Trade, Export Controls & Sanctions
Technical categories in the EU Dual-Use Control List (Annex I)
Authorised EU dual-use trade value (2022, European Commission)
Mandatory record retention for all dual-use export transactions
Regulation Overview
https://policy.trade.ec.europa.eu/help-exporters-and-importers/exporting-dual-use-items_en
The EU Dual-Use Regulation is the EU's comprehensive export control framework governing goods, software, and technology with both civilian and military applications. For supply chain and compliance teams, the core obligation is product-level classification against the EU Dual-Use Control List—identifying items posing proliferation risks across nuclear, chemical, biological, missile, and conventional weapons domains.
Annex I contains over 300 pages of technically defined control entries across 10 categories—from nuclear materials to electronics, computers, telecommunications, and aerospace. The list is amended at least annually to incorporate decisions from the Wassenaar Arrangement, MTCR, Australia Group, and Nuclear Suppliers Group. Companies exporting controlled items from EU territory must obtain the correct authorisation, maintain end-use documentation, and submit to competent authority oversight.
EU dual-use compliance requires technical classification data—ECCNs, technical specifications, and end-use declarations—from every supplier whose components may fall within controlled parameters. When the control list updates, your entire product portfolio requires reclassification.
Key Components / Sub-Frameworks
EU-based exporters of dual-use items (goods, software, and technology)
Importers and distributors who re-export controlled items from the EU
Brokers and intermediaries arranging dual-use transfers involving EU territory
Providers of technical assistance related to listed dual-use items
Non-EU companies exporting through EU Member States
Any entity transferring Annex IV items between EU Member States
Key Thresholds
The EU Dual-Use Control List updates at least once a year—sometimes more. The 2025 update alone added quantum computing, advanced semiconductor tools, and biosecurity items. Your 2024 classifications are already outdated. Reclassifying 500 products across 10 technical categories against 300+ pages of specifications takes weeks—if you can find the technical data at all.
Your product is not on Annex I. But your customer is in a high-risk jurisdiction, and the technology could be used in a military programme. Under catch-all provisions, you must notify authorities if you are "aware" of a controlled end-use. Without systematic end-use screening and supplier risk scoring, you cannot demonstrate due diligence. Ignorance is not a defence.
Dual-use classification requires detailed technical specifications—performance thresholds, frequency ranges, accuracy parameters. Your supplier provides a commercial datasheet. The export control authority needs a technical assessment against Annex I parameters. The gap between supplier documentation and regulatory requirements leaves your compliance team interpreting specifications they did not engineer.
You export from Germany, France, and the Netherlands. Each Member State has its own competent authority, application process, and potentially its own national control list. Individual authorisations require end-use statements. Global authorisations require an Internal Compliance Programme. Every transaction needs a 5-year auditable record trail. Manual export control tracking at this scale is unsustainable.
Certivo In Action
Certivo in Action — EU Dual-Use Workflow
From Manual Technical Review to Automated Parameter Extraction
CORA extracts classification-relevant specifications from supplier datasheets automatically. Your team focuses on edge cases requiring engineering judgment—not parsing technical documents line by line.
Export Documentation Acceleration
Generate complete, audit-ready classification reports and authorisation application packages in hours—not the 4-6 weeks of manual compilation across suppliers and engineering teams.
Proactive EU Dual-Use Compliance Monitoring
When the Commission updates Annex I, Certivo reclassifies your portfolio instantly. Know which products are affected before your next export shipment—not after a customs inspection.
Key Statistics
Frequently Asked Questions
Which products fall under the EU Dual-Use Regulation?
The EU Dual-Use Regulation applies to all goods, software, and technology matching the technical parameters defined in Annex I—across 10 categories covering nuclear materials, special materials, electronics, computers, telecommunications, sensors, navigation, marine, aerospace, and propulsion systems. Items not on Annex I may still require authorisation under catch-all provisions if the exporter is aware of a controlled end-use. Certivo classifies your product portfolio against the complete current control list and flags items requiring authorisation.
What are the penalties for non-compliance with EU dual-use export controls?
Penalties are set by individual Member States and can include criminal sanctions, substantial monetary fines, revocation of export privileges, and imprisonment for responsible individuals. Goods may be seized at the border. Repeated violations can result in denial of future authorisation applications. The European Commission's 2025 annual report confirmed an increasing number of authorisation denials and enforcement actions across Member States.
How does Certivo handle annual updates to the EU Dual-Use Control List?
Certivo syncs with each Delegated Regulation update as soon as it enters into force. When new control entries are added or technical parameters change, CORA reclassifies your entire product portfolio against the updated Annex I and alerts you to any products whose classification status has changed. The November 2025 update covering quantum computing and semiconductors was incorporated within days of entry into force.
Does Certivo support Internal Compliance Programme (ICP) requirements?
Yes. Certivo provides the evidence backbone for ICPs required by global authorisation holders. CORA documents classification decisions, tracks authorisation status, maintains transaction records for the mandatory 5-year retention period, and generates audit-ready ICP evidence packages. This supports continuous audit-ready documentation across all Member State authorities.
How does EU dual-use compliance interact with US EAR and ITAR?
Many products are controlled under both the EU Dual-Use Regulation and US Export Administration Regulations (EAR). Items with US-origin components may also be subject to EAR re-export controls. Certivo validates supplier technical data against EU Annex I, US Commerce Control List (CCL), and ITAR Munitions List simultaneously—eliminating duplicate classification campaigns and ensuring multi-jurisdiction export control compliance from a single supplier submission.