The Department of Homeland Security’s Office of Inspector General issued recently a report identifying the need for certain improvements to U.S. Customs and Border Protection’s administration of the Customs-Trade Partnership Against Terrorism.

C-TPAT requires participants to document and demonstrate their supply chain security procedures according to applicable security requirements. The Security and Accountability for Every (SAFE) Port Act of 2006 required CBP to review and certify security profiles within 90 days of submission, complete C-TPAT validations within one year of certification and revalidate within four years of the initial validation. To help implement this requirement CBP established standard operating procedures for its supply chain security specialists (SCSSs), who travel around the world to visit partners and their facilities to validate that supply chain security practices and procedures meet the program’s minimum security criteria and agreed-upon security standards.

The report finds, however, that the documentation maintained by SCSSs for the initial C-TPAT validation process for highway carriers did not always confirm the accuracy and effectiveness of security measures declared in a carrier’s security profile. In addition, SCSSs did not always follow the SOPs and did not include adequate details in the validation worksheet explaining how they verified evidence of implementation for critical business partner and conveyance security procedures. OIG also determined that SCSSs did not always conduct secondary vetting procedures to confirm that no significant customs violations had taken place, complete the initial validation within one year of certification, or obtain signed certification letters.

According to the report, these conditions occurred because the SOPs did not indicate what evidence should be maintained to support conclusions made by SCSSs or where this evidence should be included in the Security Link Portal that is used as a records management system for C-TPAT. In addition, the evidence-of-implementation training provided to SCSSs did not contain specific details of what should be obtained to support tests conducted for critical business partner and conveyance security requirements.

To remedy these shortcomings, the report recommends that CBP (1) update its SOPs to explain what specific details should be included in the validation worksheet and how SCSSs should verify evidence of implementation for critical minimum security requirements, (2) revise its evidence-of-implementation in a similar manner, and (3) ensure that SCSSs follow SOPs when conducting initial validations of highway carriers or document reasons for deviations.

CBP officials responded that they (1) are in the process of incorporating specific instructions into existing or new SOPs regarding the details and supporting documentation that must be included in the validation worksheet, (2) have provided an enhanced version of the evidence-of-implementation training to all C-TPAT staff and advised field office managers that it is critical to ensure that SCSSs are gathering the appropriate evidence during the validation process, and (3) will provide webinar training to C-TPAT staff on a regular and recurring basis as SOPs are updated, approved and issued to the field. CBP added that once the Security Link Portal upgrade is operational the SOPs will be linked to its related process, minimizing the opportunities for misinterpretation of procedures.

Source: STR Trade Report