In an era of heightened geopolitical tensions and rapidly evolving trade regulations, the recent enforcement actions by the U.S. Office of Foreign Assets Control (OFAC) and the Bureau of Industry and Security (BIS) against Haas Automation (Haas) underscore the increasing complexity of export and sanctions compliance. Regulators have made clear that ignorance is no defense—companies must actively oversee their own exports. They expect robust controls not only over direct sales but throughout the distribution chain.
One area of growing concern is OFAC’s 50% Rule, which extends sanctions restrictions to entities not explicitly listed but more than 50% owned—individually or cumulatively—by sanctioned parties. Further, as this case highlights, even routine transactions—such as supplying spare parts—can pose significant risks for companies if diligence and screening are not performed consistently. Ultimately, the Haas matter demonstrates the need to anticipate and adapt to policy shifts driven by geopolitics—an imperative for long-term business success and shareholder value.
1. Inside Haas’s Distribution Model
Haas is a private manufacturer of machine tools (including Computer Numerical Control (“CNC”) machines) and associated parts. Rather than selling CNC machines directly to end customers, it relies on a “Haas Factory Outlet” (“HFO”) model. HFOs, which are independent third-party distributors, sell and service Haas machines in specific regions. Typically, customers place orders for machine parts or service with the relevant HFO, and that HFO, in turn, obtains parts or services from Haas via an online ordering portal.
Through this portal, Haas knows the identity of the customer for each order, and HFOs can review documents, payment records, and generate purchase orders.
2. BIS Allegations: Entity List Violations and EEI Misstatements
Sales to Entity List Parties
Haas sold machine tool parts classified as EAR99—primarily lower-technology items (e.g., gearboxes, dual-battery replacement kits)—to certain authorized distributors, which used them to service previously sold Haas CNC machines owned by parties on the Entity List. These transactions involved six listed entities in China and two in Russia. Under the Export Administration Regulations (EAR), a license is required to export or reexport even EAR99 items to customers on the Entity List.
Dual-Use Nature of CNC Machines
A CNC machine is a motorized, computer-controlled tool (often paired with a motorized maneuverable platform) that follows precise input instructions. Under U.S. law, CNC machines are considered “dual use” because they have both civilian and military applications. When combined with specialized tooling, a CNC machine can produce anything from a metal water bottle to a gun barrel and firing pin using a metal block.
Customer Screening Practices
Haas conducts manual screening for restricted-party risks—including checks against the Entity List—under these circumstances:
When first exporting a CNC machine through an HFO,
When a customer requests a name change, or
When Haas becomes aware of a change to a customer’s name or address.
However, Haas did not consistently re-screen customers when supplying parts to service previously exported machines. Regulators expect a risk-based approach to export compliance, particularly in high-risk markets where new designations and ownership changes occur frequently; inadequate screening can quickly lead to violations.
Specific Violations Involving Exports to China and Russia
Between April 2019 and March 2024, Haas sold EAR99 parts on 32 occasions to service machines owned by six Entity List parties in China. Between January 2020 and November 2021, Haas also sold EAR99 parts on nine occasions to service machines owned by two Entity List parties in Russia.
Inaccurate or Incomplete Electronic Export Information (“EEI”) Filings
Between November 2021 and May 2022, Haas’s Russian distributor submitted inaccurate and incomplete EEIs for multiple exports to Russia. An EEI is an electronic declaration of goods leaving the United States—filed through the Census Bureau’s Automated Export System—that details the exporter, recipient, and goods. Although the distributor’s freight forwarder handled the submission, Haas, as the U.S. Principal Party in Interest (USPPI), never obtained the written authorization necessary to shift export compliance responsibilities to the Foreign Principal Party in Interest (FPPI) under a “routed export transaction.” Consequently, Haas remained fully liable for ensuring EEI accuracy. BIS viewed these filing errors as an aggravating factor, emphasizing that inaccuracies can seriously hinder the government’s ability to monitor controlled exports.
3. OFAC Allegations: The Hidden Risks of Indirect Exports
Indirect Exports via Abamet
Between August 19, 2019, and February 9, 2022, Haas—through its distributor Abamet—indirectly exported one CNC machine and 13 spare parts orders (totaling approximately $98,000) to or for the benefit of six entities sanctioned under Executive Orders 13661 and 13662. Of these six entities, one was listed on OFAC’s Specially Designated Nationals (SDN) List, while five were owned (directly or indirectly) at least 50% by SDN-listed parties. Under OFAC’s “50% Rule,” any entity owned 50% or more by SDNs is considered blocked, even if not individually listed.
Provision of Financial Unlock Codes
On seven occasions, between December 23, 2019, and March 22, 2022, Abamet obtained financial unlock codes from Haas for machines owned by five sanctioned entities. These codes override automatic shutdown features, thus enabling indefinite machine operation. By supplying them, Haas indirectly allowed blocked entities to continue using their CNC machines.
Parts Sales and Codes for Blocked Entities
In total, Haas sold parts to—or Abamet obtained codes from Haas on behalf of—eight blocked entities, seven of which were deemed blocked due to SDN ownership of 50% or more. This arrangement allowed sanctioned parties continued access to key machine functionality.
