Third-Party Distributor Screening: A 2026 Guide

If you sell through resellers, distributors, or value-added partners, the riskiest party in your export chain is almost never the one you invoice. It's the one your distributor invoices.

That lesson has been written in seven- and eight-figure penalties throughout 2026. BIS opened 2026 with an enforcement surge targeting chip exports to China, turning long-term investigations into high-price penalties — almost every case involving items that ended up at SMIC, a company added to the Entity List in 2020 and labelled a Chinese military company in 2021. In nearly every settlement, the U.S. exporter didn't ship directly to the restricted party. A distributor did.

This guide walks through what third-party distributor screening actually requires in 2026 — what BIS expects, what enforcement actions reveal about common failure modes, and how to build a defensible program without hiring a compliance army.

Why Distributor Screening Became a Top Enforcement Priority

BIS leadership has signaled — repeatedly and on the record — that enforcement is accelerating. Secretary of Commerce Howard Lutnick has pledged a "dramatic increase" in BIS enforcement activity, and recent enforcement actions indicate that BIS will increase its enforcement activity in 2026.

The 2026 docket tells the story:

• In February 2026, BIS announced a settlement agreement and $252 million civil penalty against California-based Applied Materials Inc. and its subsidiary, Applied Materials Korea, Ltd.—the largest penalty in BIS history.
• In January, BIS fined Germany's Exyte Management $1.5 million for its Chinese subsidiary's dealings with SMIC.
• On March 27, 2026, BIS issued an Order resolving an administrative enforcement matter involving Solventum Corporation, arising under the EAR, after a Proposed Charging Letter alleging two violations of the Regulations.
• In April, BIS announced a settlement agreement with a California-based manufacturer for EAR violations including a suspended civil penalty of $1.7 million. Between May 2021 and May 2024, the company committed 18 violations by selling approximately $400,088 worth of polyvinyl alcohol brushes to two Chinese companies on the BIS Entity List. These transactions were conducted through third-party distributors and were made without the requisite export license.

Notice the common denominator: distributors and intermediaries. The Coastal PVA case is the cleanest illustration — a small manufacturer selling a low-tech consumable product, going through resellers, racking up 18 violations over three years without ever shipping a box directly to a listed entity.

What "Third-Party Distributor Screening" Actually Means

Distributor screening is not the same as customer screening. It has three layers, and most compliance programs only do the first one.

Layer 1: Screen the distributor itself

Run every distributor — every reseller, agent, broker, freight forwarder, and value-added partner — against the U.S. Consolidated Screening List (CSL). That includes the BIS Entity List, the BIS Denied Persons List, the BIS Unverified List, the OFAC SDN List, the State Department's Debarred List, and several others. This is table stakes. If a distributor is on a list, the relationship ends there.

Layer 2: Screen the distributor's downstream customers

This is where most programs fail. You cannot delegate know-your-customer obligations to a distributor and call it done. BIS expects the U.S. exporter to understand the end-user — even when the end-user is two hops away.

The Coastal PVA matter shows what "reason to know" looks like in practice: a manufacturer with no formal export compliance program, items moving through distributors, and the company stated it was unaware of the licensing requirement and ceased the sales after being informed by BIS. Lack of awareness is not a defense under the EAR.

Layer 3: Screen continuously, not once

Distributor lists change. Customer lists change. The Entity List changes — sometimes weekly. A clean screening result in Q1 means nothing in Q3 if the downstream customer was added to the Entity List in Q2.

The Applied Materials enforcement is instructive here. BIS had issued an "is-informed letter" in September 2020 to tell Applied Materials that a license was required to sell the equipment to these entities. Further, all of the customers were designated on the Entity List a few months later. The status of a downstream party changed mid-relationship, and the controls didn't catch up in time.

What BIS Actually Expects in a Distributor Screening Program

Based on settlement documents and BIS guidance, an effective program covers five things:

1. Written distributor onboarding diligence — a documented process that screens every new distributor against the CSL before any shipment moves.
2. End-user / end-use certifications — contractual obligations on the distributor to disclose downstream customers and intended use.
3. Recurring rescreening — automated re-checks of distributors and known downstream customers against updated lists.
4. Red-flag escalation procedures — documented criteria (unusual routing, requests to omit end-user info, pricing inconsistencies) that trigger a hold.
5. An auditable trail — records of every screen, every match decision, and every escalation, retained for at least five years.

The last item matters more than people realize. BIS underlined this by also requiring two internal audits of Applied Materials' export controls compliance program, with the audit reports to be submitted to BIS. If you can't produce records, you can't prove diligence — and BIS treats absence of records as evidence of absence of a program.

Common Distributor Screening Failure Modes

"The distributor said they'd handle it"

Contractual indemnification from a distributor does not transfer EAR liability. The U.S. principal exporter remains on the hook. The Coastal PVA case underscores this — distributors handled the sales, the manufacturer paid the penalty.

"It's just EAR99"

EAR99 items still require licenses when the end-user is on the Entity List. The Solventum enforcement action centered on transactions involving the transfer of EAR99 Liquid-Cel membrane contactors to parties listed on the Entity List, including Semiconductor Manufacturing International Corporation South China and Ningbo Semiconductor International Corporation. Low-tech classification ≠ low-risk transaction.

"We checked them when we signed the contract"

One-time screening is a snapshot. The Entity List is a moving target. In the Solventum matter, prior authorizations were in place, subsequently suspended, and followed by internal efforts to halt shipments that did not capture all affected transactions in real time. Authorization status changes — your screening cadence has to match.

"We only sell domestically"

Distributors reexport. A U.S. sale to a U.S. distributor that ships to China is still a U.S. export under the EAR. And OFAC has been clear that even predominantly domestic businesses carry sanctions risk — in February 2026, OFAC penalized a Florida school for receiving tuition payments, via third parties, from Mexican cartel-related sanctioned parties, warning that even companies that consider themselves "predominantly domestic" have sanctions risk.

The Cost of Getting It Wrong

The arithmetic is brutal. OFAC violation penalties in 2026 can reach up to $377,700 per civil violation under IEEPA (or twice the transaction value, whichever is greater), and up to $1 million per criminal violation plus 20 years imprisonment. BIS penalties under the EAR are similarly scaled per-violation, and as Applied Materials demonstrated, the enforcement action — representing the maximum statutory penalty of twice the value of the underlying transactions — signals BIS' aggressive posture toward a trifecta of current export control priorities: semiconductor manufacturing, Entity List entities, and China.

For a small manufacturer, even the "small" cases hurt. A $1.7 million suspended penalty on $400,000 of sales is a 4x multiple on revenue — and that's before legal fees, mandatory audits, and lost commercial relationships.

Building a Defensible Program Without Hiring a Compliance Team

Three practical moves cover most of the risk:

• Automate CSL screening at distributor onboarding and at every reorder. Manual quarterly reviews don't work; the Entity List moves faster than any quarterly cadence.
• Push end-user disclosure into your distributor contracts. Require the distributor to name the end customer before you ship. No name, no shipment.
• Keep the audit trail. Every screen, every hit, every cleared match — timestamped and retained. This is the single best defense if BIS ever knocks.

ScreenShield handles the first and third items out of the box: automated screening against the full CSL, fuzzy name matching for alias detection, batch screening for distributor lists, and a permanent audit trail of every check. The second item is contract language — but the screening infrastructure to enforce it has to exist first.

Screen your first distributor list free — takes 10 seconds

---

Related: The Solventum $16M BIS Settlement: What EAR99 Exporters Need to Know

Related: Restricted Party Screening: The 2026 Guide

Related: How to Screen Your Vendor List for Export Compliance