C-TPAT: Customs Trade Partnership against Terrorism

C-TPAT: Customs-Trade Partnership against Terrorism

Customs-Trade Partnership against Terrorism (CTPAT) is but one layer in U.S. Customs and Border Protection’s (CBP) multi-layered cargo enforcement strategy. Through this program, CBP works with the trade community to strengthen international supply chains and improve United States border security. CTPAT is a voluntary public-private sector partnership program that recognizes that CBP can provide the highest level of cargo security only through close cooperation with the principal stakeholders of the international supply chain such as importers, carriers, consolidators, licensed customs brokers, and manufacturers. The Security and Accountability for Every Port Act of 2006 provided a statutory framework for the CTPAT program and imposed strict program oversight requirements.

The U.S. Customs and Border Protection, a division of the Department of Homeland Security, operates the Customs-Trade Partnership Against Terrorism, or C-TPAT. The purpose of the C-TPAT program is to verify that companies have adequate security measures in place in their supply chain to prevent terrorists or their weapons from entering the United States. The C-TPAT audit checklist gives companies a list of processes that may be vulnerable to terrorist infiltration. Procedural Security

Facilities that wish to receive a C-TPAT certification must show that they have security plans in place. Companies can fail to receive a certificate if they lack a documented security improvement action plan or if they do not update their procedures for improving their facility security on a regular base. Companies also must outline potential security vulnerabilities and any relevant actions they plan to take to eliminate those vulnerabilities.

Personnel Security

The C-TPAT audit checklist also helps companies verify that they have adequate checks in place on their personnel. Processes can include background checks on job applicants, including criminal background checks, verification of employment history, and contacting previous employers and references. Other procedures include employee training on security measures, establishing processes for the disbursement and retrieval of employee identification cards, and the display of a written list of security policies. Physical Security

The physical security checklist allows facility managers to assess the steps the company takes to restrict hands-on access to its materials. Physical security procedures can range from access to locks and gates to the installation and monitoring of surveillance cameras and alarm systems. The checklist also includes examining the facility for signs of disrepair. For instance, a damaged container may leak toxic chemicals, while a damaged fence may allow easier access to thieves or terrorists. Information Security

While companies rely on corporate databases to track their customers, vendors, and internal processes, these systems are also vulnerable to attack from terrorists, identity thieves, and anarchist hackers. The C-TPAT checklist gives companies guidelines in checking their information security measures. These procedures include how the company disburses its passwords, the installation of software and hardware tools to prevent unauthorized access, and its methods for recovering lost or stolen data.

How many companies are C-TPAT certified?

According to U.S. Customs Border Protection (CBP), there are more than 10,000 certified partners. Nearly half of these numbers are importers.

Which type of supply chain participants may be C-TPAT certified?

The program has historically been oriented around imports into the United States. Air carriers, consolidators, cross-border highway carriers, marine port authorities, ocean carriers, rail carriers, terminal operators, third-party logistics (3PLs) providers, Customs brokers, and importers are eligible for C-TPAT certification in the United States. The program is of key importance to importers who have derived benefits from the program. In Canada, cross-border or long-haul highway carriers and manufacturers may be C-TPAT certified. Mexican manufacturers and cross-border highway carriers may also be certified.

Can exporters be C-TPAT certified?

In today’s Just-in-Time (JIT) industry, a delay could represent a considerable monetary loss for U.S. exporters. As a result, exporters have been requesting C-TPAT certification for a number of years. CBP recently published the requirements for U.S. exporters to participate in C-TPAT. It is also collaborating with the trade and current Mutual Recognition Arrangement (MRA) countries to develop an export pilot program. The agency is receiving feedback from the trade but has not announced when the program will officially be open to exporters.

Can a 3PL that does not own its own equipment be C-TPAT Certified?

No. 3PLs must own some of their own warehousing facilities, vehicles, aircraft, or other transportation assets. The company must be licensed and/or bonded by the Federal Maritime Commission (FMC), Transportation Security Administration (TSA), CBP, or the Department of Transportation (DOT) and have an office staffed in the United States.


