[FY2024 Data] 52% of Foreign Exchange Act Violations Trace Back to Classification Errors - METI Statistics on the 5 Most Common Export Compliance Failures

Hello, I'm Ryuta Hamamoto from TIMEWELL.

52% of foreign exchange act violations trace back to classification errors. That is the figure published by Japan's Ministry of Economy, Trade and Industry (METI) in December 2025, in its analysis of FY2024 violation cases[^meti2024]. More than half of the incidents start at the same step — classification (該非判定) — and yet, in my conversations with export control teams, I keep running into the same contradiction: the report has been read, but operations on the ground haven't changed.

What I see most often when I talk to practitioners is this: "We know the numbers, but we can't see which part of our own company actually matches them." So in this article I want to walk through how to read the METI data, the structural causes that the case studies reveal, a checklist your team can use this week, and where TRAFEED fits as a way to remove the single-point-of-failure on classification work.

Key points of this article

• 52% of FY2024 foreign exchange act violations trace back to classification errors. "Classification not performed / assumed non-controlled" alone accounts for 32%
• The second largest cause is "weak compliance programs" at 36% — missing CP filings, lack of awareness, and absent internal procedures sit side by side
• The regulatory environment has been moving non-stop: the October 2025 catch-all amendment, the April 2026 amendment of the Three Principles on Defense Equipment Transfer, and China's 40-entity sanctions list against Japan. Violation risk is structurally rising
• The key to prevention is replacing human judgment with a system. Reproducibility of classification rationale and currency of item-specific comparison tables are the load-bearing points

The FY2024 METI Violation Analysis at a Glance

METI's annual analysis of foreign exchange act violations is one of the few primary statistics available in the world of export control. The FY2024 edition was published in December 2025, covering cases sanctioned between April 2024 and March 2025[^meti2024].

The causes of violations cluster into two main buckets.

Root cause of violation	Share	What's inside
Classification errors	~52%	Classification not performed / assumed non-controlled (32%), misinterpretation of classification, use of outdated item-specific comparison tables, etc.
Weak compliance program	~36%	No CP filing, lack of FEFTA awareness, knowledge gaps, missing internal procedures, etc.
Other (destination misidentification, missing license applications, etc.)	~12%	False destination, transshipment, license number errors

Either people stumble at classification, or they stumble at the compliance framework. Roughly nine in ten violations fall into one of these two buckets. Read the underlying cases and the same picture emerges: both buckets are rooted in single-person dependency. When the work depends solely on one or two people's experience and intuition, classifications get skipped, past determinations get reused without review, and amendments to the comparison tables go unnoticed — quietly, over months and years.

The severity of administrative sanctions is also disclosed[^violation]. For minor violations, 69% of cases are closed with a report submission only, 5% receive a formal written warning, and 26% receive a verbal warning. For serious violations, an export ban of up to three years can be imposed. Criminal penalties top out at 30 million yen for individuals and 1 billion yen for corporations. As the Astre case described below shows — a one-year export ban — outcomes that can shake a company's existence are not hypothetical[^astree].

The timing is unforgiving. On October 9, 2025, the supplementary catch-all controls were revised[^catchall]. On September 29, 2025, the Foreign End-User List expanded to 835 entities[^userlist]. On April 21, 2026, the Three Principles on Defense Equipment Transfer were amended[^meti421]. China's 40-entity sanctions list against Japan has been moving in parallel. The root causes of violations have not changed, but the regulatory perimeter keeps expanding. That is the operating reality at the start of 2026.

→ See how TRAFEED supports classification work

The Top 5 Violation Patterns — What Generates the Most Mistakes

Combining the METI data with CISTEC's published case library[^cistec_jirei], the most frequent violation patterns on the ground organize into five.

