Dear Clients and Friends,
We are pleased to share highlights of key regulatory updates, proposed legislation, and enforcement events pertaining to international trade regulation over the second quarter of 2026. These developments may affect compliance requirements for companies operating in Israel and abroad.
REGULATORY UPDATES
BIS Extends ‘Approval’ Timeline for IC Designers to December 31, 2026
On January 16, 2025, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) tightened export controls on certain high-end chips by placing new limitations on FABs and OSATs seeking to export, reexport, or transfer (in-country) certain advanced logic chips. The new restrictions placed due diligence measures and license requirements for foundries and OSATs exporting, reexporting or transferring such chips, unless one of the following 3 conditions is met:
- The chip is packaged by a front-end fabricator in a location outside of Macau or a destination in Country Group D:5 and the fabricator verifies the transistor count of the final chip;
- The chip is packaged by an “Approved” outsourced semiconductor assembly and test services (OSAT) company that verifies the transistor count of the final chip; or
- The export is to a trusted “Approved” or “Authorized” integrated circuit (IC) designer, who attests that the chips fall below the relevant performance threshold
Under the original BIS rule, the continued ‘authorized’ status of an IC designer depended on the submittal of an application by the designer to BIS to become an “approved” IC designer no later than April 13, 2026. However, on April 7, 2026, BIS extended to December 31, 2026, the triggering date for authorized integrated circuit designer status.
OFSI Publishes 2026–2029 Strategy: Enforcement Risk Increases as OFSI Enters Second Decade
On April 15, 2026, the UK’s Office of Financial Sanctions Implementation (OFSI) published its strategy for 2026–2029, setting out its agenda organized around a new operating model: Promote, Enable, Respond, and Change (PERC). OFSI has stated it will prioritize enforcement cases with the greatest deterrent or compliance impact—not necessarily the highest-value cases—and will invest in AI-assisted technology across its enforcement, licensing, and intelligence functions. Under the revised enforcement framework, OFSI has replaced the prior voluntary self-disclosure discount with a combined discount structure: a voluntary disclosure and cooperation discount (up to 30%), an Early Account Scheme discount (up to 20%), and a settlement discount (20%), allowing total penalty reductions of up to 70% for companies that engage proactively. OFSI has also set a target of completing 50% of licensing decisions within six months. The overall trend points towards an agency angling itself more towards proactive, intelligence-led case enforcement. Companies subject to UK financial sanctions should take note that OFSI is moving toward a more proactive, intelligence-led enforcement model, and should ensure their compliance programs include robust audit trails, timely breach reporting, and documented decision-making to benefit from the available penalty discounts.
EU Adopts 20th and 21st Sanctions Package Against Russia; UK adds additional designations.
On April 23, 2026, the EU adopted its 20th sanctions package against Russia. The package comprises of 20 new individual listings—the largest package of personal designations in two years—along with comprehensive sectoral sanctions. The sanctions package focuses on curbing Russian financial services, sanctioned an additional 20 Russian banks, four third-country (Kyrgyzstan, Laos, and Azerbaijan) financial institutions for assisting in circumvention of EU sanctions, as well as a categorical ban on all transactions with Russian and Belarusian crypto-asset service providers and decentralized trading platforms. In addition, the sanctions package further targets Russia’s military-industrial complex by designating 58 additional entities taking part in the development and manufacturing of military goods, as well as designating or subjecting to tighter restrictions entities based in China, the UAE, Turkiye, Uzbekistan, Kazakhstan and Belarus for their role in providing dual-use goods or otherwise contributing to Russia’s military sector. Lastly, and also a tool to battle sanction circumvention, the package uses for the first time the EU’s anti-circumvention tool to prohibit exports of certain goods to specific third countries (Kyrgyzstan), and not just to Russia.
On June 15, 2026, the EU adopted an additional sanctions package, its 21st, against Russia. The sanctions continue in the same direction, designating an additional 81 individuals and entities, and targeting energy revenues, the military-industrial complex, Russian propaganda actors, and human rights violations.
In May and then again in June, the UK announced further sanctions targeting Russia’s shadow fleet, financial networks, military procurement channels, and broader support infrastructure, with over 150 individuals and entities designated.
