The FBI is the lead federal agency for investigating cyber attacks by criminals, overseas adversaries, and terrorists. The threat is incredibly serious—and growing. The public will be able to grow cannabis and hemp legally from June 9 as the herb will be removed from the Category 5 Narcotics list. What You Need to Know Before Importing/Exporting Legal Cannabis Products As the market for hemp derived CBD has exploded, there is increasing interest in international trade in these products and
The Cyber Threat
Malicious cyber activity threatens the public’s safety and our national and economic security. The FBI’s cyber strategy is to impose risk and consequences on cyber adversaries. Our goal is to change the behavior of criminals and nation-states who believe they can compromise U.S. networks, steal financial and intellectual property, and put critical infrastructure at risk without facing risk themselves. To do this, we use our unique mix of authorities, capabilities, and partnerships to impose consequences against our cyber adversaries.
The FBI is the lead federal agency for investigating cyber attacks and intrusions. We collect and share intelligence and engage with victims while working to unmask those committing malicious cyber activities, wherever they are.
Learn more about what you can do to protect yourself from cyber criminals, how you can report cyber crime, and the Bureau’s efforts in combating the evolving cyber threat.
Private Sector Partners
Learn how businesses and organizations can work with the FBI to get ahead of the threat and make an impact on our cyber adversaries.
What You Should Know
- Taking the right security measures and being alert and aware when connected are key ways to prevent cyber intrusions and online crimes. Learn how to protect your computer, network, and personal information.
Understand Common Crimes and Risks Online
- Business email compromise (BEC) scams exploit the fact that so many of us rely on email to conduct business—both personal and professional—and it’s one of the most financially damaging online crimes.
- Identity theft happens when someone steals your personal information, like your Social Security number, and uses it to commit theft or fraud.
- Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return.
- Spoofing and phishing are schemes aimed at tricking you into providing sensitive information to scammers.
- Online predators are a growing threat to young people.
- More common crimes and scams
Respond and Report
File a Report with the Internet Crime Complaint Center
If you are the victim of online or internet-enabled crime, file a report with the Internet Crime Complaint Center (IC3) as soon as possible. Crime reports are used for investigative and intelligence purposes. Rapid reporting can also help support the recovery of lost funds. Visit ic3.gov for more information, including tips and information about current crime trends.
Contact Your Local FBI Field Office
If you or your organization is the victim of a network intrusion, data breach, or ransomware attack, contact your nearest FBI field office or report it at tips.fbi.gov.
Combating the Evolving Cyber Threat
Our adversaries look to exploit gaps in our intelligence and information security networks. The FBI is committed to working with our federal counterparts, our foreign partners, and the private sector to close those gaps.
These partnerships allow us to defend networks, attribute malicious activity, sanction bad behavior, and take the fight to our adversaries overseas. The FBI fosters this team approach through unique hubs where government, industry, and academia form long-term trusted relationships to combine efforts against cyber threats.
Within government, that hub is the National Cyber Investigative Joint Task Force (NCIJTF). The FBI leads this task force of more than 30 co-located agencies from the Intelligence Community and law enforcement. The NCIJTF is organized around mission centers based on key cyber threat areas and led by senior executives from partner agencies. Through these mission centers, operations and intelligence are integrated for maximum impact against U.S. adversaries.
Only together can we achieve safety, security, and confidence in a digitally connected world.
How We Work
Whether through developing innovative investigative techniques, using cutting-edge analytic tools, or forging new partnerships in our communities, the FBI continues to adapt to meet the challenges posed by the evolving cyber threat.
What you can and cannot do with cannabis and hemp
The public will be able to grow cannabis and hemp legally from June 9 as the herb will be removed from the Category 5 Narcotics list.
Share this article
From June 9, here’s what you can do with cannabis and hemp.
Register via app
- People growing marijuana from June 9 do not need to seek permission but will have to register via the Food and Drug Administration’s “Plook Ganja” application.
Importing marijuana, hemp seeds
People can import cannabis and hemp seeds or other parts of the plants without seeking permission.
However, they need to seek import permission according to the 1964 Plant Quarantine Act and the 1975 Plants Act.
People who import plant parts that fall under the Category 5 Narcotics list need to seek permission.
Can you smoke cannabis?
Cannabis is allowed for medical use only. People must possess only legal cannabis products and are not allowed to smoke for recreational use.
What’s the penalty for smoking the plant?
According to the Public Health Act, people who smoke cannabis and/or hemp and their smoke or odour are considered a nuisance without any appropriate reason will face a jail term of up to 1 month or a fine of up to THB2,000.
Can officers search, seize cannabis?
With the new Cannabis-Hemp Act, officers can still search and seize cannabis at “suspicious” sites without a search warrant.
What You Need to Know Before Importing/Exporting Legal Cannabis Products
As the market for hemp derived CBD has exploded, there is increasing interest in international trade in these products and the materials used to make them, including in the United States. For example, a US-based manufacturer of hemp-derived CBD edibles might import the active ingredient for manufacturing and then export the finished product overseas. US-based companies could also be interested in importing or exporting raw materials such as industrial hemp, hemp seeds, or other hemp-derived products.
Below we summarize some of the key US trade compliance considerations for companies seeking to import or export these products. Because every export from the United States by definition involves an import into another country, there will always be at least one other jurisdiction’s import laws to consider.
What should you know about US export controls and economic sanctions?
