Final Rule on ICTS Imports Issued
A final rule on what kinds of purchases of information and communications technology and services (ICTS) from China or other "foreign adversaries" may be reviewed by the Bureau of Information and Security, and perhaps, banned, was released Dec. 5.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
The Commerce Department has been reviewing ICTS transactions it sees as risky for two years, after the interim final rule was published (see 2101140060 and 2101150055). It says the final rule makes the review process more efficient. "The Department’s reviews are primarily reviews of classes of transactions involving all or a subset of all ICTS provided by a single person rather than individual transactions involving a single product or service," the notice says.
The final rule clarifies who are parties to the ICTS transaction, the process for initiating a review, and procedures for companies to respond to initial determinations; lists prohibited activities; and adds Macau as part of China to the foreign adversary list.
There is no licensing process for importing the hardware and software, or contracting for services that are in the scope of the reviews.
Although businesses asked the department to narrow the scope of the rule (see 2104290065), it declined to do so, saying the scope is necessary to address the risks in the executive order that began the rulemaking process.
Namely, the executive order describes the risk that "certain ICTS Transactions could be used by malicious foreign actors to commit industrial or economic espionage, or that the unrestricted acquisition or use in the United States of ICTS with a foreign adversary nexus could be leveraged by foreign adversaries to find, create, and exploit vulnerabilities and undermine the resiliency of U.S. critical infrastructure or the safety and security of U.S. persons," the notice said.
Commerce also declined to provide examples of the types of transactions that could be reviewed. "The Department’s experience to date has shown that ICTS Transactions present unique risks that would be difficult to describe in generic terms," it said.
The government estimated in 2021, that, due to the millions of firms that import these kinds of products, the cost of the rule could be up to $20 billion; the notice said the cost could range between $112 million and $11.1 billion for all small businesses affected (those with fewer than 500 employees).
The final rule will go into effect 60 days after it is published in the Federal Register, which is scheduled for Dec. 6.