[Federal Register Volume 74, Number 227 (Friday, November 27, 2009)] [Notices] [Pages 62319-62327] From the Federal Register Online via the Government Publishing Office [www.gpo.gov] [FR Doc No: E9-28328] ----------------------------------------------------------------------- DEPARTMENT OF HEALTH AND HUMAN SERVICES Office of the Secretary Screening Framework Guidance for Synthetic Double-Stranded DNA Providers AGENCY: Department of Health and Human Services, Office of the Secretary. ACTION: Notice. ----------------------------------------------------------------------- Authority: Public Health Service Act, 42 U.S.C. 241, Section 301; HSPD-10. SUMMARY: To reduce the risk that individuals with ill intent may exploit the commercial application of nucleic acid synthesis technology to access genetic material derived from or encoding Select Agents or Toxins, the U.S. Government has developed recommendations for a framework for synthetic nucleic acid screening. This document is intended to provide guidance to producers of synthetic genomic products regarding the screening of orders so that these orders are filled in compliance with current U.S. regulations and to encourage best practices in addressing potential biosecurity concerns. Following this guidance is voluntary, though many specific recommendations serve to remind providers of their obligations under existing regulations. The target audience for this guidance is the gene and genome synthesis industry, because the technical hurdles for de novo synthesis of Select Agents and Toxins from double-stranded DNA are much lower than for de novo synthesis of these agents from single-stranded oligonucleotides. This guidance proposes a screening framework for commercial providers of synthetic double-stranded DNA 200 base pairs (bps) or greater in length to address concerns associated with the potential for misuse of their products. The framework includes customer screening and sequence screening, follow-up screening as necessary, and consultation with U.S. Government contacts, as needed. This guidance is submitted for public consideration and comment for a period of 60 days. The Office of the Assistant Secretary of Preparedness and Response (ASPR) within the Department of Health and Human Services (HHS) is submitting this document for public consideration as the lead agency in a broad interagency process to draft the guidance. DATES: The public is encouraged to submit written comments on this proposed action. Comments may be submitted to HHS/ASPR in electronic or paper form at the HHS/ASPR e-mail address, mailing address, and fax number shown below under the heading FOR FURTHER INFORMATION CONTACT. All comments should be submitted by January 26, 2010. All written comments received in response to this notice will be available for review by request. FOR FURTHER INFORMATION CONTACT: Jessica Tucker, Ph.D., Office of Medicine, Science, and Public Health, Office of the Assistant Secretary for Preparedness and Response, U.S. Department of Health and Human Services, 330 C Street, SW., Room 5008B, Washington, DC 20201; phone: 202-260-0632; fax: 202-205-8494; e-mail address: [email protected]. SUPPLEMENTARY INFORMATION: Screening Framework Guidance for Synthetic Double-Stranded DNA Providers I. Summary Synthetic biology, the developing interdisciplinary field that focuses on both the design and fabrication of novel biological components and systems as well as the re-design and fabrication of existing biological systems, is poised to become the next significant transforming technology for the life sciences and beyond. Synthetic biology is not constrained by the requirement of using existing genetic material. Thus, technologies that permit the directed synthesis of polynucleotides have great potential to be used to generate organisms, both currently existing and novel, including pathogens that could threaten public health, agriculture, plants, animals, the environment, or material. To reduce the risk that individuals with ill intent may exploit the commercial application of nucleic acid synthesis technology to access genetic material derived from or encoding Select Agents or Toxins, the U.S. Government has developed recommendations for a framework for synthetic nucleic acid screening. This document is intended to provide guidance to producers of synthetic genomic products regarding the screening of orders so that these orders are filled in compliance with current U.S. regulations and to encourage best practices in addressing potential biosecurity concerns. Following this guidance is voluntary, though many specific recommendations serve to remind providers of their obligations under existing regulations. The target audience for this guidance is the gene and genome synthesis industry, because the technical hurdles for de novo synthesis of Select Agents and Toxins from double-stranded DNA are much lower than for de novo synthesis of these agents from single- stranded oligonucleotides. This guidance proposes a screening framework for commercial providers of synthetic double-stranded DNA 200 base pairs (bps) or greater in length to address concerns associated with the potential for misuse of their products. The framework includes customer screening and sequence screening, follow-up screening as necessary, and consultation with U.S. Government contacts, as [[Page 62320]] needed. Briefly, upon receiving an order for synthetic double-stranded DNA, the U.S. Government recommends that the provider perform customer screening. If the information provided by the customer raises any `red flags,' providers should perform follow-up screening. If no customer identity concerns or other `red flags' are raised in customer screening, sequence screening is recommended. If sequence screening raises any concerns, providers should pursue follow-up screening to clarify the end-use of the ordered sequence. If follow-up screening does not resolve concerns about the order or there is reason to believe a customer may intentionally or inadvertently violate U.S. laws, providers should contact designated entities within the U.S. Government for further information. This guidance also provides recommendations regarding proper records retention protocols and screening software. II. Introduction Synthetic biology is distinct from traditional recombinant DNA technology in some key aspects: (1) It is not constrained by the requirement for using existing genetic material, and (2) it is an interdisciplinary field that includes biologists, engineers, chemists, and computer modelers. It is the former novel feature, along with rapid advances in DNA synthesis technology and the open availability of pathogen genome sequence data, that has raised concerns in the scientific community, the nucleic acid synthesis industry, the U.S. Government, and the general public. Within the U.S., microbial organisms and toxins that have been determined to have the potential to pose a severe threat to public health and safety, animal health, plant health, or animal or plant products are regulated through the Select Agent Regulations (SAR), administered by the Department of Health and Human Services/Centers for Disease Control and Prevention (CDC) and the U.S. Department of Agriculture/Animal and Plant Health Inspection Service (USDA/APHIS). The SAR sets forth requirements for the possession, use, and transfer of listed agents. Technologies that permit the directed synthesis of polynucleotides, which underlie synthetic biology and more specifically synthetic genomics, could enable individuals not authorized to possess Select Agents to gain access to them through their de novo synthesis. Such synthesis obviates the need for access to the naturally occurring agents or naturally occurring genetic material from these