Did you know that U.S. importers often see reduced inspections and faster release times after becoming Customs-Trade Partnership Against Terrorism program members? This presentation covers the benefits and requirements of participation in the C-TPAT supply chain security program, including who can participate, who should participate, and the overall importance of supply chain security in today's world trade environment.
Register for our next webinar here: http://bit.ly/1Qfojnb
4. Current Trade Environment
Security and trade facilitation
●Known vs. unknown parties
●Partnership = Known party =
low risk = trade facilitation
●Low-risk partners provided
priority at all times
5. Current Trade Environment
Security initiatives
●C-TPAT: Customs – Trade Partnership Against Terrorism
●Cornerstone of CBP’s layered approach to security
●CSI: Container Security Initiative
●ATS: Automated Targeting System
●FAST: Free and Secure Trade
●Importer Security Filing (“10 + 2”): Pre shipment data sets
required for ocean imports
6. Current Trade Environment
C-TPAT: CBP and business working together for a safer world
●Partnership to enhance cargo security
●Securing the supply chain against terrorism
●Facilitating legitimate trade
●Communication, knowledge exchange and trade best practices
7. Current Trade Environment
C-TPAT: Mutual Recognition Arrangements (MRA)
●Signed document between CBP and a foreign Customs
Administration
●The security requirements, validation and audit procedures
of the foreign program are the same or similar to C-TPAT.
●Member of one program is afforded benefits of the other
program
8. Current Trade Environment
C-TPAT: Current MRAs (As of December 2014)
●New Zealand (2007)
●Canada (2008)
●Jordan (2008)
●Japan (2009)
●Korea (2010)
●European Union (2012)
●Taiwan (2012)
●Israel (2014)
●Mexico (2014)
●Singapore (2014)
10. C-TPAT – Overview
Supply chain security model:
Security within each
segment of the supply chain
Production
Transportation
Importation
Distribution
Security criteria specific
to each segment
Foreign manufacturer
Forwarder/consolidator
Carrier
Importer
Broker
11. C-TPAT – Overview
●Goal –Enhance entire supply chain process for each trade
relationship, from point of origin to domestic point of
distribution
●Program respects that each business is unique, with
different needs and resources available, and takes this into
consideration as part of the certification and validation
process.
●Application process - structured to assist businesses to
develop a security program that considers differences, and
still meets the minimum security criteria.
12. C-TPAT – Overview
Eligible Trade Partners:
●Carriers
●Consolidators
●Customs Brokers
●Exporters
●Foreign Manufacturers
●Importers (including Canadian NRI)
●Port Authorities and Terminal Operators
●Third Party Logistics Providers
13. C-TPAT – Overview
Tier Structure
●Tier I: Certified members of C-TPAT
●Security profile reviewed and approved by SCSS
●Tier II: Validated members of C-TPAT
●Successfully passed annual validation by SCSS team
●Tier III: Validated member of C-TPAT
●Trade Partner exceeds the minimum security criteria and
has adopted best practices
14. C-TPAT – Overview
Minimum security criteria in these categories:
●Business partner security requirements
●Conveyance security
●Physical Access controls
●Personnel security
●Procedural security
●Physical security
●Information Technology Security
●Security Training and Threat Awareness
15. C-TPAT – Overview
Business partner risk-assessment process
1. Mapping cargo flow and identifying business partners
2. Conducting a threat assessment
3. Conducting a security vulnerability assessment
4. Preparing an action plan to address vulnerabilities
5. Document how security risk assessments are conducted
17. C-TPAT Program Benefits
●Reduced examination rates
●Access to dedicated FAST
lanes
●Exemption from stratified
exams for Tier II and Tier III
(Must also be an ISA
participant)
●Front of the line processing
18. C-TPAT Program Benefits
●Business resumption
●In event of a significant disruption in cargo processing,
CBP maintains communication and coordination with
members for business resumption
●Expedited trade processing
●Trade compliance issues resolved on a priority basis.
