b. Semi-annual sales reports

The semi-annual reporting requirement for License Exception ENC can be found in 740.17(e) of the Export Administration Regulations (EAR). See 740.17(e)(i) and (ii) for specific instructions. 

Semi-annual reporting is required for exports to all destinations other than Canada, and for reexports from Canada, only for items described under paragraphs 740.17(b)(2) and 740.17(b)(3)(iii) of the EAR. 

Certain encryption items and transactions are excluded from this reporting requirement, see paragraph 740.17(e)(1)(iii) of this section. These exclusions include: 

• Encryption commodities or software with a symmetric key length not exceeding 64 bits.
• Encryption items exported (or reexported from Canada) via free and anonymous download.
• Encryption items from or to a U.S. bank, financial institution or its subsidiaries, affiliates, customers or contractors for banking or financial operations.
• Foreign products developed by bundling or compiling of source code. 

• Commodity Classification Automated Tracking System (CCATS) number
• Name of the item(s) exported (or reexported from Canada).
• Distributors or resellers: For items exported (or reexported from Canada) to a distributor or other reseller, including subsidiaries of U.S. firms, the name and address of the distributor or reseller, the item and the quantity exported or reexported and, if collected by the exporter as part of the distribution process, the end user’s name and address.
• Direct sales: For items exported (or reexported from Canada) through direct sale, the name and address of the recipient, the item, and the quantity exported.
• Foreign manufacturers and products that use encryption items. See 740.17(e)(1)(i)(C) for full details. 

• For exports occurring between January 1 and June 30, a report is due no later than August 1 of that year.
• For exports occurring between July 1 and December 31, a report is due no later than February 1 the following year.
• These reports must be provided in electronic form.
• Recommended file formats for electronic submission include spreadsheets, tabular text, or structured text.
• Exporters may request other reporting arrangements with BIS to better reflect their business models.
• Reports may be sent electronically to BIS at [email protected] and to the ENC Encryption Request Coordinator at [email protected]. Disks and CDs containing the reports may be sent to the following addresses, only if needed: Department of Commerce, Bureau of Industry and Security Office of National Security and Technology Transfer Controls, 14th Street and Pennsylvania Ave., NW Room 2705, Washington, DC 20230 
  Attn: Encryption Reports and Attn: Encryption Request Coordinator 9800 Savage Road, Suite 6940 Ft. Meade, MD 20755-6000 

Reporting is required for commodities and software that, after having been classified and authorized for License Exception ENC in accordance with paragraphs (b)(2) or (b)(3) of this section, are modified only to upgrade the key length used for confidentiality or key exchange algorithms. Such items may be exported or reexported under the previously authorized provision of License Exception ENC without a classification resubmission. 

• Certification that no other encryption changes have been made.
• Original Commodity Classification Automated Tracking System (CCATS).
• New key length. 

• The report must be received by BIS and the ENC Encryption Request Coordinator before the export or reexport of the upgraded product; and
• The report must be e-mailed to [email protected] and [email protected].