CTPAT Minimum Security Criteria to be Strengthened, Expanded
U.S. Customs and Border Protection is moving ahead with plans to strengthen the existing minimum security criteria for the Customs Trade Partnership Against Terrorism and add new criteria to reflect evolving threats. Updated criteria and a new best practices framework that could give CTPAT participants more flexibility in obtaining Tier 3 benefits could start being rolled out as early as next year.
CTPAT is a voluntary program in which CBP validates that members’ supply chain security practices meet minimum security criteria, in return for which members are eligible to receive benefits such reduced exam rates and shipment processing times. However, the trade community is calling for changes such as expanding eligibility to more types of businesses and adding more meaningful benefits. CBP has also sparked renewed interest in the program’s future by pursuing the development of a trusted trader program that addresses both supply chain security and import compliance.
At a recent conference in Detroit, CBP officials said they are working to update CTPAT’s minimum security criteria to reflect information gained from validations and post-incident analyses as well as input from program participants. One effort will be to strengthen existing criteria in areas that experience has shown face particular risks and vulnerabilities, including highway carriers, physical security, and personnel. CBP will also add criteria to address threats and concerns that have emerged due to changes in the nature of modern supply chains. For example, the rise in e-commerce highlights a need for new cyber security criteria. Agricultural contaminants (e.g., in wood pallets and containers) and finance (e.g., possible links to terrorist groups) are issues where new criteria are likely as well.
CBP is currently engaging with the trade community on the minimum security criteria update and plans to seek public comment before finalizing any changes. A multi-year phased implementation of new and updated criteria could begin in late 2018.
Earlier this year the Commercial Customs Operations Advisory Committee said additional minimum security criteria should focus on minimizing risks in the supply chain and should align with standards in foreign authorized economic operator programs to facilitate mutual recognition. Any additional criteria should also be reviewed for overlap with existing criteria, laws, and regulations, COAC said, and pilot tested to evaluate their feasibility and give participants sufficient time to implement them once they are finalized.
CBP officials said they are also developing a new framework for CTPAT best practices that will provide participants with more flexibility in obtaining Tier 3 status, which confers the highest level of benefits. ST&R’s Lenny Feldman explained that instead of continuing to set forth lists of specific best practices, which have become increasingly cumbersome and somewhat outdated, CBP has created a framework against which company practices can be evaluated to determine if they constitute best practices.
The framework includes five elements: senior management support; innovative technology, processes, and procedures; documented processes; checks, balances, accountability, and testing; and evidence of implementation. Feldman said companies may be able to gain Tier 3 status by showing that their existing practices meet these criteria rather than having to comply with practices specifically prescribed by CBP. The framework is being pilot tested and should be rolled out in 2018.
ST&R is planning to conduct a webinar on these and other CTPAT issues on Oct. 19. More information will soon be available here.