Latest news with #InternationalTrafficinArmsRegulations
Time Business News
5 days ago
- Business
- Time Business News
Navigating ITAR and RoHS Compliance in PCB Assembly
PCB assemblies are the backbone of modern electronics, powering everything from smartphones to satellites. Yet, behind every successful circuit board assembly lies a complex web of regulations that manufacturers must navigate to ensure both legal operation and market access. In the United States, two of the most critical compliance pillars for turnkey PCB assembly are ITAR (International Traffic in Arms Regulations) and RoHS (Restriction of Hazardous Substances). For PCB assembly providers in the USA, meeting these standards is not just a box-ticking exercise—it is a fundamental requirement for participating in defense, aerospace, and global electronics markets. Compliance impacts every stage of the process, from material sourcing to final shipment. This blog unpacks what ITAR and RoHS mean for circuit board assembly, highlights their key differences, outlines best practices, and addresses common challenges faced by U.S.-based manufacturers. ITAR stands for International Traffic in Arms Regulations, a set of U.S. government rules that control the export and import of defense-related articles and services. The U.S. Department of State, specifically the Directorate of Defense Trade Controls (DDTC), administers ITAR. Its primary goal is to prevent sensitive military technologies from falling into the wrong hands, safeguarding national security. PCB assemblies designed for military, aerospace, and defense applications are often classified as ITAR-controlled. This includes, but is not limited to: Satellite boards Guidance systems RF (radio frequency) modules Any circuit board assembly that is specifically designed for use in defense articles listed on the United States Munitions List (USML) is subject to ITAR. Even technical data, such as fabrication drawings and netlists, can be ITAR-controlled. Registration: Companies must register with the DDTC before engaging in ITAR-related manufacturing or export activities. Companies must register with the DDTC before engaging in ITAR-related manufacturing or export activities. Documentation: Detailed records of all transactions, technical data transfers, and physical movements of ITAR-controlled items must be maintained for audit purposes. Detailed records of all transactions, technical data transfers, and physical movements of ITAR-controlled items must be maintained for audit purposes. Secure Data Handling: Only U.S. persons may access ITAR-controlled data, and secure IT systems are required to prevent unauthorized access. Only U.S. persons may access ITAR-controlled data, and secure IT systems are required to prevent unauthorized access. Export Licensing: Manufacturing or exporting ITAR-controlled PCBs often requires obtaining specific licenses from the U.S. government. Manufacturing or exporting ITAR-controlled PCBs often requires obtaining specific licenses from the U.S. government. Facility and Labor Requirements: Facilities may need export-restricted zones, and all involved personnel must be U.S. persons. This impacts hiring, training, and facility access policies. RoHS stands for Restriction of Hazardous Substances. Originating as an EU directive, RoHS restricts the use of ten hazardous materials—including lead, cadmium, mercury, and certain phthalates—in electrical and electronic equipment. The aim is to reduce environmental impact and health risks associated with electronic waste. Lead-Free Soldering: PCB assembly lines must use lead-free solder alloys, such as tin-silver-copper, and avoid fluxes containing restricted substances. PCB assembly lines must use lead-free solder alloys, such as tin-silver-copper, and avoid fluxes containing restricted substances. Material Selection: All base materials, finishes (e.g., ENIG), and components must be RoHS-compliant. Suppliers must provide documentation confirming this compliance. All base materials, finishes (e.g., ENIG), and components must be RoHS-compliant. Suppliers must provide documentation confirming this compliance. Labelling and Testing: Each shipment of RoHS-compliant circuit boards should include a Certificate of Conformance and clear labelling. X-ray fluorescence (XRF) analyzers may be used to verify the absence of restricted substances. Each shipment of RoHS-compliant circuit boards should include a Certificate of Conformance and clear labelling. X-ray fluorescence (XRF) analyzers may be used to verify the absence of restricted substances. Vendor Compliance: Manufacturers must ensure that all components and materials sourced are RoHS-compliant, often requiring supplier audits and documentation checks. Although RoHS began as an EU regulation, it has been adopted in various forms worldwide. In the U.S., states like California have implemented their own RoHS laws, and the Waste Electrical and Electronic Equipment (WEEE) directive also influences domestic practices. U.S. manufacturers follow RoHS to access international markets and meet global customer expectations. Aspect ITAR RoHS Scope National security, defense, military Environmental health and safety Applicability Military, aerospace, defense sectors Consumer, industrial, all electronics Enforcement U.S. Department of State (DDTC) EU authorities, U.S. state agencies Penalties Severe fines, export bans, prosecution