![[2026 Edition] Customer Due Diligence (End-User Screening) in Practice — How to Cross-Reference the Foreign User List and Entity List](/images/columns/default-column.png)
[2026 Edition] Customer Due Diligence (End-User Screening) in Practice — How to Cross-Reference the Foreign User List and Entity List
This is Hamamoto from TIMEWELL.
"Can we really trust this counterparty?"
When conducting international business, the reliability of your counterparties is critically important. In export control in particular, you have an obligation to verify that counterparties are not organizations involved in the development of weapons of mass destruction or military institutions.
Failing to carry out this verification creates risk of violating Japan's Foreign Exchange Act — and "I didn't know" will not be accepted as a defense.
This article explains the specific methods for customer due diligence (end-user screening / customer screening) in practical terms, including how to use Japan's Foreign User List and the U.S. Entity List.
Summary (What You'll Learn from This Article)
- Obligation to conduct customer due diligence: Exporters are required to verify intended end-use and end-user
- Foreign User List: METI's list of organizations of concern (748 entities)
- Entity List: The U.S. BIS-managed list of export-restricted parties
- How to conduct investigations: Combining list cross-referencing, web research, and direct verification
- The scale of the task: Cross-referencing multiple lists, multilingual handling — a massive workload
Table of Contents
- What Is Customer Due Diligence (End-User Screening)?
- Why Is Customer Due Diligence Necessary?
- How to Use the Foreign User List
- The U.S. Entity List and Consolidated Screening List
- Step-by-Step Customer Due Diligence Process
- How to Identify Suspicious Transactions (Red Flags)
- How to Streamline Customer Due Diligence with AI
What Is Customer Due Diligence (End-User Screening)?
Definition
Customer due diligence (end-user screening) is the process of verifying the intended end-use and end-user of exported goods or provided technology, and reviewing whether any national security concerns exist.
In English this is also called "Customer Due Diligence," "End-User Screening," or "Customer Screening."
Three Elements to Verify
Customer due diligence involves verifying three elements:
| Element | What to verify |
|---|---|
| End-Use | What the exported item will be used for |
| End-User | The organization or individual who will actually use it |
| Intermediary | Trading companies or agents in the transaction chain |
Where Customer Due Diligence Fits in Export Control
Customer due diligence occupies the following position in the export control process:
[Step 1] Export Classification (List Control Check)
↓
[Step 2] Customer Due Diligence (End-Use and End-User Verification) ← Here
↓
[Step 3] Determining Whether a License Application Is Required
↓
[Step 4] Export and Shipment Control
How to solve export compliance challenges?
Learn about TRAFEED (formerly ZEROCK ExCHECK) features and implementation benefits in our materials.
Why Is Customer Due Diligence Necessary?
Legal Obligation
Japan's Foreign Exchange and Foreign Trade Act (FEFTA) imposes a duty to verify intended use and end-user on exporters.
Under catch-all controls in particular, a license application is required in two cases:
| Requirement | Content |
|---|---|
| Objective requirement (Inform) | When notified by the Minister of Economy, Trade and Industry |
| Subjective requirement (Catch) | When the exporter itself becomes aware of a concern |
In other words, "I didn't know" is not a defense. Failing to investigate what you should have investigated is itself a problem.
Risks if Violated
Exporting to a party of concern without conducting proper due diligence creates the following risks:
| Risk | Content |
|---|---|
| Criminal penalties | Up to 10 years imprisonment, fines up to 1 billion yen (for corporations) |
| Administrative sanctions | Export ban for up to 3 years, public disclosure of company name |
| Reputational damage | Collapse of social credibility |
| Transaction termination | Major business partners terminating transactions |
Liability Even for Negligence
FEFTA violations are subject to administrative sanctions even when they result from negligence. "I trusted the counterparty" or "I had no means to check" are not valid defenses.
How to Use the Foreign User List
What Is the Foreign User List?
The Foreign User List is a list published by Japan's Ministry of Economy, Trade and Industry (METI) identifying "overseas entities where concerns about the development of weapons of mass destruction have not been dispelled."
| Item | Details |
|---|---|
| Jurisdiction | Ministry of Economy, Trade and Industry (METI) |
| Number of entries | 748 entities (as of September 2025 revision) |
| Covered countries | 15 countries and regions |
| Update frequency | As needed (revised several times per year) |
Countries and Regions on the List
Major countries and regions represented include:
- China
- North Korea
- Iran
- Pakistan
- India
- Syria
- Russia (added)
- Others
How to Use the List
Step 1: Download from METI's website
The Foreign User List can be downloaded free of charge from METI's website.
Step 2: Cross-reference counterparty names
Cross-reference the names of your counterparties against the organization names on the list.
