Can C-TPAT Be Fixed?
(Article originally published in May/June 2017 edition.)
As the Customs-Trade Partnership Against Terrorism celebrates its fifteenth anniversary, it faces stagnant membership, software train wrecks, questionable assertions of benefits and a much- needed retooling to stay current.
The Customs-Trade Partnership Against Terrorism (C-TPAT) is a voluntary security program started in the aftermath of 9/11. Member companies sign up and agree to maintain strong supply chain security. U.S. Customs and Border Protection (CBP) staff then validate members’ security practices to ensure they meet minimum criteria. Members are then eligible for benefits such as reduced likelihood that CBP will examine their shipments.
C-TPAT currently has about 11,500 members including importers, consolidators, sea carriers, port terminals and foreign manufacturers. Membership is segregated into three “Tiers” with Tier I representing companies that sign up, Tier II representing validated members, and Tier III representing companies with the highest demonstrated level of security.
The program grew rapidly in the beginning, reaching 1,500 members by 2002, 3,000 by 2003, 7,000 by 2004 and 10,000 by 2012. Given this growth, Congress wanted to make sure it was more than just a “sign- up sheet” and asked its watchdog, the Government Accountability Office (GAO), to monitor the program.
GAO’s July 2003 report found that, after companies signed up but before any validation process was completed, CBP went ahead and provided benefits by reducing their scores in its risk algorithm. By May 2003, for example, there were 3,355 members receiving benefits but only 15 had been validated. It took a couple of years to work down the backlog.
Even then, GAO’s March 2005 report found the validation process was not rigorous enough to ensure that a company’s security practices were reliable, accurate and effective. Its 2008 report found that CBP still faced challenges in verifying that C-TPAT members met minimum security criteria. It also found that CPB’s records management system did not allow managers to determine whether C-TPAT members complied with program requirements.
Midlife Crisis
Michael Laden, head of customs compliance firm Trade Innovations in Eden Prairie, Minnesota, has been helping industry clients with C-TPAT since 2005. Laden has been a licensed customs broker since 1981 and served as Director of Global Trade Services at Target Corporation prior to founding his own firm. He believes that C-TPAT is having a midlife crisis: “The stagnation of membership levels in the 10,000-12,000 range is an indication that industry has lost its appetite for C-TPAT.” He cites a problematic history of revolving short-term leadership as part of the problem.
Laden says the program reached its nadir with the August 2015 release of the much-anticipated Portal 2.0 software, designed to further automate the validation process. “The release was rushed into service with limited capabilities and minimal pre-testing,” he explains. “It was a complete train wreck. The data from the previous version just disappeared. In some cases, not only did the data disappear but the company disappeared too.”
The problems with Portal 2.0 were documented in GAO’s most recent report of February 2017, which found that Portal 2.0 incorrectly altered C-TPAT members’ certifications or security profiles, impairing the ability of C-TPAT specialists to identify and complete required security validations. Portal 2.0 problems also prevented C-TPAT members from accessing their own data and responding to validation reports.
Since C-TPAT was presented as a partnership with CBP benefiting from its knowledge of member companies’ security practices and companies benefiting from reduced scrutiny of their shipments, CBP in 2012 developed a software “Dashboard” to track such benefits. It used the Dashboard in its Program Benefits Reference Guide to assert that entries filed by C-TPAT members were less likely to undergo a security examination than those filed by non-members. Tier III members, for example, were nine times less likely to be examined, and Tier II members 3.5 times less likely.
However, the February 2017 GAO analysis found that C-TPAT members’ shipments did not consistently experience lower examinations, hold rates or processing times compared to non-member shipments. When GAO shared its preliminary analysis with C-TPAT officials, they acknowledged that they had never completed system verification, acceptance-testing, or checks on the data in the Dashboard. GAO’s conclusion was that the data was unreliable going back to the Dashboard’s introduction in 2012, and CBP to this day remains unable to determine the benefits of C-TPAT membership.
Industry Finds Its Own Solutions
While industry was anxious for definitive information on membership benefits, it decided to find its own solutions to some of the costs. One key cost involves security audits of the supply chain, particularly in foreign countries. Shippers and importers got together and created the Supplier Compliance Audit Network (SCAN) to address costs, “audit fatigue,” inconsistent reporting and varying compliance requirements.
