Export Control policy
Policy Statement
The UK controls the export of strategic goods or technology via a consolidated list of controlled military and dual use items (civil technology which may be used for military purposes). This means that the University may need an export licence to carry out an activity, which could include research or teaching activity. Controls cover not only tangible goods, but also software, data, technology and knowhow.
In an academic setting, export controls are most likely to apply in relation to scientific and technical research with military, nuclear, chemical, biological, missile and aerospace applications. However all colleagues working in, or closely aligned to, STEM disciplines need to understand export control regulations and ensure that they comply with them.
This Export Control Policy is to ensure that the University, its staff and students remain in full compliance with all the export controls and sanction regulations that apply to their activities, through means which are both effective and proportionate.
A PDF version of the University Export Control policy is available here.
Scope
This policy applies to all those engaged in academic research, knowledge exchange, research commercialisation and teaching activities overseas (including online) - this includes academic staff, researcher staff, PGR students, visiting staff, students and Emeritus professors and professional services staff members whose activities may involve the physical export, electronic transfer, or transfer by any means of goods, software or technology listed within the “export control list” or where “end- use controls” or trade sanctions apply.These controls apply to exports outside the UK (including to the EU). Export controls apply not only to military items but also to ‘dual-use’ civil items with potential military, security or WMD applications in a range of disciplines. The control lists are constantly reviewed, therefore, the UK Strategic Export Control Lists should be consulted to see if controls apply in each instance.
Exemptions
Most universities’ activities are outside export controls since they fall under one or both main exemptions to the regulations:
Detailed information on export control, scope and exemptions can be found on the University Trusted Research and Innovation webpages.
Related policies, processes and guidance
- University Code of Good Practice in Research
- Bring your own device policy
- Data protection and travel guidance
- Due diligence for partners and collaborators on research projects
- Acceptance of funding policy
- Financial sanctions policy
- University Travel Policy
- Trusted Research guidance
Policy Principles
The University is committed to ensuring, in a balanced and proportionate way, that all staff and students remain compliant with all export control regulations that apply to their activities.
To this end the University:
- Will not engage in any activities prohibited by the UK Export Control framework;
- Will take steps to ensure that all staff, postgraduate researchers, visiting staff and visiting students engaged in relevant disciplines are aware of export control considerations and how they apply to their activities. While it is the responsibility of each individual to be familiar with the rules, the University will provide or, where provided elsewhere, signpost to, appropriate training and guidance to assist;
- Will have robust procedures in place for assessing whether export control considerations apply, for all relevant activities (i.e. not just those arising through funded research);
- Will consider applying for appropriate licences for any activities restricted by the UK Export Control framework – or where there are end user concerns - and where such licences are necessary will not undertake such activities until such times as licences are in place;
- Will, where a licence has been granted or the University is receiving export-controlled materials, have robust technical and procedural measures in place to ensure the security of those materials (be it data, technology, software, etc);
- Will proactively manage the University’s UK export control licences and applications; and
- Will conduct annual audits to ensure that these principles are observed.
Governance and responsibilities
Overall responsibility for the University’s compliance with export controls lies with the Pro-Vice Chancellor (International) who acts as the Senior Responsible Owner (SRO) on behalf of the University.
Operational responsibility rests with Research Services (for research and innovation activities) and Legal Services (for all other activities). Representatives from these teams – alongside members of the Global Partnerships Office – form the University National Security Group (“NSG”)
The NSG is responsible for ensuring relevant individuals within the University are made aware of their obligations regarding compliance with regulations. It will provide relevant and up-to-date information on the University’s website, linked to the relevant Government bodies/ external sources of advice which provide detail around export control. The NSG will ensure that guidance and support is provided and that key information has been communicated to staff and Research students, particularly those in discipline areas likely to have greater export control implications. It will also establish a central framework under which audit/ compliance requirements will be met. NSG are responsible for overseeing licence applications for export control on behalf of the University. The University Secretary, the Chief Legal Officer and senior colleagues with Research Services and Legal Services are the University’s account holders for SPIRE, the online export licensing system for the Export Control Joint Unit (ECJU), as well as the Open General Export Licence (OGEL), for export of dual-use items to the EU and only they can seek export licences for the University. The NSG will also responsible for overseeing compliance with any licence conditions.Research Services will monitor all activities arising from externally funded research and innovation grants and contracts, Material Transfer Agreements (MTAs) or research and innovation related Intellectual Property (IP) licencing to enable the University to undertake the appropriate checks on whether export controls may be applicable, and if so, plan for full compliance through application of appropriate provisions. Legal Services will do the same for all other activities, which will include teaching partnerships.
