U.S. Customs and Border Protection’s post-9/11 supply chain security program is ready for an update, but the industry has remained concerned about implementing changes.
As U.S. Customs and Border Protection prepares to roll out revised security standards for its primary industry security partnership program, known as the Customs Trade Partnership Against Terrorism (CTPAT), questions are being asked by industry about how the program fits into the nation’s newly proposed Trusted Trader program.
While industry has generally supported CTPAT, it has often questioned the actual benefits—fewer inspections and detentions at ports of entry—that were promised by the agency for inclusion in the program. Companies face an arduous process of certifying that their supply chains are CTPAT compliant in order to participate.
In addition, CTPAT faces scrutiny from Congress, which wants several changes to the program, and CBP is pushing for a broader industry partnership program that will include not only security, but compliance with regulations.
How do all the pieces of this puzzle fit together?
After the Sept. 11, 2001 terrorist attacks, CBP established CTPAT as part of its layered strategy for overseeing global supply chain security. The agency’s goal for the program was to secure the flow of goods bound for the United States by developing voluntary anti-terrorism partnerships with companies within the international trade community.
To join, companies sign a CTPAT partnership agreement that provides CBP with the authority it needs to validate that members have adequate security. In return, members are eligible for benefits, such as a reduced likelihood that CBP will examine their shipments. CTPAT members’ collective shipments have accounted for over half of all cargo (by value) entering the United States in recent years. While membership fluctuates, as of Jan. 4, CTPAT had 11,596 members. These include importers, consolidators, ocean carriers, marine terminals, and foreign manufacturers.
Recent congressional action on Capitol Hill further supports COAC’s CTPAT enhancement recommendations.
Rep. Martha McSally, who represents the 2nd district of Arizona around Sierra Vista on the Mexico border, introduced the CTPAT Reauthorization Act of 2017. She chairs the House Homeland Security’s Border and Maritime Security Subcommittee.
In addition to codifying existing CTPAT practices, McSally’s bill expands the number of entities eligible to participate in CTPAT, including forwarders and other third-party logistics providers.
The bill requires CBP to publish information about member benefits and calls for revising the minimum security criteria on an annual basis. This latter requirement of the proposed legislation may be a heavy lift, given how long it takes for the current revision process.
The bill also calls for CBP to hold consultations with CTPAT membership, a 90-day comment period for industry, and a cost-benefit analysis—all things that add time to the process. The House passed the bill in October 2017, with Senate action still pending.
Trusted Trader. In June 2014, CBP announced the development of its Trusted Trader program and created a pilot program. The initiative’s purpose was to create a trusted relationship between the trade and government regulatory authorities, with the goal of “streamlining the global trading process, allowing focus and global attention on those that pose the highest risk.”
Two years later, CBP and COAC published a Trusted Trader Framework Strategy Draft, which called for merging the security framework of CTPAT with a regulatory compliance framework. The regulatory compliance piece currently includes CBP’s Importer Self-Assessment (ISA) program which, like CTPAT, is a voluntary reporting program. CBP tasked COAC’s Trusted Trader Subcommittee to help it develop the program.
At the Nov. 14, 2017 COAC meeting, in light of this merger, Schmelzinger announced that the next phase of CTPAT minimum security criteria discussions would formally transition from the Global Supply Chain Subcommittee to the Trusted Trader Subcommittee.
She said that “Security, through CTPAT, was the foundation of any Trusted Trader program.” First, CBP must ensure security, then compliance with rules and regulations. Ultimately, CTPAT and Trusted Trader would transition into a global safety net, whereby importers and exporters with low risk (in terms of security and compliance) would have their goods expedited through customs processes worldwide.
Alexandra Latham, co-chair of the COAC Trusted Trader Subcommittee and director of customs compliance for Costco Wholesale, provided a progress report at the November meeting. She said the minimum security criteria working group included 50 members representing various supply chain entities, and had met numerous times face-to-face and through web meetings.
“The CBP review of the minimum security criteria was long overdue, since it had pretty much remained the same since it was established in the early years of CTPAT,” said Michael Young, the other co-chair of the Trusted Trader Subcommittee and vice president for process and systems at OOCL USA. “Meanwhile, industry had evolved to a highly automated data-driven model, where cyber security is now a critical part of the security equation.”
Referring back to the Trusted Trader program, Young thanked companies who were piloting the Trusted Trader program and asked for additional companies to join the pilot testing effort, once the program was expanded to gain more traction and allow better evaluation of the overall benefits to trade, CBP, and partner government agencies.
According to Latham, as part of the process, “COAC and CBP worked to develop a ‘benefits catalog’ for the Trusted Trader program, which includes benefits for CTPAT participation.”
She said the revisions to the minimum security criteria would soon be shared more broadly with industry for additional feedback.
Schmelzinger confirmed that the long process of revising the minimum security criteria was nearing completion. At the November COAC meeting, she said she was ready to “brief top leadership at CBP to work out the final details.”
She added that the “catalog of benefits is not just for show, and that CBP hopes to track the benefits to let the Trusted Traders know exactly what they are getting.”
The industry hopes CBP will put more attention into tracking these CTPAT benefits. In 2012, CBP developed a software “dashboard” to track the program’s benefits for member companies. The agency used the dashboard to develop its Program Benefits Reference Guide and asserted that CTPAT member shipments were less likely to undergo a security examination than those filed by non-CTPAT members.
However, a February 2017 Government Accountability Office (GAO) analysis of the dashboard data found that CTPAT member shipments did not consistently experience lower examination, hold rates, and processing times compared to non-member shipments. GAO concluded that the data was unreliable, and thus CBP was not in a position to determine the benefits that CTPAT members had received.
