Those are excellent questions, for sure.
Based on the information that is provided and surfaced through the exporter requirements, we are able to do risk assessments based on our gauge of whether or not the person is compliant. In certain circumstances—to extend to the example you provided—if there are individuals, modes of transport or destinations for export that have previous enforcement actions, or that are linked to other problematic entities, criminal networks or organized criminality domestically, those are the types of threads that we will pull through the targeting process.
Our export controls are also intended to identify these types of illicit activities. We would not only assess the administrative compliance in the full and truthful verification of information supporting the export, but—