ITAR 101: What Every STEM Professional Needs to Know Before Taking a Defense Mission

The deemed export provision catches more engineers off guard than any other ITAR requirement. A practical overview of what ITAR covers, what it doesn't, and what you must do before day one.

Assemble Teams Editorial ·April 15, 2026 ·2 min read

$950M+

Raytheon's 2024 settlement for ITAR and Arms Export Control Act violations — the largest compliance enforcement action in recent defense industry history. Source: U.S. State Dept., Oct. 2024.

The International Traffic in Arms Regulations (ITAR) is the U.S. export control regime covering defense articles, defense services, and related technical data listed on the United States Munitions List (USML). It's one of the most consequential and least understood compliance frameworks in American professional life — and the consequences of getting it wrong are severe.

In October 2024, Raytheon agreed to pay over $950 million to resolve investigations including ITAR and Arms Export Control Act violations. That number represents years of enforcement action, but the underlying violations often start with decisions that seemed routine: sharing a technical document with a foreign national employee, providing engineering support to an overseas subsidiary, or accepting a consulting engagement without checking the nature of the technology involved.

What ITAR actually covers

ITAR controls the export of defense articles (physical items listed on the USML), defense services (assistance related to defense articles), and technical data (information required for the design, development, production, manufacture, or operation of defense articles). The USML has 21 categories, covering everything from conventional firearms to spacecraft, from night vision equipment to nuclear weapons.

If the technology you're working with appears on any USML category, ITAR applies — to the technology itself, to the service you're providing around it, and to any technical information you handle in the process.

The deemed export provision — where most violations start

The most important provision that most STEM professionals are unaware of: the "deemed export" rule. Under ITAR, sharing ITAR-controlled technical data with a foreign national in the United States — even verbally, in a meeting in Boston — is treated as an export of that data to the foreign national's country of origin.

This means that if your team includes non-U.S. persons and your program involves ITAR-controlled technology, you need an export license or a license exception before that data is shared — regardless of whether anyone left the country. The nationality of your team members matters as much as the location of the work.

AUKUS exemption update — effective September 1, 2024

The U.S. State Department has determined that Australia and the U.K. have export control systems comparable to the U.S. New ITAR exemptions effective September 1, 2024 remove licensing requirements for 70–80% of commercial defense trade between the three AUKUS countries. If your program involves Australian or UK organizations, review whether these exemptions apply to your specific technology categories.

What GameChangers does about ITAR

The platform does not verify, validate, or certify ITAR compliance. It flags ITAR-controlled mission categories at the search layer, requires explicit acknowledgment from applicants on ITAR-flagged missions, and includes a compliance disclosure section in every contract. These flags surface the issue before any technical data is shared — they don't replace legal counsel.

The platform principle: every professional working on ITAR-adjacent programs should have an attorney review their engagement terms. The platform creates the conditions for that conversation to happen before work begins, not after a violation occurs.