agents, thereby greatly expanding the potential availability of these agents. The National Science Advisory Board for Biosecurity (NSABB) was charged with identifying the potential biosecurity concerns raised by the ability to synthesize Select Agents and providing advice on whether current U.S. Government policies and regulations adequately cover the de novo synthesis of Select Agents. Their report entitled Addressing Biosecurity Concerns Related to the Synthesis of Select Agents was formally transmitted to the U.S. Government in March 2007. Federal Departments and Agencies with equities relevant to life science research and/or security deliberated over the NSABB recommendations and identified a series of relevant policy actions targeted to promote risk management, while seeking to minimize negative impacts upon scientific progress or industrial development. One of the formal policy actions in regard to Synthetic DNA and Biological Security charged Federal Departments and Agencies to ``engage stakeholders in industry and academia to identify, evaluate and support the establishment of a screening infrastructure for use by commercial providers and users of synthetic nucleic acids.'' Toward this end, this document provides guidance to synthetic nucleic acid providers regarding a screening framework for synthetically derived double-stranded DNA orders that are 200 bps or greater in length. Specific recommendations are in bold type throughout the text. III. Goals of Guidance The primary goal in developing guidance for synthetic nucleic acid providers is to minimize the risk that unauthorized individuals or individuals with malicious intent will gain access to toxins and organisms of concern through the use of nucleic acid synthesis technologies, while at the same time minimizing any negative impacts on the conduct of research and business operations. These guidelines were developed to be easily integrated within providers' existing protocols with minimal cost, and to be globally extensible, both for U.S.-based firms operating abroad and for international companies. Providers of synthetic nucleic acids have two overriding responsibilities in this context:Providers should know to whom they are selling a product Providers should know if the nature and identity of the product that they are selling poses a hazard to public health, agriculture, or security To help providers meet these responsibilities, this guidance outlines a screening framework that addresses both customer screening (customer identity) and sequence screening (product identity). Though certain guidance provided in this document is necessarily framed by U.S. policy and regulations, the guidelines were composed so that fundamental goals, provider responsibilities, and the screening framework could be considered for application by the international community. In particular, though the Select Agents and Toxins that are a primary focus of these guidelines may not be relevant for all countries, the sequence screening framework has been developed so that it could be applied to other categories of agents that may be relevant for other regions. IV. Overall Process: Synthetic Nucleic Acid Screening Framework Providers should consider establishing a comprehensive and integrated screening framework that includes both customer screening and sequence screening. Customer Screening--The purpose of customer screening is to establish the legitimacy of customers ordering synthetic nucleic acid sequences, both at the level of the individual and the organization. Providers should develop customer screening mechanisms to verify customer identities, to identify potential `red flags,' and to conform to U.S. trade restrictions and export control regulations. Sequence Screening--The purpose of sequence screening is to identify when sequences of concern are ordered. Identification of a sequence of concern does not necessarily imply that the order itself is of concern. Rather, when a sequence of concern is ordered, further customer screening procedures should be used to determine if filling the order would raise cause for concern. Sequence screening is currently being recommended for all double-stranded DNA 200 bps or greater in length. Many customers will likely volunteer information about their identity or the sequence they are ordering. Providers should corroborate this information as part of their screening framework. The following overall screening methodology is recommended: 1. Upon receiving an order for synthetic double-stranded DNA, the U.S. Government recommends reviewing the information provided by the customer to verify their identity and identify potential `red flags' (referred to as customer screening). If the information provided raises any [[Page 62321]] concerns, providers should ask the customer for additional information to clarify the customer's need for the order and its intended end-use (referred to as follow-up screening). Providers should also check customers and their affiliated organizations against lists of denied or blocked persons and entities maintained by the Departments of Commerce, State, and Treasury. 2. If no concerns or `red flags' are raised during customer screening, the U.S. Government recommends screening the ordered sequence to identify sequences derived from or encoding Select Agents and Toxins \1\ (referred to as sequence screening). For international customers, providers should also screen the ordered sequence to identify sequences derived from or encoding the agents and toxins on the Export Administration Regulation's (EAR's) Commerce Control List (CCL).\2\ Scenarios of concern may include: --------------------------------------------------------------------------- \1\ Please see http://www.selectagents.gov to access the most recent Select Agents and Toxins List. \2\ Visit http://www.access.gpo.gov/bis/ear/ear_data.html to access the most recent Commerce Control List and review the Export Administration Regulations. --------------------------------------------------------------------------- a. If an ordered nucleic acid can be classified as a Select Agent or Toxin based on the SAR \3\ or is identified as a sequence of concern (defined in Section V.B.1.), additional customer verification steps should be performed and may in some cases be required. --------------------------------------------------------------------------- \3\ The CDC/APHIS national Select Agent registry Web site (http://www.selectagents.gov) contains a guidance document entitled ``Applicability of the Select Agent Regulations to Issues of Synthetic Genomics'' to assist providers in identifying synthetically derived Select Agent materials that would fall under the current regulations. The regulation of Select Agents and Toxins currently includes (1) Nucleic acids that can produce infectious forms of any Select Agent viruses and (2) Recombinant nucleic acids that encode for the functional form(s) of any of the regulated toxins if the nucleic acids: (i) Can be expressed in vivo or in vitro, or (ii) Are in a vector or recombinant host genome and can be expressed in vivo or in vitro. --------------------------------------------------------------------------- b. If an ordered nucleic acid can be classified as a Select Agent or Toxin based on the SAR, providers must be registered under the SAR to possess the nucleic acid. Transfer of the material from the producer must be done in accordance with USDA APHIS and CDC procedures using the APHIS/CDC Form 2 to obtain authorization for and to document the transfer. Additional information on the transfer of select agents and toxins is available at http://www.selectagents.gov. c. If an order is defined as a genetic element that is listed on the CCL, additional restrictions or licensing requirements may exist for international orders. 