Frequently Asked Questions

346. What kind of due diligence is required for the exportation of fee-based services, software, or hardware authorized by 31 CFR § 560.540?

346 … Due diligence programs should be tailored to the particular risks encountered by exporters. As a general matter, companies selling fee-based services, software, or hardware authorized by 31 CFR § 560.540 should undertake reasonable, risk-based measures designed to ensure that they do not… Read more

315. Will routine payments or fees be subject to sanctions if they are made to a person determined to be a port operator in Iran and if the vessel is carrying non-sanctioned goods?

315 … Any company involved in loading or unloading cargo in Iran should exercise great caution to avoid engaging in transactions with entities designated by the United States, including the Tidewater Middle East Co. which was designated for its involvement in Iran’s proliferation of weapons of mass… Read more

298. For purposes of IFCA, what materials are considered graphite, raw or semi-finished metals?

298 … For purposes of IFCA , we anticipate that regulations to be promulgated will define graphite, raw or semi-finished metals described in section 1245(d) of IFCA to include steels; aluminum metal and its alloys; base metals of single or complex borides of titanium; beryllium metal and its alloys… Read more

436. What do Secure Socket Layers (SSLs), listed in the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications, encompass?

436 … SSLs, as described in category (11) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications (“31 CFR § 560.540 List”) encompass “provisioning and verification software for Secure Socket Layer (SSL) certificates designated EAR99 or classified under ECCN… Read more

437. Are mobile phone accessories and computer accessories and peripherals authorized for export under 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR)?

437 … Yes. Accessories for use in conjunction with hardware specified in categories (1) and (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications (the “31 CFR § 560.540 List), and peripherals for use in conjunction with hardware specified in category (5)… Read more

438. Is the exportation of parts or components for authorized hardware, such as microprocessors, authorized under 31 CFR § 560.540?

438 … No. While the exportation of certain accessories and peripherals specified in categories (1) and (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications is authorized under 31 CFR § 560.540(a)(3), the exportation to Iran of hardware parts or components… Read more

439. Does 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR) authorize the export of bundled software that includes both software authorized by § 560.540 and software that is not authorized by § 560.540?

439 … No. To qualify for 31 CFR § 560.540 , all individual software items in a bundled package must fall within one of the 31 CFR § 560.540 authorizations. If some software in a bundled package is authorized by 31 CFR § 560.540 but other software is not, the portion of the software falling… Read more

440. 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR) authorize the exportation to Iran of fee-based desktop publishing software and productivity software suites used to publish documents, presentations, spreadsheets, charts, music, movies, and digital images?

440 … Yes. Fee-based desktop publishing software and productivity software suites have been determined to fall within the scope of fee-based software that enables services incident to the exchange of communications as described in 31 CFR § 560.540(a)(2) , provided that the software meets the… Read more

441. Does 31 CFR § 560.540 of the Iranian Transactions and Sanctions Regulations (ITSR) authorize the provision of fee-based cloud computing services to Iran?

441 … Yes. Section 560.540(a)(1) of the ITSR authorizes the provision to Iran of fee-based cloud computing services that support the exchange of communications over the internet. In addition, paragraph (a)(2)(i) of 31 CFR § 560.540 authorizes the provision to Iran of software that is incident to… Read more

442. For purposes of category (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications, what would be considered “software required for effective consumer use” of personal computing devices, laptops, and tablets?

442 … “Software required for effective consumer use” consists of software essential to the operation of the hardware listed in category (5) of the 31 CFR § 560.540 List of Services, Software, and Hardware Incident to Communications, including, for example, drivers and patches. Operating systems… Read more

Frequently Asked Questions

Office of Terrorism and Financial Intelligence