Top 20 FAQs on Export Control Basics
This is Hamamoto from TIMEWELL.
"Does export control even apply to a small company like ours?" "What is export classification?" "What happens if we violate the rules?" Export control is a topic that applies not only to manufacturers and trading companies, but to any company dealing in software or technical services that operates internationally. Yet it is undeniably difficult to approach, filled with unfamiliar terminology.
This article answers 20 basic questions about export control. We start from the very beginning — "why does this exist?" — so newcomers to the topic need not worry.
Export Control Basics
Q1: What is export control, and why is it necessary?
Export control is a framework for managing the export of products and technology that could be diverted to develop weapons or military equipment, in order to maintain international peace and security. In Japan, it is administered under the Foreign Exchange and Foreign Trade Act (FEFTA). Even if you think "our products aren't weapons," a wide range of items is subject to control because civilian goods can be diverted to military purposes. A notable example: in 2007, Yamaha Motor was found to have attempted to illegally export an industrial unmanned helicopter to a Chinese military-related company — a case that made headlines and demonstrated that "civilian products can be controlled items."
Q2: What types of companies need to handle export control?
Exporting products overseas, providing technical information to foreign companies or individuals, or disclosing technology to foreign-national employees or partners — if any of these apply, export control is relevant to you. Frankly, the small and medium-sized enterprises that think "this doesn't apply to us" are often the ones most at risk. Export control applies to a broad range of organizations including manufacturers, IT companies, trading companies, universities, and research institutions.
Q3: What is subject to regulation?
Two broad categories: "goods" and "technology." Goods include machine tools, electronic components, chemical substances, and materials. Technology includes design drawings, manufacturing know-how, software, and experimental data. This is the most confusing part: not only tangible physical goods, but also technical documents sent by email and verbal technical explanations can potentially be subject to regulation.
Q4: What laws govern export control?
Primarily FEFTA and its subordinate regulations — the Export Trade Control Order, the Foreign Exchange Order, and the Ministerial Ordinance on Goods and Technology. Depending on the destination country, the U.S. Export Administration Regulations (EAR) and EU regulations may also apply. Even when exporting from Japan, if U.S.-origin components are included, EAR may govern the export.
How to solve export compliance challenges?
Learn about TRAFEED (formerly ZEROCK ExCHECK) features and implementation benefits in our materials.
Questions About Export Classification
Q5: What is export classification?
Export classification (gaihi hantei) is the process of determining whether a product or technology you intend to export "falls within" (gai) or "does not fall within" (hi) the items regulated by law. It is the most fundamental task in export control and must be performed before every export. If "applicable," a license from the Minister of Economy, Trade and Industry is required; if "non-applicable," no license is needed (though catch-all controls require separate verification). The ability to perform this classification accurately is central to export control compliance. TRAFEED (formerly ZEROCK ExCHECK) uses AI to support this export classification process, dramatically improving the efficiency of cross-referencing against regulatory provisions.
Q6: Who should perform export classification?
It requires collaboration between people who understand the product's technical specifications accurately (the engineering department) and people who understand the legal provisions (the legal / trade compliance department). Technical staff alone struggle to interpret the law; compliance staff alone don't know the product specifications. In many of the companies we work with, this is exactly the bottleneck that causes classification to take far too long.
Q7: How is export classification conducted in practice?
First, organize the product's purpose, functions, and technical specifications. Next, identify the regulatory item numbers that might apply, then cross-reference the regulatory provisions in the Ministerial Ordinance on Goods and Technology against the product specifications. Finally, record and retain the determination. That four-step process is the basic flow. METI's "Goods and Technology Matrix" is a useful starting point for the classification, and with TRAFEED (formerly ZEROCK ExCHECK), AI supports this cross-referencing work, significantly reducing the time required.
Q8: What is an export classification certificate?
A document that records the results of an export classification determination. Most often issued by the manufacturer, it states whether the product "falls within" or "does not fall within" export control regulations. Business partners may request submission of this certificate. It is important that the basis for the determination — which item numbers were checked and why the product was determined to be applicable or non-applicable — is clearly stated.
Q9: What should I do if I'm uncertain about a classification?
You can consult in advance with METI's Security Trade Control Division — free of charge, and they can provide guidance on the direction of a determination. CISTEC also provides information and seminars related to classification. One thing I feel strongly about: please never default to "non-applicable" just because you are unsure. This is the trigger for many actual violation cases.
Questions About Controlled Items
Q10: What specifically are "list-controlled items"?
Items classified under the 15 categories in Annex 1 to the Export Trade Control Order. Category 1 covers weapons; Category 2 covers nuclear-related items; Categories 3–4 cover chemical and biological weapons-related items; Categories 5–9 cover missile-related items; and Categories 10–15 cover advanced technology (dual-use items). Machine tools, encryption devices, sensors, and semiconductor manufacturing equipment are all included among controlled items.