Fines, product recalls, market bans Overlap Possible for military boards exported abroad—may require both ITAR and RoHS compliance (e.g., lead-free military PCB) ITAR: Registration with DDTC, restricted access zones, and secure data systems are mandatory for ITAR-sensitive work. RoHS: Dedicated lead-free manufacturing lines, compliant soldering processes, and regular equipment audits are essential. RoHS: Material declarations, Certificates of Conformance, and batch-level traceability records must be maintained. ITAR: Controlled technical data, access logs, and export documentation are required for every transaction and transfer. ERP/MRP systems help track materials, manage documentation, and ensure traceability for both ITAR and RoHS requirements. Automated reporting aids in conflict mineral tracking and regulatory audits. Always verify a supplier's ITAR registration and RoHS certification. For ITAR-sensitive projects, selecting a U.S.-based turnkey PCB assembly provider is critical to avoid unauthorized foreign access and ensure full regulatory compliance. A U.S. defense contractor requires an RF module for a missile guidance system. Using an offshore supplier could risk unauthorized access to ITAR-controlled designs, resulting in severe penalties. The workflow involves design, secure data transfer, U.S.-person-only assembly, and detailed documentation from design to delivery—all within a registered, secure U.S. facility. A consumer electronics OEM sources components from multiple vendors. To achieve RoHS compliance, the procurement team conducts supplier audits, collects Certificates of Conformance, and ensures lead-free soldering during assembly. Regular testing and documentation are maintained to satisfy EU market requirements. Using Non-Compliant Components: Always verify supplier certifications and test materials if necessary. Always verify supplier certifications and test materials if necessary. Exporting ITAR-Controlled Designs Without Licenses: Never share technical data or products internationally without proper DDTC licensing. Never share technical data or products internationally without proper DDTC licensing. Failing to Document RoHS Conformity: Maintain up-to-date records and Certificates of Conformance for all shipments. Maintain up-to-date records and Certificates of Conformance for all shipments. Relying on Unverified Vendors: Work only with certified, U.S.-based partners for ITAR-sensitive projects and demand RoHS documentation from all suppliers. Integrate Compliance Early: Address ITAR and RoHS requirements during the design phase (DFX approach) to avoid costly redesigns or delays. Address ITAR and RoHS requirements during the design phase (DFX approach) to avoid costly redesigns or delays. Maintain a Vetted Supplier List: Regularly audit and update approved vendors to ensure ongoing compliance. Regularly audit and update approved vendors to ensure ongoing compliance. Train Teams on Regulations: Provide ongoing training for engineering, procurement, and quality teams on evolving ITAR and RoHS rules. Provide ongoing training for engineering, procurement, and quality teams on evolving ITAR and RoHS rules. Monitor Legislative Updates: Stay informed about changes, such as ITAR amendments or RoHS 3 updates, to remain compliant and competitive. Navigating ITAR and RoHS compliance in PCB assembly is not just about avoiding penalties—it is about ensuring access to critical markets, protecting sensitive technologies, and supporting environmental responsibility. For OEMs and manufacturers, working with certified, experienced domestic partners like Star Engineering provides peace of mind and a distinct competitive advantage. Star Engineering offers turnkey PCB assembly solutions that meet the highest standards of ITAR and RoHS compliance. Connect with the Star Engineering team today to ensure every circuit board assembly meets the requirements for quality, security, and global market access. TIME BUSINESS NEWS
AsiaOne
01-07-2025
- AsiaOne
US DOJ announces arrest, indictments in North Korean IT worker scheme, World News
The US Department of Justice and FBI on Monday (June 30) announced an arrest and indictments targeting North Korea's so-called "IT worker" programme, where North Koreans obtain remote IT-related positions at more than 100 US companies, and use that access to steal money and information from a host of companies around the world. The North Korean workers used compromised identities of more than 80 US citizens to obtain remote jobs at more than 100 US companies and caused more than US$3 million (S$3.8 million) in legal fees, remediation and other costs, according to the DOJ. The North Koreans also allegedly stole at least US$900,000 worth of cryptocurrency from one Georgia-based company with their access, along with employer data and source code, including International Traffic in Arms Regulations (ITAR) data, from a California-based defence contractor, the DOJ said. Monday's announcement included one arrest, two indictments, searches of more than two dozen US locations hosting multiple laptops used by remote North Korean workers, and the seizure of financial accounts and websites used by the participants as part of the alleged scheme, according to a DOJ statement. The Permanent Mission of North Korea to the United Nations did not immediately respond to a request for comment. Zhenxing "Danny" Wang and Kejia Wang, both US citizens, were indicted as part of the operation, according to the DOJ. Zhenxing Wang was arrested in New Jersey, while Kejia Wang remains free, a DOJ spokesperson said in an email. An attorney for Zhenxing Wang could not be immediately located. The two men, along with four other unnamed US "facilitators," assisted the North Koreans by procuring and operating laptops used by the overseas workers, created financial accounts to receive money earned by the workers to be sent back to North Korea, and created shell companies to make the workers appear more authentic, according to the DOJ, earning nearly US$700,000 from the scheme for themselves. Federal prosecutors also indicted four Chinese nationals and two Taiwanese nationals for alleged roles in the operation. [[nid:693655]]