China Issues Retaliatory Measures to US Sanctions and Trade Controls
In April and May 2026, China issues three measures aimed at countering US sanctions and trade controls : (1) the Provisions on the Security of Industrial and Supply Chains (Order No. 834); (2) the Regulation on Countering the Inappropriate Extraterritorial Jurisdiction of Foreign Countries (Order No. 835); and a Blocking Order under its 2021 Blocking Rules.
- Order No. 834 — Provisions on Industrial and Supply Chain Security: The provisions are aimed at industrial and supply chain security, and restrict supply chain-related investigations and information collection of critical sectors within China that violate Chinese laws (Article 13). The rule can be seen as a response to foreign supply chain due diligence regimes, such as the U.S. Uyghur Forced Labor Prevention Act and the EU Corporate Sustainability Due Diligence Directive. The regulation also introduces countermeasures against foreign entities that cease normal transactions with Chinese entities or adopt discriminatory restrictive measures causing harm to China’s supply chain security, with penalties potentially extending to entire corporate groups regardless of ownership structure (Article 15).
- Order No. 835 — Regulation on Countering Improper Extraterritorial Jurisdiction: This regulation provides a comprehensive framework for identifying foreign measures deemed to constitute ” Improper Extraterritorial Jurisdiction,” blocking their implementation, and imposing countermeasures. The regulation introduces a list of “Malicious Entities” for foreign organizations and individuals “who participate in the implementation of improper extraterritorial measures taken by foreign states”, likely to mean compliance with foreign sanctions or export controls. Countermeasures include visa and entry restrictions, asset freezes, restrictions on transactions, and fines. The regulation also allows Chinese citizens or organizations to bring litigation against those implementing “improper extraterritorial measures” seeking cessation of infringement and compensation for losses. While the reality of this mechanism remains to be seen, the risk is a potential litigation mechanism against foreign entities complying with US or EU restrictions, and potentially enforceable against entities with no assets or presence in China.
- May 2 Blocking Order. On May 2nd 2026, the Ministry of Commerce of the People’s Republic of China (MOFCOM) issued its first Blocking Order prohibiting anyone in China from recognizing, enforcing, or complying with the OFAC sanctions against several Chinese refineries. The order is designed to prevent companies from refusing to deal with these entities solely on the basis of U.S. sanctions
While the enforcement realities of these measures are still being tested in real time, the three measures create a tenuous situation as companies may be forced to comply with one set of regulations at the expense and exposure of another. Routine compliance with U.S., EU, or UK sanctions and export controls (including SDN screening, Entity List restrictions, and supply chain due diligence) may itself create exposure under the new Chinese regulations. This conflict is exacerbated by the broad and extraterritorial nature of US regulations, such that not only US companies may find themselves in a conflict between competing compliance obligations. Companies with operations in Chinese markets, and in particular with Chinese subsidiaries, should carefully assess their exposure and seek guidance on navigating this unprecedented regulatory clash.
DDTC Terminates Arms Embargo on Ethiopia
On May 11, 2026, the U.S. Department of State’s Directorate of Defense Trade Controls (DDTC) announced that the United States has terminated the arms embargo on Ethiopia, which had been in place since 2021 due to the conflict in northern Ethiopia. DDTC has removed the policy of denial for Ethiopia under ITAR § 126.1 and is now reviewing license applications for ITAR-controlled activities involving Ethiopia on a case-by-case basis. Companies in the defense sector that had refrained from pursuing Ethiopia-related business may now submit license applications, though applications will still be evaluated against national security, foreign policy, and human rights considerations.
DDTC Publishes Updated Guidelines for Preparing Technical Assistance Agreements (TAAs)
On May 26, 2026, the U.S. Department of State’s Directorate of Defense Trade Controls (DDTC) published updated Guidelines for Preparing Agreements, including Technical Assistance Agreements (TAAs), Manufacturing License Agreements (MLAs), and Warehouse and Distribution Agreements (WDAs). TAAs are required under the ITAR for the export of defense services, transfer of technical data, or provision of manufacturing know-how to foreign persons. The updated guidelines incorporate revisions to reflect current ITAR requirements and DDTC processing expectations. Companies that are parties to TAAs or are preparing new agreement submissions should review the updated guidelines to ensure their applications and ongoing compliance practices reflect DDTC’s current expectations.
