The following is being released jointly by the U.S. Department of Commerce and the U.S. Department of the Treasury.
WASHINGTON, D.C.—Today, as part of a coordinated enforcement effort, the Department of Commerce’s Bureau of Industry and Security (“BIS”) and the Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) imposed a combined $3.3 million in civil penalties against Microsoft Corporation (“Microsoft”) for alleged and apparent violations of U.S. export controls and sanctions laws. Microsoft voluntarily self-disclosed the alleged violations to both BIS and OFAC, cooperated with the joint investigation conducted by BIS’s Office of Export Enforcement and OFAC, and took remedial measures after discovering the conduct at issue, which predated the export controls and sanctions imposed in connection with the current Russian war in Ukraine.
“U.S. companies will be held accountable for the activities of their foreign subsidiaries,” said Assistant Secretary for Export Enforcement Matthew S. Axelrod. “As this coordinated resolution demonstrates, BIS and OFAC will work together to ensure that U.S. export control and sanctions laws are enforced effectively, wherever in the world the underlying conduct occurs.”
“This case demonstrates how BIS and OFAC authorities can complement one another to hold firms accountable and promote compliance with core national security obligations. It further underscores the risks technology companies may face when engaging through foreign subsidiaries, distributors, and resellers and the importance of maintaining effective controls,” said Andrea M. Gacki, Director of OFAC.
Additional Background on Today’s Action
BIS issued an order today imposing an administrative penalty of $624,013 on Microsoft. As part of the BIS settlement, Microsoft admitted to the conduct set forth in a Proposed Charging Letter (“PCL”) involving Microsoft’s subsidiary Microsoft Rus LLC (“Microsoft Russia”). In addition to the BIS penalty, Microsoft entered into a corresponding settlement with OFAC whereby Microsoft agreed to a $2,980,265.86 civil penalty to resolve 1,339 apparent violations of OFAC sanctions regulations involving Ukraine/Russia, Cuba, Iran, and Syria. In light of the related OFAC action, Microsoft was given a $276,382 credit by BIS contingent upon Microsoft fulfilling its requirements under the OFAC settlement agreement, resulting in a combined overall penalty amount of $3,327,896.86.
BIS Case Background
On seven occasions between December 28, 2016, and December 22, 2017, employees of Microsoft Russia caused another Microsoft subsidiary to enter into or sell software licensing agreements that would allow the transfer or access to software subject to the EAR by FAU ‘Glavgosekspertiza Rossii’ and United Shipbuilding Corporation Joint Stock Company (“United Shipbuilding Corporation”), both of which were on BIS’s Entity List. FAU ‘Glavgosekspertiza Rossii’ is a Russian federal institution involved with construction projects, including the Kerch Bridge, which was built to connect Crimea to Russia after its 2014 invasion. United Shipbuilding Corporation is responsible for developing and building the Russian Navy’s warships.
In the case of FAU ‘Glavgosekspertiza Rossii’, certain Russia-based employees of Microsoft Russia ordered software licenses through one of Microsoft’s Open sales programs in the names of parties not on the Entity List; in the case of United Shipbuilding, an increased number of software licenses were added under non-listed affiliates’ enterprise agreements.
- The BIS Order, Settlement Agreement, and Proposed Charing Letter are available online here.
- Details regarding the OFAC action can be found online here.
Additional Information
Report suspected export control violations through the BIS online tip portal. You can also call the Enforcement Hotline at 1-800-424-2980 or email EELead@bis.doc.gov. These BIS actions were taken under the authority of the Export Control Reform Act of 2018 and its implementing regulations, the EAR. BIS controls exports and reexports of dual-use commodities, technology and software for reasons of national security, missile technology, nuclear non-proliferation, chemical and biological non-proliferation, crime control and regional stability. Criminal and administrative sanctions can be imposed for violations of the EAR. For more information, please visit: https://www.bis.doc.gov/index.php/enforcement
###