Rank	Violation pattern	Approx. frequency	Typical situation
1	Classification errors (not performed / assumed non-controlled)	32%	"We're not subject to controls" / "No time to classify"
2	Weak compliance program	36%	No CP filing, no internal procedures, knowledge gaps
3	Misinterpretation of classification	~20%	Using outdated item-specific comparison tables, errors on gray-zone calls
4	Missed counterparty list checks	—	No matching against the Foreign End-User List, weak end-user verification
5	Destination misidentification / weak response to diversion	—	Third-country diversion, gap between documented and actual destination

#1: Classification not performed / assumed non-controlled (32%)

The most common pattern is the simplest: no classification was performed at all, or the team assumed "we're not subject to controls" and skipped the work. General-purpose machine tools, measurement equipment, certain chemical substances, software — products that look like "ordinary goods" to the company in question, but when actually matched against the item-specific comparison table turn out to fall under list controls. In my experience, about half of the companies that skip classification simply did not realize they were supposed to do it.

When the designated practitioner changes, past classification standards walk out the door with them. The new person skips re-classification on the basis that "it was non-controlled before." That is the textbook example of single-point-of-failure risk.

#2: Weak compliance program (36%)

A CP (internal compliance program for export control) is not strictly mandatory to file with METI, but in practice you need one to benefit from special bulk export licenses and similar programs[^modelcp]. CISTEC publishes a model CP, but adoption in many SMEs has not moved forward.

To be honest, most of the companies that have not filed a CP simply did not know the system existed. "We have procedures, but they aren't being run," "only the designated person knows the rules," and "there's no audit function" all sit inside this category. Frequently, only after a violation comes to light does the company discover that nobody in-house actually had foundational knowledge of FEFTA. This pattern repeats in report after report.

#3: Misinterpretation of classification (~20%)

Item-specific comparison tables are revised frequently. In 2026 alone, revisions have already landed on February 14, April 1, and October 9, and each round changes the classification result for some items.

Semiconductor manufacturing equipment, AI-related semiconductors, quantum-computing components, unmanned aerial vehicles. These categories saw substantial expansion of controls from 2024 through 2026. Keep using last year's comparison table and you will export something that was non-controlled then but becomes controlled under the new table. This kind of incident occurs several times a year.

#4: Missed counterparty list checks

The Foreign End-User List expanded to 835 entities in the September 29, 2025 revision[^userlist]. Exporters based in Japan have an obligation to confirm whether their counterparties appear on this list.

Pulling the latest version of the list into Excel, then cross-checking against trading partners while accounting for company-name changes and transactions routed through subsidiaries — try to do that by hand and the operation breaks. The same is true for China's 40-entity sanctions list against Japan. From what I'm hearing in the field, the majority of Japanese companies have not yet completed an assessment of how that list affects their own supply chain.

#5: Destination misidentification / diversion

This is the gap between the documented destination and where goods actually land — diversion routes, in other words. Since 2022, shipments destined for Russia via Central Asia, Turkey, and other third countries have proliferated, and METI keeps issuing notices on the topic.

"Documented as bound for South Korea, in fact bound for Russia." The Astre case described next is exactly this pattern.

A Real Case: The Astre One-Year Export Ban

On May 9, 2025, METI imposed a one-year export ban on Astre Co., Ltd.[^astree] The sanction period runs from May 16, 2025 to May 15, 2026. For an SME to receive a one-year export ban is extraordinary by Japanese standards.

The facts from primary sources, in summary:

• Violation period: August 2022 to June 2023 (approximately 11 months)
• Conduct: 523 motorcycles declared as bound for South Korea, but in fact illicitly exported to Russia
• Applicable provision: FEFTA Article 48(3) (false declaration of destination)
• Sanction: Total ban on export of all goods, one year

Exports to Russia for specific categories of goods have been comprehensively prohibited since the invasion of Ukraine in February 2022. The Astre case caused a shock for two reasons: the severity of a one-year ban being applied to an SME in a single shot, and the fact that the violation pattern itself was almost textbook. Falsifying the destination is one of the most basic prohibited acts under FEFTA. There is no defense once that line is crossed.

There are three takeaways from this case.

1. Companies need a framework that recognizes the moment a handled product "becomes regulated." Motorcycles destined for Russia were not particularly restricted before April 2022. The moment the regulation changes, if internal awareness does not catch up, the existing business flow drives straight into a violation.
2. Verifying the destination cannot stop at the paperwork. Whether the end user really exists in that country, the settlement currency, the logistics route, the history of past transactions — multi-angle verification is required.
3. Vigilance about diversion is most important precisely at SMEs. In trades that pass through trading companies or distributors, the final destination can be hard to fully grasp. The assumption that "the trading company will take responsibility" is not enough to prevent a FEFTA violation.