FCA Publishes Sanctions Compliance Report
On May 28, 2026, the UK Financial Conduct Authority (FCA) published a report setting out findings from its review of sanctions systems and controls across over 150 regulated financial services firms. The FCA highlighted best practices and gaps in compliance measures including, risk assessments and due diligence measures, screening and alert management, mapping of beneficial ownership and control structures, and strong governance and oversight. The report also noted that trade sanctions controls remain more overlooked than financial sanctions controls across the industry. While in general the report serves as an important benchmark for measuring a compliance program, as has been the case with other compliance efforts targeting financial institutions, more specifically customers can expect an increase in compliance measures as financial institutions seek to improve their own compliance efforts.
BIS Issues Enforcement Guidance on Advanced Computing Items and Country Group D:5 Entities
On May 31, 2026, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued enforcement guidance clarifying that a license is required to export, reexport, or transfer advanced computing items (classified under ECCNs 3A090, 4A090, and related items) to entities worldwide when such entities are headquartered in—or have an ultimate parent company headquartered in—Country Group D:5 (which includes China) or Macau, even if the entities themselves are located outside those jurisdictions. Israeli technology companies selling AI chips, computing hardware, or advanced semiconductors should verify the ultimate corporate ownership of their customers against Country Group D:5 as part of their screening and due diligence processes.
OFAC Publishes “Introduction to OFAC” Guide
On June 1, 2026, the U.S. Department of the Treasury Office of Foreign Assets Control (OFAC) published a new Introduction to OFAC Guide, intended to serve as an accessible primer on the U.S. sanctions framework for companies and individuals new to OFAC compliance. While not creating new legal obligations, the guide provides a useful resource for compliance teams onboarding new personnel or training international offices. The guide surveys different categories of OFAC sanctions, OFAC’s different restriction lists, who must comply with OFAC sanctions, as well as brief overview of expected compliance measures. Companies seeking to learn more about developing effective sanctions compliance programs should see OFAC’s previous guidebook on the matter.
EU Adopts New Harmonized Foreign Direct Investment Screening Regulation
On June 8, 2026, the Council of the EU gave final approval to a new Foreign Direct Investment (FDI) Screening Regulation, replacing the 2019 framework. The regulation mandates that all 27 EU Member States operate an FDI screening mechanism in line with harmonized minimum standards and introduces a common minimum list of critical sectors requiring mandatory prior authorization. In addition, the update extends screening to intra-EU acquisitions where the EU-based investor is ultimately controlled by a non-EU person or entity, closing a long-standing loophole. Member States have 18 months to implement the regulation’s minimum requirements.
Commerce Department Imposes First-Ever Export Controls on a Frontier AI Model
On June 12, 2026, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) directed Anthropic to suspend all access to its most advanced AI models, Fable 5, by any foreign national, whether located inside or outside the United States, citing national security concerns. The directive reportedly followed claims that the models had been jailbroken, raising concerns about potential misuse. In response, Anthropic announced it would disable all customer access to both models globally, as it could not technically distinguish between U.S.-person and foreign-national users on its platform. On June 30th, it was announced that those restrictions were lifted on its Fable 5 model.
Much remains unclear as to the framework and reasons behind the order, including the regulatory authority for the decision. Typically, the US has adopted an approach that software applications accessed entirely through a cloud-based storefront (ie. without downloading a product) would not constitute an export, and therefore would not be controlled. This unprecedented step signals that frontier AI models may be treated as controlled items subject to export restrictions, although the precise framework which may apply is unclear. Companies developing or distributing advanced AI models should monitor this development closely, and may need to consider how US export controls may restrict their product and access to their technology.