Step 3: Watch for name variations
Be alert to name variations such as:
| Pattern | Example |
|---|---|
| Language differences | English name vs. local language name |
| Abbreviations | University → Univ. |
| Old/new names | Organizations that have changed their names |
| Affiliated organizations | Subsidiaries, affiliated institutions |
How to Respond if a Match Is Found
Exporting to an organization on the Foreign User List requires a license application, unless it is clear that the export will not be used for the development of weapons of mass destruction.
The U.S. Entity List and Consolidated Screening List
Why You Also Need to Check U.S. Lists
Under Japanese law, the only list that Japanese exporters are legally required to check is the Foreign User List.
However, checking U.S. lists is also recommended for the following reasons:
| Reason | Content |
|---|---|
| Secondary sanctions risk | Sanctions from the U.S. for transacting with U.S.-sanctioned parties |
| Re-export of U.S.-origin items | Products containing U.S. components are subject to U.S. law |
| Counterparty reliability | Appearance on a U.S. list is a warning signal |
| Global standard | Many companies check U.S. lists as a matter of course |
What Is the Entity List?
The Entity List is a list of export-controlled parties maintained by the U.S. Department of Commerce's Bureau of Industry and Security (BIS).
| Item | Details |
|---|---|
| Jurisdiction | U.S. Department of Commerce (BIS) |
| Number of entries | Hundreds of organizations |
| Effect | Export prohibition for U.S.-origin goods and technology |
| Update frequency | As needed |
The Consolidated Screening List
The Consolidated Screening List is a "unified screening list" provided by the U.S. government.
It allows cross-search across multiple regulatory lists, enabling efficient verification:
| Lists Included | Administering Agency |
|---|---|
| Entity List | Department of Commerce (BIS) |
| SDN List | Department of the Treasury (OFAC) |
| Denied Persons List | Department of Commerce (BIS) |
| Unverified List | Department of Commerce (BIS) |
| Military End User List | Department of Commerce (BIS) |
| Others | Department of State, etc. |
How to Check
The U.S. government provides an online searchable tool:
- Access the Consolidated Screening List website
- Enter the counterparty name
- If a hit is returned, verify the details
Step-by-Step Customer Due Diligence Process
Overview of the Investigation Flow
[Step 1] Collect Basic Information
↓
[Step 2] Cross-Reference with Regulatory Lists
↓
[Step 3] Additional Research (Web research, etc.)
↓
[Step 4] Direct Verification (if needed)
↓
[Step 5] Determination and Documentation
Step 1: Collect Basic Information
First, collect the following information about the counterparty:
| Item | Content |
|---|---|
| Legal name | Corporate name (local language and English) |
| Location | Country, city, address |
| Industry | Business activities |
| Representatives | Executives, key persons |
| End-use | Intended purpose of the exported item |
Step 2: Cross-Reference with Regulatory Lists
Cross-reference against the following lists:
| List | Purpose |
|---|---|
| Foreign User List | Japanese legal obligation |
| Entity List | U.S. regulatory risk |
| SDN List | Sanctions target verification |
| UN Sanctions List | International sanctions verification |
Step 3: Additional Research (Web Research, etc.)
Even if not on any list, conduct the following additional research:
| Research method | What to check |
|---|---|
| Official website | Business activities, customers, business partners |
| News search | Presence of negative news |
| Registration information | Verify existence as a legal entity |
| Industry information | Reputation in the industry |
Step 4: Direct Verification (if needed)
If concerns remain, verify directly with the counterparty:
| Item to verify | Specific questions |
|---|---|
| End-use | "What purpose will the product be used for?" |
| Re-export | "Do you plan to re-export to any third countries?" |
| Military connections | "Do you transact with military or military-affiliated institutions?" |
| Declaration | Obtain a declaration regarding end-use and re-export |
Step 5: Determination and Documentation
Based on the investigation results, determine whether the transaction can proceed and create a record:
| Determination | Action |
|---|---|
| No concerns | Proceed with transaction; retain records |
| Concerns present | Request additional clarification; consider license application |
| Cannot proceed | Halt the transaction |
How to Identify Suspicious Transactions (Red Flags)
What Are Red Flags?
Red flags are warning signs indicating that a transaction may have national security concerns.
If any of the following signs are present, additional investigation is required.
