Did you know, that if you make a software product in the United States of America, and it uses any form of encryption, even just HTTPS requests, and even if you're using the built-in libraries of an operating system, you have to submit an Export Administration Regulations Annual Self Report to both the BIS and the NSA? No, I didn't either.
And Apple points this out to everyone who submits apps to them from the US.
Conveniently, it involves sending a CSV form to two email addresses. Both email addresses are supplied as a slightly blurry image, I guess to prevent the addresses from being scraped. Hurray for macOS Monterey's built-in OCR.