Bonner puts CEOs on the hook for supply chain security, defends record
U.S. Customs and Border Protection Commissioner Robert Bonner said Thursday that companies that participate in the Customs-Trade Partnership Against Terrorism and aspire to the greatest level of expedited customs clearance must take a page from the Sarbanes-Oxley law that holds corporate leaders accountable for the accuracy of their financial statements and similarly make supply chain security part of their corporate governance structure.
Bonner said CBP will require that supply chain security practices are “periodically reviewed for adequacy and for adequate investment by CEOs and corporate boards” seeking eligibility for Tier Three C-TPAT benefits.
“The security of the supply chain must be a mandatory topic of discussion in corporate boardrooms,” Bonner said at a symposium on reducing supply chain vulnerability hosted by MIT’s Center for Transportation and Logistics in Boston. He did not go into detail about how top executives would attest to the soundness of their security practices.
C-TPAT is a voluntary trusted shipper program under which importers commit to improve internal controls and those of their foreign suppliers and transportation providers, in exchange for fewer cargo exams that can delay shipments. This year the agency instituted a tiered benefit structure that provides the highest level of benefits to companies that adopt best practices that go well beyond C-TPAT's minimum security criteria. CBP envisions Tier Three as the precursor to the “green lane” — immediate clearance for virtually all shipments by eligible importers.
Under Tier One, C-TPAT applicants that have their security plans certified as meeting program guidelines, and do not have a history of Customs compliance violations or law enforcement problems, receive reduced scores in CBP’s container targeting system, resulting in lower rates of inspection. Certified C-TPAT companies also get moved to the front of the line if their shipments are selected for a secondary inspection.
Tier Two companies have been audited by CBP specialists through on-site visits to make sure their foreign manufacturing or distribution facilities follow through with the importer’s security plan. They receive a further scoring reduction and even fewer inspections.
Bonner said that 25 percent of validated importers already qualify for Tier Three status. That equates to about 150 companies based on the most recent hard figures on the number of completed validations provided by CBP in May.
Holding CEOs accountable for the promises they make to improve supply chain security measures is the latest best practice CBP has identified for “green lane” treatment. Bonner reaffirmed at a National Customs Brokers and Forwarders Association of America conference in mid-September that he will make the provision of advance entry-type information an incentive for companies who want to receive the highest level of reduced inspections and other benefits. Companies seeking to prove they are ultra-low risk will also have to ship their products through foreign ports doing outbound exams of cargo under the Container Security Initiative and use so-called “smart box” technology that can detect and record whether tampering has occurred with a container seal after being affixed at the point of origin.
CBP says these steps will give it the confidence to wave through an importer’s shipments.
Bonner expressed hope at MIT that a reliable, tamper-evident container security device could be completed this year so that he could roll out the “green lane.” But in a meeting with reporters at the NCBFAA conference he appeared to waffle a bit on whether the “green lane” would be ready by the end of the year.
Officials at GE Security, the company that makes the device being tested by CBP, say they have corrected the nuisance alarms of the past and that the device is nearly ready for commercial deployment.
“The only thing standing between us and the green lane is a smarter box,” Bonner told reporters.
Throughout his speech, the question-and-answer period and a session with reporters, Bonner kept returning to the theme that corporate leaders need to take more responsibility for supply chain security to protect their companies from liability and potential disruptions that could jeopardize a company’s survival.
CBP officials tout the fact that nearly 10,000 companies have applied for C-TPAT, but since those companies only represent 40 percent of all container imports by value Bonner used the occasion to pressure companies to sign up in greater numbers.
“Usually I’m talking to the head of logistics. I need to talk to the CEOs,” Bonner said, explaining the reasoning behind the new incentive for executives to pay attention to C-TPAT.
“Sometimes the customs compliance or logistics person really thinks it would be a good thing (to implement supply chain controls), but they can’t get access to the corporate boardroom, and they can’t get the investments that they need to comply with C-TPAT security standards,” Bonner told reporters. “That’s the idea — to elevate it as high up the corporate level as possible.”
More than at any time during his term, Bonner stressed that importers should view C-TPAT's primary benefit as insurance for continuity of operations in the event that a terrorist attack would force the United States and other governments to shut down ports until the source of the attack can be traced and port safety can be reassured.
He reminded the audience that C-TPAT membership is being factored into the government’s contingency planning so that low-risk companies will receive priority for moving goods into the United States after an attack, while unknown shipments are held until they can be vetted or inspected.
“We need high-level private sector leadership to understand the benefits and the need to make investments, to understand that C-TPAT is an insurance policy against the disastrous effects of disruption,” Bonner said, because they “will have their supply chains restored first.”
Building on the main topic of the conference ' MIT professor Yossi Sheffi’s new book on “The Resilient Enterprise' — Bonner added, “It will be those who’ve taken steps and planned for disruptions that will be resilient. This strategy and our partnership are the best insurance policy against disruption that your company can take.”
Bonner continued to hammer home his point afterwards during the press conference.