Boston Globe
30-06-2025
- Boston Globe
Mass. US Attorney charges 9 with generating more than $5 million for North Korean weapons program
Zhenxing 'Danny' Wang, of Brunswick, N.J. was arrested Monday. He is facing four conspiracy charges for mail and wire fraud, money laundering, identity theft, and causing damage to a protected computer. Advertisement Wang's court hearing in Boston has not yet been scheduled. 'The object of the conspiracies were to gain unauthorized access and cause damage to protected US company computers and computer networks,' the 49-page indictment said. The scheme involved unnamed co-conspirators in New Jersey, New York, California, and overseas, charging documents said. After the defendants got hired for remote jobs and obtained company laptops, they would ship them to Wang, the indictment said. Wang would install remote desktop software on the laptops so that it would appear as though the defendants were performing their work from within the US, prosecutors alleged. Advertisement According to Foley's statement, 'in response to US and UN sanctions, the DPRK government has dispatched thousands of skilled IT workers around the world.' 'The threat posed by DPRK operatives is both real and immediate,' Foley's statement said. 'Thousands of North Korean cyber operatives have been trained and deployed by the regime to blend into the global digital workforce and systematically target U.S. companies.' One of the companies the defendants targeted was a California-based defense contractor. According to the indictment, the defendants stole sensitive documents, source code, and computer files related to US military technology. Some of the information stolen from the contractor included International Traffic in Arms Regulations data, Foley's statement said. 'These schemes target and steal from U.S. companies and are designed to evade sanctions and fund the North Korean regime's illicit programs, including its weapons programs,' John A. Eisenberg, assistant attorney general for the Department of Justice's national security division, said in the statement. The investigation spanned from San Diego to Las Vegas, to New York, to Boston. Investigators searched seven so-called 'laptop farms' at locations in New York, New Jersey and California and recovered more than 70 devices, Foley's statement said. They also seized 21 fraudulent web domains and 29 financial accounts, holding tens of thousands of dollars in funds, 'used to launder revenue for the North Korean regime through remote IT work,' according to Foley's statement. John E. Helsing, of the Department of Defense, said in the statement that 'these indictments should act as a deterrent for individuals and foreign entities attempting to illegally export critical defense information.' Advertisement Along with Wang, the indictment named six Chinese nationals, including two who live in the United Arab Emirates, and two Taiwanese nationals. In Georgia on Monday, an unsealed indictment charged four North Korean nationals with a scheme to steal more than $750,000 in virtual currency and launder it overseas, Foley said in her statement. 'Unlike traditional North Korean IT workers, who usually seek employment with the goal of remitting their salaries back to North Korea, the defendants charged by the Northern District of Georgia allegedly sought employment with virtual currency-related businesses to earn the trust of those businesses and then stole those businesses' virtual assets,' Foley's statement said. The two cases are part of the The initiative is designed to disrupt North Korea's 'illicit revenue generation efforts through remote IT workers, and the U.S.-based individuals who enable them,' prosecutors said. Tonya Alanez can be reached at
The Star
30-06-2025
- The Star
DOJ announces arrest, indictments in North Korean IT worker scheme
