Dual-Use Goods:
The risk lies not in what you sell, but where it ends up!
Why exporting companies unknowningly contribute to sanctions evasion – and how to prevent it.
- Prefer to watch? View the video!
You sell an industrial pump. Or a sensor. Or electronic components. Ordinary products, legitimate trade. But what if those same products — without your knowledge — are used in weapons production or to circumvent international sanctions? Welcome to the world of dual-use goods.
What are Dual-use goods?
Dual-use literally means: two applications. These are products, software or technology that primarily serve a civilian purpose but can also be used for military purposes — or in the production of weapons of mass destruction.
This is not an obscure niche concept. Many everyday products fall within this definition. The examples speak for themselves:
The products are legal. The end destination determines the risk. And that is precisely where your responsibility as an exporter begins.
How does the risk work in practice?
The risk rarely lies in a direct sale to a suspicious party. Criminals and sanctioned states are smart enough to avoid that. They work through intermediaries in neutral countries.
Your customer is based in Turkey, the UAE or Kazakhstan — legitimate on paper, no sanctions, professional communication. But the goods are then shipped on to Russia or Iran. You did not know. But the law asks a different question: could you have recognised this?
Under EU Regulation 2021/821, the UK’s Export Control Order 2008 and equivalent national legislation, you as an exporter bear a due diligence obligation: you must take reasonable steps to establish the end destination of your products. This is not an absolute guarantee, but an obligation to investigate. If the red flags were present and you did nothing, ignorance is no defence.
Anti-money laundering obligations (such as those under the EU AMLD or the UK Proceeds of Crime Act) apply to reporting entities such as banks, accountants and notaries — not to exporters in general. Export control obligations and AML reporting obligations are two separate legal frameworks that may overlap but must not be confused.
The four most common techniques for misues
Transshipment via neutral countries
Goods travel from the exporting country to a transit hub — Turkey, UAE, Kazakhstan — and are then forwarded on to the sanctioned country. The final destination does not appear anywhere on the invoice. This is known as transshipment or re-export risk.
Front companies
Newly incorporated companies with no website, no staff and no demonstrable activity suddenly place large orders for advanced technology. They act as an intermediary to conceal the true end-user — and the final destination.
Vague invoice descriptions
Products are described on the invoice as “parts”, “electronics” or “industrial components” — without HS codes or specifications. This makes it virtually impossible for customs authorities and compliance departments to verify whether the items are dual-use goods.
Customers without technical knowledge
A customer who orders advanced industrial pumps but has no technical knowledge of the product, or no logical business activity that explains the intended use, is a classic indicator of abuse. The goods are intended for a different end-user.
The catch-all: unlisted products may still require a licence
A common misconception: “my product is not on the dual-use list, so I have no obligations.” This is incorrect. EU Regulation 2021/821 contains a catch-all provision (Article 4) that applies precisely to unlisted products.
If you know — or reasonably suspect — that your product is destined in whole or in part for the development of weapons of mass destruction, for military use in a country subject to an arms embargo, or for incorporation into military systems exported without authorisation, you are required to notify the relevant national export control authority. That authority then determines whether a licence is required.
Authorities may also proactively impose an ad-hoc licensing requirement for specific goods or destinations through a formal decision. But even without such a decision: where there is doubt about the final destination, a duty to investigate always applies — regardless of whether your product appears on the control list.
Not just physical goods: software, technology and knowledge too
Dual-use export control does not apply solely to containers of pumps or sensors. The rules apply equally to the intangible transfer of technology — also known as Intangible Technology Transfer (ITT). In practical terms, this means:
– Sending technical drawings, blueprints or specifications by email to a customer in a risk country falls under export control.
– Sharing software via a download, cloud platform or USB drive with a foreign party constitutes an export in legal terms.
– Providing technical assistance, training or advisory services to a foreign party in relation to controlled technology may require an export licence.
For your business, the practical question is: do you send technical documentation, manuals or software with your shipments to non-EU countries? If so, this also falls within the scope of export control regulations.
Know Your Product: classify your own catalogue
KYC means: know your customer. But for dual-use goods, a second principle is at least as important: Know Your Product (KYP). Do you know, for every product in your catalogue, its export control classification number (ECCN or equivalent) and whether it falls under the dual-use control list?
An incorrect or missing HS code on an invoice may be interpreted by customs as an indication of intentional circumvention — even if it was an administrative error. The burden of proving it was not intentional then falls on you. A product classification exercise carried out and documented in advance is the best protection against this.
New as of November 2025: Annex I of EU Regulation 2021/821 has been significantly expanded with new categories, including quantum computing technology, advanced semiconductor manufacturing equipment and biosecurity technology. If your business operates in precision electronics, sensor technology or advanced materials, check whether your products have been added to the control list as a result of this update.
