The sanctions enforcement case I am about to discuss is not new. Justice Department’s January 2026 sentencing announcement

The sentencing took place back in January 2026. But as I was reviewing this year’s enforcement practice, the case struck me as worth revisiting.

The Justice Department’s January 2026 sentencing announcement had the familiar elements of a Russia diversion case: controlled aviation technology, a third-country intermediary, a civilian-use story, paperwork that looked serviceable until it did not, and an item that was stopped before it left the United States. Sanjay Kaushik, a Delhi-based defendant, was sentenced to 30 months in prison and 36 months of supervised release after pleading guilty to conspiring to sell export-controlled aviation components with dual civilian and military applications to Russian end users. DOJ said the scheme involved controlled aviation components and an Attitude and Heading Reference System, or AHRS, purchased from an Oregon supplier. The AHRS provides navigation and flight-control data for aircraft.

The alleged commercial story was rather simple: Kaushik’s Indian company was the purchaser, and the AHRS would be used in a civilian helicopter. DOJ’s account says that story was false. We are told the actual plan was to ship the item through India to a customer in Russia. The AHRS was detained before export, and the case was investigated by BIS Portland with assistance from Homeland Security Investigations and U.S. Customs and Border Protection.

The shipment was stopped before it left the United States. The public record does not say exactly how the violation first came to enforcement’s attention. But the available facts point to a few plausible triggers: the license process itself, export-document review, shipment detention by CBP or BIS, or some combination of supplier, logistics, and agency scrutiny. When the conspirators allegedly made false statements to obtain an export license, they put the transaction in front of the very system designed to test end user, end use, and destination. As concealment strategies go, that is not exactly hiding the elephant in a haystack.

What Went Wrong

A compliance paper trail has value. Written assurances help document what a customer represented, support licensing files, and create a record for later review. The problem I would like to highlight here is what happens when paperwork is treated as the end of diligence rather than the beginning.

BIS’s “Know Your Customer” guidance draws that line clearly. Know Your Customer guidance

If there are no red flags, exporters may generally proceed in reliance on customer information. But once red flags arise, the exporter has a duty to inquire into the suspicious circumstances, including end use, end user, and ultimate destination. BIS also warns against “self-blinding” and says unresolved red flags may require refraining from the transaction or submitting the facts to BIS.

Here, the red flags were not buried deep in the file. The product was sensitive aviation equipment. The stated purchaser was in India, while the ultimate risk environment was Russia. The claimed use was civilian. The route allegedly ran through a third country. And the government says the customer of record was not the real end user. Each fact might be explainable in isolation. Together, they should have made the transaction wobble.

That is also where current G7 and BIS guidance has moved the compliance baseline. The G7’s Russia evasion guidance identifies third-country routing, shell or front companies, intermediaries, false or missing documentation, civil-end-use claims that do not match the surrounding facts, concealed end users, abnormal routes, and inconsistent trade or financial documents as red flags. It also calls for enhanced due diligence when those indicators appear. G7’s Russia evasion guidance

There is a real market context behind all of this. Reporting by The Guardian, based on customs data, described Western aircraft parts moving through Indian intermediaries to Russian aviation users, with no suggestion that the Western companies necessarily knew of the onward movement. The Guardian

And this is why third-country aviation channels deserved, and deserve, more than a quick “no sanctions hit” and a shrug.

The Likely Compliance Gap

An important caveat: the public materials do not describe the Oregon supplier’s internal compliance program, and this article — or call it an opinion piece — does not assume wrongdoing by any party not charged. But as a training scenario, the case suggests a familiar pre-violation compliance posture: a company likely had product classification, restricted-party screening, an end-use certificate process, and a license workflow. In other words, not “no compliance.” More likely, compliance existed, but in the way a locked screen door exists. It looks reassuring until someone pushes on it.

It is possible that weak escalation was the gap. A normal program may have asked: Is the buyer screened? Is the end-use certificate complete? Is a license being pursued? A stronger program would have asked: Why is this Indian intermediary buying this item? Who is the actual operator or installer? Which aircraft? Where will it be installed? What is the maintenance context? Why does the transaction file stop at the reseller rather than the real operational user?

BIS’s Export Compliance Program guidance identifies the conventional elements of an effective program: management commitment, risk assessment, export authorization procedures, recordkeeping, training, audits, corrective actions, and ongoing maintenance of the program. Those elements are useful, but they are only useful when they change behavior at the sales desk, the logistics handoff, and the license-review stage.

What Immediate Compliance Should Have Done

The immediate compliance response should have been straightforward: stop the clock.

A controlled aviation item, a third-country intermediary, and a Russia-sensitive diversion pattern should have moved the transaction out of ordinary order processing and into enhanced review before shipment release. A legal or trade-compliance hold should have covered the order, related communications, payment records, freight-forwarding details, license materials, and any similar transactions involving the same customer, product family, routing pattern, or end-use narrative.

The company should then have tested the civilian-helicopter story with objective evidence. That means aircraft identity or model, operator information, installation location, repair or maintenance records, work orders, the role of the intermediary, and a credible explanation of why the buyer needed the AHRS. A real commercial user can usually answer those questions. A diversion chain often answers them with fog.