Research Services are responsible for carrying out due diligence as part of establishing engagement with potential new research and innovation partners. They check a wide variety of information on all potential new partners, and check them against the UK, EU and US sanctions lists. The checks are repeated as necessary for existing partners, to address the risk of any being added to a list after the partnership has been established. Information on the due diligence process is included on the Research Services website. The Global Partnerships Office (GPO) (and CQSD in certain circumstances) are responsible for due diligence for teaching and learning focussed partnerships.
Potential export control license applications and any concerns about potential partners will be raised with NSG for further consideration.
Heads of School are responsible for promoting awareness to colleagues within their Schools and ensuring they have an overall understanding of their high-risk research disciplines, in so much as identifying staff and students who will need particular advice and support regarding export control awareness/ training. They are responsible for ensuring risks are included in risk registers as appropriate and ensuring that their staff are aware of their responsibilities.
Principal Investigators (PIs) or Programme Directors (PDs) for teaching and learning programmes in relevant disciplines are responsible for understanding export controls by utilising the guidance provided on the Trusted Research and Innovation webpages. The PI or PD must ensure members of their team fully comply with export controls. It is the PI’s or PD’s responsibility to seek advice from appropriate teams, to apply for and be in receipt of appropriate licences, ahead of any activity being undertaken – this applies to projects regardless of whether they are externally funded or not. They are also responsible for ensuring that there are no accidental export control breaches e.g. via taking material overseas.Procedures
For externally funded research and innovation projects - Research Services will check pre-award (at application or contract initiation stage) whether export control licences would be required for the work or if there are any end use concerns around the funder. This may require the PI to provide further information about the project and/or goods, knowledge or technology being transferred overseas.
For non-externally funded projects – researchers are responsible for ascertaining if export controls may be applicable (using the tools and guidance on the website), contacting the relevant team if they have any queries of concerns. Heads of School must be assured that this is happening.
For T&L projects or partnerships, GPO will carry out preliminary due diligence and consider if export licences may be required or if there are any end use concerns about the partner(s). This will be supported by Legal Services. This will require colleagues involved in the project partnership to provide all information requested.
Guidance and tools (including checklists and training) is available on the Trusted Research and Innovation webpages.
Audits and Violations
Internal audit
NSG shall conduct spot checks on a random sample of exports conducted using an export licence on a quarterly basis. Findings and recommendations shall be shared with appropriate staff and training updated accordingly. Any suspected violations that come to light shall be addressed as set out below.
ECJU audit
The ECJU also conducts regular audits (generally every 3 years) of all organisations in the UK using export licences to ensure that they are complying fully with the regulations, including the conditions of the licences. Serious shortcomings can result in the suspension or withdrawal of licences, or serious financial penalties.
The NSG is responsible for hosting ECJU audits and ensuring effective follow-up to any findings of non-compliance (which may include submitting a voluntary disclosure to HMRC) and recommendations for improvements in the procedures.
Suspected violations
As soon as they become aware, from any source, of a known or suspected violation of sanctions, the NSG shall immediately initiate escalate to the Chief Legal Officer who will then appoint an appropriate investigator. Violations can also be reported via the Whistleblowing procedures.
[1] Export controls do not apply to research in the pursuit of basic scientific knowledge. This is experimental or theoretical work. It is undertaken to solely obtain new knowledge of the fundamental principles of phenomena or observable facts. It is not directed towards a specific practical aim or goal.. It does not apply where there are end-use, end-user or destination concerns.
[2] This is technology or software available without restrictions on its further dissemination. It excludes the normal copyright restrictions that may apply. It is unlikely that undergraduate level courses need to consider export controls. Most of the information and technical data used in teaching such degrees is in the public domain. Therefore the exemption would generally apply.
Research is not in the public domain until it is published and accessible to the public, this means that when sending controlled research oversees for the purpose of peer review or publication it is not yet in the public domain and therefore will require an export licence.