United States: Navigating the Customs-Trade Partnership Against Terrorism (C-TPAT): With new Requirements Come new Rewards

In a world of both increased global trade and global security concerns, the U.S. Bureau of Customs and Border Protection ("CBP") and private companies have partnered through the innovative Customs-Trade Partnership Against Terrorism ("C-TPAT") program, which is aimed at securing our borders while facilitating the free flow of legitimate international trade by security-conscious industry members. Launched shortly after the September 11 terrorist attacks, the voluntary program has evolved rapidly over the past several years. CBP Commissioner Bonner has recently announced the latest evolution of the program, which includes new minimum security standards to be met by participating importers, and a new tiered system of benefits which rewards trade members for their respective level of participation in the program and for having security measures in place that go above and beyond those required.

Under the initial C-TPAT program, members proposed security plans of their own making. However, under the new C-TPAT rules, all importer members must include the minimum standards in their plans including the controversial and newly introduced requirement for selection process of business partners. Some view this change as the C-TPAT moving away from a voluntary system, even though the decision to join remains voluntary. The required minimum standards are divided into eight areas of focus and participants must meet the following standards:

• Create written and verifiable processes for the selection of business partners, documenting whether or not these partners are C-TPAT certified.

• Require non-C-TPAT partners to demonstrate compliance with C-TPAT minimum standards by providing verification of compliance to the participant.

• Have business partners develop security processes and procedures to enhance the security of shipments at the point of origin.

• Periodically review the partner’s security processes and facilities.

• Evaluate business partners’ strength for financial soundness, the capabilities of meeting security requirements, and the ability to identify and correct security deficiencies.

• Protect against the unauthorized introduction of material or persons by establishing procedures at the point of stuffing that ensure proper container handling.

• Indicate safe container handling by attaching high security seals and stipulate how seals are to be controlled and affixed, including procedures to recognize and report breaches to CBP.

• Create access controls to prevent unauthorized entry into facilities including procedures to identify and challenge unauthorized or unidentified persons.

• Require the positive identification of all employees at all points of entry and photo identification of all visitors and vendors.

• Document the issuance, removal and changing of access devices.

• Periodically screen packages prior to dissemination.

• Construct physical barriers to guard against unauthorized access by conducting the following: fencing the perimeter of the facility and regularly inspecting it, manning or monitoring the entrance and exit gates, keeping cargo areas separate from private passenger vehicle parking, constructing facilities from materials that can withstand unauthorized entry, securing windows and gates with locks, keeping access keys with management or security personnel, installing adequate lighting, alarm systems or video surveillance.

• Verify application information and conduct background checks prior to employment, and if warranted, conduct background checks of current employees.

• Establish procedures for removing facility access of terminated employees.

6. Procedural Security:

• Establish processes to ensure the integrity of supply chain security plans including ensuring that related documentation is legible, complete, accurate, and protected against the exchange, loss or introduction of erroneous information.

• Safeguard computer access and electronically stored information.

• Require business partners to timely report information on shipped cargo.

• Ensure safe arrival and shipping of cargo by comparing cargo labels of arriving and departing cargo against the cargo orders, investigating all shortages, overages, and other significant discrepancies and notifying CBP and/or other law enforcement agencies of all illegal or suspicious activities.

• Create programs to inform employees of the threats posed by terrorists at each point in the supply chain including instruction on the security procedures adopted by the participant and how reports of potential or actual threats are to be made.

• Require individually assigned accounts and periodic changes of passwords for electronic data users.

• Train employees on the security features of the electronic data system and how to identify security breaches.

From now on, companies seeking to become C-TPAT members must meet the minimum standards at the time of application. Existing C-TPAT members must satisfy the above minimum standards in the following phases:

• Container Security, Physical Security, Physical Access Control.

• Personnel Security, Procedural Security, Information Technology Security, Security Training and Threat Awareness.

• Business Partner Requirements.

After September 26, 2005 CBP will require re-validation of any high-risk participants to ensure compliance with the minimum standards.

The other significant change to the C-TPAT program is the three-tiered benefits program announced by Commissioner Bonner on May 26, 2005. Bonner noted that this program is a response to importer pressure for actual benefits of the C-TPAT membership. In exchange for imposing mandatory minimum standards discussed above, CBP seeks to reward participants for their level of commitment to security.

The C-TPAT’s most notable benefit is reduced Automated Targeting System (ATS) scoring which corresponds with the participant’s tier placement. Normally, CBP determines ATS scores based solely on analysis of electronic data CBP receives related to manifest and passenger information. After assessing this data, the participant is assigned a risk level score. High risk participants must undergo increased scrutiny and inspections. Thus, lower scores are an advantageous economic benefit. Under the new three-tier system, the level of the participant’s commitment will result in a reduction to the ATS score. The benefits and levels of participation for each tier are as follows:

• Consists of certified participants, who submitted and received approval of their security plans, committed to meet the C-TPAT minimal security criteria, and have no history of compliance or law enforcement problems.

• Benefits include reduced ATS scoring and the standard benefits enjoyed by certified C-TPAT members.

Tier II:

• Consists of validated participants. At this time 12% of C-TPAT participants have been validated. CBP significantly increased its validation staff and plans to validate 40% of the participants shortly. CBP does not release its selection criteria for the validation process, but most likely importers will be given priority.

• Benefits include a further ATS score reduction and even fewer inspections. Also, when inspected, Tier II members will be moved to the front of the inspection line.

Tier III:

• Consists of validated participants who exceed minimum standards through adoption of C-TPAT best practices. CBP has not released the criteria that it will use to distinguish between Tier II and Tier III members. CBP noted, however, that one distinguishing criterion is the use of Smart Boxes, which are containers with tamper-detecting devices.

• Benefits include infrequent inspections. Further, at this level, the envisioned "green lane," when implemented, will permit an importer to clear customs more expeditiously when goods depart from Cargo Security Initiative (CSI) ports using Smart Box containers. There is no date set for the implementation of the "green lane."

The enforcement of the minimum standards is yet to be seen, but CBP appears to be intent on rewarding those participants who meet and exceed the new standards. New C-TPAT members will be assigned their tier level upon certification and validation. There is currently no date set for the assignment of tier placements for existing members, although the announcement of this date is expected shortly. In addition, CBP is expected to officially announce the tier placement criteria and tier benefits soon.

Given the imposition of new minimum standards including business partner selection requirements and the tiered benefits system, many businesses will be inclined to prefer transacting with other C-TPAT members. Those who have elected not to participate in the C-TPAT program to date may need to re-evaluate their decision in light of the recent evolution of the program.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.