The first step in determining whether a particular export is permissible under US export controls laws is determining whether the product is described in an export control classification number (“ECCN”) set out in the Commerce Control List (“CCL”) in Part 774 of the Export Administration Regulations (“EAR”). The EAR are enforced by the Bureau of Industry and Security (“BIS”) in the US Commerce Department. The ECCN can be determined in one of several ways, including by self-classifying the product based on a review of the CCL, or by asking BIS for a formal commodity classification ruling referred to as a “CCATS”. Products that are not described on the CCL are assigned a catch-all classification of EAR99, which means they generally do not require a BIS license for export to most destinations. It seems unlikely to us that a hemp or CBD product would be described on the CCL. However, reaching an ECCN determination requires a detailed understanding of a product’s technical parameters, so this review should be conducted by knowledgeable trade compliance counsel with input from product experts at the company.
Even where a product appears to be EAR99 based on a self-classification, there still may be benefit to obtaining a formal CCATS from BIS. First, this could avoid questions from US Customs and Border Protection (“CBP”), which enforces US export control laws at the border and which might question whether the products are described in an ECCN on the CCL. Second, it could be helpful to have a CCATS on hand to provide to other parties involved in the transaction that may want assurances that the export is in compliance with US export control laws, such as banks, intermediaries, and customers.
Exports from the United States to embargoed territories (Crimea, Cuba, Iran, North Korea, Syria) are prohibited without licenses from BIS and/or the Office of Foreign Assets Control (“OFAC”) in the US Treasury Department. (While OFAC is the primary sanctions enforcement agency, BIS and OFAC have overlapping jurisdiction in some cases, so it is always important to consider both agencies’ licensing requirements.) There are narrow licensing programs for products that qualify as agricultural commodities, medicines, and medical devices, with eligibility requirements and licensing policies that vary depending on the sanctions program. We recommend working with knowledgeable trade compliance counsel to determine whether the products might be eligible for these licenses. If so, companies should develop procedures to ensure compliance with the terms and conditions of the relevant licenses. Companies should always watch out for red flags that a customer might divert products to a sanctioned territory without the required licenses.
All of the parties involved in a proposed transaction should be screened against the US restricted parties lists on a transaction-specific basis (such as prior to order acceptance/shipping). Some of the main US restricted parties lists include OFAC’s List of Specially Designated Nationals and Sectoral Sanctions Identifications List, and BIS’ Entity List and Denied Persons List. Depending on which list applies, the involvement of a restricted party could result in the transaction being prohibited or restricted. Also, entities that are 50% or more owned by certain kinds of restricted parties may themselves be restricted, even if not named on a list. Screening should include not only direct counterparties like customers and vendors but also banks, intermediaries, known end-users, etc. Restricted parties can be located anywhere in the world.
Except for certain low-value shipments, information on exports from the United States must generally be provided to the US Census Bureau in a filing known as the Electronic Export Information (“EEI”) based on requirements set out in the Foreign Trade Regulations (“FTR”). For instance, the EEI filing must identify the “Schedule B” number (a 10-digit number used in the United States to classify physical goods for export to another country based on the Harmonized System of classification codes), the ultimate consignee, and the country of ultimate destination, among others. Aside from being used for statistical purposes, EEI filings are reviewed by agencies such as BIS and OFAC for enforcement and export controls purposes.
What should you know about US customs laws?
If the products otherwise comply with US law, there is nothing under US customs laws that would prohibit importing them into the United States. In particular, CBP has confirmed publicly that hemp seeds can be imported into the United States. As with any other types of products, anything imported into the United States must be “classified” in the Harmonized Tariff Schedule of the United States (“HTSUS”). Based on the HTSUS code, and the customs value and the country of origin of the good, the appropriate duties, if any, need to be paid. Importers can self-classify the products or submit an administrative ruling request to CBP prior to importation.
Notwithstanding the legality of these products, there continue to be reports of seizures of legal CBD products imported into the United States. This may be due to the difficulty of distinguishing legal (i.e., hemp-derived) CBD from illegal (i.e., marijuana-derived) CBD without extensive laboratory analysis, and/or it could be due to confusion on the part of CBP officials about what is permitted. For example, in a lawsuit filed in US District Court for the Central District of California, a US-based CBD company alleged that CBP had illegally seized four shipments of Spanish-origin hemp between 2015 and 2018. Three of the shipments are alleged to have been destroyed in part because CBP improperly determined the imports contained controlled substances, notwithstanding documentation from the Spanish growers that the hemp had less than 0.3% THC, making it legal under federal law. The lawsuit has since been settled.
For similar reasons, state and local law enforcement have also stopped hemp crossing state lines, as illustrated by the Big Sky Scientific case in which Idaho troopers seized hemp on its way from Oregon to Colorado. In that case, the hemp was determined to have a THC content at or below .3%, which is legal under federal law, but illegal under Idaho state law. In short, it is clear that imports of CBD products have a greater chance of being stopped by CBP than other products. To avoid unnecessary delays or compliance issues, importers should ensure that CBD imports are accompanied by all required documentation, including phytosanitary certificates, and satisfy all other applicable CBP import documentation requirements, such as the entry summary or entry manifest (as applicable), commercial invoice clearly showing data elements required for customs clearance purposes, and packing list (if applicable).
As in the export context, all parties to an import transaction should be screened against the US restricted parties lists.
How should you ensure compliance?
US trade laws are subject to robust enforcement, frequently resulting in significant fines, reputational damage, and settlement agreements that impose compliance program obligations on companies. It is safe to assume that imports and exports of these products could receive greater scrutiny by the US regulators, at least for the time being while the industry matures. In order to mitigate the risk of violations, companies interested in importing or exporting legal hemp and CBD products should develop and maintain compliance programs designed to ensure compliance with US export controls, sanctions, and customs laws and regulations. This includes procedures for product classification, licensing determinations, and restricted party screening processes.
 This blog post is limited to import/export laws and assumes that the products comply with all relevant domestic laws in the country of import and the country of export such as, in the United States, the Controlled Substances Act and the Food, Drug and Cosmetic Act.