructuring
/merger/divestiture
6. Ensure adequate staffing for ITAR compliance with clearly
defined lines of authority and career paths
7. Internal Review of ITAR compliance resources (120 days)
8. Appointment of Designated Official & DO Responsibilities
9. Strengthened corporate compliance procedures & training
10. Self-assessment of functional processes (60 day status
report, and final report 120 days after receiving DDTC input)
11. Implementing Policies & Procedures called for paragraph 8
12. Comprehensive automated export compliance system
13. Two external audits required
14. Audit 1 (within 12 months)
15. Audit 2 (within 36 months)
16. Penalty - $30 million
17. Can't charge back to the government or claim as tax
deduction
18. Misappropriation and/or failure to properly track funds
19. Debarment – fulfill CA provisions or face debarment
20. Onsite reviews by DOS
21. Understandings
22. Acknowledgement of nature and seriousness of alleged
offenses
23. Signing resolves civil penalties and administrative
sanctions with respect to civil violations
24. Waiver of rights and additional monetary penalty for
failure to implement CA
25. Written certification to DDTC
26. Documents made public
27. Effective upon execution of the Order

36. 16. PENALTY
$30 million total
• $15 million to be paid in installments
• $15 million to be reinvested in remedial measures
• $5 million credit for work performed
$10 million total / 3000 employees = $3,333.00 per employee

37. CONSENT AGREEMENT OVERVIEW
Consent Agreement Terms, Conditions, and Requirements are described in 27 paragraphs:
1. Parties to the CA
2. Department of State (DOS) has jurisdiction
3. Respondent's commitment to compliance & remedial
measures
4. Incorporation of CA requirements into new acquisitions
5. 60 day prior notification of sale/restructuring
/merger/divestiture
6. Ensure adequate staffing for ITAR compliance with clearly
defined lines of authority and career paths
7. Internal Review of ITAR compliance resources (120 days)
8. Appointment of Designated Official & DO Responsibilities
9. Strengthened corporate compliance procedures & training
10. Self-assessment of functional processes (60 day status
report, and final report 120 days after receiving DDTC input)
11. Implementing Policies & Procedures called for paragraph 8
12. Comprehensive automated export compliance system
13. Two external audits required
14. Audit 1 (within 12 months)
15. Audit 2 (within 36 months)
16. Penalty - $30 million
17. Can't charge back to the government or claim as tax
deduction
18. Misappropriation and/or failure to properly track funds
19. Debarment – fulfill CA provisions or face debarment
20. Onsite reviews by DOS
21. Understandings
22. Acknowledgement of nature and seriousness of alleged
offenses
23. Signing resolves civil penalties and administrative
sanctions with respect to civil violations
24. Waiver of rights and additional monetary penalty for
failure to implement CA
25. Written certification to DDTC
26. Documents made public
27. Effective upon execution of the Order

38. 4. & 5. MAD IMPLICATIONS
4. Acquisitions
• CA requirements incorporated into any acquisition within 6
months
5. Mergers
• CA requirements apply to any merger, restructuring, or
acquisition
• 60 days prior notice with signed acknowledgement of purchaser

39. CONSENT AGREEMENT OVERVIEW
Consent Agreement Terms, Conditions, and Requirements are described in 27 paragraphs:
1. Parties to the CA
2. Department of State (DOS) has jurisdiction
3. Respondent's commitment to compliance & remedial
measures
4. Incorporation of CA requirements into new acquisitions
5. 60 day prior notification of sale/restructuring
/merger/divestiture
6. Ensure adequate staffing for ITAR compliance with clearly
defined lines of authority and career paths
7. Internal Review of ITAR compliance resources (120 days)
8. Appointment of Designated Official & DO Responsibilities
9. Strengthened corporate compliance procedures & training
10. Self-assessment of functional processes (60 day status
report, and final report 120 days after receiving DDTC input)
11. Implementing Policies & Procedures called for paragraph 8
12. Comprehensive automated export compliance system
13. Two external audits required
14. Audit 1 (within 12 months)
15. Audit 2 (within 36 months)
16. Penalty - $30 million
17. Can't charge back to the government or claim as tax
deduction
18. Misappropriation and/or failure to properly track funds
19. Debarment – fulfill CA provisions or face debarment
20. Onsite reviews by DOS
21. Understandings
22. Acknowledgement of nature and seriousness of alleged
offenses
23. Signing resolves civil penalties and administrative
sanctions with respect to civil violations
24. Waiver of rights and additional monetary penalty for
failure to implement CA
25. Written certification to DDTC
26. Documents made public
27. Effective upon execution of the Order

40. 6. & 7. TC RESOURCES
6. TC Resources
• Ensure adequate resources are dedicated to ITAR compliance
• Establish policies and procedures governing TC resources
• Ensure lines of authority, performance evaluations, and career paths
7. Resource Study
• Within 120 days, Respondent and Designated Official (DO) shall
conduct a review and establish an action plan for addressing
resource issues.
Resources
WorkloadsRisks
Conduct a time study