3. If sequence screening or customer screening raises any concerns, providers should pursue follow-up screening to clarify the end-use of the ordered sequence. The goal of follow-up screening is to assist the provider in determining whether to fill the order. If the provider encounters a scenario where they would benefit from additional assistance in assessing an order, the provider is encouraged to seek advice from the relevant U.S. Government Departments and Agencies by contacting the nearest FBI Field Office Weapons of Mass Destruction (WMD) Coordinator. The WMD Coordinator can be reached by contacting the local FBI Field Office and asking to be connected to the FBI WMD Coordinator. V. Pertinent Screening Definitions and Details This section reviews pertinent definitions and provides details of the steps involved in the recommended screening framework. These steps include customer screening, sequence screening, and follow-up screening. A. Customer Screening Customer screening encompasses two overarching responsibilities of providers: Customer verification and identification of any `red flags.' 1. Customer Verification To ensure compliance with U.S. regulations concerning exports and sanctioned individuals and countries, the U.S. Government recommends that, for every order, synthetic nucleic acid providers: (1) Gather the following information to verify a customer's identity: Customer's (and end-user's, if different) full name and contact information Billing address and shipping address (if not the same) Customer's institutional or corporate affiliation (if applicable) Name of institution's Biological Safety Officer (if applicable) (2) Screen customers against several lists of proscribed entities (described in Section VI). Lack of affiliation with an institution or firm does not automatically indicate that a customer's order should be denied. In such cases, the U.S. Government recommends conducting follow-up screening. The U.S. Government recommends that companies retain electronic copies of customer orders for at least eight years based on the statute of limitations set forth by U.S. Code Title 18 Section 3286.\4\ --------------------------------------------------------------------------- \4\ The eight-year statute of limitations in Section 3286 applies to the offense defined by Title 18 Section 175(b) (possession of biological agents with no reasonable justification). --------------------------------------------------------------------------- The U.S. Government recommends archiving the following information: Customer (and end-user, if different) information (name, organization, address, and phone number), order sequence information, and order information (date placed and shipped, shipping address, and receiver name). 2. `Red Flags' In reviewing the customer's order information, providers should take into account any circumstances in the proposed transaction that may indicate that the order may be intended for an inappropriate end- use, end-user or destination. These are known as `red flags.' The following is an illustrative list of indicators that can help in identifying suspicious orders of synthetic double-stranded DNA: A customer whose identity is not clear, who appears evasive about their identity or affiliations, or whose information cannot be confirmed or verified (e.g., addresses do not match, not a legitimate company, no Web site, cannot be located in trade directories, etc.). A customer or intermediary agent who would not be expected in the course of their normal business to place such an order (e.g., no connection to life science research, biotechnology or requirement for DNA synthesis services). An unusually large order of DNA sequences, including larger than normal quantities, the same order placed several times, or several orders of the same sequence made in a short timeframe. A customer that requests unusual labeling or shipping procedures (e.g., requests to misidentify the goods on the packaging, requests to deliver to a private address, or requests to change the customer's name after the order is placed, but before it is shipped). A customer proposing an unusual method of payment (e.g., arranging payment in cash, personal credit card or through a non-bank third party) or offering to pay unusually favorable payment terms, such as a willingness to pay a higher than expected price. A customer that requests unusual confidentiality conditions regarding the order, particularly with respect to the final destination or the destruction of transaction records. [[Page 62322]] If a review of customer information reveals one or more `red flags,' the U.S. Government recommends that providers exercise due diligence, inquire regarding the circumstances, and verify the end-use and end-user (see follow-up screening). If providers are unsure about whether to fill an order, they should contact the U.S. Government for further information. B. Sequence Screening Sequence screening is intended to elicit information detailing the characteristics of the ordered nucleic acid sequence and to determine whether the customer has placed an order for a sequence of concern, based on the product identity. Providers should screen ordered sequences that are 200 bps in length or greater. 1. Identifying Sequences of Concern The U.S. Government recommends that nucleic acid sequences be screened for nucleic acids derived from or encoding Select Agents and Toxins and, for foreign orders, for nucleic acids derived from or encoding pathogens and toxins on the Commerce Control List. The U.S. Government chose the agents and toxins identified by HHS and USDA as ``Select Agents and Toxins'' as the most appropriate list of agents of concern against which providers should screen orders since: The list is comprised of high consequence pathogens and toxins that have the potential to pose a severe threat to human, animal, or plant health or to animal or plant products Their possession, use, and transfer are managed through Federal regulations. A list of biological agents and toxins that affect humans has been promulgated by HHS/CDC (HHS Select Agents and Toxins, 42 CFR 73.3). A list of biological agents that affect animals and animal products has been promulgated by USDA/APHIS/Veterinary Services (USDA Select Agents and Toxins, 9 CFR 121.3). A list of agents that affect plants and plant products has been promulgated by USDA/APHIS/Plant Protection and Quarantine (USDA Select Agents and Toxins, 7 CFR 331.3). Additionally, HHS and USDA promulgated a list of ``overlap'' agents that affect both humans and animals (42 CFR 73.4 and 9 CFR 121.4). The Select Agent and Toxins lists are reviewed biennially and updated as needed to include additional agents or toxins that may pose a biosecurity concern. Therefore, for the purposes of this guidance, ``agents of concern'' are classified as Select Agents and Toxins, and ``sequences of concern'' are sequences derived from or encoding Select Agents and Toxins. For foreign orders, ``agents of concern'' also include pathogens and toxins on the EAR's CCL, and ``sequences of concerns'' includes those nucleic acids derived from or encoding those pathogens and toxins.