Building expertise in Export Control: it concerns everyone at Patria
Text: Ove Ronny Haraldsen and Rosa Rosanelli / Photos: Kongsberg
In Patria's domain, being able to control the technical data and know-how is indispensable to anticipate customer’s needs, maintain the trust of the current customers, and succeed in the industrial and commercial activities.
To promote expertise in export control and build a more robust internal compliance program, Patria and Kongsberg started an initiative named the “Trade Compliance Project”. Since June 2019, a Steering Group was set up, and it is now coordinating the further work.
Rosa Rosanelli, now Patria Group Export Compliance Officer, has been given the task of leading the project. Rosa used to work at Patria Belgium Engine Center (PBEC). PBEC was previously owned by AIM Norway, now Kongsberg Aviation Maintenance Systems (KAMS).
“As Patria opens up to new perspectives of growth and development, one of the main priorities must remain compliance with laws and regulations. In particular, export compliance plays a major role in our future strategy, driven to growth, internationalization and partnership,” says Esa Rautalinko, President and CEO of Patria.
“Each and every one of us is responsible and plays an important role. A greater focus on export compliance will bring us new and more important challenges, but without it, we cannot continue growing internationally and open up to the future. Let’s take it as an opportunity,” continues Hanna Kyrki, Patria’s General Counsel & Chief Compliance Officer.
Last October, Kongsberg and Patria held a joint seminar in Oslo, to which everyone involved in export control was invited. The focus was placed on various aspects of a diverse and, to some extent, complicated labyrinth of laws, regulations and sanctions.
Via video link, the CEO’s of both Patria and Kongsberg stressed to the delegates the importance of doing things right and the strategic value of export compliance for the Groups’ future challenges.
The seminar was part of a new project that focuses on export control, which is now being rolled out across the organization. A follow-up export compliance event will be organized in November 2020, in Helsinki.
“We all have a responsibility to protect our technology, and we are all affected, either directly or indirectly, by export control in our daily working lives,” says Rosa Rosanelli.
Few questions to Rosa
I am project manager and “architect” for the project, which means I have been tasked with designing a holistic approach to export control for Kongsberg and Patria.
Export control is important for all organisations involved with dual-use goods or defence-related articles, which also have a supply chain across international borders, or customers in different countries. This applies to an even greater extent to companies that interact with counterparties in the USA or work under government contracts with the USA, and that want to position themselves as reliable international companies who take responsible business conduct seriously.
There are many examples, and they are attracting more and more attention in the press. We are seeing more frequent enforcements in the USA, involving companies from both the USA and other countries, than what we see in Europe. But they do happen here too. The most recent case is the one related to Airbus SE, with a global sanction of $ 3.9 billion and 10 million to be paid for export control violations. In the USA only last September, the L3 Harris consent agreement led the technology company to pay USD 13 million in compensation for a breach that was largely linked to license processing and the company’s ability to present complete information to public authorities in the USA.
We don’t need to go very much back to find more examples, such as the FLIR consent agreement in 2018, which focused on the ability to limit access to technology that is subject to controls.
On the other hand, there have also been many cased involving companies from countries other than the USA. The first was BAE in 2011, which had to pay around USD 78 million. UTC followed in 2012 with USD 75 million for breaches that mainly related to their units outside the USA. I was working for Pratt & Whitney-UTC at that time of the Consent Agreement, and we had to work hard to regain the trust of the US government and our customers setting up a system that was integrated into our business.
I hope I can utilize this experience to prevent our companies from ending up in such situations, or at least ensure we are prepared and able to show through our actions that we are aware of the requirements imposed on us, and that we are able to run an international business in a secure and safe manner.
The project will be rolled out in four phases. The first phase – planning – began back in late June. The next phase is assessments and gap analysis of each of the pilot companies. This will provide basis for determining whether their procedures are adapted to the relevant risks and are proportionate.
In this way, we will be able to identify and prioritise risk areas and establish a joint strategic approach to export control. In the third phase, we will put together a core team consisting of specialists in export control, establish a network and identify the solution that is most appropriate for the organization. The final stage is implementation, where we implement the solutions for the pilot companies and carry out training.
We just finalized Kongsberg pilot companies’ audits, and expect to have an audit report out already by mid-March.
This project is a unique opportunity to adopt a new holistic approach to internal export control programmes. The approach will be risk-based; it will be effective because it is a natural part of the organization; and it will be more harmonious between the various units. This also presents an excellent opportunity to utilize the skills and resources that the company already possesses in an even better way. We can create a team that can share information and perspectives, and that can be active during the implementation process and also act as a champion for export control in the future.
Thank you! That’s a very good question, which helps me by asking another one: are you sure that those who think they are not directly linked to export control in any way are not affected by export control in their daily work? My experience is that the first step in every organization is to realise that this is not just the responsibility of those who are involved with export control.
This affects everyone. We all have a responsibility to protect our technology, and we are all affected, either directly or indirectly, by export control in our daily working lives. It might be a receptionist who decided that someone should be allowed into the building; it might be a business developer who must know which potential opportunities could entail risk relating to export control or require a license. It might be a procurement officer who in some cases has to choose where the company should make its purchases based on restrictions, or it could be someone in the workshop who sees an unauthorized person in the area and needs to act quickly.
Export control requires the entire business to work like a team. It presents a unique challenge because it can have major consequences for the company if we make mistakes, and because it affects so many aspects of our organization.
Just that I have high expectations of companies like Kongsberg and Patria, something I believe we all should have. We have the reputation, the skills and the knowledge that mean we can be proud of our work, and we must protect this as well as we can and in a way that is best for the company. Export control is often seen as something that holds us back. I believe export control should be a central part of the organization, and it can even create value in areas where reputation and the company’s ability to handle complex requirements are important.