Recent enforcement - 2026
Dual-use violations are actively prosecuted. Several cases have been published in recent months:
| Region / Date | Case / Authority | What happened? |
|---|---|---|
|
Netherlands 2024 |
Trust office / DNB | Trust office dismantled that managed complex structures for money laundering via nominee directors and offshore holdings. DNB imposed a multi-million fine and revoked the licence. |
|
United Kingdom 2024 |
Accountancy network / NCA | Network of accountants prosecuted for setting up hundreds of shell companies with nominee structures for sanctioned Russian entities. |
|
United States 2025 |
FinCEN / CTA enforcement | Fines imposed for incorrect or missing UBO registrations under the Corporate Transparency Act. Hundreds of companies with Delaware structures under scrutiny. |
|
Europe 2025 |
AMLA / EU-wide action | The new EU Anti-Money Laundering Authority (AMLA) announced in 2025 coordinated checks on structures with more than four layers and offshore components in high-risk jurisdictions. |
Recognise the Red Flags
Use these indicators as a starting point for your internal control process. A single hit is sufficient reason for further investigation:
- Red flags in dual-use export
- A customer without technical knowledge orders advanced industrial products — and cannot explain the intended use.
- The invoice contains vague descriptions such as “parts” or “electronics” without product specifications or HS codes.
- The trade route passes through a neutral transit country (Turkey, UAE, Kazakhstan) while the end-user remains unknown.
- The customer is a newly incorporated company with no website, no visible staff and no demonstrable business activity.
- There is pressure to deliver quickly without room for questions or documentation.
- The customer wants to pay through a third party or requests changes to the invoice description.
- The destination is in or borders a sanctioned country or is known as a transit hub for goods bound for such countries.
Download The Dual-Use Checklist!
What Can You Do?
Export control compliance starts with disciplined due diligence at three levels: your product, your customer and your transaction. Practical steps:
- Classify your products (KYP): check the EU dual-use control list (Annex I, EU Regulation 2021/821, updated November 2025). If in doubt: consult your national export control authority for guidance and submit a licence application to the competent authority — in the Netherlands this is the CDIU (Centrale Dienst voor In- en Uitvoer); in the UK, the ECJU (Export Control Joint Unit).
- Apply the catch-all: is your product not on the control list but do you have indications it will be used for military purposes? Notify the relevant national authority. The duty to investigate always applies.
- Check intangible transfers too: do not send technical documentation, software or knowledge to customers in risk countries without verifying whether this falls under export control.
- Obtain an End-User Certificate (EUC) — but also assess the plausibility of its contents. A company with no relevant activities ordering precision technology “for civilian use” does not constitute a credible declaration.
- Conduct sanctions screening on all parties — EU FSF, OFAC SDN and UK Sanctions List — including intermediaries and brokers. Always identify the Ultimate End-User (UEU).
- US re-export rules (EAR): does your company import US-origin components or technology? If so, the re-export rules of the Bureau of Industry and Security (BIS) may also apply — a separate framework in addition to EU rules.
- Build an Internal Compliance Programme (ICP): an ICP is formally required for certain EU export authorisations. Your bank will also expect it as evidence of a controlled export process.
- Document everything in an export file. In the event of an inspection by the relevant enforcement authority, you must be able to demonstrate that you acted with due care. Retention requirement: minimum 5 years.
The consequences of a violation are concrete: fines of up to €19,500 per case for a violation, €78,000 per case for intentional conduct, and custodial sentences of 1 or 6 years respectively under the Dutch Economic Offences Act — or equivalent penalties in other jurisdictions. Prosecutors are also increasingly opting for naming and shaming. And your bank may — independently of criminal proceedings — block payments or freeze your account once dual-use risks become visible.
For entities subject to anti-money laundering obligations — such as financial institutions, accountants and notaries — an additional Suspicious Activity Report (SAR) obligation applies. Note: this is a separate legal framework, independent of export control legislation, and applies only to AML-obligated entities.
Unsure About a Client, Supplier or International Party?
Start Your First Verification Now
Fill in the details below to request your KYC report. Our team will review the information and contact you within 2 business hours to confirm the scope and finalize the process.
Before submitting, please choose the level of review that matches your risk profile:
Basic Check (€175)
Standard ownership, sanctions, PEP and adverse media screening.
Advanced Check (€250)
Includes enhanced structure analysis via external intelligence providers, extended PEP and adverse media screening, and import/export plus geographic risk assessment. Recommended for complex or higher-risk international transactions.
Your info
Your company details
- Required to identify the requesting entity and prevent misuse of due diligence services.
- Helps us assess the commercial rationale for the relationship between your company and the target company, and the related risk exposure.
Target company info
- Improves accuracy and prevents false matches.
- Used for sanctions, PEP, and adverse media screening.
SOURCES
- EU — Dual-use export control regulation: policy.trade.ec.europa.eu
- GOV.UK (ECJU) — Export controls: dual-use items: gov.uk
- FATF — Trade-Based Money Laundering indicators: fatf-gafi.org
- BIS (US) — Enforcement updates: bis.gov
- CJEU — Case C-465/24: curia.europa.eu