\5\ --------------------------------------------------------------------------- \5\ The EAR provisions are subject to change, as they are regularly updated pursuant to multilateral agreements. --------------------------------------------------------------------------- If a customer orders a synthetic nucleic acid that can be classified as a Select Agent or Toxin, the provider must abide by the CDC and USDA/APHIS Select Agent Regulations (42 CFR 73, 7 CFR 331, and 9 CFR 121). The CDC/APHIS national Select Agent registry Web site (http://www.selectagents.gov) contains a guidance document developed by the national Select Agent regulatory programs to assist providers in identifying synthetically derived Select Agent materials that would fall under the current regulations. Providers of regulated nucleic acids must be registered with CDC or APHIS in order to synthesize these materials. The U.S. Government acknowledges that there are synthetic nucleic acid sequences from non-Select Agents or Toxins that may pose a biosecurity concern. Synthetic nucleic acid providers may choose to investigate such sequences as part of their best practices. However, due to the complexity of determining pathogenicity and because research in this area is ongoing, a list of additional non-Select Agent or Toxin sequences or organisms to screen against would not be comprehensive and consequently are not provided by the U.S. Government in this guidance. Because the CCL and the Select Agents and Toxins list are not identical, separate screening for those sequences on the CCL is recommended for international orders. 2. Technical Goals and Recommendations for Sequence Screening The reliable and accurate detection of synthetic nucleic acid sequences derived from or encoding sequences or agents of concern is the primary goal of sequence screening. In considering various sequence screening methodologies, the U.S. Government developed the following list of specific technical goals and recommendations for a sequence screening methodology: The U.S. Government recommends that the sequence screening method should identify sequences unique to Select Agents and Toxins. Many DNA sequences encode genes that are required to maintain normal cellular physiology, otherwise known as ``house-keeping genes.'' These ``house- keeping genes'' are highly conserved between pathogenic and non- pathogenic species. Screening methodologies that recognize highly conserved sequences such as ``house-keeping genes'' as positive hits for sequences of concern not only offer little to no biosecurity benefit, but may impede the screening efforts. Such methodologies would produce a larger number of hits adding extra burden for screeners and potentially resulting in actual sequences of concern being overlooked. Additionally, such a system may hamper scientific research by falsely assigning sequences from closely related microbes as sequences of concern. The U.S. Government recommends that sequence screening be performed for both DNA strands and the resultant polypeptides derived from translations using the three alternative reading frames on each DNA strand (or six-frame translation). Each amino acid is encoded by a codon, a three nucleotide sequence of DNA. The correspondence from codon to amino acid is not unique. A given amino acid may be encoded by one to six distinct codons, which means that an amino acid polypeptide can be encoded by many different DNA sequences. Consequently, to determine whether a nucleotide sequence encodes for a sequence or agent of concern, it is necessary to screen the six-frame translation polypeptides encoded by the DNA sequences in addition to the DNA sequences themselves. The U.S. Government recommends that sequence alignment methods should permit the detection of ``sequences of concern'' of 200 bps that may be hidden within larger sequence orders. Genes vary widely in length. If a sequence screening system assesses only the overall sequence length without any local checks, a sequence of concern can go undetected if inserted within a larger, benign sequence. The screening routine should be capable of local sequence alignments to ensure that potentially harmful sequences, embedded within larger sequences, are not overlooked. 200 bps is set as the limit for sequences of concern since synthetic nucleic acids smaller than 200 bps can be readily ordered as oligonucleotides, and gene synthesis companies are the target audience for this guidance. 3. Sequence Screening Methodology The U.S. Government considered two distinct screening approaches, one based on a curated database of known sequences of concern and another utilizing a method called ``Best Match.'' [[Page 62323]] The first approach requires the creation of databases identifying specific features such as known pathogenic sequences, virulence factors, house-keeping genes, etc. While the acquisition of such knowledge is progressing, at this time customized database approaches are unable to provide a robust solution that can be implemented by DNA synthesis providers. Consequently, the U.S. Government recommends a ``Best Match'' approach for sequence screening. In this approach, a query sequence is deemed to be unique to a Select Agent or Toxin if the sequence (amino acid) is more closely related to a Select Agent or Toxin sequence than to a non-Select Agent or Toxin sequence. Sequences that are equally related to both a Select Agent or Toxin and a non-Select Agent or Toxin will not produce a sequence hit. As a result, the number of hits for sequences that can be obtained from non-Select Agents and Toxins will be reduced. To meet the goals and recommendations stated above, the U.S. Government recommends that each sequence be broken into a six- frame translation of 200 bp nucleotide segments. Each resulting 66 amino acid sequence should be compared to the GenBank protein sequence database using a sequence alignment tool. The ``Best Match'' is the sequence or sequences with the greatest percent identity over the entire 66 amino acid sequence. If the ``Best Match'' is to a Select Agent or Toxin sequence, with no equivalent hits to a non-Select Agent or Toxin, the order should be further investigated by the provider as a potential sequence hit. The ``Best Match'' approach is intended to minimize the number of sequence hits due to genes that are shared among both Select Agents or Toxins and non-Select Agents or Toxins. Nonetheless, some harmless sequences in Select Agents or Toxins or those that are routinely used in scientific research may result in a hit during this sequence screen. The U.S. Government recommends that providers develop, maintain, and document protocols to determine if a sequence hit qualifies as a true sequence of concern. Additionally, providers should keep records of all hits even if the order is deemed acceptable. In cases where the provider is unable to make the determination, advice can be sought from the relevant U.S. Government Departments and Agencies by contacting the nearest FBI Field Office Weapons of Mass Destruction Coordinator. The provider may deem some sequences from non-Select Agents and Toxins to be a biosecurity concern. The U.S. Government recommends that providers continue to exercise their due diligence in the investigation of screening hits against non-Select Agents and Toxins that may raise a biosecurity concern. These sequence screening methodology recommendations do not preclude the use of curated databases in addition to the ``Best Match'' approach. The development of such databases is encouraged as an additional screening tool that will improve with time as additional data becomes available. Providers may choose to use other screening approaches that they assess to be equivalent or superior to the ``Best Match'' approach. The U.S. Government recommends that providers develop, maintain, and document their sequence screening protocol within company records. The U.S. Government recognizes that continued research and development may lead to new and improved screening methodologies. As new methods are developed, U.S. guidance may change accordingly. C. Follow-Up Screening Follow-up screening may be warranted if customer screening reveals any `red flags' or sequence screening results in a hit. In any case where there are abnormal circumstances surrounding the order or the customer has ordered a sequence of concern, the