OFAC and OFSI Publish Joint US-UK Sanctions Comparative Overview
On June 23, 2026, the U.S. Department of the Treasury Office of Foreign Assets Control (OFAC) and the UK’s Office of Financial Sanctions Implementation (OFSI) jointly published a comparative overview of the U.S. and UK economic sanctions authorities, providing a side-by-side guide to how the two regimes operate. The publication compares core areas including the respective sanctions types and lists, jurisdiction, recordkeeping and reporting requirements, and how the two sanction frameworks apply respectively to ownership and control. The guide is a practical resource for companies subject to both regimes and should be reviewed by compliance teams managing dual UK-U.S. sanctions exposure to identify areas where the two frameworks diverge and where parallel compliance obligations may apply.
Israel Extends General Permit Exempting Iraq from Trading with the Enemy Ordinance
On June 29th 2026, the Israeli Minister of Finance extended the existing general permit that exempts Iraq from the definition of an “enemy state” under the Trading with the Enemy Ordinance, 1939. The Ordinance prohibits all forms of trade and commercial engagement with designated enemy states—currently Iran, Iraq, Syria, and Lebanon—absent a specific permit. The current extension continues this exemption for a further limited period until June 30, 2027.
PROPOSED REGULATIONS
Israel’s Ministry of Justice Publishes Draft Law to Significantly Expand Corporate Criminal Sentencing Tools
On May 28, 2026, the Israeli Ministry of Justice published a draft law proposing a comprehensive amendment to the Penal Law (Amendment — Sentencing Methods for Corporations), 5786-2026. The proposed law is meant to expand the sentencing toolkit available for corporate offenders for more efficient enforcement tools – consisting of three main additions:
(1) empowering courts to impose corporate supervision orders (צו פיקוח תאגידי), which could include requirements to implement internal compliance programs, appoint an external monitor, perform community service activities related to the offense, and publicly disclose the conviction.
(2) establishing a new Corporate Supervision Service (שירות פיקוח לתאגידים) within the justice system to oversee the implementation of such orders.
(3) expanding the scope of conditional enforcement agreements (הסדרים מותנים) available to prosecutors in corporate cases
While the bill applies broadly to all corporate criminal offenses, it would directly affect the enforcement landscape for Israeli companies convicted of regulatory offenses.
U.S. Congress Advances MATCH Act to Tighten Semiconductor Manufacturing Equipment Export Controls
On April 2, 2026, bipartisan legislation titled the Multilateral Alignment of Technology Controls on Hardware (MATCH) Act was introduced in the U.S. House of Representatives, and was advanced by the House Foreign Affairs Committee on April 22, 2026. The bill would designate all chipmaking facilities operated by CXMT, Hua Hong, Huawei, SMIC, and YMTC—including all subsidiaries and affiliates—as covered facilities subject to export restrictions, and would name several Chinese semiconductor manufacturing equipment producers whose access to U.S. and allied technology would be curtailed. Critically, the bill gives allied countries with significant semiconductor equipment industries 150 days to align their export controls with U.S. restrictions; if they fail to do so, the United States would be authorized to extend restrictions to foreign-made tools and servicing that rely on U.S. technology, effectively broadening the reach of the Foreign Direct Product Rule. The bill has not yet been enacted, but its bipartisan support and committee advancement signal strong momentum of what is to come in terms of expanding the scope of items and activities subject to U.S. export controls.
DDTC Proposes Overhaul of ITAR Part 130 Reporting on Commissions and Political Contributions
On June 15, 2026, DDTC published a proposed rule to substantially streamline the ITAR Part 130 reporting requirements governing the disclosure of political contributions, fees, and commissions paid in connection with defense sales. The key proposed changes include replacing the current transaction-by-transaction reporting with an annual reporting requirement submitted at the time of DDTC registration renewal, raising the reporting value threshold, and increasing the aggregate political contribution reporting threshold. Public comments are due by August 14, 2026. Companies that engage agents, consultants, or intermediaries in connection with ITAR-controlled defense exports should review the proposed changes.
ENFORCEMENT UPDATES
BIS Settlement: Coastal PVA Technology — Exports of EAR99 Items to Entity List Parties
In April 2026, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) reached a settlement with Coastal PVA Technology, Inc. (“Coastal”), a California-based manufacturer of polyvinyl alcohol brushes which can be used in semiconductor manufacturing. Between May 2021 and May 2024, Coastal committed 18 violations by selling and exporting approximately $400,088 worth of PVA brushes—classified as EAR99—to SMIC entities on the BIS Entity List without the required license. Coastal had no formal compliance policies in place, as it was unaware that low-level EAR99 items were prohibited by the regulations. BIS imposed a $1.7 million civil penalty, which is fully suspended for one year and may be waived if Coastal complies with remedial requirements, including mandatory export compliance training within six months. The case underscores that even EAR99 items require a license when the end user is on the Entity List. Companies should not assume that low-classification items are exempt from licensing requirements.
