Defence Export Controls (DEC) is committed to working with exporters to help them fulfil their responsibilities under Australia’s export control legislation. Exporters must:

  • apply for approval from DEC before undertaking controlled activities (i.e. activities subject to Australia’s export controls);
  • provide accurate information to DEC in the course of an application;
  • conduct activities in accordance with the terms of permits, licences or broker registrations issued by DEC;
  • handle, store and transfer goods in accordance with prescribed conditions;
  • maintain detailed and accurate records of transfers under permits, licences and Australian Community Membership, in accordance with legislative requirements;
  • report transfers to DEC where required by a permit condition or as part of Australian Community Membership; and
  • advise DEC of any changes in circumstances that may affect Australian Community Membership, broker registrations, permits or licences.

Fulfilling these responsibilities requires a commitment by exporters to develop their understanding of how Australia’s export controls system applies to their activities. It is also important for exporters to pay careful attention to the terms and conditions of approvals issued by DEC.

An Export Control Compliance Program (ECCP) is recommended for organisations who regularly require DEC permissions, to ensure they follow best practice for compliance. An ECCP typically includes a set of procedures an organisation's employees or members must follow before any controlled activities (like export or supply) take place.

The following elements are commonly found in effective ECCPs:

An effective ECCP will designate an area of the organisation to hold operational responsibility for export control compliance. Organisations may choose to establish a stand-alone unit or assign additional export control responsibilities to an existing position or positions. This unit or position is referred to in this guidance as the ‘export control compliance area’. An organisation's export control compliance area may be tasked with the responsibility to:

  • develop, implement, maintain and improve export control compliance policies and procedures which are endorsed by senior representatives of the organisation and promoted to all employees and members;
  • ensure employees or members are aware of their own export control compliance responsibilities and of the internal policies and processes for compliance within their organisation;
  • provide regular export control compliance training to employees or members and record training completion;
  • remain informed and up-to-date with current export control laws, regulations, directions or guidance from DEC, and communicate updates to employees or members;
  • centralise export-related questions and issues through the export control compliance area to enable it to act as a conduit between the organisation and DEC;
  • establish a regular audit system to confirm that the export control compliance policy and procedures are implemented appropriately and are compliant with relevant Australian laws and regulations, including record-keeping requirements;
  • report export control compliance audit results to senior representatives and take corrective action if and as required; and
  • institute procedures for employees or members to identify and manage suspected non-compliance with export control laws.

An organisation should consider aligning its export control compliance policies and procedures with its strategic and business objectives. Ultimately, an effective system of export controls compliance assists organisations in avoiding delays in project delivery, unanticipated costs associated with supply chain issues, or damage to business relationships. A good ECCP is in an organisation’s best interests.  

Export control compliance areas can develop procedures to establish whether the goods, software or technology are controlled (i.e. listed on the Defence and Strategic Goods List (DSGL)), and whether the export, brokering, supply or publication activity requires a permit. The online DSGL Tool can assist you to determine if items are subject to export controls and whether the export/supply/publication/brokering activity requires a permit.



An organisation's policies and procedures should include due diligence measures to help it establish whether it is dealing with legitimate end users who will use the exported or supplied items for legitimate purposes.  This principle is sometimes referred to as ‘know your customer'. Exporters should take reasonable steps to screen consignees, end users, and overseas collaborators to establish, as far as possible, that the goods, software or technology will be used for legitimate purposes.  This could be done by checking that the goods, software or technology are consistent with the stated end-use and compatible with the recipient's business, and that no other red flags are raised. If any part of a transaction or relationship feels odd or suspicious, you should contact DEC.

There are a number of other measures which an organisation may wish to adopt in establishing and implementing effective compliance policies and procedures. The key to establishing proper compliance for an entity is an awareness of export controls and record-keeping principles, and translating those requirements into simple processes to follow as part of business as usual. Some examples of what to consider would be:

  • Some organisations, for example smaller businesses or research institutions, may choose to share export control compliance resources. A single export control compliance area could be shared across several organisations.
  • An organisation may wish to consider its export controls risk in the context of its risk register.
  • In very large organisations, especially in the university and research sector, it is recommended that the export controls compliance area identify units and individuals within the organisation that are likely to export, supply, broker or publish controlled goods, software or technology and present targeted training tailored to their needs.
  • Where appropriate, business insurance and other agreements could include clauses addressing circumstances of non-compliance with export control requirements.
  • Organisations are encouraged to review their agreements and instruments under negotiation to identify if export controls are relevant.
  • Organisations are encouraged to help each other to comply with export controls legislation (especially within their own supply chains or with other organisations involved in joint projects), as export control non-compliance may delay or stop project delivery.
  • The Australian Industry Group (AIG) has developed an ‘Australian Guide to Export Controls and Best Practices' as a resource to Small and Medium Enterprises, which also includes guidance in complying with United States (US) export controls.
  • There are a variety of online resources available for organisations to use as a starting point to establish their export compliance program, including:

There are also a number of private companies and commercial providers that can assist organisations to establish export control compliance programs and conduct end-user screening for a fee.

DEC aims to help entities to comply with export control legislation. Contact Defence Export Control enquiries if you have any questions.