U.S. Government recommends that providers ask for information regarding the customer's proposed end-use of the order to help assess their need and the scientific legitimacy of their work. Sample end-uses of ordered synthetic nucleic acids could include, but are not limited to: Identification of pathogenicity genes via marker-deletion mutagenesis Training for threat agent detection Production of organism for experimental research studies If the customer is associated with an institution or firm, providers should also contact the customer's biological safety officer, supervisor, lab director or director of research in order to verify the customer's identity and need. If the customer is not affiliated with an institution or firm, providers should also conduct a literature review of the customer's past research to verify his or her identity and need. VI. Recommended Processes for Domestic and International Orders This section outlines recommendations for specific screening processes for orders from domestic and international customers. The customer screening, sequence screening, and follow-up screening protocols that are referenced in this section are defined and described in Section V. Most of the information provided in this section serves as a reminder to providers to ensure they are meeting their legal obligations not to conduct unapproved business transactions with certain proscribed entities. A. Domestic Orders Once a domestic customer order is received, the provider should conduct customer screening. In addition to verifying the customer identity and identifying any `red flags,' providers should be aware of regulatory and statutory prohibitions for U.S. persons from dealing with certain foreign persons, entities and companies. In order to avoid violating U.S. law, providers are encouraged to check the individual placing the order and the individual's affiliated institution (when applicable) against several lists of proscribed entities before filling each order, including the: Department of Treasury Office of Foreign Assets Control (OFAC) list of Specially Designated Nationals and Blocked Persons (SDN List). Department of State list of persons engaged in proliferation activities. Department of Commerce Denied Persons List (DPL). According to U.S. regulations, no U.S. persons or entities may conduct business transactions with individuals or entities on the SDN List without a license from OFAC. This list is maintained by OFAC. OFAC only provides a license to deal with individuals on the SDN List in extremely limited circumstances.\6\ --------------------------------------------------------------------------- \6\ Additional information, including the SDN List, is available at: http://www.treas.gov/offices/enforcement/ofac/sdn/. --------------------------------------------------------------------------- According to U.S. regulations, no U.S. persons or entities may conduct business transactions with individuals sanctioned by the Department of State for engaging in proliferation activities.\7\ --------------------------------------------------------------------------- \7\ Announcements of such sanctions determinations are printed in the Federal Register and are maintained on the Department of State's Web site (http://www.state.gov/t/isn/c15231.htm). --------------------------------------------------------------------------- Additionally, the U.S. Government recommends that providers screen customers against the DPL for domestic orders. This list includes those firms and individuals whose export privileges have been denied. While the Department of Commerce only regulates exports and therefore does not require that companies screen their domestic customers against the list, it recommends that they do so, to avoid [[Page 62324]] unwittingly passing on sensitive technology or materials to U.S. residents known to be involved in proliferation activities.\2\ Because the updated lists are available online, providers should ensure they are using the most recently updated lists when screening customers against these lists. If no concerns are raised after consulting these lists, the provider should proceed to sequence screening. If a sequence of concern is identified, providers should conduct follow-up screening. If there are concerns after consulting these lists, providers should consider seeking assistance from the U.S. Government as outlined in Section VII. B. Foreign Orders Once an order from a foreign customer is received, the provider should conduct customer screening. In addition to complying with the rules described for domestic orders, all providers who export products from the United States to international customers must comply with the U.S. export laws, including the International Emergency Economic Powers Act,\8\ the Trading with the Enemy Act,\9\ and any implementing U.S. Government regulations or Presidential Executive orders. Certain transactions with sanctioned countries may be permitted but may require a license from OFAC and/or the Department of Commerce's Bureau of Industry and Security (BIS). Most transactions involving Cuba, Iran, and Sudan are prohibited. In order to comply with the U.S. export laws and regulations, providers must first determine whether a given transaction with a sanctioned country is permitted, and, if not permitted, obtain any appropriate export licenses or other U.S. Government permissions prior to exporting any product to sanctioned countries. --------------------------------------------------------------------------- \8\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/ieepa.pdf for additional information. \9\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/twea.pdf for additional information. --------------------------------------------------------------------------- According to U.S. regulations, no U.S. persons or entities may conduct transactions with individuals or entities on the SDN List without a license from OFAC. This list is maintained by OFAC. OFAC only provides a license to deal with individuals on the SDN List in extremely limited circumstances.\6\ According to U.S. regulations, no U.S. persons or entities may conduct business transactions with individuals sanctioned by the Department of State for engaging in proliferation activities.\7\ If no concerns are identified during customer screening or the checks against the lists delineated above, the provider should perform sequence screening. In addition to performing sequence screening for Select Agents and Toxins, providers are also encouraged to perform sequence screening of orders from foreign customers to determine whether they are governed by the EAR. As a member of the Australia Group, the United States requires exporters through the EAR to obtain export licenses for exports of reading-frame length nucleic acid sequences from pathogens listed under Export Control Classification Numbers (ECCNs) 1C351, 1C352, 1C353, and 1C354. The EAR also requires exporters to obtain licenses for exports of reading-frame length nucleic acid sequences from pathogens on the Select Agent list not listed elsewhere on the CCL (ECCN 1C360). The EAR requirements specifically apply to genetic elements that encode toxins or sub-units of controlled toxins or genetic elements associated with pathogenicity of controlled microorganisms. Because the EAR's CCL and the Select Agents and Toxins list are not identical, separate screening for those sequences on the CCL is necessary for international orders. The U.S. Government recommends that in addition to screening for Select Agents and Toxins, providers use a ``Best Match'' approach to identify pathogens and toxins on the CCL when an order is placed by an international customer. If the ordered synthetic nucleic acid is controlled under ECCN 1C353 and is capable of encoding a protein, an export license is necessary for all international orders, according to the EAR.