On 11 June 2021, the EU Reg. 2021/821 was published in the Official Journal of the European Union, which enters into force on 9 September 2021 and definitively replaces EC Reg. 428/2009.
This update was deemed necessary on the one hand for the technological developments achieved and on the other for the growing security risks.
The new Regulation updates the exporter and export definitions, also introducing important changes.
Not only the export of dual products but also the intermediation, transit and technical assistance relating to these products are now subject to authorization.
The application of the catch-all clause is also extended (i.e. subjecting to authorization the export of non-listed goods or technologies, in the event that they are used for prohibited purposes), this extension mainly concerns the new technologies of Cyber Surveillance.
Changes in the authorizations concern the introduction of two new general authorizations of the European Union (AGEU): one relating to transfers between companies of the same software and technology Group (AGEU 007) and one for the export of certain control codes in cryptography (AGEU 008). Authorization is then introduced for “large projects” that can be used for the implementation of large-scale projects for a maximum duration of 4 years.
Another important introduction concerns the Internal Compliance Programs that the new Regulation defines as “effective, appropriate and proportionate policies and procedures, adopted by exporters to facilitate compliance with the provisions and objectives of the regulation, as well as the terms and conditions of the authorizations from it. disciplined “, and will be necessary for those who want to apply for a global export authorization