The arrangement works according to what it calls VA checklists. The controls are subject to the ratification of the participants. VA members undertake to exchange information on sensitive dual-use goods and technologies and not to report such transfers and refusals of controlled objects to participants. In November 1993, negotiations between the 17 MEMBER states of COCOM on the structure and objectives of the organization that will succeed COCOM began. Its members agreed to continue implementing restrictions on technology transfer until an agreement is reached on its successor organization. A consensus was reached on 9 December 1995 on the new organization known as the Wassenaar Agreement on the Control of Exports of Conventional Weapons and Dual-Use Goods and Technologies. At the U.S.-Russian Summit in Vancouver, Canada, on April 4, 1993, the Presidents of Russia and the United States agreed that the need for the quickest possible settlement of missile non-proliferation and missile technology issues, in accordance with the principles of existing international agreements, was needed. They decided to cooperate to remove barriers to Russia`s access to the global high-tech market and related services. The twelfth plenary session on 5 and 6 December in Vienna celebrated the va`s tenth anniversary and was chaired by Australian Ambassador Peter Shannon. Parliament has successfully adopted a number of checklist changes, while expressing a desire to establish a dialogue with the VA panel and the missile technology control regime to improve the regime`s ability to keep pace with the progress of technologies, market trends and international security. In addition, the plenary decided to make available to the public two best practices for Implementing Intangible Transfers of Technology Controls and Best Practice Guidelines for the Licensing of Its Licensing on the Basic List and Sensitive List of Dual-Use Goods and Technologies – to complement the plenary agreement to maintain a high priority for transparency and contact with non-participating states and international organisations to promote strengthening export controls. The aim of the amendments was to prevent Western technology companies from selling to governments that are known to be abusing human rights.
However, some technology companies have expressed concern that the scope of controls may be too broad, limiting the ability of security researchers to identify and correct security vulnerabilities. Google and Facebook have criticized the agreement for the restrictions they will set for activities such as penetration testing, information exchange on threats and bounty programs.   They argue that the restrictions will weaken the security of participating nations and will do little to contain the threats of non-participating nations.   The body was established in 1996 to succeed the Cold War Multilateral Export Controls Coordinating Committee. The name comes from Wassenaar, on the outskirts of The Hague, where the agreement was reached in 1995 to initiate such multilateral cooperation. Although Wassenaar has overcome a large number of increasing pains, problems persist. One of the main difficulties of the agreement is that members remain divided on the scope of Wassenaar, first of all whether the agreement should become more than just an information-gathering and exchange body. As Wassenaar works by mutual agreement, only one country can block any proposal.
In previous years, some members have consistently refused to participate fully in voluntary exchanges of information and communications on dual-use goods, despite improved participation.  In addition, there is no consensus among members on which countries are “concerning” or what constitutes “destabilizing” transmission.