DDTC Settles with GE Aerospace for $36 Million Over 116 ITAR Violations Including Unauthorized Exports to China and Israel
On April 17, 2026, the U.S. Department of State’s Directorate of Defense Trade Controls (DDTC) concluded a $36 million administrative settlement with General Electric Company (GE Aerospace) to resolve 116 violations of the Arms Export Control Act and the International Traffic in Arms Regulations (ITAR). The violations, spanning April 2018 through November 2024, fell into four categories: unauthorized exports of technical data related to military aircraft engines (including F-35, F-16, and F-15 platforms) to the People’s Republic of China; mismanagement of DDTC authorizations, including operating procedures that had not been updated in over a decade; unauthorized exports of defense articles, including specially designed aircraft parts that were incorrectly classified under an ECCN and exported without ITAR authorization; and failure to report material changes to its DDTC registration. GE Aerospace voluntarily disclosed all violations and cooperated fully with the investigation. The case highlights compliance risks that are directly relevant defense industry companies: misclassification of ITAR-controlled items under Commerce Department ECCNs can result in unauthorized exports even to close allies; failure to regularly update internal procedures to reflect ITAR amendments creates systemic violation risk; and reliance on foreign signatories without verifying sublicensee information can lead to unauthorized retransfers. Companies engaged in ITAR-regulated activities should treat this settlement as a benchmark for the level of compliance infrastructure DDTC expects.
OFSI Fines Deutsche Bank London Branch £165,000 for Processing Payments to Entity Owned by Sanctioned Russian Company
On April 30, 2026, the UK’s Office of Financial Sanctions Implementation (OFSI) imposed a penalty of £165,000 on Deutsche Bank AG London Branch (DBLB) for breaching Russian sanctions. DBLB processed two payments totaling £635,618.75 in June and July 2022 to Okko LLC, a company owned by designated JSC New Opportunities. JSC New Opportunities had been designated under UK sanctions on June 29, 2022—the same day the first payment was processed by DBLB. DBLB’s third-party screening vendor did not include ownership data for the newly designated entity’s subsidiary, meaning the payments were not flagged. OFSI imposed the penalty under the strict liability regime.
In the penalty notice, OFSI clarified that companies bear ultimate responsibility for ensuring the accuracy of their screening, even when relying on third-party vendors, and must be kept up to date for new designations. It warns while third-party screening tools are vital, they also have their limitations, and require companies to supplement these shortcomings, including by strong sanctions onboarding procedures and reviews on a risk-informed basis.
OFAC Settlement: Adani Enterprises — $275 Million for Iran Sanctions Violations
On May 18, 2026, U.S. Department of the Treasury Office of Foreign Assets Control (OFAC) announced a $275 million settlement with Adani Enterprises Limited (AEL), an India-based company, for 32 apparent violations of Iran-related sanctions. AEL purchased shipments of Iranian-origin LPG disguised as Omani and Iraqi product through a Dubai-based intermediary, causing U.S. financial institutions to process approximately $192 million in payments. OFAC classified the violations as egregious and not voluntarily self-disclosed, citing AEL’s failure to investigate red flags including below-market pricing, shipments from ports without appropriate loading terminals, and an intermediary with OFAC-listed affiliates. The case underscores that non-U.S. companies may also be implicated in US sanction violations, in particular as OFAC asserts jurisdiction over engagements using USD-denominated payments that transit the U.S. financial system, and the overall importance for companies to be aware of red flags in transactions.