Companies pay a sliding fee to become part of SCAN, where they can commission audits and get access to completed audits, which could obviate the need for a new audit of a particular supplier. In 2016, SCAN completed more than 3,379 audits in 51 countries. Its board of directors represents some of the largest importers in the U.S., and its audits are conducted by proven service providers such as Bureau Veritas and business standards company BSI.
Dan Purtell, Senior Vice President of 30 BSI’s Supply Chain Solutions Group, says, “SCAN members clearly see the benefit of the C-TPAT program. These companies are the ‘who’s who’ of the Tier III C-TPAT community and truly are the supply chain security thought-leaders within the private sector. Member companies compete on the shelf but unite to secure trade, mitigate supply chain risk, and identify and correct security deficiencies.”
Purtell notes that “More than 15,000 such deficiencies have been remedied by SCAN since its inception just two years ago. No other association has done more to address global supply chain exposures.”
Next Steps
Despite problems, there are signs of improvement according to Trade Innovations’ Laden, starting with the decision by the last CBP Commissioner to make the Director of C-TPAT a more permanent position. “This should add continuity to the leadership of the program,” he explains, “allowing it to reach its true potential.” Laden also praises the new Director, Elizabeth Schmelzinger, for her openness to listen to industry.
“We’re retooling the program so that it stays current,” says Schmelzinger. “There are a lot of factors that have changed over the years. We want to make sure the minimum standards are still relevant.” CBP had enlisted its industry-based Commercial Operations Advisory Committee (COAC) to help it validate those minimum standards and develop C-TPAT best practices with the results to be announced at COAC’s March 1 meeting in Washington, DC. However, it was announced at the meeting that the results had been delayed to “make sure they get it right.”
When asked whether the intent of revisiting the minimum standards was to increase membership, Schmelzinger responded: “C-TPAT’s standards remain high. It’s not all about joining the program. We also suspend companies and remove them from the program. So, there is a constant churn in membership.”
She also described the evolving roles of C-TPAT and CBP’s newer Trusted Trader program, noting that “C-TPAT was foundational to any Trusted Trader status.” In other words, the first element of a Trusted Trader program was to ensure security. Then the elements of compliance with rules and regulations would be taken into consideration.
Ultimately, C-TPAT and Trusted Trader would transition into a global safety net whereby low-risk importers and exporters would have their goods expedited through customs processes in both the U.S. and its trading partners.
AEOs and Mutual Recognition
In international parlance, security partnership arrangements like C-TPAT are called Authorized Economic Operator (AEO) programs. The U.N. reported that, as of 2016, some 79 countries had established AEO programs and an additional 16 planned to launch such programs in the near future. The E.U., consisting of 28 countries, has the largest program, and its Union Customs Code of 2013 aims to, among other things, reinforce swifter customs procedures for compliant AEOs.
Many countries with AEO programs, including the U.S. with its C-TPAT, have signed “mutual recognition agreements” whereby two countries’ customs administrations agree to recognize the AEO authorization issued under the other’s program and provide reciprocal benefits to companies. As of May 2016, some 40 bilateral agreements had been concluded with 30 more being negotiated. According to the U.N., these bilateral agreements will form the basis for multilateral agreements. To date, the U.S. has signed 11 agreements with, among others, the E.U., Canada, Mexico, Japan and Korea.
C-TPAT Director Schmelzinger adds that “We are also restructuring the program to include exports so that it is more in line with the structure of other countries’ AEO programs. As part of our agreements with countries that have AEO programs, those countries will honor a commitment to our exporters who are low- risk. This will help U.S. exporters establish a foothold in those markets.”
One Step at a Time
Michael Laden is more skeptical of mutual recognition, calling it a “noble gesture” but adding there will be little enthusiasm from industry. Most of his clients are importers and will not get any benefit from the new export component.
Regarding exporters, he says that “Since CBP so rarely examines exports, the usual benefit offered by C-TPAT membership does not exist for that part of industry.” In Laden’s view, “Let’s fix C-TPAT before we move on to harmonize customs security and compliance throughout the world.”
-MarEx
The opinions expressed herein are the author's and not necessarily those of The Maritime Executive.