Worldtrade Management Services June 2001 Training Session
Download
Report
Transcript Worldtrade Management Services June 2001 Training Session
National Conference
on SAFE TRADE &
AEO
“CTPAT Six Years on:
A Review of the
Private Sector”
May 13, 2008
Craig J. Pinkerton, Director
– PricewaterhouseCoopers
Level of Security Prior to 9/11
The level of security for importers, carriers, truckers, etc.
was determined primarily on:
– the value and nature of imported merchandise
– the level of theft and shrinkage discovered along the
supply chain
– whether the product was considered sensitive by the
government (e.g., tobacco; pharmaceutical drugs)
– whether the product could pose a threat to the public
(e.g., firearms; chemicals; hazardous materials)
2
Threats to the Supply Chain
Changed the Security Landscape
9/11 introduced tighter security into the logistics process
The flow of goods from the manufacturer to the end user is
now viewed as needing protection, not just the product
People crossing borders into the U.S. are being monitored to
minimize or eliminate the threat of danger
No longer is it only value or dangers intrinsic to imported
product, but the logistics function itself is being viewed as a
security issue
The conclusion that danger could accompany products
throughout the supply chain caused a major refocus on
security
3
Development of Security Initiatives
Container Security
Initiative
10+2 Security
Filing
WCO
Customs-Trade
Partnership Against
Terrorism (C-TPAT)
FAST (Free and
Secure Trade)
ISO (International
Organization for
Standardization)
AEO (Authorized
Economic Operator)
Canadian PIP (Partners
in Protection)
SAFE
Framework
4
What are Customs’ Expectations?
Through this initiative, Customs is asking companies to
ensure the integrity of their security practices and
communicate their security guidelines to their business
partners within the supply chain (i.e., “increased vigilance”)
The primary goals of C-TPAT include:
Increasing security measures, practices and procedures
throughout all sectors of the international supply chain
Protecting the public from terrorist activities
Ensuring the flow of legitimate trade
Providing Customs with a means of looking into a
company’s supply chain security profile
5
WCO Standards Mirror C-TPAT
Business-Customs Cooperation
Conveyance/Container Security
ISO Security Seals Required
Physical Access Security
Personnel Security
Procedural Security
Information Systems Security
Employee Security Training
Continuous Improvement Process
Risk Assessment
6
Evolution of C-TPAT
Launched in November 2001, with only seven major importers
C-TPAT currently has more than 10,000 partners, which include
United States importers, customs brokers, terminal operators,
carriers, truckers and some foreign manufacturers
Initially, voluntary participation and jointly developed security
criteria and implementation procedures were the guiding principles
As the program grew, so did the need for more clearly-defined
security criteria to establish the minimum, baseline security
expectations for membership
In 2005, minimum-security criteria for importers was implemented
and companies were required to meet the new criteria within
certain timelines
7
C-TPAT Benefits
Beyond the essential security benefits, Customs offers the
following benefits to C-TPAT members:
A reduced number of inspections (reduced border times)
Priority processing for Customs inspections (Front of the
Line processing for inspections when possible)
Assignment of a C-TPAT Supply Chain Security Specialist
who will work with the company to validate and enhance
security throughout the company’s international supply
chain
An emphasis on self-policing, not Customs verifications
8
C-TPAT Benefits
Eligible to attend C-TPAT supply chain security training
seminars
Access to other C-TPAT members via the Status Verification
Interface
Certified C-TPAT importers are eligible for access to the
FAST lanes on the Canadian and Mexican borders
Mitigating factor in cases of fines and penalties
Demonstrates good corporate citizenship to Customs
9
Security Costs versus Benefits
There have been several logistics studies published since 9/11
that detail the costs and benefits associated with the C-TPAT
program, such as:
Stanford Supply Chain Study - October 2003
MIT Supply Chain Study - May 2005
Stanford Innovation in Supply Chain Security - July 2006
University of Virginia Cost Benefit Survey - August 2007
10
Benefits from Investment in SAFE
Trade
Fewer Customs Inspections (50%)
Reduction in Excess Inventory (14%)
Improved on-time delivery (12%)
Reduction in Theft/Loss/Pilferage (38%)
Access to Shipping Data (50%)
Timely Shipping Data (30%)
Less Customer Attrition (26%)
Increase of New Customers (20%)
(Source: Stanford University Study, July 2006)
11
Benefits from Investment in SAFE
Trade
The primary motivation for importers to join C-TPAT is to
reduce the risk of supply chain disruptions due to a
terrorist attack
Four out of every ten members did not have a formal
supply chain security plan prior to joining the program
C-TPAT moved thousands of companies to give closer
scrutiny to the security of the goods they handle and
review the supply chain to ensure that their overseas
suppliers have implemented sound security practices
Greater Supply Chain integrity (stronger seal controls)
Stronger brand equity
12
Benefits from Investment in SAFE
Trade
The vast majority (81.3 percent) of members indicated that
their ability to assess and manage supply chain risk had
been strengthened as a result of joining C-TPAT
C-TPAT certification requires that companies meet an
extensive checklist of verifiable conditions. Nevertheless,
minimum security criteria were generally viewed as very
easy or somewhat easy to implement across the various
sectors
More than half (56.8 percent) of the members indicated that
C-TPAT benefits either outweighed the costs or were about
the same
(Source: University of Virginia Study 2007)
13
Costs from Investment in SAFE Trade
Typical implementation costs (listed from highest to lowest):
– Improving or implementing physical security costs (doors,
windows, electronic access, cameras, fences, gates,
lighting, etc.)
