On March 25, 2005, U.S. Customs and Border Protection ("CBP") released a long-anticipated upgrade to its importer security criteria for the Customs-Trade Partnership Against Terrorism ("C-TPAT"). C-TPAT was launched in November 2001, and has grown to include more than 8,800 enrolled companies, including U.S. importers, customs brokers, terminal operators, carriers, and some foreign manufacturers. Because of the speed with which the program was launched, its minimum security recommendations for importers have been criticized as being poorly defined and only marginally effective at meeting the overall security goals of the program. As a result, CBP and the trade community have been working since October 2004 to develop more clearly defined minimum security criteria to establish the minimum, baseline security expectations for membership in this voluntary, incentives-based program.

For example, the new security guidelines impose significantly increased controls in the following areas:

  • Business partner selection, including a requirement of verifying the C-TPAT membership and internal control systems of all supply chain partners, as well as periodic reviews of business partners’ processes and facilities;
  • Container security, including a requirement that the integrity of all containers be maintained and that high security seals (meeting U.S. certifications) are affixed to all loaded containers bound for the United States;
  • Container inspection, including a requirement that the physical integrity of all containers be evaluated prior to stuffing;
  • Physical access controls, including a requirement that employees, visitors, and vendors be positively identified at all points of entry;
  • Personnel security, including a requirement that all prospective employees be screened and current employees be evaluated on a periodic basis;
  • Procedural security, including restrictions on access to key computers and import documentation, and a requirement that procedures be implemented to quickly discover and address all discrepancies in documentation;
  • Security training and threat awareness, including a requirement of a threat awareness program maintained by security personnel, and targeted training requirements for key employees responsible for supply chain functions; and
  • Information technology security, including individually assigned accounts, which require a periodic change in password, for all automated systems, and an administrative system capable of identifying abuses in information technology security.

New C-TPAT applicants will be required to meet all of the new minimum security criteria effective March 25, 2005. However, current C-TPAT members will be allowed to phase in the new requirements until September 26, 2005, with earlier deadlines for the more urgent security improvements.

Since the inception of the C-TPAT program, importers have complained of little difference in the frequency of inspections and associated delays. These more stringent guidelines will likely give CBP the necessary assurance to make good on its promises to significantly reduce delays for program participants. CBP is clearly committed to this ideal, as evidenced by CBP Commissioner Bonner’s recent announcement of a C-TPAT "Green Lane" program in the course of development, which will allow participants willing to meet strict "best practices" with regard to import controls, and to undergo CBP verifications of supply chain security, to clear their goods through CBP with no inspections whatsoever. While C-TPAT will likely continue to be adjusted to meet needs of both the import community and CBP, the overall trend is clear: CBP will likely continue to shift its limited verification and enforcement resources away from companies which partner with CBP through programs such as C-TPAT, and will likely focus increased verification and enforcement resources on companies which do not participate in these programs.

This article is presented for informational purposes only and is not intended to constitute legal advice.