41. CONSENT AGREEMENT OVERVIEW
Consent Agreement Terms, Conditions, and Requirements are described in 27 paragraphs:
1. Parties to the CA
2. Department of State (DOS) has jurisdiction
3. Respondent's commitment to compliance & remedial
measures
4. Incorporation of CA requirements into new acquisitions
5. 60 day prior notification of sale/restructuring
/merger/divestiture
6. Ensure adequate staffing for ITAR compliance with clearly
defined lines of authority and career paths
7. Internal Review of ITAR compliance resources (120 days)
8. Appointment of Designated Official & DO Responsibilities
9. Strengthened corporate compliance procedures & training
10. Self-assessment of functional processes (60 day status
report, and final report 120 days after receiving DDTC input)
11. Implementing Policies & Procedures called for paragraph 8
12. Comprehensive automated export compliance system
13. Two external audits required
14. Audit 1 (within 12 months)
15. Audit 2 (within 36 months)
16. Penalty - $30 million
17. Can't charge back to the government or claim as tax
deduction
18. Misappropriation and/or failure to properly track funds
19. Debarment – fulfill CA provisions or face debarment
20. Onsite reviews by DOS
21. Understandings
22. Acknowledgement of nature and seriousness of alleged
offenses
23. Signing resolves civil penalties and administrative
sanctions with respect to civil violations
24. Waiver of rights and additional monetary penalty for
failure to implement CA
25. Written certification to DDTC
26. Documents made public
27. Effective upon execution of the Order

42. 8., 9., & 11 POLICIES, PROCEDURES, & TRAINING
8. Establishes Designated Official (DO) Requirement
• Appointment within 60 days
• Areas of responsibility
• Specific Duties – oversight of remedial measures/expenditures and
incorporation into business plans at the senior executive level
• Reporting – tracking of violations, 6 mo. status reports, including accounting
• Policies & Procedures

43. POLICY & PROCEDURE
As described in Paragraph 8:
• Staffing
• Integration into business planning
• Supplier vetting (foreign manufacturing facilities)
• Identity management (Foreign Person & DN/TCNs)
• Restricted parties screening
• Identification & classification of defense articles & services
• Identification & classification of technical data
• Export authorization management (scope, terms, conditions,
provisos, & temporary exports)
• Part 130
• Maintenance & protection of and access to technical data on
computer networks or other electronic method of storage or
transfer
• Physical security controls
• Shipping (exports, reexports, and retransfers)
• Record-keeping
• Detect, prevent, & report violations

44. 8., 9., & 11 POLICIES, PROCEDURES, & TRAINING
9. Strengthened Compliance Program & Training (12 months)
• Instituted strengthened corporate compliance procedures
• Training
• All employees engaged in ITAR-regulated activities
• All personnel responsible for supervising employees, including managers of business
units
• Training records (who, what, when, where, how)
11. Requires the company to implement PP8 policies & procedures

45. CONSENT AGREEMENT OVERVIEW
Consent Agreement Terms, Conditions, and Requirements are described in 27 paragraphs:
1. Parties to the CA
2. Department of State (DOS) has jurisdiction
3. Respondent's commitment to compliance & remedial
measures
4. Incorporation of CA requirements into new acquisitions
5. 60 day prior notification of sale/restructuring
/merger/divestiture
6. Ensure adequate staffing for ITAR compliance with clearly
defined lines of authority and career paths
7. Internal Review of ITAR compliance resources (120 days)
8. Appointment of Designated Official & DO Responsibilities
9. Strengthened corporate compliance procedures & training
10. Self-assessment of functional processes (60 day status
report, and final report 120 days after receiving DDTC input)
11. Implementing Policies & Procedures called for paragraph 8
12. Comprehensive automated export compliance system
13. Two external audits required
14. Audit 1 (within 12 months)
15. Audit 2 (within 36 months)
16. Penalty - $30 million
17. Can't charge back to the government or claim as tax
deduction
18. Misappropriation and/or failure to properly track funds
19. Debarment – fulfill CA provisions or face debarment
20. Onsite reviews by DOS
21. Understandings
22. Acknowledgement of nature and seriousness of alleged
offenses
23. Signing resolves civil penalties and administrative
sanctions with respect to civil violations
24. Waiver of rights and additional monetary penalty for
failure to implement CA
25. Written certification to DDTC
26. Documents made public
27. Effective upon execution of the Order

46. 10. SELF-ASSESSMENT
10. Self-Assessment
• Internal assessment of functional processes to evaluate compliance
• Conducted under the review of a functional/process expert who is
independent of Trade Compliance
• Plan do within 60 days of the date of the Order

47. 10. SELF-ASSESSMENT - FUNCTIONS
HR IT Finance Legal
Executive
Mgmt.
Trade
Compl.
Property
Operational Functions
Support and Management Functions
Business
Development
Supply
Chain
QualityProduction Logistics
Aftermarket
Support
Marketing SalesEngineering