●Assigned Supply Chain Security Specialist (SCSS)
●Eligibility for the Importer Self-Assessment Program (ISA)
●C-TPAT annual conference and seminars
19. C-TPAT Program Benefits
Additional considerations
●Reduced inspections and faster release times mean
greater ability to predict lead time and decreases in supply
chain disruptions
●Competitive advantage - potential for increase in number
of customers and revenues
●Potential for reduced insurance and transportation costs
●Improved security for workforce
20. C-TPAT Program Benefits
Cost considerations
●No application or membership fee
●Potential expenses to
meet/implement minimum criteria
●Costs associated with self
assessment process
●CBP validation expense
21. C-TPAT Program Benefits
Tangible benefits measured by:
●Improved release times
●Fewer inspections
●Reduced examination expenses
●Reduced transportation costs (rates/driver wait time)
●Better inventory turnover
●Reduced risk of loss, damage and theft in supply chain
●Satisfy supplier/customer requirements
22. C-TPAT Program Benefits
Intangible benefits measured by:
●Business relationship with CBP
●Business partner relationships (customers and service
providers)
●Enhanced company profile
24. Minimum Security Criteria
●Eight security categories apply to
all Trade Partners
●Specific minimum criteria within
each security category
●Trade Partner must demonstrate
how they satisfy all criteria
25. Minimum Security Criteria
Some criteria are common to all Trade Partners
●Must have written and verifiable processes for selection of
business partners
●Positive identification of all employees, visitors, vendors
●Pre-employment screening, background checks
●Buildings constructed of materials that resist unlawful entry,
regularly maintained, inspected, repaired
●Restricted access to cargo handling areas
●Procedures for securing IT systems
●Employees trained in security procedures and threat awareness
26. Minimum Security Criteria
Flexibility in how you may satisfy the criteria
●“Must” vs. “Should
●There may be more than one way to satisfy a “Must” criteria
●Don’t automatically assume that a “Should” criteria is optional
●For example, under “Physical Security”
●Cargo handling and storage facilities must have physical
barriers and deterrents that guard against unauthorized
access.
●Alarm systems and video surveillance cameras should be
utilized to monitor premises
28. Best Practices
●Achieved through effective
utilization of people, processes
and technology.
●Incorporate a system of checks
and balances, oversight,
accountability, and verification of
reliability.
●A single Best Practice does not
constitute an effective security
program
29. Best Practices
●Best Practices are defined as:
●Security measures that exceed the minimum C-TPAT
security Criteria,
●incorporate management support,
●have written policies and procedures that govern their
use,
●employs a system of checks and balances, and
●have measures in place to ensure continuity
30. Best Practices
●Although Customs has provided a definition of what a Best
Practice is, it is the trade community who creates and
implements them
●Customs has compiled a Best Practices Catalog that
Contains examples of Best Practices they have identified
while conducting validations of Trade Partners
32. Best Practices
●Business Partner Requirements
●Require logistics providers to comply with CTPAT or MRA
program via contract or written agreement
●Container Security
●Only designated employees should distribute container
seals and all seals are logged into an inventory control
system
33. Best Practices
●Physical Access Controls
●Employees should only be allowed access to specific
work areas necessary to perform their duties
●Personnel Security
●Periodic background checks performed based on cause,
and/or the sensitivity of the employee’s position, such as
management, security, packing, shipping etc.