– Salaries and expenses of personnel
– Improving IT systems and databases
– Improving cargo security
– Improving or implementing in-house education, training,
and awareness
– Improving personnel security procedures
14
Example of Security Procedures to
be reviewed
Physical Access Controls
Employees, Visitors and Deliveries – identification and badge
process is key; and removing unauthorized individuals
Personnel Security
Pre-employment verification, background checks, and
termination procedures for prospective and current
employees
Procedural Security
Documentation processing, shipping and receiving, and
cargo discrepancies
Container and Trailer Security
Seal integrity, inspection and storage
15
Example of Security Procedures to
be reviewed
Physical Security
Fencing, guardhouses, parking, locking devices, key
controls, lighting, alarms, and video cameras
Information Technology Security
IT security procedures, password protection, system
accountability (firewall, virus protection, monitoring service)
Security training and threat awareness
Focus on what types of training offered to employees and
whether supply chain security training (C-TPAT specific)
given
16
Business Partner Requirements
Importers must have written, verifiable processes for the selection
of business partners including manufacturers, product suppliers,
and vendors
They should also have documentation substantiating that partners
throughout their supply chain are meeting C-TPAT security
standards - or equivalent supply chain security program criteria
e.g., supply chain assessment questionnaire, on-site audit
report, written confirmation, etc.
Where a company outsources or contracts elements of its supply
chain, such as a foreign facility, warehouse, or conveyance, it
must work with these business partners to ensure that pertinent
security measures are in place and adhered to
17
Business Partner Requirements
Companies now leverage their business relationships and
ensure that business partners develop security processes
and procedures consistent with the C-TPAT criteria
Build C-TPAT/security language directly into contract
Narrowing universe of business partners
Periodic reviews of business partner’s processes and
facilities should be conducted based on risk
18
Business Partner – Example of Risk
Foreign inland freight carrier - may be the weakest link in
the supply chain
In certain countries, local trucking companies must be
used. Additional processes may need to be set up to deal
with risk
19
Common Security Shortfalls
Cargo seals not used by foreign inland carriers and policy
not documented
Less than full truck load
Air shipments
No C-TPAT security-based training provided to employees,
especially those with cargo handling responsibilities
(warehouse, shipping, receiving, etc.)
Procedures at foreign facility are commonly “patched”
together from various departments, rarely mention C-TPAT
related policies and procedures, and usually consist of
random screen shots and dusty binders
20
Common Security Shortfalls
Employees inconsistent in displaying badges, especially in
cargo handling areas
C-TPAT web portal not updated to reflect changes in
company’s program
From security standpoint, other weak areas noted included:
Mail room deliveries
Use of temporary agencies for labor
No one actually monitoring video cameras (or, for
example, 32 cameras all feeding into a 13” monitor)
Collecting badges and terminating access when
employees leave company
21
Common Security Shortfalls
Responses received from foreign vendor during
questionnaire process do not match reality. Examples:
“fence around perimeter” vs. fence rusted and fell down in
1998
“pan and zoom cameras throughout facility” vs. inoperable
cameras dangling from wires
“truck drivers sign in/out” vs. drivers waved on through
because same drivers every day
Customs not asked for identification upon arrival
(Note: A company is not required to implement all best
practices, however, CBP may ask why certain procedures
cannot be implemented)
22
Benchmarking - Best Practices from
Industry
Security measures:
Exceed the C-TPAT Security Criteria
Incorporate management support
Have written policies and procedures that govern their use
Employ a system of checks and balances
C-TPAT is an on-going program!