OFAC Settlement: FTI Consulting — $1.05 Million for Indirect Dealings with Sanctioned Russian Bank
On June 1, 2026, U.S. Department of the Treasury Office of Foreign Assets Control (OFAC) announced a $1,050,000 settlement with FTI Consulting, Inc. for six apparent violations of Russia-related sectoral sanctions. FTI provided consulting services for VTB Bank (a Russian state-owned bank on OFAC’s SSI List) through a law firm intermediary resulting in prohibited payments to FTI. In the enforcement release, OFAC emphasized that structuring payments through third parties does not eliminate sanctions liability.
OFSI Issues Record £1 Million Penalty Against Sabre Global Technologies for Russia Sanctions Breach (June 17, 2026)
On June 17, 2026, the UK’s Office of Financial Sanctions Implementation (OFSI) announced a monetary penalty of £1,000,920.59 against Sabre Global Technologies Limited (SGTL), a UK travel technology company. The penalty was its largest penalty under the Russia sanctions regime since the 2022 invasion. SGTL continued to provide Russian carrier Ural Airlines access to its global distribution system for seven months after the airline was designated in May 2022, and tested alternative non-UK payment routes to circumvent blocked transactions. OFSI’s analysis makes clear that the continued provision of access to digital services, even where no direct monetary payment is received by the designated person, can constitute making an economic resource available in breach of UK financial sanctions. Companies providing software-as-a-service, platform access, or distribution systems should ensure that their sanctions compliance programs extend beyond payment screening to encompass all forms of service delivery to designated persons.
BIS Settlement and First-Ever DOJ National Security Division Declination: Bosch Pays $36 Million for Unauthorized Shipments to Huawei Under Foreign Direct Product Rule (June 17, 2026)
On June 17, 2026, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) announced a $36,184,680 settlement with Robert Bosch GmbH (Bosch), a German company and its two German subsidiaries. Between September 2020 and September 2024, Bosch exported from abroad approximately $72.4 million worth of MEMS sensor products and automotive software to Huawei and its Entity List affiliates without the required BIS license. Importantly, the items were not US-items in the traditional sense of US origin or manufactured items, but were subject to the US controls pursuant to the Foreign Direct Product Rule, which extends U.S. export controls to certain foreign-produced items that incorporate U.S. technology or are manufactured using U.S. equipment.
On the same day, the DOJ’s National Security Division (NSD) announced its first declination of prosecution under the department-wide Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP), resolving its criminal investigation into Bosch without charges. The DOJ credited Bosch for promptly self-disclosing the violations to NSD, fully cooperating with the investigation, and undertaking timely remediation—including organizational changes, disciplinary action against personnel, significant expansion of its trade compliance resources, and updating internal policies and procedures. As a condition of the declination, Bosch agreed to disgorge $11,430,098 in profits from the transactions, a portion of which will be credited against the BIS civil penalty.
The case is a reminder that US export controls, and even criminal prosecution, may apply to non-U.S. companies manufacturing outside the United States through the US’s many extraterritorial triggers. In addition, the case highlights the significance of compliance efforts, remediations, and cooperation to penalty mitigation, and even declination of prosecution.
Israel – Indictment and Plea Agreement in a Case of Unauthorized Defense Marketing and Violations of the Defense Export Control Law
On June 30, 2026, following a joint investigation by the Israel Security Council and Lahav 433, the State Attorney’s Office (Economic Department) filed an indictment along with a plea agreement in the Magistrate’s Court against the technology company Ability Computer & Software Industries Ltd. and two of its corporate officers. The indictment charges the defendants with severe offenses of defense marketing without a license and violating restrictions under the Defense Export Control Law. The company is suspected of smuggling advanced offensive cyber systems to foreign countries without the required permits, in a number of offenses estimated at approximately 35 million ILS. Furthermore, the company is charged with money laundering, and one of its managers faces tax offense charges. Due to high security sensitivity, the court has imposed a comprehensive gag order on the full details of the case, the specific type of software, and the countries involved.
The “Ability” case illustrates that in situations where a substantial suspicion of export control violations arises, the law enforcement system may not suffice with administrative measures and retains the authority to criminally prosecute both the company as a corporate entity and its officers and organs personally.
This memorandum provides access to certain material developments in the field of international trade regulation. It contains only a summary and does not cover all updates that occurred in the second quarter of 2026. The information in this memorandum is provided as general information only and should not be relied upon in any specific case without additional legal advice.