“I’m saying to that corporate CEO that you have an interest in making sure that you do not put your company at financial risk of serious disruption of your supply chain because you’re not part of C-TPAT,' he said. More than the 'immediate gratification of fewer C-TPAT inspections ' the real benefit is when the supply chain is under stress, when there is a terrorist attack. When that happens, your company’s goods continue to move because you are a known C-TPAT certified, validated, C-TPAT partner.'
“What if there is an attack and you’re not in C-TPAT? Imports (maybe) can’t come in for 30 days. What has happened to your company? You’re in Chapter 7. You’re going to liquidate because you’re out of business,' he said.
“Once it gets attention, we won’t have 42 percent of imports by value covered by C-TPAT, we’ll be at least at the 62 percent figure and maybe higher” and CBP can concentrate its inspection resources on the rest of the unknown shipments, he said.
He cited the example of one company that has terminated 17 of 97 suppliers because they didn’t meet C-TPAT security standards as the type of best practice that importers should adopt.
Bonner also urged companies to directly lobby governments in countries where they do business to implement the World Customs Organization’s recently adopted blueprint for common cargo security standards and simplified customs procedures that can help make trade more predictable.
“I’m telling you, there are major companies that are very important to energizing that process,” he said.
Directors general from seven major customs administrations participated last Wednesday in a conference call put together by CBP to begin organizing assistance for developing nations that have the political will, but lack the resources, to implement the WCO framework, Bonner said. Within the next year, the WCO will have a set of criteria that countries seeking capacity building assistance from the United States or elsewhere will need to meet.
CBP will host a meeting in Miami Oct. 9-12 where the group of leading customs authorities that took the lead in crafting the WCO framework will gather to formulate implementing guidelines to present to the WCO Policy Commission in December, according to CBP officials.
Perhaps feeling less restrained after publicly announcing his resignation the day before, Bonner also launched an impassioned defense of the programs and policies he implemented during the past four years.
“I kind of got roasted by Congress” for giving full C-TPAT benefits to companies before they had been validated, he said. Bonner was referring to a hearing in May in which the Government Accountability Office and many senators argued that C-TPAT and other aspects of the cargo security regime were too lax, and that CBP lacked the resources to check up on companies. At the time, Bonner acknowledged that benefits kicked in too rapidly and said CBP would phase in benefits until the agency had completed its security audit. CBP adjusted the amount of credit for simply being certified and essentially created a third tier of benefits where there had only been two before.
Bonner was unapologetic Thursday, saying it had not been premature to reduce inspection levels for companies whose security profiles passed muster. CBP is able to grant C-TPAT benefits because it has a long relationship with many companies and knows their history of compliance, he said, “and the validations bear that out.
“I think it was the right decision at the time and I stand by it. And if we hadn’t done that, by the time we had validators out there, there wouldn’t be any companies left, there wouldn’t have been any C-TPAT benefits, and frankly, I don’t think we’d have gotten the momentum to incentivize the supply chain security that we’ve had. At least it would have taken a number of years.”
During the press conference he lashed out at the GAO for finding that CBP hadn’t conducted enough validations.
“Well, to me that’s not a fair criticism. We had an issue to deal with. You want to wait two or three years until we employ all these supply chain specialists to begin validations before we incentivize companies to secure their supply chain? Well we’d still be talking about it,” he said.
Although CBP reduced the amount of targeting credit points for being C-TPAT certified, it did not follow the GAO’s recommendation to eliminate benefits altogether until a company is audited, Bonner emphasized.
“If you agreed with that criticism as valid then you’d never give any risk scoring reductions unless and until you validated,” he said. “We did not accept that position.”
Bonner rejected the concept pushed by some of a “red lane” which some have advocated as a way to inflict more pain on traders that do not make the appropriate security investments.
“We are not going to say you get a free pass. If you put enough terrorist risk factors together the credit points you get won’t outweigh that terrorist risk score,” he said.
Bonner said CSI (a diplomatic effort requesting the help of foreign customs authorities to check suspicious outbound cargo headed to the United States), C-TPAT and the 24-hour rule for prefiling the ocean carrier’s cargo declaration prior to vessel loading so the information could be used for targeting which containers required inspection, have proven critics wrong.
To those who said CSI would fail because governments would not agree to invest in their own large-scale imaging equipment and allow U.S. inspectors on their shores, Bonner replied that CSI “works. It’s measurable. It’s in place” in 39 ports.
C-TPAT has overcome doubts that the trade community would partner with the government to tighten cargo security, he said.
“Some said, ‘You can’t have a 24-hour rule. By God, that’s going to stop global trade in its tracks,’ and the reality is they were wrong. Most people would say the 24-hour rule has made global trade more efficient than it was before,” he said.
“There’s no question in my mind that (these programs) have substantially, materially improved the security of gods flowing from abroad to the United States and they’ve done that in a way that doesn’t slowdown, impair, impede, choke off the flow of that trade,” he said.