Module Three - Regulation and Compliance

  • Australia's Compliance Philosophy
  • Penalties for Non-Compliance
  • The Risk Of Diversion
  • Cyber Security
  • Red Flags

The Australian Government, individuals, and organisations need to work together to implement effective measures to ensure that Australia responsibly exports goods, software and technology that could assist the proliferation of conventional weapons and weapons of mass destruction (WMD - nuclear, chemical and biological weapons and their means of delivery).

Australia's legislative controls on the export, supply, publication and brokering of proliferation-sensitive goods, software and technology contribute to this key counter-proliferation objective.

Organisations can implement an internal export control compliance program to assist them to meet their obligations under Australia's export control legislation. An effective export control compliance program will assist an organisation to:

  • comply with its legal obligations;
  • promote a positive image;
  • mitigate the prospect of penalties;
  • ensure a strong risk management system within the organisation; and
  • most importantly, contribute to Australia's efforts to reduce the proliferation of weapons.

We also have further information about establishing an internal compliance program which may be helpful.


We know that mistakes happen! From time to time people may identify that they have exported or supplied goods, software or technology without a permit, or have incorrectly used a permit. If this happens, you should notify DEC as soon as possible.

DEC takes a graduated approach to compliance. It is in DEC's best interest for Australian exporters to be both willing and able to comply with export controls. Therefore, DEC's focus is on working with exporters to prevent and address compliance breaches. Repeated non-compliance can result in permits being subject to stronger compliance conditions, revocation of permits, or referral for criminal prosecution.

Tips for establishing and implementing export control compliance policies and procedures can be found on the Compliance page on DEC's website.

Australia's export controls are implemented through the Customs Act 1901 and the Customs (Prohibited Exports) Regulations 1958, and there are penalties for non-compliance with these controls.

The penalties for breaches of the Customs Act 1901 include:

  • The unlawful export of controlled goods specified in the DSGL is subject to a maximum fine of 2,500 penalty units or imprisonment for 10 years, or both.
  • In addition the goods may be seized and forfeited to the Commonwealth. There are also penalties for giving false information when applying for a permit or licence.

The penalties for breaches of the Weapons of Mass Destruction (Prevention of Proliferation) Act 1995 include:

  • A penalty of imprisonment for up to 8 years.
  • Any attempt to export goods can result in forfeiture of those goods.

For breaches relating to Sanctions (implemented under the Customs Act 1901) penalties apply to individuals and the body corporate and can include imprisonment of up to 10 years or a fine.

Under the Criminal Code Act 1995 any person who makes a false or misleading statement in an application for a permit, licence or certificate may:

  • Be prosecuted for an offence under Section 136.1 of the Criminal Code Act 1995; and
  • If convicted face a maximum penalty of 1 year imprisonment and/or a fine of $6,600 for an individual, or $33,000 for a corporation.

Under the Defence Trade Controls Act 2012, the offence provisions for supplying and publishing DSGL technology and for brokering DSGL goods and technology came into force on 2 April 2016. They will not be applied retrospectively.

Exporters need to be aware that they can be targeted by proliferators seeking access to defence and strategic goods and technologies.

It is our combined responsibility to be aware of the risks and to have the ability to identify how controlled goods and technologies could be diverted from their intended destination or end-use by criminal means.

It is imperative that we all work together to protect defence and strategic goods, technologies and services from illegitimate use.

The Risk of Diversion - denial lists

Some governments publish lists of entities that are known to be associated with illicit procurement activities.

The Australian Government, through the Department of Foreign Affairs and Trade, publishes a list of entities subject to various UN Sanctions on its sanctions webpage.

The United States Government publishes several lists of entities of concern. Some of these prohibit interactions and others simply highlight that the end user or party to the transaction may be suspicious.

The Risk of Diversion - How do we know?

To mitigate diversion risks, checks should be done routinely, including: checking freight forwarding companies, intermediate consignees, and the ultimate consignee or end user.

Management and staff should commit to addressing proliferation risks through strict application and implementation of export control requirements and in establishing protections for intellectual property and protections for information and communication technology.

The most common method of accomplishing this is through the creation of an effective internal compliance program, or ICP. An ICP is an arrangement which a company uses to ensure it is completing legal transactions, operating in accordance with the legislation and complying with company export policies.

An effective ICP should be based on a number of principles, including:

  • developing contacts and good relationships between the company and export agencies;
  • remaining informed of updates to the Government's export control laws and regulations;
  • centralising export-related questions and issues;
  • standardising procedures;
  • providing early warning and screening of all enquires and orders;
  • generating coherent and complete documentation of all sensitive export transactions; and
  • training all employees engaged, either directly or indirectly, with exports.

It is important to acknowledge that online threats now constitute one of our top-tier national security priorities.

Organised crime networks are increasingly using information and communication technologies to facilitate their illegal activities, particularly in relation to identifying advances in defence and strategic goods and technologies.

It is important in this context to ensure that exporters operate secure and resilient information and communications technology to protect the integrity of their operations.

Australian exporters particularly should remain vigilant and informed about online threats and how their own actions can be the first line of defence.

The vast majority of activities are legitimate. However, there are those who attempt to procure or divert controlled goods and activities to WMD or military programs of concern.

Certain red flags can lead you to suspect a transaction. For example:

  • the consignee or end-user is found on list of denied persons;
  • the customer is reluctant to provide end-use or end-user information;
  • requests from nationals of countries suspected of proliferation activity seeking work or research assistance in areas with potential WMD application;
  • requests from nationals of such countries to attend conferences or seminars; or
  • requests from unknown entities for help and advice in a specific area of technology or technical process.

You must notify your institutional compliance team if you have a suspicion of illegal activity.