UPDATE: [Close of Comments on Commerce Cyber Rule]
Client Alert | 1 min read | 01.20.22
On January 12, 2022 the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued a federal register notice delaying the effective date of new controls on cybersecurity items and an accompanying new license exception. The rules are now set to take effect on March 7, 2022.
The new controls were published in an interim final rule on October 21, 2021, please see our earlier client alert on this. Broadly speaking, they cover (a) items, including software, for the generation, command and control, or delivery of intrusion software and (b) internet protocol (IP) network communication surveillance equipment. BIS delayed the implementation to give industry additional time to comply with the new restrictions as well as update internal compliance procedures, and to provide BIS itself time to provide additional guidance on the rule. BIS may also consider some modifications to the rule, but is not reopening the comment period and these modifications based on the latest comments will most likely be made, if at all, sometime after the new effective date for the interim final rule.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 12 min read | 03.10.26
On 26 February 2026, the EU published Directive (EU) 2026/470 (the Omnibus I Directive). Adopted as part of the European Commission's (Commission) simplification agenda and after a year of debates and negotiations between the Commission, the Council, and the European Parliament, this text effectuates far-reaching changes to both the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CS3D).
Client Alert | 3 min read | 03.10.26
Client Alert | 15 min read | 03.06.26
Client Alert | 6 min read | 03.06.26
Tri-Agencies Release Fourth Mental Health Parity Report to Congress