\2\ Even for exported items that do not have a specific entry on the CCL and are considered under EAR 99 (for which a license is not required to most destinations), certain individuals and organizations are prohibited from receiving U.S. exports and others may only receive goods if they have been licensed. As a result, before filling an international order for any synthetic nucleic acid that cannot be classified under an ECCN, providers must consult several lists of such individuals and organizations according to the EAR. If the customer appears on any of these lists, additional action is required and an export license may be necessary, depending on the list.\10\ These lists include the DPL, the Entity List (EL), and the Unverified List (UL). --------------------------------------------------------------------------- \10\ A general review of export control basics is available at http://www.bis.doc.gov/licensing/exportingbasics.htm. --------------------------------------------------------------------------- In addition to the SDN List and proliferation sanctions notifications, providers must not conduct business with persons and entities on the DPL based on the EAR.\2\ The DPL includes parties that have been denied export and reexport privileges. In accordance with the EAR, exports to persons or entities on the EL require an export license.\2\ The EL contains a list of names of certain foreign persons--including businesses, research institutions, government and private organizations, individuals, and other types of legal persons--that are subject to specific license requirements for the export, reexport and/or transfer (in-country) of specified items. On an individual basis, the persons on the EL are subject to licensing requirements and policies supplemental to those found elsewhere in the EAR. The presence of a party on the UL in a transaction is a ``red flag'' that should be resolved before proceeding with the transaction.\2\ The UL includes names and countries of foreign persons who in the past were parties to a transaction with respect to which BIS could not conduct a pre-license check (PLC) or a post-shipment verification (PSV) for reasons outside of the U.S. Government's control. Additional ``red flags'' can be found in Supplement No. 3 to Part 732 of the EAR. To avoid violating U.S. laws and regulations, providers should consult these lists whenever an international customer places an order. Because the updated lists are available online, providers should ensure they are using the most recently updated lists when screening customers against these lists. The U.S. Government recommends that the provider check the individual placing the order and the individual's affiliated institution (when applicable) against these lists. Additionally, U.S. persons or entities may not export, reexport, or transfer (in-country) an item subject to the EAR without a license if, at the time of export, reexport, or transfer (in-country) the exporter knows that the item will be used in the design, development, production, stockpiling, or use of biological weapons in or by any country or destination, worldwide. If any of these checks reveals cause for concern, the provider should proceed according to the details provided in Section VII. Additionally, if a sequence of concern is identified after sequence screening, follow-up screening should occur. If an order involves an export, according to the EAR, both the provider [[Page 62325]] and customer are required to maintain documentary evidence of the transaction and are prohibited from misrepresenting or concealing material facts in licensing processes and all export control documents.\2\ VII. Contacting the U.S. Government In cases where follow-up screening cannot resolve an issue raised by either customer screening or sequence screening, the U.S. Government recommends that providers contact one of the following agencies for further information: Federal Bureau of Investigation (FBI) If an order turns up `red flags' or includes a sequence of concern and follow-up screening does not sufficiently clarify the customer's identity and the order's intended end-use, providers should contact the Weapons of Mass Destruction (WMD) Coordinator at their nearest FBI Field Office. Providers should also contact the WMD Coordinator if the follow-up screening reveals that the customer has no legitimate need for the order. CDC and APHIS Select Agent Regulatory Programs (Select Agent Programs) If necessary, the CDC and APHIS Select Agent regulatory programs can be contacted through the national Select Agent Web site (http://www.selectagents.gov). The CDC program can be contacted directly via e- mail at [email protected] or by fax at 404-718-2096. The APHIS program can be contacted directly via e-mail at [email protected] or by fax at 301-734- 3652. Department of Commerce If sequence screening reveals that an order from an international customer contains a Select Agent or sequence of concern, providers should contact the nearest field office of the Department of Commerce's Office of Export Enforcement. Providers should also contact the Office of Export Enforcement if they receive an international order from a country currently subject to a U.S. trade embargo or a customer that is on one of the proscribed lists described in Section VI. The Department of Commerce will contact other U.S. Government agencies as necessary. The supervisory office is in Washington, DC and the phone number is 202-482-1208. Locations and contact information for all field offices are available at http://www.bis.doc.gov/about/programoffices.htm. Assistance from an export counselor at the Department of Commerce is available by calling 202-482-4811. Scenarios If providers encounter one of the following scenarios and are unable to resolve issues raised by customer screening or sequence screening, they can contact one of the following U.S. Government agencies for assistance, using the contact information provided above: 1. Provider receives double-stranded synthetic DNA order and a customer flag (suspicious customer) is identified in customer screening. Recommend the provider contact the nearest FBI Field Office WMD Coordinator. FBI contacts other Departments and Agencies, as appropriate. 2. Provider receives a double-stranded synthetic DNA order that is for a Select Agent or Toxin. Provider should refer to the Select Agent Regulations and follow necessary protocols. If necessary, the provider should contact the appropriate Select Agent Program (CDC or USDA/ APHIS). a. CDC or APHIS may contact FBIHQ as appropriate. 3. Provider receives a double-stranded DNA order that incorporates a sequence of concern; follow-up screening reveals no legitimate purpose \11\ for order or research requirement. Provider contacts the FBI WMD Coordinator. FBI contacts the CDC or APHIS as appropriate. --------------------------------------------------------------------------- \11\ 18 U.S.C. 175(b) defines criminal prohibitions with respect to biological weapons as ``Whoever knowingly possesses any biological agent, toxin, or delivery system of a type or in a quantity that, under the circumstances, is not reasonably justified by a prophylactic, protective, bona fide research, or other peaceful purpose, shall be fined under this title, imprisoned not more than 10 years, or both.'' --------------------------------------------------------------------------- 4. Provider receives an international double-stranded DNA order incorporating a Select Agent or Toxin or a sequence of concern and DOC denies the export license. DOC contacts the FBI as appropriate. 