I'll be honest: when I first read the sanction details, I was reminded again of the gap between SMEs' on-the-ground intuition and how METI actually enforces. Read CISTEC's case library[^cistec_jirei] and you will see that the Astre case is not a one-off. Destination falsification cases appear every year. This needs to be treated as a structural issue, not a fluke.

→ Talk to TRAFEED about your destination-verification flow (30 min)

The Structural Causes Behind Violations

Combining the METI data with the case studies makes one thing clear: violations are not simply the result of individual carelessness. They are rooted in structural conditions.

CP filings don't progress in SMEs

METI runs an SME outreach program[^chusho] that dispatches advisors free of charge, but many companies don't even know the program exists. CISTEC's model CP is freely downloadable[^modelcp], but in many SMEs there is no one available to adapt it into the company's own business flow.

Companies that have not filed a CP cannot obtain special bulk export licenses, so they have to apply for individual licenses every time. The administrative burden grows, and eventually the company is tempted to ship without a license. I have watched this vicious cycle play out more than once.

Single-person dependency and turnover risk

Classification requires both the ability to read item-specific comparison tables accurately and a mechanism for inheriting past classification rationale. Yet in many companies, classification lives only in the heads of one or two people.

The moment that person leaves, the rationale for past determinations goes with them. A successor classifying the same item from scratch may or may not arrive at the same answer. When METI investigates a violation case, "Can the rationale for past classifications be reproduced from documents?" is always one of the points they check.

Tracking revisions to item-specific comparison tables

In the first half of 2026 alone, item-specific comparison tables have been revised at least three times. METI notices, ministerial ordinance amendments, operational circulars — the channels through which revisions arrive are multiple.

In my view, manually tracking those revisions and re-evaluating past classifications has effectively broken down as a practice. CISTEC members receive notifications about revisions[^cistec], but even so the internal response speed inside companies cannot keep up.

Export control at overseas subsidiaries

Even if the Japanese parent complies with FEFTA, a violation by an overseas subsidiary under re-export regulations (the US EAR, the UK Export Control Order, the EU Dual-Use Regulation) becomes a reputational risk for the entire group. The number of Japanese companies that can articulate the export control maturity of each overseas subsidiary from headquarters is still limited.

China's 40-entity sanctions list against Japan, expansion of the US BIS affiliate rule, the EU's revised Dual-Use Regulation. With each jurisdiction moving simultaneously through 2025 and 2026, this is the period to re-examine your group-wide export control framework.

Direction of the Industrial Structure Council discussions

Inside METI, the Subcommittee on Security Export Controls of the Industrial Structure Council regularly debates the future direction of controls. Recently, the emphasis on economic security has grown sharper. Beyond the traditional focus on preventing the proliferation of weapons of mass destruction, the center of gravity is shifting toward economically-critical technologies: semiconductors, AI, quantum, biotech, advanced materials.

Because both the "items" subject to controls and the "destination countries" are expanding at the same time, transactions that posed no issue in the past can quietly become regulated. We are seeing this kind of incident with steadily increasing frequency.

A 5-Minute Self-Check on Your Export Control Framework

For readers who have made it this far, here is an 8-item checklist you can run inside your team today. Writing it on a whiteboard and walking through it with the relevant people works fine.

• If your product mix has changed over the past three years, did you re-classify accordingly?
• Are you using the latest CISTEC item-specific comparison table (2026 revision) in-house?
• Have you filed a CP with METI? If not, have you documented the reason?
• Do you regularly cross-check counterparties against the Foreign End-User List (835 entities)?
• Have you completed a supply chain impact assessment against China's 40-entity sanctions list?
• Are past two years' classification rationales stored electronically and retrievable on demand during an audit?
• Does headquarters have visibility into the export control maturity of overseas subsidiaries?
• Does a handover template exist to mitigate the risk of the designated practitioner leaving?

If two or more of these come back as "No," I'd treat it as structural exposure to a FEFTA violation. In my experience, almost no company can answer "Yes" to all eight.

If your team isn't sure how to judge its own state, you can either approach METI's SME outreach program[^chusho] or use the 30-minute TRAFEED consultation described below to walk through it together.