Companies continually update their supply chain security
program (e.g., new factories, business partners)
Periodic assessment is part of corporate manual
Verify procedures to ensure they are being followed and
make modifications as necessary
Ownership at each entity level responsible for maintenance
23
Benchmarking - Best Practices from
Industry
Since C-TPAT is a Customs program, it is typically managed
by a company’s global customs compliance group along with
legal oversight
C-TPAT “Champion” provides oversight
Importer has sound compliance program in place
Opportunity to provide additional on-site training
Ability to tie into other security initiatives (e.g., 10+2
requirement)
Senior Management Support and Buy-in
An absolute must
Lack of support at top levels - failure is imminent!
24
Benchmarking - Best Practices from
Industry
Do not assume business partners will not be visited –
especially foreign business partners. Example:
Tier 3 U.S.-based customs broker in Philippines is visited
an average of two times per month by CBP SCSS
As a result of numerous visits, virtually every best
practice has been implemented (clearly evident)
GPS on all trucks to monitor real-time movements
Security personnel accompany shipment from factory
to airport (customs bonded facility)
High security seals and padlocks utilized
Comprehensive policies and procedures
25
Recommended Workplan for
Security Program
Review global supply chain to verify your business partners,
such as foreign manufacturers, carriers and brokers
Conduct analysis based on volume and risk
Identify which business partners are already in the C-TPAT
program or other supply chain program such as AEO, and
which partners have already participated in a supply chain
documentation process or have undergone an on-site audit
Determine best application strategy
26
Recommended Workplan for
Security Program
Conduct domestic reviews at headquarters and distribution
facilities
Conduct comprehensive self-assessment of supply chain
security (based on the C-TPAT/AEO security guidelines)
Document current supply chain security procedures
Develop and implement a program to enhance security
throughout the supply chain in accordance with guidelines
Communicate supply chain security guidelines to other
partners in supply chain
27
How has C-TPAT evolved?
Already in progress:
Detailed verifications of applications
Revalidations of certified companies
Tighter container seal control
Tighter documentation control
New security criteria - importers now seeking to join the
C-TPAT program will need to meet or exceed the new
security criteria before they will be certified
28
How has C-TPAT evolved?
Companies beginning to implement:
Smart containers and tracking systems
Extensive screening (initial & ongoing) of personnel.
This includes both foreign and domestic locations
Security/C-TPAT requirements for their entire supplier
base and logistics providers
Security audit as part of normal periodic audit of
foreign entities
Best Practices to obtain Tier 3 status
– As of March 2008, only 243 Tier 3 companies
29
Moving Forward: 2008 and Beyond
The SAFE Port ACT signed in 2007 has codified C-TPAT
and CSI and calls for mandatory use of ISO 17712
compliant seals on all containers by October 2008
Canadian PIP program members will gain reciprocity
status with C-TPAT program members
TSA will announce air cargo security guidelines deferring
to many C-TPAT guidelines
WCO will expand the AEO program in the European
Union, Asia and Latin America
Greater use of electronics in cargo protection
30
Moving Forward: 2008 and Beyond
More frequent reviews of company’s security procedures
and policies (even after validation/revalidation)
C-TPAT members continue conducting audits of foreign
vendors regardless of whether in another program
C-TPAT members are conditioning contractual business
relationships with their service providers and vendors
based on C-TPAT participation and/or adherence to CTPAT security guidelines
Mutual Recognition and Reciprocity with other countries
Global buy-in to security
Additional X-ray screening and data mining
31
Moving Forward: 2008 and Beyond
Congress pressuring Customs to implement 100%
container screening. Customs potentially trying to
counter with C-TPAT program and cargo screening
software
Customs reducing timeline for validations from 3 years
to 1 year, and revalidating each company every 3 years
instead of the specified 4-year schedule
Third-party validations: Customs currently accepts only
in China. Other AEO programs may allow selected third
parties to conduct validations in any country
32
CONTACTS
Craig J. Pinkerton – PricewaterhouseCoopers
Los Angeles
Tel: (213) 256-6037
Email: [email protected]
Dennis Caronan – PricewaterhouseCoopers
Manila
Tel: 632 845 2728, Ext. 2118
Email: [email protected]
John S. Kwak – PricewaterhouseCoopers
Hong Kong
Tel: (852) 2289 3331
Email: [email protected]