34. Best Practices
●Procedural Security
●Ensure documentation is available in languages besides
English if workforce is multi-lingual
●Security Training and Threat Awareness
●Incentives or recognition should be given to encourage
employee participation in reporting security issues and
recommending improvements
35. Best Practices
●Physical Security
●Conduct periodic inspections of security measures and
keep written records of inspections, repairs, and
improvements
●Information Technology Security
●Data access should be assigned per job function
●Data should be backed up to ensure that records still
exist even if the main IT system is disabled
37. Annual Validation Process
Validation Purpose
● Verify supply chain security processes
and ensure they are followed
● Ensure the information entered in the
CTPAT Portal is accurate
● Further the cooperative relationship
between CBP and Trade Partners
● Share best practices
● Develop solutions to specific issues or
vulnerabilities
● Comply with the SAFE Port Act
38. Annual Validation Process
Annual Risk Assessment
●Five-Step Risk Assessment of Supply Chain
●Performed annually
●Results uploaded to Trade Account
●Major talking point during a validation
●Valuable information before a foreign validation of a
factory
●Global compliance or internal audit is often involved in
factory inspections (for issues such as safety and human
rights), leverage this team for security as well
39. Annual Validation Process
Step One – Map Cargo Flow - Identifying Business Partners
●Factories, suppliers
●Warehouses, consolidation facilities
●Freight forwarders
●International carriers
●Terminals, shipyards and deconsolidation facilities
●Inland carriers
●Customs brokers
●Distribution centers
40. Annual Validation Process
Step Two – Conduct a Threat Assessment
●Using reliable, authoritative sources, identify country and
region specific threats in these key areas:
●Terrorism (political, bio, agro, cyber)
●Smuggling (Human, Contraband)
●Organized Crime
●Conditions that fostering the above situations
●Rate level of risk – Low – Medium - High
41. Annual Validation Process
Step Three – Conduct a Vulnerability Assessment
●Based on the minimum security criteria, identify
weaknesses in business partner procedures that
would allow a terrorist or criminal access to cargo,
data, information.
●Send security questionnaires to business partners
●Conduct on-site audits when practicable
●Rate their level of compliance and vulnerability
42. Annual Validation Process
Step Four – Prepare an Action Plan
●Address vulnerabilities found in
business partner’s security
programs.
●Record identified weaknesses
●Who is responsible for action
items
●Due dates for action items
●Progress reports to company
management
43. Annual Validation Process
Step Five – Document Risk Assessments Procedures
●How often are risk assessments normally conducted
●Identify when risk assessments must be conducted out of
cycle (e.g. new supplier or service provider overseas)
●Process must be reviewed at least annually
●Identify process owners
●Methods used for conducting Threat and Vulnerability
Assessments
●Process for “action items”
●Management oversight and accountability
44. Annual Validation Process
Domestic Validation Goals and Outcomes
●A domestic validation will take place at a U.S. facility (an
office, factory, distribution center, etc.)
●30 days notice before a validation
●Review security profile and risk assessment
●Review any vulnerabilities and suggest corrective actions
●Focus on business partners and documentation
●Follow up actions or corrective action plans
●Validation Report will be written by the SCSS
45. Annual Validation Process
Foreign Validation Goals and Outcomes
●A foreign validation will usually take place at an overseas
factory (either a related-party facility or an unrelated
vendor’s facility)
●30 days notice before a validation
●Review of security measures with an emphasis on
conveyance, physical, and personnel security
●Focus on the minimum security criteria and
implementation
●Often the SCSS will visit venues in high-risk countries
●Validation Report will be written by the SCSS
50. Trade Account Management
●Security Profile – Annual Review
●Automated email sent 90 days prior to anniversary date
●Must be completed within the 90 day window
●Conduct 5-Step Risk Assessment
●Update/revise supply chain security procedures if
necessary
52. Summary and wrap-up
●What is your current business activity in /with the United
States?
●What is your role in the supply chain process?
●Are you working with C-TPAT business partners?
●Not eligible? Consider participation in a security program
administered by government where you operate
●Security continues to be a primary focus for CBP
53. Summary and wrap-up
●C-TPAT program will continue to evolve
●Business partner requirement – driving market toward
mandatory participation
●Perform risk assessment for tighter security of business
activity
●Be proactive in your approach to trade security
54. Livingston news
Looking for more value-added customs
and trade information?
Subscribe today to begin receiving
updates directly to your inbox
www.livingstonintl.com/subscribe
This session, and more on-demand webinars
and great customs and trade resources can
be found at livingstonintl.com.