FILE PHOTO: Miniatures of people with computers are seen in front of North Korea flag in this illustration taken July 19, 2023. REUTERS/Dado Ruvic/Illustration/File Photo (Reuters) -The U.S. Department of Justice and FBI on Monday announced an arrest and indictments targeting North Korea's so-called 'IT worker' program, where North Koreans obtain remote IT-related positions at more than 100 U.S. companies, and use that access to steal money and information from a host of companies around the world. The North Korean workers used compromised identities of more than 80 U.S. citizens to obtain remote jobs at more than 100 U.S. companies and caused more than $3 million in legal fees, remediation and other costs, according to the DOJ. The North Koreans also allegedly stole at least $900,000 worth of cryptocurrency from one Georgia-based company with their access, along with employer data and source code, including International Traffic in Arms Regulations (ITAR) data, from a California-based defense contractor, the DOJ said. Monday's announcement included one arrest, two indictments, searches of more than two dozen U.S. locations hosting multiple laptops used by remote North Korean workers, and the seizure of financial accounts and websites used by the participants as part of the alleged scheme, according to a DOJ statement. The Permanent Mission of North Korea to the United Nations did not immediately respond to a request for comment. Zhenxing 'Danny' Wang and Kejia Wang, both U.S. citizens, were indicted as part of the operation, according to the DOJ. Zhenxing Wang was arrested in New Jersey, while Kejia Wang remains free, a DOJ spokesperson said in an email. An attorney for ZhenxingWang could not be immediately located. The two men, along with four other unnamed U.S. 'facilitators,' assisted the North Koreans by procuring and operating laptops used by the overseas workers, created financial accounts to receive money earned by the workers to be sent back to North Korea, and created shell companies to make the workers appear more authentic, according to the DOJ, earning nearly $700,000 from the scheme for themselves. Federal prosecutors also indicted four Chinese nationals and two Taiwanese nationals for alleged roles in the operation. (Reporting by AJ Vicens in Detroit; editing by Edward Tobin)
Associated Press
30-06-2025
- Business
- Associated Press
Former Microsoft Assistant General Counsel Scott Wise Joins Crowell & Moring
DENVER, June 30, 2025 /PRNewswire/ -- Scott Wise, most recently assistant general counsel for global trade at Microsoft, has joined Crowell & Moring as a partner in the firm's International Trade Group. During his time at Microsoft, Wise led a consolidated team focusing on export controls, economic sanctions, and outbound investment. He was the lead export controls and economic sanctions attorney for key business groups ranging from emerging technologies including artificial intelligence and quantum computing, to aerospace and defense contracts, to commercial software and gaming. In that role, Wise developed Microsoft's compliance approach to new regulations governing the export of a range of new technologies, including AI, integrated circuits and chips, and quantum computing, which involved coordination between senior government officials and business leaders. 'Scott brings unique in-house and private practice experience to Crowell at a time when export controls are reshaping global markets and disrupting clients' business plans and supply chains,' said Dj Wolff, co-chair of Crowell's International Trade Group. 'Scott's 'in the room' experience working with key decision makers and export controls and sanctions regulators on behalf one of the world's largest technology companies will immediately bolster our export control practice with a perspective virtually no other outside counsel can offer.' At the firm, Wise's practice will focus on export controls, economic sanctions, and outbound investment issues with an emphasis on the emerging technologies space, including working alongside established and start-up companies to develop unique compliance programs that are responsive to the full range of regulations governing the exports of goods and services. Wise also will train and counsel clients on compliance with relevant export control regulations such as the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR). 'Having worked alongside Crowell attorneys for years at Microsoft, I know the quality of the international trade team and their incredible client service in this space,' Wise said. 'When I was considering a return to private practice, it made perfect sense to join Crowell and work with a collaborative and practical group of lawyers to support companies at the forefront of new technologies.' Prior to joining Microsoft, Wise was in private practice at Kelley Drye & Warren and Hughes Hubbard & Reed where he was a member of the International Trade teams. 'Denver is a magnet for companies in the emerging technologies space and Scott's arrival allows us to truly meet the moment with support for clients as they seek to grow their footprint and navigate the ever-changing landscape of trade regulations,' said Andrea Surratt, managing partner of the firm's Denver office. Wise earned his law degree from American University Washington College of Law, a master of laws degree from Georgetown University Law Center, and his bachelor's degree from the University of Oklahoma. About Crowell & Moring LLP Crowell & Moring is an international law firm with operations in the United States, Europe, MENA, and Asia. Drawing on significant government, business, industry, and legal experience, the firm helps clients capitalize on opportunities and provides creative solutions to complex regulatory and policy, litigation, transactional, and intellectual property issues. The firm is consistently recognized for its commitment to pro bono service, as well as its comprehensive programs and initiatives to advance the professional and personal development of all members of the Crowell community. Media Contact: Email: [email protected] View original content to download multimedia: SOURCE Crowell & Moring LLP
