🛡️ ITAR

ITAR Registered Manufacturers in Spokane, WA

Defense work brings a category of risk most commercial sourcing never touches: export-control law that can attach criminal liability to a mishandled drawing. ITAR registration with the State Department's Directorate of Defense Trade Controls is the threshold a Spokane manufacturer must cross before legally producing defense articles or holding controlled technical data. With Fairchild Air Force Base anchoring the regional defense economy and a base of aerospace shops nearby, the Inland Northwest has real ITAR-capable capacity — but registration is only the starting point a buyer needs to understand.

ITARAS9100ISO 9001

What ITAR Registration Actually Means in a Defense Supply Chain

ITAR — the International Traffic in Arms Regulations — governs the manufacture, export, and handling of defense articles and the associated technical data on the United States Munitions List. A manufacturer that produces or even possesses controlled defense technical data must be registered with the Directorate of Defense Trade Controls (DDTC). That registration is an annual obligation, not a one-time credential, and it carries an active compliance burden. A common misconception worth correcting up front: ITAR registration is not a certification in the ISO sense. There's no third-party audit body issuing an ITAR 'certificate.' Registration is a self-executing legal status with DDTC, paired with the company's own obligation to build and follow a compliance program. That means a buyer can't simply trust a logo — you have to confirm the registration and probe how the shop actually controls technical data. For Spokane specifically, the practical relevance is that the region's aerospace and defense shops frequently handle drawings and specifications that fall under ITAR control. Any manufacturer touching that data needs to be registered and needs to restrict access to U.S. persons, because exposing controlled technical data to a foreign person — even an employee on domestic soil — can constitute an export violation.

Confirming Registration and Real Technical-Data Controls

Because there's no public certificate to scan, verification leans on the supplier's own documentation and your due diligence. Ask for confirmation of current DDTC registration — companies receive a registration code and an expiration date, and a registered manufacturer should be able to attest to its status in writing. Many defense buyers fold this into a signed compliance representation rather than relying on a verbal assurance. The more revealing questions are about controls. How does the Spokane shop segregate ITAR-controlled drawings on its network? Who has access, and how do they verify U.S.-person status of employees and any subcontractors who might see the data? Do they have a documented technology control plan, and have they had to file voluntary disclosures? A shop that answers these crisply has lived the regulations; one that treats ITAR as a checkbox is a liability you'll inherit. Watch for specific red flags: controlled drawings emailed without encryption, subcontracting to shops whose ITAR status is unknown, cloud storage in foreign data centers, or shop-floor access by personnel whose status hasn't been verified. In defense work, your prime customer flows ITAR obligations down to you, and you flow them to the Spokane supplier — a weak link anywhere in that chain is your exposure.

Why Defense Buyers Favor Sourcing ITAR Work Domestically and Nearby

ITAR's whole premise is keeping controlled technology under U.S. control, which structurally favors domestic sourcing — offshoring defense articles isn't an option without specific authorizations. That narrows the field to U.S. manufacturers, and within that, proximity carries practical advantages. A Spokane buyer working with a local ITAR-registered shop can run source inspections in person, hand-carry sensitive prints when appropriate, and keep the technical-data footprint tighter than a cross-country relationship allows. The regional defense presence around Fairchild Air Force Base means the Inland Northwest has shops accustomed to defense flow-downs and the discipline they require. That familiarity reduces onboarding friction — you're less likely to be the supplier's first encounter with a technology control plan or a U.S.-person access requirement. The tradeoff mirrors aerospace: specialized processing may still route out of the metro, and each handoff to another facility is another ITAR control point to manage. The fewer companies that touch controlled data, the smaller your compliance surface. When the routing requires a special process, confirm the subprocessor's ITAR status before the data moves, and document the chain.

Frequently Asked Questions

No, and this distinction trips up a lot of buyers. ITAR registration is a legal status with the State Department's Directorate of Defense Trade Controls (DDTC), not a third-party certification with an audit body and a scannable certificate. There's no registrar database equivalent to OASIS or an ISO registrar directory that you can publicly check. Registration is self-executing: a manufacturer that produces defense articles or holds controlled technical data is legally required to register, receives a registration code with an annual expiration, and is obligated to maintain its own compliance program. Verification therefore relies on the supplier attesting to its current registration in writing — most defense buyers capture this in a signed compliance representation — and on your own due diligence into how the shop actually controls technical data. Ask for the registration status directly, and weigh it alongside concrete evidence of a technology control plan, U.S.-person access controls, and secure handling of controlled drawings. The legal status matters, but the operating controls are what protect you.
The core obligation is preventing controlled technical data from reaching any foreign person, including foreign-national employees on U.S. soil, without authorization. A serious Spokane ITAR shop should be able to walk you through several controls. First, network segregation: ITAR-controlled drawings and specifications stored separately with restricted, logged access rather than sitting on a general file share. Second, U.S.-person verification: a documented process for confirming the status of any employee or subcontractor who could view the data. Third, a written technology control plan describing how controlled information is marked, stored, transmitted, and destroyed. Fourth, secure transmission — encrypted transfer of prints rather than plain email, and no storage in foreign-located cloud data centers. Fifth, controlled physical access to areas where controlled work is performed. Ask whether they've ever filed a voluntary disclosure and how they handle subcontractor flow-down. A shop that answers these crisply has operationalized ITAR; vague answers signal compliance risk you would inherit as the buyer flowing obligations down.
ITAR exists to keep controlled defense technology under U.S. jurisdiction, so offshoring defense articles or technical data is effectively off the table without specific government authorization. That immediately narrows your supplier field to domestic manufacturers. Within the domestic pool, sourcing close to home in Spokane adds practical security and efficiency advantages: you can conduct source inspections in person, hand-carry sensitive prints when the situation warrants, and keep the technical-data footprint smaller than a cross-country relationship would. The Inland Northwest's defense economy, anchored by Fairchild Air Force Base, means local shops are already familiar with defense flow-downs, technology control plans, and U.S.-person access requirements, which shortens onboarding. The main caveat is special processing: if a part needs a coating, heat treat, or NDT operation that routes to another facility, each handoff is an additional ITAR control point. Minimizing the number of companies that touch controlled data shrinks your compliance surface, so confirm any subprocessor's ITAR status before the data moves and document the full chain of custody.
Often yes, because they govern different things. ITAR registration addresses the export-control and technical-data dimension — the legal authority to handle defense articles and controlled data. AS9100 Rev D addresses the quality-system dimension — the controls that ensure the part is actually built right, with first-article inspection, configuration management, and counterfeit-part avoidance. A defense aerospace component frequently triggers both requirements: the prime's flow-down specifies AS9100 for quality and ITAR for export control. A shop can be AS9100 certified without being ITAR registered, or registered without holding AS9100, so confirm each independently. In the Spokane market, the aerospace shops that serve defense customers commonly hold AS9100 and maintain ITAR registration together, since their customer base demands both. When you source a controlled aerospace part, verify the AS9100 scope covers your operation in OASIS, confirm current DDTC registration in writing, and probe the technical-data controls. Treating them as a single credential is a mistake — they protect against different failures.

Last updated: July 2026

Find ITAR-Certified Manufacturers in Spokane, WA

Search verified Spokane shops that hold ITAR.

No logins. No email gates. Just results.