Road Ahead. CBP and the COAC working group continue to make progress in revising the CTPAT minimum security criteria.
Congress has weighed in, with the House passing a bill to ensure that such revisions are more regular and include industry input. The revisions to the minimum security criteria for CTPAT will be released soon for the full COAC and broader industry to evaluate. These will have international implications as well, since CTPAT is linked to a network of Authorized Economic Operator (AEO) programs through mutual agreements with the European Union and 10 countries (see “Connecting AEOs”).
What may take a bit longer is defining and educating industry on the proposed relationship between CTPAT and CBP’s developing Trusted Trader program. Some industry representatives say they’re confused as to whether the two programs will be parallel and separate, or completely merged. Some companies may want to participate in CTPAT but not Trusted Trader, since CTPAT is the program that officially gets them into global AEO programs. Or some companies that are members in CTPAT may want to wait and see how the Trusted Trader program evolves, before they sign up.
“What CBP views as a very secure and compliant company from a CTPAT perspective, CBP may not view as compliant from a tariff perspective,” Fried said. “For example, a company might frequently challenge or appeal CBP tariff rulings, which may not sit well with CBP, but those things do not necessarily affect the security of that company’s supply chain.”
In August 2017, at a CTPAT Conference in Detroit, the CTPAT director provided further details on how CTPAT and the Trusted Trader strategy will work together.
“It’s like a pyramid, with security as the base, regulatory compliance as the next level, partnership with federal agencies as the next level, and global partnerships at the highest level,” Schmelzinger said.
According to her presentation, the Trusted Trader strategy integrates CTPAT and ISA into a consolidated program that includes both supply chain security and trade compliance, all in accordance with global AEO standards. 
“While the concept is simple, the implementation is complex, given the number of stakeholders in industry, agencies involved across the federal government, international organizations like WCO (World Customs Organization), and foreign countries that have AEO programs,” Schmelzinger said, adding “we look to begin to implement the Trusted Trader strategy in October 2018, but full implementation will take time.”
Connecting AEOs. The Commercial Customs Operations Advisory Committee (COAC) working group on Customs Trade Partnership Against Terrorism (CTPAT) minimum security criteria has recommended that Customs and Border Protection (CBP) works with its overseas counterparts to ensure the program’s criteria “align with Authorized Economic Operator (AEO) standards to meet mutual recognition obligations.”
The World Customs Organization’s Framework of Standards to Security and Facilitate Global Trade (or SAFE Framework) calls for national customs administrations to develop industry partnership programs, called AEOs.
”CBP has been working with the WCO, and other countries with established AEO programs to help create and standardize processes on how to establish and operate AEO programs,” CBP’s CTPAT Director Elizabeth Schmelzinger said.
“But CTPAT is a supply chain security program, while other countries’ AEOs are both security and compliance programs. So we are restructuring CTPAT to be more in line with the structure of other countries’ AEO programs,” she said.
“As part of our arrangements with other countries that have AEO programs, those countries will honor a commitment to our exporters who are low risk. This will help U.S. exporters establish a foothold in those other markets,” Schmelzinger added.
Currently, 79 countries have established AEO programs, and another 16 countries have plans to establish them. Many countries with AEO programs, including the U.S. CTPAT, have signed “mutual recognition arrangements,” whereby two countries customs administrations agree to recognize the AEO authorization issued under the other program and provide reciprocal benefits to companies.
To date, the United States has signed 11 such arrangements. These include the European Union and 10 countries, such as Canada, Mexico, Japan, South Korea, Taiwan, and Singapore.
“CTPAT is working with additional countries and their AEO programs toward additional mutual recognition arrangements,” Schmelzinger said.
Since May 2016, about 40 bilateral agreements have been concluded, and a further 30 are under negotiation. According to the United Nations, these bilateral agreements will, in time, form the basis for multilateral agreements.
“AEO programs, when combined with mutual recognition, basically shift risk management activities from the national level to the global level,” said Peter Timmermans, a technical expert at the WCO in Brussels. “This is a positive development because the nature of international supply chain business is global, [and] with such industry pushing for global ‘single-window’ approaches that facilitate trade.”
Timmermans said the growth of AEOs and mutual recognition follows the principles set forth in the WCO’s SAFE Framework.
“This framework calls for risk management and automated profiling of high-risk cargo movement on advanced electronic supply chain data to ensure security and safety,” he said. “By innovative e-Customs systems, national and international traders that are compliant can be recognized and facilitate trade. It will speed up logistics in a market where around 700 million containers are shipped on an annual basis.”
The WCO framework also calls for customs-to-business cooperation (i.e., AEOs), as well as customs-to-customs cooperation (i.e., mutual recognition agreements).
Timmermans, who hails from Dutch Customs, started working on risk management and supply chain security for the European Commission after the Sept. 11, 2001 terrorist attacks. The European Union, which consists of 28 countries, has the largest AEO program at nearly 17,000 authorized members.
While full implementation may take until 2020, the EU guidelines on AEOs provide common understanding and a tool to facilitate the correct and harmonized application of the legal provisions on AEOs.
“While the USA and EU have the mutual recognition agreement covering the most AEO members, there is great potential to other regions and countries,” said Timmermans, who trains customs and other law enforcement officials in Asia and other regions about risk management and supply chain security and cargo targeting.
“The combination of AEOs and mutual recognition agreements also enables customs officers all over the world to better assess risks, and thus concentrate their focus and resources on high-risk cargoes that are more likely to contain contraband,” he said.
Caldwell is a member of the National Maritime Security Advisory Committee and was formerly the director for maritime and supply chain security at the U.S. Government Accountability Office. He can be reached by email at: stephencaldwell1000@gmail.com