Q11: What are dual-use items?
Products and technology that can be used for both civilian and military purposes. A high-precision machine tool can manufacture automotive components — and also parts for uranium enrichment centrifuges. Even if you think "our product is a civilian good," if its technical specifications exceed the regulatory threshold, it becomes a controlled item.
Q12: Is software also subject to regulation?
Yes. Encryption software, simulation software, CAD/CAM data, and control software can all potentially be subject to regulation. Often overlooked: making technology accessible from overseas via the cloud can also constitute "export" under certain conditions. SaaS companies and IT companies in particular need to pay close attention.
Questions About Penalties and Risk
Q13: What happens if you violate export control rules?
Criminal penalties include imprisonment of up to 10 years, or fines of up to 30 million yen for individuals and up to 1 billion yen for corporations. Administrative sanctions include an export ban of up to 3 years. Violators' names are publicly disclosed on METI's website, which can destroy credibility with business partners. In 2017, Okawara Kako was arrested on suspicion of FEFTA violations (the prosecution was later withdrawn), causing immense damage to the company's operations.
Q14: Does "I didn't know" count as a defense?
No. "I didn't know the law" or "I didn't think it was a controlled item" are not grounds for exemption. All entities that export goods bear an obligation to comply with the law. That is precisely why building an internal framework and maintaining ongoing training are indispensable.
Q15: What are some past violation cases?
Precision measuring instruments exported without a license despite knowing they fell within list controls; a university researcher who provided regulated technology overseas; a company that failed to conduct proper end-use verification under catch-all controls. In 2010, a measuring instrument manufacturer in Yokohama was criminally penalized for exporting a milling machine to Myanmar without a license. In every case, the cause was carelessness or lack of knowledge — no one was intentionally trying to export weapons. That is precisely what makes these cases so alarming.
Questions About Filing and Procedures
Q16: How does the export license application process work?
When export classification results in a "controlled" determination, you must file an export license application with METI. Applications can be submitted electronically via NACCS (Nippon Automated Cargo and Port Consolidated System). Required documents include the export license application, contract, technical specifications, and end-user certificate. The review period is typically two to four weeks.
Q17: What is the difference between a blanket license and an individual license?
A blanket license permits multiple exports collectively when certain conditions are met — for example, when the same product is exported repeatedly. An individual license requires a separate application and license for each transaction. Obtaining a blanket license requires maintaining an appropriate compliance program (CP).
Questions About Internal Compliance Frameworks
Q18: What is a compliance program (CP)?
A CP is an internal set of rules that consolidates all export control procedures. It covers management responsibility, organizational structure, export classification procedures, the transaction screening flow, audit mechanisms, and response to violations. METI and CISTEC both publish model CPs, so there is no need to build one from scratch. Customizing an existing model to fit your company's scale is the way to proceed.
Q19: Do small and medium-sized companies also need to build an internal compliance framework?
If you export, yes — regardless of size. "We're too small" is not a valid position. Simplified model CPs for SMEs are available, and the Japan Chamber of Commerce and Industry and regional chambers of commerce offer free framework-building support. At a minimum, start by designating an export control officer and establishing an export classification workflow.
Q20: Are there ways to make export classification more efficient?
AI is highly effective here. TIMEWELL's TRAFEED (formerly ZEROCK ExCHECK) takes product information as input, and a multi-LLM system cross-references it against regulatory provisions to support the export classification determination. While the final judgment remains with a human, AI handling the initial screening dramatically reduces the time required for classification. With multilingual support, collaboration with overseas offices is also smoother.
Summary
Key points for mastering export control fundamentals:
- Export control applies not only to manufacturers, but to all companies dealing in technology or software
- Export classification is the cornerstone of every export — it requires collaboration between technical and compliance departments
- Violations carry penalties of up to 10 years imprisonment and fines of up to 1 billion yen. "I didn't know" is not a defense
- Building an internal compliance framework (CP) is essential — start by designating a responsible officer and establishing your classification workflow
- AI can be leveraged to make export classification more efficient
The biggest risk in export control is not knowing what you don't know. Start by creating a list of your company's products and technology, and identify which ones require export classification. If you want to streamline that process with AI, TRAFEED (formerly ZEROCK ExCHECK) covers everything from export classification to counterparty screening.
References
- Ministry of Economy, Trade and Industry, "Security Trade Control: Introduction to Export Control," December 2025
- CISTEC, "A Guide to Export Classification," 2025
- JETRO, "Security Trade Control Quick Reference Guide," 2024