Export Compliance Policy

Updated on January 1, 2020

1. Purpose

Idera, Inc. and its subsidiaries (a comprehensive list of all Idera’s subsidiaries is available at https://www.ideracorp.com/brands) (collectively, the “Company”) maintains an Export Compliance Policy (this “Policy”) prohibiting any export, reexport, transfer (includes in-country transfer) in violation to U.S. Export Laws, to which all of the Company’s products are subject. The Department of Commerce’s Bureau of Industry and Security (“BIS”) controls the export of most commercial products. While only a small percentage of exports under BIS’s jurisdiction require an export license, a product’s technical characteristics, the destination country, the end user, and a product’s end use must be examined in determining whether an export license is required. Details of the U.S. Commercial Encryption Export controls can be found at the BIS website.

2. Scope

This Policy applies to the Company’s operations worldwide and to all directors, officers and employees of the Company, its subsidiaries and affiliates. Violations of this Policy or applicable regulations will be grounds for disciplinary action up to and including termination. The Company also expect that our business partners fully understand and comply with their obligations under U.S. export and other international trade laws. Failure to do so will be grounds for immediate termination of the business relationship with any such business partner.

The Company’s compliance team is responsible for ensuring that all departments acknowledge, read and understand this Policy.

3. Policy

The first step for deciding whether or not a product requires an export license is determining if it has a specific Export Control Classification Number (“ECCN”) by checking the U.S. Export Administration Regulations (“EAR”). Please note that the EAR applies to all U.S.-origin items, and thus can apply to both U.S. and non-U.S. exports (to the extent U.S. origin content is incorporated in any non-U.S. exports). If a product has a five-character ECCN code, the EAR will also list one or more reasons why it is controlled. Businesses use these reasons for control to help them determine if they need to apply for an export license based on the countries to which they are exporting. Products that do not have an ECCN code and are not subject to control by any other U.S. agency are designated as EAR99. Products classified as EAR99 are low technology consumer goods and usually do not require an export license. However, even EAR99 items require licenses for exporting to embargoed countries, to a restricted party, or in support of a prohibited end use.

The Company analyses all of its products’ technical characteristics and determines the ECCN for each of its product, including all products that are designated as EAR99. The compliance team together with the legal department are responsible for overseeing and analysing the Export Compliance Product Questionnaire. To the extent applicable, the Company will apply for an export license with the BIS.

The Company revenue manager (for entities incorporated in the U.S.) and the Finance Director (for entities incorporated overseas) (collectively, the “Stakeholders”) are responsible for ensuring that employees who report to them, directly or indirectly, comply with the Restricted Party Screening Policy and complete any certification and training required of them.

Prohibited End Users

In accordance with United States’ and applicable export control and economic sanctions laws and regulations, all Company products and services* are prohibited for export/reexport/transfer (includes in-country transfer) to or access by the following:

• Any company or national of Cuba, Iran, North Korea, Sudan, Syria, and the Crimea region. Export licensing of commodities or services intended for these countries is presumed denied;
• Re-export to these countries is prohibited; you may not proceed with any proposed transaction if you "know or have reason to know" it would be contrary to U.S. or applicable laws or regulations;
• Any customer you know or have reason to know, who is involved in the design, development, manufacture or production of nuclear technology, or nuclear, biological or chemical "weapons of mass destruction."
• Please note: cloud access and/or download from these countries or regions is considered an export under U.S. export and applicable economic sanctions laws and regulations and is therefore prohibited.

*The Company’s products and services include, but are not limited to, programs, integrated software, support, operating systems, product technical data, educations, consulting, cloud services.