C-TPAT: Customs-Trade Partnership against Terrorism

What are the potential benefits of C-TPAT certification?

The potential benefits from C-TPAT certification are a measurable increase in the speed of freight and a reduction of fees. These benefits are assisted by:

 Access to the Free and Secure Trade (FAST) lanes at land borders

 The ability to move to the front of inspection lines

 A lesser potential of CBP examinations and an exemption from Stratified Exams (SEs)

 Shorter wait times at the border

 Access to the C-TPAT Status Verification Interface (SVI)

 A CBP Supply Chain Security Specialist (SCSS) assigned to the company

 Eligibility for other U.S. Government pilot programs such as the U.S. Food and Drug Administration (FDA) Secure Supply Chain (SSC) program

 The potential to participate in the Importer Self-Assessment Program (ISA)

 And others

What are the potential benefits of the C-TPAT program for CBP?

With C-TPAT, CBP is able to realize increased supply chain visibility and better focus resources on higher-risk shipments and supply chain participants.

Is there a cost to join the C-TPAT program?

There are no fees associated with joining the program. However, as with any significant operational improvements, there are costs associated with implementing new compliance standards. Organizations that wish to participate must ensure that they meet and maintain the required standards. Having the right technology in place is a key enabler to achieve the visibility and control over import, international transport, and brokerage operations needed for entrance into the program.

How does a C-TPAT validation differ from a CBP audit?

It is important to note that a C-TPAT validation is not a CBP audit. Although US Customs performs standard audits in areas such as trade compliance and the North American Free Trade Agreement (NAFTA) assessments, C-TPAT validations focus on voluntary and exemplary standards beyond basic compliance.

How do companies become C-TPAT certified?

In general, there are three steps to C-TPAT certification:

 The first step is for the company to conduct and fully document a security risk assessment

 The second step is for the company to submit a basic application via the C-TPAT Portal system

 The third step is for the company to complete a supply chain security profile that explains how the company is meeting C-TPAT’s minimum security criteria

Upon satisfactory completion of the application and supply chain security profile, CBP reviews the submitted materials. The CBP C-TPAT program will then have up to 90-days to certify the company into the program or to reject the application. If certified, the company will be validated within three years of certification.

A Growing Partnership

From its inception in November 2001, CTPAT continued to grow. Today, more than 11,400 certified partners spanning the gamut of the trade community have been accepted into the program. The partners include U.S. importers/exporters, U.S./Canada highway carriers; U.S./Mexico highway carriers; rail and sea carriers; licensed U.S. Customs brokers; U.S. marine port authority/terminal operators; U.S. freight consolidators; ocean transportation intermediaries and non‐operating common carriers; Mexican and Canadian manufacturers; and Mexican long‐haul carriers, all of whom account for over 52 percent (by value) of cargo imported into the U.S.

How CTPAT works

When an entity joins CTPAT, an agreement is made to work with CBP to protect the supply chain, identify security gaps, and implement specific security measures and best practices.

Applicants must address a broad range of security topics and present security profiles that list action plans to align security throughout the supply chain.CTPAT members are considered to be of low risk and are therefore less likely to be examined at a U.S. port of entry.

How Do I Become a Partner?

Participation in CTPAT is voluntary and there are no costs associated with joining the program. Moreover, a company does not need an intermediary in order to apply to the program and work with CBP; the application process is easy and it is done online. The first step is for the company to review the CTPAT Minimum Security Criteria for their business entity to determine eligibility for the program. The second step is for the company to submit a basic application via the CTPAT Portal system and to agree to voluntarily participate. The third step is for the company to complete a supply chain security profile. The security profile explains how the company is meeting CTPAT’s minimum security criteria. In order to do this, the company should have already conducted a risk assessment. Upon satisfactory completion of the application and supply chain security profile, the applicant company is assigned a CTPAT Supply Chain Security Specialist to review the submitted materials and to provide program guidance on an on-going basis. The CTPAT program will then have up to 90 days to certify the company into the program or to reject the application. If certified, the company will be validated within a year of certification

Post a comment

0 Comments