Red Flags Related to the End-User
| Sign | Details |
|---|---|
| Company information unclear | No website; business activities unknown |
| Potential military connection | Relationship with Ministry of Defense, military, or military research institutions |
| Connection to listed organizations | Subsidiary or affiliate of an entity of concern |
| Suspicious location | Possible shell company |
Red Flags Related to End-Use
| Sign | Details |
|---|---|
| Cannot explain intended use | "I can't say what it's for" |
| Use and product do not match | Agricultural company purchasing high-performance measuring instruments |
| Excessive quantities | Orders disproportionately large relative to the scale of operations |
| Declining technical support | "We don't need any support" |
Red Flags Related to Transaction Conditions
| Sign | Details |
|---|---|
| Cash payment | Paying cash for high-value products |
| Unusual pricing | Willing to pay far above market price |
| Urgent ordering | "Please ship immediately" |
| Avoiding documentation | "No contract needed" |
Red Flags Related to Shipping
| Sign | Details |
|---|---|
| Shipping destination mismatch | Ordering entity and shipping destination are in different countries |
| Routing through free zones | Transit through regions with lax regulations |
| Multiple transit points | Unnecessarily complex routing |
| Special packaging requests | "Please package it so it won't stand out" |
How to Streamline Customer Due Diligence with AI
Challenges in Customer Due Diligence
Customer due diligence involves the following challenges:
| Challenge | Details |
|---|---|
| Multiple list cross-referencing | Foreign User List, Entity List, SDN List, etc. |
| Name variation handling | Multiple languages, abbreviations, old and new names |
| Identifying affiliated organizations | Tracking subsidiaries and affiliated institutions |
| Keeping up with list updates | Following frequent revisions |
| Enormous volume | All new and ongoing transactions must be covered |
There are real limits to what can be done manually.
The Reality of Investigation Workload
Estimated time per customer due diligence investigation:
| Task | Time required |
|---|---|
| Basic information collection | 15–30 minutes |
| List cross-referencing (multiple) | 30 minutes – 1 hour |
| Web research | 30 minutes – 1 hour |
| Documentation | 15–30 minutes |
| Total | 1.5–3 hours per case |
With 100 new counterparties per month, that's 150–300 hours per month.
How TRAFEED (formerly ZEROCK ExCHECK) Solves This
TRAFEED (formerly ZEROCK ExCHECK) is an export control-specialized AI agent that automates customer due diligence.
| Function | Content |
|---|---|
| Multi-list screening | Batch screening across multiple lists |
| Name variation handling | Automatically detects similar names |
| Affiliated organization detection | Automatically identifies subsidiaries and affiliated institutions |
| Real-time updates | Automatically reflects list revisions |
| Automated report generation | Automatically creates investigation records |
Results After Adoption
| Metric | Impact |
|---|---|
| Investigation time | 90% reduction (3 hours → 20 minutes) |
| Missed checks | Zero |
| List update response | Real-time |
| Record management | Automated |
Lists Covered by Screening
TRAFEED (formerly ZEROCK ExCHECK) integrates screening across the following lists:
| List | Country/Agency |
|---|---|
| Foreign User List | Japan (METI) |
| Entity List | United States (BIS) |
| SDN List | United States (OFAC) |
| Denied Persons List | United States (BIS) |
| Military End User List | United States (BIS) |
| UN Sanctions List | United Nations |
Conclusion
Key Points for Customer Due Diligence
- Legal obligation: Exporters are required to verify intended use and end-user
- Check multiple lists: Foreign User List + U.S. lists
- Additional research: Even if not on lists, verify that no concerns exist
- Red flags: Suspicious transactions require additional investigation
- Retain records: Document and retain all investigation results
What Companies Must Do
- Establish a customer due diligence process
- Conduct list cross-referencing without gaps
- Train employees to recognize red flags
- Retain investigation records appropriately
- Be prepared — "I didn't know" is not a defense
The Reality of Due Diligence Work
- 1.5–3 hours of work per case
- Multiple lists, multiple languages, name variation handling
- Keeping up with frequent list updates
- Manual processes alone have real limits
TIMEWELL Customer Due Diligence Support
TIMEWELL offers solutions to streamline customer due diligence (customer screening).
Consult About TRAFEED (formerly ZEROCK ExCHECK)
- Implementation consultation: Diagnose your company's current due diligence process
- Demo: Experience AI-powered screening
- Customization: Optimization tailored to your industry and transaction patterns
"Is this company safe? AI delivers the answer."
For questions about streamlining customer due diligence, please feel free to reach out.
Reference Information
- METI Foreign User List
- U.S. BIS Entity List
- Consolidated Screening List
- CISTEC Transaction Screening
Related Articles
- 2024 Edition: What Is Export Classification? A Complete Guide from Basics to Practice
- Vertical Integration and Technological Innovation in Next-Generation Mining: The Challenge of Securing Critical Mineral Supply
- Defense Innovation at the Front Lines: DIU and Applied Intuition on Closing the Technology Gap and Future Defense Strategy