48. SUPPORT & MANAGEMENT PROCESSES
Hiring
Onboarding
Recruiting
Job Formulation
Promotions
Transfers
Deployment
Termination
Network Admin
Server Admin
App Admin
Admin Admin
User Admin
Cyber Security
AR
Payments
AP
Bus. Ptnr. Mgmt.
Receipts
Mergers
Acquisitions
Divestitures
JVs
Legal Entity Mgmt.
Support
Comms
Planning
Strategy
Structure Mgmt.
Property Mgmt.
Physical Security
Facility Mgmt.
EAM
TVP
JCM
RPL
IIED
AAM
CAM
TPM
TCPM
HR IT Finance Legal
Executive
Mgmt.
Trade
Compl.
Property

49. SUPPORT & MANAGEMENT SYSTEMS
HR IT Finance Legal
Executive
Mgmt.
Trade
Compl.
Property
EMS
Entity Mgmt.
System EMS
Entity Mgmt.
SystemAR
Accounts
Receivable
AP
Accounts
Payable
HCM
Human
Capital Mgmt.
REM
Real Estate
Mgmt.
AD
Active
Directory
DMZ
De-Militarized
Zone
IDM
Identity
Mgmt.
EPE
Electronic Policy
Engine
EAM
Export Authorization
Mgmt.
JCM
Jurisdiction,
Classification & Marking
RPL
Restricted Party
List Screening

50. OPERATIONAL FUNCTIONS & PROCESSES
Public Release
Trade Shows
Conferences
Briefings
Demos
Quotes
Bids
Proposals Sales
Proposals
Quotes
Bids
Bus. Ptnr. Mgmt.
Contracts
Purchases
RFP
RFQ
RFI
Bus. Ptnr. Mgmt.
Sub-Contracts
Production Runs
Capacity Offload
Scrap
Non-Conformance
Supplier Cert.
Supplier Qual.
RTV
Destruction
Shipping
Customs Filing
Customs Clearance
Receiving
Bus. Ptnr. Mgmt.
MRO
RMA
Replace
IRD
NPI
ECO
Config. Mgmt
Business
Development
Supply
Chain
QualityProduction Logistics
Aftermarket
Support
Marketing SalesEngineering

51. OPERATIONAL SYSTEMS
CRM
Customer Rel.
Mgmt.
CMS
Contract
Mgmt.
IWS
Internet
Website ERP
Ent. Res.
PlanningERP
Ent. Res.
Planning
RFX
Request
For X
SRM
Supplier Rel.
Mgmt.
MES
Mfg. Exec.
System
ERP
Ent. Res.
Planning
ERP
Ent. Res.
Planning
QAS
Qual. Ass.
System
LMS
Log. Mgmt.
System
ERP
Ent. Res.
Planning
BPS
Business Purs.
System
QBP
Quotes, Bids,
& Proposal
Business
Development
Supply
Chain
QualityProduction Logistics
Aftermarket
Support
Marketing SalesEngineering
ERP
Ent. Res.
Planning
PLM
Product
Lifecycle
Mgmt.

52. CONSENT AGREEMENT OVERVIEW
Consent Agreement Terms, Conditions, and Requirements are described in 27 paragraphs:
1. Parties to the CA
2. Department of State (DOS) has jurisdiction
3. Respondent's commitment to compliance & remedial
measures
4. Incorporation of CA requirements into new acquisitions
5. 60 day prior notification of sale/restructuring
/merger/divestiture
6. Ensure adequate staffing for ITAR compliance with clearly
defined lines of authority and career paths
7. Internal Review of ITAR compliance resources (120 days)
8. Appointment of Designated Official & DO Responsibilities
9. Strengthened corporate compliance procedures & training
10. Self-assessment of functional processes (60 day status
report, and final report 120 days after receiving DDTC input)
11. Implementing Policies & Procedures called for paragraph 8
12. Comprehensive automated export compliance system
13. Two external audits required
14. Audit 1 (within 12 months)
15. Audit 2 (within 36 months)
16. Penalty - $30 million
17. Can't charge back to the government or claim as tax
deduction
18. Misappropriation and/or failure to properly track funds
19. Debarment – fulfill CA provisions or face debarment
20. Onsite reviews by DOS
21. Understandings
22. Acknowledgement of nature and seriousness of alleged
offenses
23. Signing resolves civil penalties and administrative
sanctions with respect to civil violations
24. Waiver of rights and additional monetary penalty for
failure to implement CA
25. Written certification to DDTC
26. Documents made public
27. Effective upon execution of the Order

53. 12. AUTOMATED SYSTEM
12. Comprehensive Automated Export Compliance System
• Strengthen internal controls and enhance oversight
• Track decision from initiation to conclusion of a request for export,
reexport, or retransfer
• Initial identification of technical data and technical assistance proposed to
be disclosed to any Foreign Persons
• Means of alerting users to ITAR requirements on electronic transmissions of
controlled data
• Training to all employees to ensure all technical data exports are authorized
in accordance with compliance policies & procedures

54. 12. AUTOMATED SYSTEM
There is no silver bullet
System of systems approach is required
• Business Partner Management
• Identity Management
• Restricted Parties Screening
• Jurisdiction, Classification, & Marking
• Export Authorization Management
• Export Transaction Management (visitors, travel, shipments, tech data
transfers, access controls)
• Incident Management
• Corrective Action Management
• Business Intelligence

55. Q&A