Removing the Single-Person Dependency with TRAFEED

Finally, let me lay out how TRAFEED — the export control AI agent we provide at TIMEWELL — addresses the structural issues described above.

What the METI FY2024 data shows is that 52% of violations are about classification and 36% are about the compliance program. Both bottlenecks live in the realm of human judgment and operations. Trying to fix this with people alone means adding headcount, sustaining ongoing training spend, and building double or triple redundancy against turnover risk. The cost goes up linearly, and the talent isn't easy to find.

TRAFEED is designed around a different approach: moving that burden onto the AI agent.

Root cause of violation	What TRAFEED provides
Classification not performed / assumed non-controlled	Automatic screening of handled products and cross-checking against the item-specific comparison table
Use of outdated item-specific comparison tables	Automatic updates to the latest version with diff notifications
Missed counterparty list checks	Bulk matching against the 835-entity Foreign End-User List and China's 40-entity sanctions list
No reproducibility of classification rationale	Structured storage of the classification process and reasoning (immediately retrievable during audits)
Variance in overseas subsidiary maturity	Multilingual support so headquarters and overseas sites run on the same standard
Single-person dependency on CP operations	Builds on top of the CISTEC model CP, with TRAFEED handling operational execution

TRAFEED is not designed to replace people. It is designed to absorb routine work and audit-ready record-keeping, so that the practitioner can spend time on the judgments and negotiations that actually require a human in the loop. That is the framing.

---

Who this is for

• Your classification work is concentrated in one or two people, with high single-person dependency
• Your CP has not been filed with METI, or has not been updated to the latest version
• You have not finished checking your exposure to China's 40-entity sanctions list or the 835-entity Foreign End-User List
• You can't always reproduce the rationale for past classifications
• The export control maturity of your overseas subsidiaries varies significantly

If even one of these applies, a 30-minute TRAFEED consultation can typically map out a path forward.

In consultations I run personally, the comment I hear most often is, "There isn't really anywhere else we can get a third-party read on our own framework." Even when internal alignment looks solid, an outside set of eyes tends to surface blind spots. Taking 30 minutes to do that inventory is, I'd argue, worth it.

→ Book a TRAFEED consultation (30 min) / → See TRAFEED service details

---

Related Articles

• China's Export Restrictions Targeting Japan: Complete Guide to the 40-Company Watchlist
• Three Principles on Defense Equipment Transfer Explained
• Non-Applicable Certificate Complete Guide

[^meti2024]: METI "Analysis of Foreign Exchange Act Violation Cases (Security Trade Control) FY2024" (December 2025) https://www.meti.go.jp/policy/anpo/gaitameho_document/ihanjireigaitamehou6.pdf

[^astree]: METI "Administrative Sanctions under the Foreign Exchange and Foreign Trade Act (Export Prohibition, etc.)" (May 9, 2025) https://www.meti.go.jp/press/2025/05/20250509001/20250509001.html

[^chusho]: METI "Support for SMEs (SME Outreach Program)" https://www.meti.go.jp/policy/anpo/chusho.html

[^violation]: METI "Post-Inspection on Security Trade Control (Foreign Exchange Act Violations)" https://www.meti.go.jp/policy/anpo/violation00.html

[^catchall]: METI "Revision of Catch-All Controls (Effective October 9, 2025)" https://www.meti.go.jp/policy/anpo/apply-01/20251009_catchminaoshi/20251009catchall.html

[^userlist]: METI "Foreign End-User List Revision" (September 29, 2025) https://www.meti.go.jp/press/2025/09/20250929006/20250929006.html

[^cistec]: Center for Information on Security Trade Control (CISTEC) Official Site https://www.cistec.or.jp/

[^cistec_jirei]: CISTEC "Foreign Exchange Act Violation Cases" https://www.cistec.or.jp/export/ihanjirei/index.html

[^modelcp]: CISTEC "Model CP Introduction" https://www.cistec.or.jp/export/jisyukanri/modelcp/modelcp.html

[^meti421]: METI "Partial Amendment of the Three Principles on Defense Equipment Transfer" (April 21, 2026) https://www.meti.go.jp/press/2026/04/20260421003/20260421003.html