BIS’s August 2024 address-screening FAQ is also directly relevant to this type of case. BIS strongly recommends screening both the name and address of parties to an export transaction, including to detect red flags and possible license requirements tied to high-diversion-risk addresses. Near matches and co-location with listed entities are red flags requiring additional diligence.

Diversion often appears “in the plumbing”, so to speak: ship-to addresses, freight-forwarder addresses, payment-source oddities, email domains, last-minute routing changes, and paperwork that tells slightly different stories depending on which page you read.

Remediation: The “Plan Maximum”

Let’s consider what the maximum best-practice version of compliance would have looked like — with the understanding that not every company can implement every item overnight, and not every transaction deserves a federal case file stapled to it.

First priority: freeze and triage. Put on hold any open or pending transactions involving the same customer, intermediaries, product family, routing, freight forwarders, or end-use descriptions. Preserve records. Identify shipments already exported, shipments pending, licenses filed, and transactions under quote. Call it the moment to stop the bleeding.

Second priority: identify the real risk universe. Map controlled products, Russia-sensitive items, dual-use aviation components, high-risk destinations, common intermediaries, and freight routes. The goal is to separate the handful of truly risky transactions from the ocean of ordinary ones. A compliance program that treats every invoice like a missile-guidance system will exhaust itself. A program that treats a navigation system bound through a third-country intermediary as routine has the opposite problem.

Third priority: hardwire escalation. Any transaction involving controlled aviation items, third-country intermediaries, Russia or Belarus diversion risk, vague civil-use claims, or incomplete downstream-user information should require trade-compliance review before quote acceptance, license submission, or shipment release. The stop rule should be written and must be working: unresolved red flags mean no shipment.

Fourth priority: rebuild end-use diligence. End-use certificates should remain in the toolkit, but they should not be worshipped. They are useful evidence, not magic paper. For higher-risk items, companies should require corroborating materials: operator identity, installation records, purchase justification, maintenance context, end-user certifications, distributor certifications, and documentary consistency across the file. The G7 guidance similarly encourages further inquiries into end use, end user, and ultimate destination; open-source research; and updated distributor obligations.

Fifth priority: expand screening beyond names. Screen names and addresses for all transaction parties: purchaser, consignee, intermediate consignee, end user, freight forwarder, bank where visible, ship-to location, bill-to location, and alternate addresses in emails or attachments. This is administratively annoying and sometimes noisy. But in diversion cases, unexamined silence is your real enemy.

Sixth priority: test the whole transaction file. The compliance review should compare the quote request, purchase order, invoice, end-use statement, license application, shipping instructions, freight documents, payment information, and export filing. Diversion cases often fail at the seams. One document says civilian helicopter; another points to an unexplained freight path; a third has a consignee that looks like a mailbox.

Seventh priority: monitor patterns over time. A single order may be ambiguous. Repeated orders through the same intermediary, vague recurring end-use claims, unusual product mix, inconsistent payment sources, or growing volume inconsistent with the customer’s visible business may be the point at which you should consider saying “stop.” Data analytics can be very useful here, assuming, of course, the alerts are tuned enough that humans do not learn to ignore them.

Eighth priority: train for decision rights. Here’s what this means: beyond statements that “Russia is risky,” employees need to know who can stop a sale, when escalation is mandatory, what facts must be collected, and what to do when a customer becomes evasive. BIS’s compliance guidance emphasizes management commitment and resources, but the real test is whether a sales or logistics employee can pause a transaction without being treated as the person who ruined everyone’s quarter.

Ninth priority: audit and correct. Pull samples from high-risk product lines, intermediary-heavy routes, and transactions involving civil-use claims for dual-use goods. Where gaps appear, remediate them, document the fix, and track recurrence. BIS guidance treats corrective action and preventing recurrence as core elements of an effective ECP.

The Hard Part

The easy post-mortem answer to the January case is that the exporter should have verified more, escalated faster, screened better, and stopped sooner. All true. Also, all easier to write after sentencing than to implement during a Tuesday afternoon sales cycle.

Let’s agree that compliance theory is clean. But business reality is not. Customers want quotes. Sales teams want closure. Logistics teams want release. Management wants growth. And somewhere in that machinery, a thin end-use story can begin to look “good enough.”

It should not have here.

The practical lesson is that efficient compliance would not necessarily have uncovered every hidden actor. It should, however, have generated enough unresolved red flags to stop the transaction before it became a criminal export-control case. That is the standard companies should train for: not perfect knowledge, but disciplined refusal to proceed when the deal becomes too opaque.

This discussion is, of course, the plan maximum — the best-practice version of a compliance program in action. But can there be a “watered down” version — perhaps one that is less resource-consuming — that can still be good enough?

The next question is even harder: what happens after you have identified an issue, completed your root-cause analysis, and now need to remediate to ensure nothing like this happens again? How do you avoid a situation where your best compliance intentions collide with the practical reality of day-to-day business?

Let’s look at this more closely in a separate series of articles that follow.