Aggravating Factors and Voluntary Disclosure
OFAC deemed Haas’s lack of due care in a high-risk environment an aggravating factor. Further, although Haas disclosed certain details to OFAC, it did not qualify as a voluntary self-disclosure (VSD) because BIS had already initiated an investigation. A VSD carries penalty-reduction benefits only if OFAC learns of potential sanctions violations before the government becomes aware. Since BIS—albeit a separate agency—was already aware of Haas’s conduct, OFAC concluded that prior government knowledge existed and denied additional mitigation credit.
4. Settlement Terms and Mitigation
Haas agreed to pay $1,500,000 to the BIS and $1,044,781 to OFAC. As part of the BIS settlement, Haas must also complete two sequential 12-month audits of its export controls compliance program, conducted by a third party in “substantial compliance” with BIS’s Export Compliance Program (ECP) sample audit module.
Both agencies cited Haas’s cooperation, lack of prior misconduct, and prompt remedial measures as mitigating factors. OFAC specifically noted Haas’s hiring of additional compliance personnel, stronger compliance policies, a new denied-party screening tool, expanded training requirements, and an audit procedure for high-risk distributors. These steps reduced Haas’s liability and highlight the importance of proactive remediation.
5. Key Compliance Takeaways
Third-Party Risk
This enforcement action shows how a U.S. company can be implicated by the export and sanctions risks of its distribution chain. It is critical to ensure that all third parties understand and comply with applicable trade laws to avoid exposing the company to significant liability.
Global Reach of U.S. Export Laws
Many foreign businesses do not fully recognize that U.S. export controls apply globally to U.S.-origin items. Additionally, under the Foreign Direct Product Rule (“FDPR”)—as previously discussed—U.S. export controls also extend to foreign-made products incorporating certain U.S. technology or software, further increasing the risk for foreign businesses and highlighting the need for them to be educated on U.S. export law.
Continuous Screening and Ownership Complexities
According to OFAC, Haas failed to adequately evaluate certain customers’ ownership structures. In high-risk jurisdictions, including China and Russia, where restricted-party designations and corporate ownership can shift rapidly, regular re-screening and robust internal processes are essential—especially for follow-on transactions, spare parts orders, and service provision. Haas's oversight highlights that companies must go beyond surface-level checks to avoid sanctions violations.
EEI Filings as a Key Trigger
Errors in EEI filings are easy for regulators to detect and often serve as the starting point for any BIS investigation into export violations. From a policy standpoint, BIS takes these violations very seriously because misstatements in EEI submissions hinder its ability to regulate controlled exports and further national security goals. Two practical steps to mitigate this risk include:
Auditing EEI records submitted by third parties on the company’s behalf.
Considering a “routed transaction” with written authorization if a foreign customer assumes responsibility for export filings.
Risk-Based Approach and Remediation
Haas’s issues stemmed from inadequate screening for parts sales, insufficient oversight of distributor-filed export documentation, and providing unlock codes to sanctioned entities. While re-screening every transaction may not always be necessary, this case underscores that in high-risk jurisdictions, a heightened approach is warranted.
6. The Road Ahead: Where Business, Law, and Geopolitics Converge
Beyond Haas’s immediate implications, this case illustrates the growing convergence of business, law, and geopolitics. In today’s interconnected world, geopolitical instability—fueled by trade tensions, regulatory shifts, regional conflicts, and political polarization—poses a defining challenge for a company’s operations. To manage these risks effectively, companies can:
Enhance due diligence across distributors and supply chains,
Provide targeted training for employees and partners on trade compliance, and
Depending on the risk profile, engage in scenario planning to anticipate policy shifts or emerging sanctions regimes.
Legal teams must serve as both legal experts and geopolitical strategists, capable of analyzing fast-changing environments. This responsibility includes:
Implementing contingency plans and comprehensive geopolitical risk assessments,
Conducting thorough risk reviews of products and distributor relationships, and
Keeping boards and senior management proactive on trade-related risks.
By prioritizing geopolitical risk analysis, companies can better anticipate policy changes, renegotiate contracts as needed, and adapt swiftly to evolving trade landscapes. Those with robust compliance measures and a broad geopolitical perspective will be best positioned for success.
Taken together, the OFAC and BIS settlements with Haas highlight the high stakes of export controls and sanctions—particularly in high-risk jurisdictions like China. Vigilant compliance is essential where distributors or intermediaries are involved. This enforcement action also underscores that ultimate responsibility for record-keeping, due diligence, and screening rests with U.S. suppliers.
Ultimately, this case serves as a call for global businesses to strengthen compliance frameworks, ensure consistent training, and rigorously audit third-party conduct. In today’s volatile trade environment, legal teams can no longer limit themselves to traditional legal advice; they must adopt a proactive stance that integrates geopolitical risk analysis into every step. By embracing this paradigm—where strategy, law, and geopolitics intersect—companies will be better positioned to navigate modern trade complexities and protect long-term shareholder value.
Disclaimer: The views expressed here are solely my own and do not represent the positions of my employer. They do not constitute legal advice nor create an attorney–client relationship.