5. Provider receives a double-stranded DNA order from a customer that is listed on one or more restricted lists, which prohibits the fulfillment of the order. Provider contacts the FBI WMD Coordinator. FBI contacts DOC as appropriate. VIII. Customer and Sequence Screening Software and Expertise There are a variety software packages that can assist with the verification of customers and screening against the necessary lists of proscribed entities. Providers should be aware that commercially available software packages may not necessarily address all aspects of customer screening recommended by the U.S. Government. In addition to a sequence database and screening method, appropriate sequence screening software must be selected by synthetic nucleic acid providers. The U.S. Government recommends that synthetic nucleic acid providers select a sequence screening software tool that utilizes both a global and local sequence alignment technique; the most popular algorithm that meets both requirements is the BLAST search tool. BLAST is available for download for free at the NCBI site. Similar tools are also freely or commercially available, or could be designed by the provider to meet their sequence screening needs. By utilizing such a tool, similarity over the length of the sequence being screened and the identification of regions that are similar within longer segments that are not alike are both encompassed in the sequence screening approach. Specific criteria for the statistical significance of the hit (BLAST's e-values) or percent identity values will not be recommended because these details depend on the specific screening protocol. By utilizing the ``Best Match'' approach, the sequence with the greatest percent identity over the entire 66 amino acid sequence should be considered the ``Best Match,'' regardless of the statistical significance or percent identity. The U.S. Government recommends that synthetic nucleic acid providers have the necessary expertise in-house to perform the sequence screenings, analyze the results and conduct the appropriate follow-up research to evaluate the significance of dubious sequence matches. Such follow-up research could include comparing the ordered sequence to information found in the published literature about Select Agents and Toxins or with information found in other databases of Select Agents and Toxins. The U.S. Government recognizes that continued research and development on new and improved bioinformatics tools is desirable. As new methods are developed, U.S. guidance may change accordingly. IX. Records Retention The U.S. Government recommends that companies retain electronic copies of customer orders for at least eight years based on statutory limitations set forth by U.S. Code of Federal Crimes and Procedures, Title 18 Section 3286.\4\ The U.S. Government recommends archiving the following information: Customer (and end-user, if different) information (name, organization, address, and phone number), order sequence information, and order [[Page 62326]] information (date placed and shipped, shipping address, and receiver name). The U.S. Government recommends that providers develop, maintain, and document their sequence screening protocol within company records. The U.S. Government recommends that providers develop, maintain, and document protocols to determine if a sequence hit qualifies as a true sequence of concern. The U.S. Government recommends that providers keep records of any follow-up screening, even if the order was ultimately filled. If an order involves an export, according to the EAR, both the provider and customer are required to maintain documentary evidence of the transaction and are prohibited from misrepresenting or concealing material facts in licensing process and all export control documents.\2\ X. Appendix to Screening Framework Guidance for Synthetic Double- Stranded DNA Providers Summary of Recommendations The field of synthetic genomics is evolving rapidly. This document is intended to provide guidance to producers of synthetic genomic products regarding the screening of orders to ensure that these orders are filled in compliance with current U.S. regulations and encourage best practices in addressing any potential biosecurity concerns. The U.S. Government recommends that all orders for synthetic double- stranded DNA 200 base pairs (bps) in length or greater be subject to a screening framework that incorporates both sequence screening and customer screening. Customer Screening The U.S. Government recommends that, for every order, synthetic nucleic acid providers: (1) Gather the following information to verify a customer's identity: Customer's (and end-user's, if different) full name and contact information Billing address and shipping address (if not the same) Customer's institutional or corporate affiliation (if applicable) Name of institution's Biological Safety Officer (if applicable) (2) Screen customers against several lists of proscribed entities (described under the Domestic Orders and Foreign Orders sections). In cases where the customer is not affiliated with an institution or firm, the U.S. Government recommends that the provider conduct follow-up screening. If a review of customer information reveals one or more `red flags,' the U.S. Government recommends that providers exercise due diligence, inquire regarding the circumstances, and verify the end-use and end-user (see the Follow-Up Screening section). Sequence Screening The U.S. Government recommends that: Nucleic acid sequences be screened using a ``Best Match'' approach to identify nucleic acids that are unique to Select Agents and Toxins. For foreign orders, nucleic acids be screened using a ``Best Match'' approach to identify nucleic acids that are unique to pathogens and toxins on the Commerce Control List. Sequence screening be performed for both DNA strands and the resultant polypeptides derived from translations using the three alternative reading frames on each DNA strand (or six-frame translation). Sequence alignment methods should permit the detection of hidden ``sequences of concern'' as small as 200 bps. If a customer orders a synthetic nucleic acid that can be classified as a Select Agent or Toxin, the provider should consult and must abide by the CDC and USDA/APHIS Select Agent Regulations (42 CFR 73, 7 CFR 331, and 9 CFR 121). In order to produce a regulated Select Agent or Toxin nucleic acid, the producer must be registered with CDC or USDA/APHIS.\12\ --------------------------------------------------------------------------- \12\ Additional information regarding the CDC and USDA/APHIS Select Agent Regulations is available at http://www.selectagents.gov. --------------------------------------------------------------------------- The U.S. Government recommends that providers continue to exercise their due diligence in the investigation of screening hits against non- Select Agents and Toxins that may raise a biosecurity concern. Follow-up Screening When customer screening reveals any `red flags' or sequence screening identifies a sequence of concern, the U.S. Government recommends that providers ask for information regarding the customer's proposed end-use of the order to assess their need and the scientific legitimacy of their work. If the customer is associated with an institution or firm, providers should also contact the customer's biological safety officer, supervisor, lab director or director of research to verify their identity and need. If the customer is not affiliated with an institution or firm, providers should also conduct a literature review of the customer's past research to verify his or her identity and need. Domestic Orders The U.S. Government reminds providers of the following: According to U.S. regulations, no U.S. persons or entities may conduct transactions with individuals or entities on the list of Specially Designated Nationals and Blocked Persons (SDN List) without a license from the Department of the Treasury Office of Foreign Assets Control (OFAC).