NASSCOM’s Feedback on MeitY’s Draft ITT Handbook & ICP Guide
Blog: NASSCOM Official Blog
On 26 June, NASSCOM submitted its feedback to the Ministry of Electronics & Information Technology (MeitY) on the draft Handbook on Intangible Technology Transfer (ITT) Control (‘draft ITT Handbook’) and the draft Internal Compliance Program (ICP) Guide.
Draft ITT Handbook
The objective behind the draft ITT Handbook is to make exporters of Special Chemicals, Organisms, Materials, Equipment and Technologies (SCOMET) items in India aware of their export control obligations. The draft ITT Handbook is based on MeitY’s draft Approach Paper on ITT Control Mechanism, which NASSCOM had reviewed in June last year (link).
Our main recommendations on the draft ITT Handbook are the following:
- Use of consistent terms: There is a need to align definitions and terminology used in the draft ITT Handbook with the SCOMET List and Wassenaar Arrangement (WA).
- Clarity around visa-vetting requirement: Visa-vetting should be adopted as a control mechanism only in specific scenarios defined by the government. This is for the reason that companies implement sufficient internal security access pertaining to controlled technology for employees, visitors and partners. Embedding visa vetting could potentially restrict the interaction required to support research and development activities for the industry and create additional administrative burden for both the industry and the government.
Draft ICP Guide
MeitY’s draft ICP Guide is aimed at acting as a guiding document for companies to put in place internal controls and measures to ensure that the company complies with export control laws and regulations in the country.
NASSCOM made the following recommendations related to the draft ICP Guide:
- The nature of obligation on exporters should be due diligence: The focus of a company’s ICP Guide should be to verify the end use and end user of an export controlled item in order to address any proliferation concerns. Therefore, the nature of obligation on the exporter should be due diligence. The draft ICP Guide should not place obligations on exporters to carry out a thorough investigation of the buyer, or any inspection.
- Flexibility with respect to organisational structure of a company in implementing ICP: While the draft ICP Guide lays out an organisational structure for a company’s export compliance team, such a structure should not be mandatory. Flexibility in the organisational structure will ensure that a company is able to implement an effective ICP based on the resources available to the company. This will be beneficial especially for start-ups and small and medium enterprises (SMEs).
- Security requirements with respect to sharing of data by cloud: In cases where data is shared by cloud, the draft ICP Guide should not mandate that the decryption keys may be shared by VPN network of company. Instead, the decryption keys may be shared over a ‘secure network’ to ensure adequate security measure. This is because there may exist better alternatives to VPN. Therefore, we suggest the term, ‘secure network’.
- Record keeping obligations should not mandate storing of ‘recording medium’: The requirement to store the ‘recording medium’ may result in an obligation on companies to store its servers in India. To prevent contradiction of any law for the time being in force, the draft ICP Guide should not mandate storing of ‘recording medium’ as part of record-keeping requirements. Instead, we recommend that the company be required to store documents ‘in a retrievable manner’. This will ensure that the company captures all the relevant details of the export transaction without requiring the company to store the ‘recording medium’ in India.
For more information, contact dagarwal[at]nasscom[dot]in and komal[at]nasscom[dot]in