\13\ --------------------------------------------------------------------------- \13\ Additional information, including the SDN List, is available at: http://www.treas.gov/offices/enforcement/ofac/sdn/. --------------------------------------------------------------------------- According to U.S. regulations, no U.S. persons or entities may conduct business transactions with individuals sanctioned by the Department of State for engaging in proliferation activities.\14\ --------------------------------------------------------------------------- \14\ Announcements of such sanctions determinations are printed in the Federal Register and are maintained on the Department of State's Web site (http://www.state.gov/t/isn/c15231.htm). --------------------------------------------------------------------------- The U.S. Government recommends that providers check domestic customers against the most recent Department of Commerce Denied Persons List (DPL).\15\ --------------------------------------------------------------------------- \15\ Visit http://www.access.gpo.gov/bis/ear/ear_data.html to access the most recent Commerce Control List and review the Export Administration Regulations. --------------------------------------------------------------------------- In order to avoid violating U.S. law, providers are encouraged to check the individual placing the order and the individual's affiliated institution (when applicable) against the most recent versions of these lists of proscribed entities before filling each order. Foreign Orders The U.S. Government reminds providers of the following: All providers who export products from the United States to international customers must comply with the U.S. export laws, including the International Emergency Economic Powers Act (IEEPA),\16\ the Trading with the Enemy Act,\17\ and any implementing U.S. Government regulations or Presidential Executive Orders. Certain transactions with sanctioned countries may be permitted, but most require a license from OFAC and/or the Department of Commerce's Bureau of Industry and Security (BIS). Most transactions involving Cuba, Iran, and Sudan are prohibited. In order to comply with the U.S. export laws and regulations, providers must first determine whether a given transaction with a sanctioned [[Page 62327]] country is permitted, and, if not permitted, obtain any appropriate export licenses or other U.S. government permissions prior to exporting any product to sanctioned countries. --------------------------------------------------------------------------- \16\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/ieepa.pdf for additional information. \17\ Visit http://www.treas.gov/offices/enforcement/ofac/legal/statutes/twea.pdf for additional information. --------------------------------------------------------------------------- According to U.S. regulations, no U.S. persons or entities may conduct business transactions with individuals and entities on the SDN List without a license from OFAC.\13\ According to U.S. regulations, no U.S. persons or entities may conduct business transactions with individuals sanctioned by the Department of State for engaging in proliferation activities.\14\ The Export Administration Regulations (EAR) require that providers have an export license from BIS prior to exporting a synthetic nucleic acid that is controlled by an Export Control Classification Number (ECCN) and is capable of encoding a protein.\15\ U.S. persons or entities may not export, reexport, or transfer (in-country) an item subject to the EAR without a license if, at the time of export, reexport, or transfer (in-country) the exporter knows that the item will be used in the design, development, production, stockpiling, or use of biological weapons in or by any country or destination, worldwide.\15\ In accordance with the EAR, providers must not conduct business with persons and entities on the DPL.\15\ In accordance with the EAR, exports to persons or entities on the Entity List are subject to licensing requirements and policies in addition to those elsewhere in the EAR.\15\ The presence of a party on the UL in a transaction is a ``red flag'' that should be resolved before proceeding with the transaction.\15\ In order to avoid violating U.S. laws and regulations, providers are encouraged to check the individual placing the order and the individual's affiliated institution (when applicable) against the most recent versions of these lists of proscribed entities before filling each order. The U.S. Government recommends that providers utilize a ``Best Match'' approach to identify sequences of pathogens and toxins on the Commerce Control List for international orders. This screen is in addition to the ``Best Match'' sequence screen for Select Agent and Toxin sequences. Contacting the U.S. Government In cases where follow-up screening cannot resolve concerns raised by customer screening or sequence screening, or when providers are otherwise unsure about whether to fill an order, the U.S. Government recommends that providers contact relevant agencies as described in Section VII of ``Screening Framework Guidance for Synthetic Nucleic Acid Providers.'' Customer and Sequence Screening Software and Expertise Providers should be aware that commercially available customer screening software packages may not necessarily address all aspects of customer screening recommended by the U.S. Government. The U.S. Government recommends that: Synthetic nucleic acid providers select a sequence screening software tool that utilizes both a global and local sequence alignment technique. Synthetic nucleic acid providers have the necessary expertise in-house to perform the sequence screenings, analyze the results, and conduct the appropriate follow-up research to evaluate the significance of dubious sequence matches. Records Retention The U.S. Government recommends that: Companies retain electronic copies of customer orders for at least eight years based on the statute of limitations set forth by U.S. Code Title 18 Section 3286.\18\ The following information should be archived: Customer (and end-user, if different) information (name, organization, address, and phone number), order sequence information, and order information (date placed and shipped, shipping address, and receiver name). --------------------------------------------------------------------------- \18\ Section 3286 specifies that no person shall be prosecuted, tried, or punished for any noncapital offense involving certain violations unless the indictment is found or the information is instituted within 8 years after the offense was committed. This statute of limitations applies to Title 18 Section 175(b) (possession of biological agents with no reasonable justification). --------------------------------------------------------------------------- Providers develop, maintain, and document their sequence screening protocols within company records. Providers develop, maintain, and document protocols to determine if a sequence hit qualifies as a true sequence of concern. Providers keep records of hits that required follow-up screening, even if the order was ultimately filled. If an order involves an export, according to the EAR, both the provider and customer are required to maintain documentary evidence of the transaction and are prohibited from misrepresenting or concealing material facts in licensing processes and all export control documents.\15\ Dated: November 19, 2009. Nicole Lurie, Assistant Secretary for Preparedness and Response. [FR Doc. E9-28328 Filed 11-25-09; 8:45 am] BILLING CODE 4150-37-P